package g2;

import android.content.Context;
import com.microsoft.identity.common.java.authscheme.TokenAuthenticationScheme;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import javax.net.SocketFactory;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import m2.InterfaceC2424a;
import r2.AbstractC2700t;
import s2.AbstractC2884b;

/* JADX INFO: Access modifiers changed from: package-private */
/* renamed from: g2.g, reason: case insensitive filesystem */
/* loaded from: classes.dex */
public class C2153g implements InterfaceC2424a {

    /* renamed from: j, reason: collision with root package name */
    private static final q2.r f31089j = q2.s.b(C2153g.class);

    /* renamed from: a, reason: collision with root package name */
    private final String f31090a;

    /* renamed from: b, reason: collision with root package name */
    private final int f31091b;

    /* renamed from: c, reason: collision with root package name */
    private final AbstractC2884b f31092c;

    /* renamed from: d, reason: collision with root package name */
    private final Context f31093d;

    /* renamed from: e, reason: collision with root package name */
    private final InetAddress f31094e;

    /* renamed from: f, reason: collision with root package name */
    private final String f31095f;

    /* renamed from: g, reason: collision with root package name */
    private final q2.u f31096g;

    /* renamed from: h, reason: collision with root package name */
    protected Socket f31097h;

    /* renamed from: i, reason: collision with root package name */
    protected boolean f31098i = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: g2.g$a */
    /* loaded from: classes.dex */
    public class a implements X509TrustManager {
        a() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            C2153g.f31089j.b("TLS: Checking client " + str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            C2154h.f31117t = x509CertificateArr.length > 0 ? x509CertificateArr[0] : null;
            C2153g.f31089j.b("TLS: No server certificate validation needed");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: g2.g$b */
    /* loaded from: classes.dex */
    public class b implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ String f31100a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ KeyStore f31101b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ KeyStore f31102c;

        b(String str, KeyStore keyStore, KeyStore keyStore2) {
            this.f31100a = str;
            this.f31101b = keyStore;
            this.f31102c = keyStore2;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            C2153g.f31089j.b("TLS: Checking client " + str);
        }

        /* JADX WARN: Code restructure failed: missing block: B:63:0x028a, code lost:
        
            r0 = r6;
         */
        @Override // javax.net.ssl.X509TrustManager
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public void checkServerTrusted(java.security.cert.X509Certificate[] r11, java.lang.String r12) {
            /*
                Method dump skipped, instructions count: 885
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: g2.C2153g.b.checkServerTrusted(java.security.cert.X509Certificate[], java.lang.String):void");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    /* renamed from: g2.g$c */
    /* loaded from: classes.dex */
    class c implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ q2.x f31104a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ boolean f31105b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ TrustManager[] f31106c;

