package fi.neusoft.musa.platform.network;

import fi.neusoft.musa.core.ims.security.cert.KeyStoreManager;
import fi.neusoft.musa.core.ims.security.cert.X509KeyManagerWrapper;
import fi.neusoft.musa.provisioning.https.EasyX509TrustManager;
import fi.neusoft.musa.utils.CloseableUtils;
import fi.neusoft.musa.utils.logger.Logger;
import gov2.nist.core.Separators;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax2.sip.ListeningPoint;

/* loaded from: classes.dex */
public class AndroidSecureSocketConnection extends AndroidSocketConnection {
    private Logger logger;
    private boolean mCheckCertificate;
    private String mFingerprint;
    private SSLSocketFactory mSslSocketFactory;

    public AndroidSecureSocketConnection() {
        this.logger = Logger.getLogger(getClass().getName());
        this.mSslSocketFactory = null;
        this.mCheckCertificate = true;
        this.mFingerprint = null;
    }

    public AndroidSecureSocketConnection(String str) {
        this.logger = Logger.getLogger(getClass().getName());
        this.mSslSocketFactory = null;
        this.mCheckCertificate = true;
        this.mFingerprint = null;
        this.mCheckCertificate = false;
        this.mFingerprint = str;
    }

    public AndroidSecureSocketConnection(SSLSocket sSLSocket) {
        super(sSLSocket);
        this.logger = Logger.getLogger(getClass().getName());
        this.mSslSocketFactory = null;
        this.mCheckCertificate = true;
        this.mFingerprint = null;
    }

    private synchronized SSLSocketFactory getSslFactory() throws IOException {
        TrustManager[] trustManagerArr;
        FileInputStream fileInputStream = null;
        FileInputStream fileInputStream2 = null;
        try {
            if (this.mSslSocketFactory == null) {
                try {
                    try {
                        if (this.logger.isActivated()) {
                            this.logger.debug("Create SSLSocketFactory");
                        }
                        String keystoreType = KeyStoreManager.getKeystoreType();
                        String keystorePath = KeyStoreManager.getKeystorePath();
                        String keystorePath2 = KeyStoreManager.getKeystorePath();
                        char[] charArray = KeyStoreManager.getKeystorePassword().toCharArray();
                        SSLContext sSLContext = SSLContext.getInstance(ListeningPoint.TLS);
                        KeyManager[] keyManagerArr = null;
                        KeyStore keyStore = KeyStore.getInstance(keystoreType);
                        FileInputStream fileInputStream3 = new FileInputStream(keystorePath);
                        try {
                            keyStore.load(fileInputStream3, charArray);
                            String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
                            if (this.mCheckCertificate) {
                                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
                                if (KeyStoreManager.isOwnCertificateUsed()) {
                                    KeyStore keyStore2 = KeyStore.getInstance(keystoreType);
                                    FileInputStream fileInputStream4 = new FileInputStream(keystorePath2);
                                    try {
                                        keyStore2.load(fileInputStream4, charArray);
                                        trustManagerFactory.init(keyStore2);
                                        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
                                        keyManagerFactory.init(keyStore, charArray);
                                        keyManagerArr = keyManagerFactory.getKeyManagers();
                                        fileInputStream2 = fileInputStream4;
                                    } catch (Exception e) {
                                        e = e;
                                        fileInputStream2 = fileInputStream4;
                                        fileInputStream = fileInputStream3;
                                        throw new IOException("Certificate exception: " + e.getMessage());
                                    } catch (Throwable th) {
                                        th = th;
                                        fileInputStream2 = fileInputStream4;
                                        fileInputStream = fileInputStream3;
                                        CloseableUtils.close(fileInputStream);
                                        CloseableUtils.close(fileInputStream2);
                                        throw th;
                                    }
                                } else {
                                    trustManagerFactory.init((KeyStore) null);
                                }
                                trustManagerArr = trustManagerFactory.getTrustManagers();
                            } else {
                                if (this.logger.isActivated()) {
                                    this.logger.debug("Use self-signed certificates");
                                }
                                KeyManagerFactory keyManagerFactory2 = KeyManagerFactory.getInstance(defaultAlgorithm);
                                keyManagerFactory2.init(keyStore, charArray);
                                keyManagerArr = keyManagerFactory2.getKeyManagers();
                                keyManagerArr[0] = new X509KeyManagerWrapper(keyManagerArr);
                                trustManagerArr = new TrustManager[]{new EasyX509TrustManager(null)};
                            }
                            SecureRandom secureRandom = new SecureRandom();
                            secureRandom.nextInt();
                            sSLContext.init(keyManagerArr, trustManagerArr, secureRandom);
                            this.mSslSocketFactory = sSLContext.getSocketFactory();
                            try {
                                CloseableUtils.close(fileInputStream3);
                                CloseableUtils.close(fileInputStream2);
                            } catch (Throwable th2) {
                                th = th2;
                                throw th;
                            }
                        } catch (Exception e2) {
                            e = e2;
                            fileInputStream = fileInputStream3;
                        } catch (Throwable th3) {
                            th = th3;
                            fileInputStream = fileInputStream3;
                        }
                    } catch (Exception e3) {
                        e = e3;
                    }
                } catch (Throwable th4) {
                    th = th4;
                }
            }
            return this.mSslSocketFactory;
        } catch (Throwable th5) {
            th = th5;
        }
    }

    public String getFingerprint(String str, SSLSocket sSLSocket) {
        if (sSLSocket != null) {
            try {
                if (sSLSocket.getSession() != null) {
                    Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
                    if (this.logger.isActivated()) {
                        this.logger.debug("Remote certificate chain length: " + peerCertificates.length);
                    }
                    if (peerCertificates.length > 0) {
                        return KeyStoreManager.getCertFingerprint(peerCertificates[0], str);
                    }
                    return null;
                }
            } catch (Exception e) {
                if (!this.logger.isActivated()) {
                    return null;
                }
                this.logger.error("Getting remote certificate fingerprint failed: ", e);
                return null;
            }
        }
        if (!this.logger.isActivated()) {
            return null;
        }
        if (sSLSocket == null) {
            this.logger.error("SSL socket is null!");
            return null;
        }
        this.logger.error("SSL session is null!");
        return null;
    }

    @Override // fi.neusoft.musa.platform.network.AndroidSocketConnection, fi.neusoft.musa.platform.network.SocketConnection
    public void open(String str, int i) throws IOException {
        String[] split;
        SSLSocket sSLSocket = (SSLSocket) getSslFactory().createSocket(str, i);
        try {
            sSLSocket.startHandshake();
            if (this.mFingerprint != null && (split = this.mFingerprint.split(Separators.SP)) != null && split.length > 1) {
                String fingerprint = getFingerprint(split[0], sSLSocket);
                if (split[1] != null && !split[1].equals(fingerprint)) {
                    if (this.logger.isActivated()) {
                        this.logger.debug("Wrong fingerprint! " + fingerprint + " is used while " + split[1] + " is expected!");
                    }
                    try {
                        sSLSocket.close();
                    } catch (IOException e) {
                        if (this.logger.isActivated()) {
                            this.logger.error("Closing the socket failed: ", e);
                        }
                    } finally {
                    }
                }
            }
        } catch (Exception e2) {
            if (this.logger.isActivated()) {
                this.logger.error("SSL handshake failed! Error: ", e2);
            }
            sSLSocket = null;
        }
        setSocket(sSLSocket);
    }
}
