package de.azapps.mirakel.sync.taskwarrior.network_helper;

import android.annotation.SuppressLint;
import android.util.Base64;
import de.azapps.tools.Log;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.StringBufferInputStream;
import java.net.ConnectException;
import java.net.InetSocketAddress;
import java.net.SocketException;
import java.net.UnknownHostException;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Scanner;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes.dex */
public class TLSClient {
    private static final String TAG = "TLSClient";
    private SSLSocket _socket = null;
    private SSLSocketFactory sslFact = null;
    private InputStream in = null;
    private OutputStream out = null;

    /* loaded from: classes.dex */
    public static class NoSuchCertificateException extends Exception {
        private static final long serialVersionUID = -4606663552584336235L;
    }

    private static List<X509Certificate> generateCertificateFromPEM(String str) throws NoSuchCertificateException {
        if (str == null) {
            throw new NoSuchCertificateException();
        }
        String[] split = str.split("-----END CERTIFICATE-----");
        ArrayList arrayList = new ArrayList(split.length);
        for (String str2 : split) {
            if (!str2.trim().isEmpty()) {
                try {
                    arrayList.add((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new StringBufferInputStream(str2.trim() + "\n-----END CERTIFICATE-----")));
                } catch (CertificateException e) {
                    Log.wtf(TAG, "parsing failed:" + str2, e);
                }
            }
        }
        return arrayList;
    }

    private static RSAPrivateKey generatePrivateKeyFromPEM(String str) throws ParseException {
        try {
            try {
                return (RSAPrivateKey) KeyFactory.getInstance("RSA", "BC").generatePrivate(new PKCS8EncodedKeySpec(parseDERFromPEM(str, "-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----")));
            } catch (InvalidKeySpecException e) {
                Log.e(TAG, "cannot parse key", e);
                return null;
            }
        } catch (NoSuchAlgorithmException e2) {
            Log.e(TAG, "RSA-Algorithm not found", e2);
            return null;
        } catch (NoSuchProviderException e3) {
            Log.e(TAG, "BC not found", e3);
            return null;
        }
    }

    private static byte[] parseDERFromPEM(String str, String str2, String str3) throws ParseException {
        String[] split = str.split(str2);
        if (split.length < 2) {
            throw new ParseException("Wrong PEM format", 0);
        }
        try {
            return Base64.decode(split[1].split(str3)[0], 1);
        } catch (IllegalArgumentException e) {
            throw new ParseException("bad base-64", 0);
        }
    }

    @SuppressLint({"DefaultLocale"})
    private static void setReasonableEncryption(SSLSocket sSLSocket) {
        LinkedList linkedList = new LinkedList();
        for (String str : sSLSocket.getSupportedProtocols()) {
            if (!str.toUpperCase().contains("SSL")) {
                linkedList.add(str);
            }
        }
        sSLSocket.setEnabledProtocols((String[]) linkedList.toArray(new String[linkedList.size()]));
        List asList = Arrays.asList("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
        List asList2 = Arrays.asList(sSLSocket.getSupportedCipherSuites());
        HashSet hashSet = new HashSet(asList);
        hashSet.retainAll(asList2);
        HashSet hashSet2 = new HashSet(Arrays.asList(sSLSocket.getEnabledCipherSuites()));
        hashSet2.addAll(hashSet);
        if (hashSet.isEmpty()) {
            sSLSocket.setEnabledCipherSuites((String[]) hashSet2.toArray(new String[hashSet2.size()]));
        } else {
            sSLSocket.setEnabledCipherSuites((String[]) hashSet.toArray(new String[hashSet.size()]));
        }
    }

    public void close() {
        if (this._socket == null) {
            Log.e(TAG, "socket null");
            return;
        }
        try {
            this.out.flush();
            this.in.close();
            this.out.close();
            this._socket.close();
            this._socket = null;
        } catch (IOException e) {
            Log.e(TAG, "Cannot close Socket", e);
        } catch (NullPointerException e2) {
            Log.e(TAG, "Nullpointer, means there was no established connection", e2);
        }
    }