        c(q2.x xVar, boolean z8, TrustManager[] trustManagerArr) {
            this.f31104a = xVar;
            this.f31105b = z8;
            this.f31106c = trustManagerArr;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            C2153g.f31089j.b("Checking client " + str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            String lowerCase;
            String c9;
            String N42 = C2153g.this.f31092c.N4();
            if ("all".equalsIgnoreCase(N42)) {
                C2153g.f31089j.b("We trust all certificates");
                this.f31104a.c(0);
                return;
            }
            if (q2.y.g(N42)) {
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    C2153g.f31089j.b("CERTIFICATE: " + x509Certificate.getIssuerDN().getName());
                    C2153g.f31089j.b("CERTIFICATE: " + x509Certificate.getKeyUsage());
                    try {
                        MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
                        messageDigest.update(x509Certificate.getEncoded());
                        c9 = q2.y.c(messageDigest.digest());
                        C2153g.f31089j.b("CERTIFICATE FP: " + c9);
                    } catch (Exception unused) {
                    }
                    if ("981F983C0B629ABB11570260D92F3E434705B01F".equalsIgnoreCase(c9)) {
                        C2153g.f31089j.b("This is novaalert. trust it!");
                        this.f31104a.c(0);
                        return;
                    }
                    if (this.f31105b && "f7a9d0f53e9abddf7ffca90d1779ef10f7c0283f".equalsIgnoreCase(c9)) {
                        C2153g.f31089j.b("This is novaalert. trust it!");
                        this.f31104a.c(0);
                        return;
                    }
                }
            }
            if ("system".equalsIgnoreCase(N42) || q2.y.g(N42)) {
                C2153g.f31089j.b("SYSTEM-TRUST:");
                for (TrustManager trustManager : this.f31106c) {
                    C2153g.f31089j.b(TokenAuthenticationScheme.SCHEME_DELIMITER + trustManager + TokenAuthenticationScheme.SCHEME_DELIMITER + trustManager.getClass());
                    if (trustManager instanceof X509TrustManager) {
                        C2153g.f31089j.b("Here we go with the system trust");
                        try {
                            ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, str);
                            C2153g.f31089j.b("Let'se gooooo!");
                            this.f31104a.c(0);
                            return;
                        } catch (Exception e9) {
                            C2153g.f31089j.b(" computer says no: " + e9.toString());
                        }
                    } else {
                        C2153g.f31089j.b("cannot use other trust because there is none...");
                    }
                }
            }
            HashSet hashSet = new HashSet();
            for (String str2 : q2.y.j(N42, "|")) {
                hashSet.add(str2.toLowerCase());
            }
            C2153g.f31089j.b("explicit-TRUST:");
            for (X509Certificate x509Certificate2 : x509CertificateArr) {
                C2153g.f31089j.b("CERTIFICATE: " + x509Certificate2.getIssuerDN().getName());
                C2153g.f31089j.b("CERTIFICATE: " + x509Certificate2.getKeyUsage());
                try {
                    MessageDigest messageDigest2 = MessageDigest.getInstance("SHA1");
                    messageDigest2.update(x509Certificate2.getEncoded());
                    lowerCase = q2.y.c(messageDigest2.digest()).toLowerCase();
                    C2153g.f31089j.b("CERTIFICATE FP: " + lowerCase);
                } catch (Exception unused2) {
                }
                if (hashSet.contains(C2153g.this.f31090a + "@" + lowerCase)) {
                    C2153g.f31089j.b("This is on the trust list. trust it!");
                    this.f31104a.c(0);
                    return;
                }
                continue;
            }
            this.f31104a.c(1);
            throw new CertificateException("Server is not trusted!");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            C2153g.f31089j.b("getAcceptedIssuers()");
            return null;
        }
    }

    /* renamed from: g2.g$d */
    /* loaded from: classes.dex */
    class d implements X509KeyManager {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ String f31108a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ X509Certificate[] f31109b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ PrivateKey f31110c;

        d(String str, X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
            this.f31108a = str;
            this.f31109b = x509CertificateArr;
            this.f31110c = privateKey;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.f31108a;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            C2153g.f31089j.b("chooseServerAlias");
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            C2153g.f31089j.b("getCertificateChain " + str);
            return this.f31109b;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            C2153g.f31089j.b("getClientAliases");
            return new String[0];
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            C2153g.f31089j.b("getPrivateKey " + str);
            return this.f31110c;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            C2153g.f31089j.b("getServerAliases");
            return new String[0];
        }
    }

    /* renamed from: g2.g$e */
    /* loaded from: classes.dex */
    class e implements HandshakeCompletedListener {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ q2.t f31112a;

        e(q2.t tVar) {
            this.f31112a = tVar;
        }

        @Override // javax.net.ssl.HandshakeCompletedListener
        public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
            this.f31112a.d();
        }
    }

