package com.citrix.client.io.net.ip;

import com.citrix.client.SectionStrings;
import com.citrix.client.gui.ReceiverConfigManager;
import com.citrix.client.icaprofile.ICAProfile;
import com.citrix.client.icaprofile.ReadableICAProfile;
import java.io.File;

/* loaded from: classes.dex */
public class SSLConfig {
    public static final int ALL_CIPHER_SUITES = 0;
    public static final int COM_CIPHER_SUITES = 1;
    public static final int GOV_CIPHER_SUITES = 2;
    public static final int PROTOCOL_DETECT = 3;
    public static final int PROTOCOL_SSL = 1;
    public static final int PROTOCOL_TLS = 2;
    public static final String REVOCATION_POLICY_FULL_CHECK = "FullAccessCheck";
    public static final String REVOCATION_POLICY_MUST_CHECK = "FullAccessCheckAndCRLRequired";
    public static final String REVOCATION_POLICY_NO_CHECK = "NoCheck";
    public static final String REVOCATION_POLICY_NO_NETWORK_ACCESS = "CheckWithNoNetworkAccess";
    private static final String crlCacheDirectory = "crl";
    private static HostPort hostPort = null;
    private static final String unixDefaultDirectory = ".citrix";
    private static final String windowsDefaultDirectory = "Citrix";
    private final int cipherSuite;
    private String commonName;
    private final int crlPolicy;
    private boolean enabled;
    private final int protocolVersion;
    private String proxyHost;
    private int proxyPort;
    private final boolean strictCertificateValidation;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLConfig(ReadableICAProfile readableICAProfile) {
        this.enabled = false;
        Boolean tristate = ReadableICAProfile.Property.getTristate(readableICAProfile, SectionStrings.STR_SSL_ENABLE);
        tristate = tristate == null ? ReadableICAProfile.Property.getTristate(readableICAProfile, ReadableICAProfile.Property.key(SectionStrings.USER_META_SECTION, SectionStrings.CLIENT, SectionStrings.STR_SSL_ENABLE)) : tristate;
        if (tristate == null) {
            this.enabled = false;
        } else {
            this.enabled = tristate.booleanValue();
        }
        this.proxyHost = readableICAProfile.getProperty(SectionStrings.STR_SSL_PROXY_HOST);
        if (this.proxyHost == null) {
            this.proxyHost = ReadableICAProfile.Property.getString(readableICAProfile, ReadableICAProfile.Property.key(SectionStrings.USER_META_SECTION, SectionStrings.CLIENT, SectionStrings.STR_SSL_PROXY_HOST), "*");
        }
        if ("".equals(this.proxyHost)) {
            this.proxyHost = "*";
        }
        int lastIndexOf = this.proxyHost.lastIndexOf(58);
        if (lastIndexOf != -1) {
            this.proxyPort = Integer.parseInt(this.proxyHost.substring(lastIndexOf + 1));
            this.proxyHost = this.proxyHost.substring(0, lastIndexOf);
        } else {
            this.proxyPort = ReadableICAProfile.Property.getInt(readableICAProfile, SectionStrings.STR_SSL_PROXY_PORT, 10, -1);
            if (this.proxyPort == -1) {
                this.proxyPort = ReadableICAProfile.Property.getInt(readableICAProfile, ReadableICAProfile.Property.key(SectionStrings.USER_META_SECTION, SectionStrings.CLIENT, SectionStrings.STR_SSL_PROXY_PORT), 10, 443);
            }
        }
        String property = readableICAProfile.getProperty(SectionStrings.STR_SSL_CIPHERS);
        property = property == null ? ReadableICAProfile.Property.getString(readableICAProfile, ReadableICAProfile.Property.key(SectionStrings.USER_META_SECTION, SectionStrings.CLIENT, SectionStrings.STR_SSL_CIPHERS), "") : property;
        String property2 = readableICAProfile.getProperty(SectionStrings.CRL_POLICY_CHECK);
        property2 = property2 == null ? ReadableICAProfile.Property.getString(readableICAProfile, ReadableICAProfile.Property.key(SectionStrings.USER_META_SECTION, SectionStrings.CLIENT, SectionStrings.CRL_POLICY_CHECK), REVOCATION_POLICY_NO_NETWORK_ACCESS) : property2;
        if (property2.equalsIgnoreCase(REVOCATION_POLICY_NO_CHECK)) {
            this.crlPolicy = 0;
        } else if (property2.equalsIgnoreCase(REVOCATION_POLICY_NO_NETWORK_ACCESS)) {
            this.crlPolicy = 1;
        } else if (property2.equalsIgnoreCase(REVOCATION_POLICY_FULL_CHECK)) {
            this.crlPolicy = 2;
        } else if (property2.equalsIgnoreCase(REVOCATION_POLICY_MUST_CHECK)) {
            this.crlPolicy = 3;
        } else {
            this.crlPolicy = 1;
        }
        if (SectionStrings.STR_COM_SSL_CIPHERS.equalsIgnoreCase(property)) {
            this.cipherSuite = 1;
        } else if (SectionStrings.STR_GOV_SSL_CIPHERS.equalsIgnoreCase(property)) {
            this.cipherSuite = 2;
        } else {
            this.cipherSuite = 0;
        }
        int GetSslSdkProtocolVersion = ReceiverConfigManager.getConfig().GetSslSdkProtocolVersion();
        this.protocolVersion = GetSslSdkProtocolVersion == 0 ? ReadableICAProfile.Property.getInt(readableICAProfile, ICAProfile.Sslsdktlsv, 10, 2) : GetSslSdkProtocolVersion;
        this.strictCertificateValidation = ReadableICAProfile.Property.getBoolean(readableICAProfile, ICAProfile.StrictCertificateValidation, false);
    }

    private File getCRLCacheDirectory() {
        String property = System.getProperty("user.home");
        String str = '/' == File.separatorChar ? unixDefaultDirectory : windowsDefaultDirectory;
        if (new File(property).exists()) {
            File file = new File(property, str);
            if ((file.exists() && file.isDirectory()) || file.mkdir()) {
                File file2 = new File(file, crlCacheDirectory);
                if ((file2.exists() && file2.isDirectory()) || file2.mkdir()) {
                    return file2;
                }
            }
        }
        return null;
    }

    public void conditionalSetCommonName(String str) {
        if (!defaultProxyHost()) {
            str = this.proxyHost;
        }
        this.commonName = str;
    }

    public boolean defaultProxyHost() {
        return "*".equals(this.proxyHost);
    }

    public HostPort getFinalHostPort() {
        return hostPort;
    }

    public int getProtocolVersion() {
        return this.protocolVersion;
    }

    public String getProxyHost() {
        return this.proxyHost;
    }

    public int getProxyPort() {
        return this.proxyPort;
    }

    public boolean getServerCertificateValidation() {
        return this.strictCertificateValidation;
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public void setFinalHostPort(HostPort hostPort2) {
        hostPort = hostPort2;
    }

    public void setProxyHost(String str) {
        if (str != null) {
            this.proxyHost = str;
        } else {
            this.proxyHost = "*";
        }
    }

    public void setProxyPort(int i) {
        this.proxyPort = i;
    }

    public String toString() {
        String str;
        StringBuilder append = new StringBuilder().append("SSLConfig ");
        if (this.enabled) {
            str = (this.commonName == null ? this.proxyHost : this.proxyHost + "(" + this.commonName + ")") + "/" + this.proxyPort;
        } else {
            str = "disabled";
        }
        return append.append(str).toString();
    }
}