    public void connect(String str, int i) throws IOException {
        Log.i(TAG, "connect");
        if (this._socket != null) {
            try {
                this._socket.close();
            } catch (IOException e) {
                Log.e(TAG, "cannot close socket", e);
            }
        }
        try {
            Log.d(TAG, "connected to " + str + ':' + i);
            this._socket = (SSLSocket) this.sslFact.createSocket();
            setReasonableEncryption(this._socket);
            this._socket.setUseClientMode(true);
            this._socket.setEnableSessionCreation(true);
            this._socket.setNeedClientAuth(true);
            this._socket.setTcpNoDelay(true);
            this._socket.connect(new InetSocketAddress(str, i));
            this._socket.startHandshake();
            this.out = this._socket.getOutputStream();
            this.in = this._socket.getInputStream();
            Log.d(TAG, "connected to " + str + ':' + i);
        } catch (ConnectException e2) {
            Log.e(TAG, "Cannot connect to Host", e2);
            throw new IOException();
        } catch (SocketException e3) {
            Log.e(TAG, "IO Error", e3);
            throw new IOException();
        } catch (UnknownHostException e4) {
            Log.e(TAG, "Unknown Host", e4);
            throw new IOException();
        }
    }

    public void init(String str, String str2, String str3) throws ParseException, CertificateException, NoSuchCertificateException {
        try {
            List<X509Certificate> generateCertificateFromPEM = generateCertificateFromPEM(str);
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new StringBufferInputStream(str2));
            RSAPrivateKey generatePrivateKeyFromPEM = generatePrivateKeyFromPEM(str3);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            Certificate[] certificateArr = new Certificate[generateCertificateFromPEM.size() + 1];
            int length = certificateArr.length - 1;
            int i = length;
            for (X509Certificate x509Certificate2 : generateCertificateFromPEM) {
                keyStore.setCertificateEntry("taskwarrior-ROOT", x509Certificate2);
                certificateArr[i] = x509Certificate2;
                i--;
            }
            keyStore.setCertificateEntry("taskwarrior-USER", x509Certificate);
            certificateArr[0] = x509Certificate;
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyStore.setEntry("user", new KeyStore.PrivateKeyEntry(generatePrivateKeyFromPEM, certificateArr), new KeyStore.PasswordProtection("secret".toCharArray()));
            keyManagerFactory.init(keyStore, "secret".toCharArray());
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
            this.sslFact = sSLContext.getSocketFactory();
        } catch (IOException e) {
            Log.w(TAG, "general io problem");
            throw new CertificateException(e);
        } catch (KeyManagementException e2) {
            Log.w(TAG, "cannot access key");
            throw new CertificateException(e2);
        } catch (KeyStoreException e3) {
            Log.w(TAG, "cannot handle keystore");
            throw new CertificateException(e3);
        } catch (NoSuchAlgorithmException e4) {
            Log.w(TAG, "no matching algorithm found");
            throw new CertificateException(e4);
        } catch (UnrecoverableKeyException e5) {
            Log.w(TAG, "cannot restore key");
            throw new CertificateException(e5);
        } catch (CertificateException e6) {
            Log.w(TAG, "certificat not readable");
            throw new CertificateException(e6);
        }
    }

    public String recv() {
        Log.i(TAG, "reveive data from " + this._socket.getLocalAddress() + ':' + this._socket.getLocalPort());
        if (!this._socket.isConnected()) {
            Log.e(TAG, "not connected");
            return null;
        }
        try {
            this.in.read(new byte[4]);
            Scanner scanner = new Scanner(this.in);
            Scanner useDelimiter = scanner.useDelimiter("\\A");
            String next = useDelimiter.hasNext() ? useDelimiter.next() : "";
            useDelimiter.close();
            scanner.close();
            return next;
        } catch (IOException e) {
            Log.e(TAG, "cannot read Inputstream", e);
            return null;
        }
    }

    public void send(String str) {
        DataOutputStream dataOutputStream = new DataOutputStream(this.out);
        if (!this._socket.isConnected()) {
            Log.e(TAG, "socket not connected");
            return;
        }
        try {
            byte[] bytes = str.getBytes("UTF-8");
            dataOutputStream.writeInt(bytes.length);
            dataOutputStream.write(bytes);
        } catch (IOException e) {
            Log.e(TAG, "cannot write data to outputstream", e);
        }
        try {
            dataOutputStream.flush();
            dataOutputStream.close();
            this.out.flush();
        } catch (IOException e2) {
            Log.e(TAG, "cannot flush data to outputstream", e2);
        }
    }
}