    public C2153g(C2154h c2154h, Context context, AbstractC2884b abstractC2884b, String str, int i8, String str2, q2.u uVar) {
        f31089j.c("Creating Socket " + str + " without factory on port " + i8 + " with " + uVar + TokenAuthenticationScheme.SCHEME_DELIMITER + abstractC2884b.H6() + TokenAuthenticationScheme.SCHEME_DELIMITER + abstractC2884b.d1() + TokenAuthenticationScheme.SCHEME_DELIMITER + abstractC2884b.u4());
        this.f31092c = abstractC2884b;
        Socket socket = new Socket(str, i8);
        this.f31097h = socket;
        InetAddress localAddress = socket.getLocalAddress();
        this.f31094e = localAddress;
        this.f31090a = str;
        this.f31091b = i8;
        this.f31093d = context;
        this.f31095f = str2;
        C2154h.f31118u = abstractC2884b.d1();
        C2154h.f31116s = abstractC2884b.u4();
        C2154h.f31117t = null;
        C2154h.f31119v = null;
        if (uVar != null) {
            try {
            } catch (Exception e9) {
                f31089j.d("error getting networkType of " + str2 + TokenAuthenticationScheme.SCHEME_DELIMITER + e9.getMessage());
            }
            if (uVar != q2.u.Any) {
                if (uVar == q2.u.Unknown) {
                }
                this.f31096g = uVar;
            }
        }
        uVar = c2154h.H(localAddress);
        this.f31096g = uVar;
    }

    public C2153g(C2154h c2154h, Context context, AbstractC2884b abstractC2884b, String str, int i8, SocketFactory socketFactory, String str2, q2.u uVar) {
        f31089j.c("Creating Socket " + str + " with factory " + socketFactory);
        this.f31092c = abstractC2884b;
        Socket createSocket = socketFactory.createSocket(str, i8);
        this.f31097h = createSocket;
        InetAddress localAddress = createSocket.getLocalAddress();
        this.f31094e = localAddress;
        this.f31090a = str;
        this.f31091b = i8;
        this.f31093d = context;
        this.f31095f = str2;
        if (uVar != null) {
            try {
            } catch (Exception e9) {
                f31089j.d("error getting networkType of " + str2 + TokenAuthenticationScheme.SCHEME_DELIMITER + e9.getMessage());
            }
            if (uVar != q2.u.Any) {
                if (uVar == q2.u.Unknown) {
                }
                this.f31096g = uVar;
            }
        }
        uVar = c2154h.H(localAddress);
        this.f31096g = uVar;
    }

    private C2145B p(KeyStore keyStore, AbstractC2700t.a aVar) {
        f31089j.b("Checking client cert config from " + keyStore.getType() + " against '" + aVar.a() + "'");
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                return null;
            }
            String nextElement = aliases.nextElement();
            try {
                KeyStore.Entry entry = keyStore.getEntry(nextElement, null);
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                    X509Certificate x509Certificate = privateKeyEntry.getCertificate() instanceof X509Certificate ? (X509Certificate) privateKeyEntry.getCertificate() : null;
                    if (!"FindByAlias".equalsIgnoreCase(aVar.c())) {
                        f31089j.b("Checking certificate " + nextElement + TokenAuthenticationScheme.SCHEME_DELIMITER + privateKeyEntry.getCertificate().toString());
                    } else if (aVar.b().equalsIgnoreCase(nextElement)) {
                        return new C2145B(privateKeyEntry.getPrivateKey(), nextElement, privateKeyEntry.getCertificateChain());
                    }
                    if ("FindByThumbprint".equalsIgnoreCase(aVar.c())) {
                        MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
                        messageDigest.update(privateKeyEntry.getCertificate().getEncoded());
                        String c9 = q2.y.c(messageDigest.digest());
                        if (c9.equalsIgnoreCase(aVar.b())) {
                            f31089j.b("Fingerprint matched: " + aVar.b());
                            return new C2145B(privateKeyEntry.getPrivateKey(), nextElement, privateKeyEntry.getCertificateChain());
                        }
                        f31089j.b("Fingerprint did not match: expected: " + aVar.b() + " actual: " + c9);
                    } else if (!"FindBySubjectName".equalsIgnoreCase(aVar.c()) || x509Certificate == null) {
                        if (!"FindByIssuerName".equalsIgnoreCase(aVar.c()) || x509Certificate == null) {
                            if ("FindBySerialNumber".equalsIgnoreCase(aVar.c()) && x509Certificate != null) {
                                if (x509Certificate.getSerialNumber().toString().trim().equalsIgnoreCase(aVar.b())) {
                                    f31089j.b("Serial machted: " + x509Certificate.getSerialNumber().toString());
                                    return new C2145B(privateKeyEntry.getPrivateKey(), nextElement, privateKeyEntry.getCertificateChain());
                                }
                                f31089j.b("Serial did not match: expected: " + aVar.b() + " actual: " + x509Certificate.getSerialNumber().toString());
                            }
                        } else {
                            if (x509Certificate.getIssuerX500Principal().getName().trim().equalsIgnoreCase(aVar.b())) {
                                f31089j.b("Issuer machted: " + x509Certificate.getIssuerX500Principal().getName());
                                return new C2145B(privateKeyEntry.getPrivateKey(), nextElement, privateKeyEntry.getCertificateChain());
                            }
                            f31089j.b("Issuer did not match: expected: " + aVar.b() + " actual: " + x509Certificate.getIssuerX500Principal().getName());
                        }
                    } else {
                        if (x509Certificate.getSubjectX500Principal().getName().trim().equalsIgnoreCase(aVar.b())) {
                            f31089j.b("Subject machted: " + x509Certificate.getSubjectX500Principal().getName());
                            return new C2145B(privateKeyEntry.getPrivateKey(), nextElement, privateKeyEntry.getCertificateChain());
                        }
                        f31089j.b("Subject did not match: expected: " + aVar.b() + " actual: " + x509Certificate.getSubjectX500Principal().getName());
                    }
                } else {
                    continue;
                }
            } catch (Exception unused) {
            }
        }
    }

    private TrustManager[] q(KeyStore keyStore, KeyStore keyStore2) {
        String u42 = this.f31092c.u4();
        if ("*".equals(u42)) {
            f31089j.b("TLS: Use wildcard trust manager");
            return new TrustManager[]{new a()};
        }
        if (!"system".equals(u42)) {
            f31089j.b("TLS: Use trust store with server certificate validation");
            return new TrustManager[]{new b(u42, keyStore, keyStore2)};
        }
        try {
            f31089j.b("TLS: Use system trust manager");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e9) {
            e9.printStackTrace();
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void r(q2.t tVar, HandshakeCompletedEvent handshakeCompletedEvent) {
        SSLSession session = handshakeCompletedEvent.getSession();
        f31089j.b("TLS: Handshake Completed with peer " + session.getPeerHost() + " cipher: " + session.getCipherSuite());
        try {
            C2154h.f31117t = (Certificate) Arrays.stream(session.getPeerCertificates()).findFirst().orElse(null);
        } catch (Exception unused) {
        }
        try {
            C2154h.f31119v = (Certificate) Arrays.stream(session.getLocalCertificates()).findFirst().orElse(null);
        } catch (Exception unused2) {
        }
        if ("*".equals(this.f31092c.u4())) {
            f31089j.b("TLS: Server certificate validation not needed");
            tVar.e(Boolean.TRUE);
        } else {
            f31089j.b("TLS: Use default server certificate validation ");
            tVar.e(Boolean.valueOf(HttpsURLConnection.getDefaultHostnameVerifier().verify(this.f31090a, session)));
        }
    }

    @Override // m2.InterfaceC2424a
    public boolean a() {
        return this.f31098i;
    }

    @Override // m2.InterfaceC2424a
    public void close() {
        this.f31097h.close();
    }

    @Override // m2.InterfaceC2424a
    public String e() {
        return this.f31095f;
    }

    @Override // m2.InterfaceC2424a
    public InputStream f() {
        return this.f31097h.getInputStream();
    }

    @Override // m2.InterfaceC2424a
    public void flush() {
        this.f31097h.getOutputStream().flush();
    }

    @Override // m2.InterfaceC2424a
    public OutputStream g() {
        return this.f31097h.getOutputStream();
    }

    @Override // m2.InterfaceC2424a
    public q2.u h() {
        return this.f31096g;
    }

    /* JADX WARN: Removed duplicated region for block: B:77:0x02e3 A[Catch: Exception -> 0x00a4, TryCatch #5 {Exception -> 0x00a4, blocks: (B:67:0x0040, B:69:0x0061, B:71:0x006d, B:73:0x007e, B:75:0x02bd, B:77:0x02e3, B:80:0x02f1, B:83:0x0304, B:84:0x031b, B:85:0x031c, B:87:0x0321, B:88:0x0365, B:89:0x0366, B:90:0x036d, B:91:0x00a7, B:92:0x00ae, B:94:0x00ba, B:96:0x00c9, B:97:0x00d4, B:99:0x00da, B:101:0x00e8, B:102:0x010c, B:104:0x0112, B:106:0x0120, B:107:0x0127, B:110:0x0146, B:112:0x014a, B:114:0x017f, B:116:0x018f, B:118:0x0195, B:119:0x01d8, B:121:0x01e4, B:122:0x01e8, B:127:0x0244, B:129:0x024c, B:131:0x0254, B:133:0x025c, B:134:0x0262, B:136:0x0290, B:137:0x0297, B:138:0x0298, B:141:0x029f, B:142:0x02ba, B:143:0x01b8, B:144:0x01d2, B:145:0x0238, B:147:0x00ce, B:125:0x0240), top: B:66:0x0040, inners: #0 }] */
    /* JADX WARN: Removed duplicated region for block: B:89:0x0366 A[Catch: Exception -> 0x00a4, TryCatch #5 {Exception -> 0x00a4, blocks: (B:67:0x0040, B:69:0x0061, B:71:0x006d, B:73:0x007e, B:75:0x02bd, B:77:0x02e3, B:80:0x02f1, B:83:0x0304, B:84:0x031b, B:85:0x031c, B:87:0x0321, B:88:0x0365, B:89:0x0366, B:90:0x036d, B:91:0x00a7, B:92:0x00ae, B:94:0x00ba, B:96:0x00c9, B:97:0x00d4, B:99:0x00da, B:101:0x00e8, B:102:0x010c, B:104:0x0112, B:106:0x0120, B:107:0x0127, B:110:0x0146, B:112:0x014a, B:114:0x017f, B:116:0x018f, B:118:0x0195, B:119:0x01d8, B:121:0x01e4, B:122:0x01e8, B:127:0x0244, B:129:0x024c, B:131:0x0254, B:133:0x025c, B:134:0x0262, B:136:0x0290, B:137:0x0297, B:138:0x0298, B:141:0x029f, B:142:0x02ba, B:143:0x01b8, B:144:0x01d2, B:145:0x0238, B:147:0x00ce, B:125:0x0240), top: B:66:0x0040, inners: #0 }] */
    @Override // m2.InterfaceC2424a
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void i(boolean r17, boolean r18, boolean r19) {
        /*
            Method dump skipped, instructions count: 1177
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: g2.C2153g.i(boolean, boolean, boolean):void");
    }

    @Override // m2.InterfaceC2424a
    public String j() {
        try {
            return this.f31097h.getInetAddress().getHostAddress();
        } catch (Exception e9) {
            f31089j.i("Failed to obtain host address", e9);
            return null;
        }
    }

    @Override // m2.InterfaceC2424a
    public InetAddress k() {
        return this.f31094e;
    }

    @Override // m2.InterfaceC2424a
    public int l() {
        return this.f31097h.getInputStream().read();
    }

    @Override // m2.InterfaceC2424a
    public void m(byte[] bArr) {
        this.f31097h.getOutputStream().write(bArr);
    }

    @Override // m2.InterfaceC2424a
    public int n(byte[] bArr, int i8, int i9) {
        return this.f31097h.getInputStream().read(bArr, i8, i9);
    }
}
