package IceSSL;

import Ice.Communicator;
import Ice.Logger;
import Ice.PluginInitializationException;
import Ice.SecurityException;
import IceInternal.Network;
import IceInternal.ProtocolPluginFacade;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.channels.SelectableChannel;
import java.nio.channels.SocketChannel;
import java.security.cert.CertPathValidator;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class SSLEngine {
    static final /* synthetic */ boolean $assertionsDisabled = false;
    private boolean _allCiphers;
    private boolean _checkCertName;
    private CipherExpression[] _ciphers;
    private Communicator _communicator;
    private SSLContext _context;
    private String _defaultDir;
    private ProtocolPluginFacade _facade;
    private boolean _initialized;
    private InputStream _keystoreStream;
    private Logger _logger;
    private boolean _noCiphers;
    private PasswordCallback _passwordCallback;
    private String[] _protocols;
    private String _securityTraceCategory;
    private int _securityTraceLevel;
    private List<InputStream> _seeds = new ArrayList();
    private TrustManager _trustManager;
    private InputStream _truststoreStream;
    private CertPathValidator _validator;
    private PKIXParameters _validatorParams;
    private CertificateVerifier _verifier;
    private int _verifyDepthMax;
    private int _verifyPeer;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class CipherExpression {
        String cipher;
        boolean not;
        Pattern re;

        private CipherExpression() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLEngine(ProtocolPluginFacade protocolPluginFacade) {
        Communicator communicator = protocolPluginFacade.getCommunicator();
        this._communicator = communicator;
        this._logger = communicator.getLogger();
        this._facade = protocolPluginFacade;
        this._securityTraceLevel = this._communicator.getProperties().getPropertyAsIntWithDefault("IceSSL.Trace.Security", 0);
        this._securityTraceCategory = "Security";
        this._trustManager = new TrustManager(this._communicator);
    }

    private InputStream openResource(String str) throws IOException {
        boolean isAbsolute;
        try {
            new URL(str);
            isAbsolute = true;
        } catch (MalformedURLException unused) {
            isAbsolute = new File(str).isAbsolute();
        }
        InputStream openResource = IceInternal.Util.openResource(getClass().getClassLoader(), str);
        if (openResource == null && this._defaultDir.length() > 0 && !isAbsolute) {
            openResource = IceInternal.Util.openResource(getClass().getClassLoader(), this._defaultDir + File.separator + str);
        }
        return openResource != null ? new BufferedInputStream(openResource) : openResource;
    }

    private void parseCiphers(String str) {
        ArrayList arrayList = new ArrayList();
        String[] split = str.split("[ \t]+");
        for (int i = 0; i < split.length; i++) {
            if (split[i].equals("ALL")) {
                if (i != 0) {
                    PluginInitializationException pluginInitializationException = new PluginInitializationException();
                    pluginInitializationException.reason = "IceSSL: `ALL' must be first in cipher list `" + str + "'";
                    throw pluginInitializationException;
                }
                this._allCiphers = true;
            } else if (!split[i].equals("NONE")) {
                CipherExpression cipherExpression = new CipherExpression();
                String str2 = split[i];
                if (str2.charAt(0) == '!') {
                    cipherExpression.not = true;
                    if (str2.length() <= 1) {
                        PluginInitializationException pluginInitializationException2 = new PluginInitializationException();
                        pluginInitializationException2.reason = "IceSSL: invalid cipher expression `" + str2 + "'";
                        throw pluginInitializationException2;
                    }
                    str2 = str2.substring(1);
                }
                if (str2.charAt(0) != '(') {
                    cipherExpression.cipher = str2;
                } else {
                    if (!str2.endsWith(")")) {
                        PluginInitializationException pluginInitializationException3 = new PluginInitializationException();
                        pluginInitializationException3.reason = "IceSSL: invalid cipher expression `" + str2 + "'";
                        throw pluginInitializationException3;
                    }
                    try {
                        cipherExpression.re = Pattern.compile(str2.substring(1, str2.length() - 2));
                    } catch (PatternSyntaxException e) {
                        throw new PluginInitializationException("IceSSL: invalid cipher expression `" + str2 + "'", e);
                    }
                }
                arrayList.add(cipherExpression);
            } else {
                if (i != 0) {
                    PluginInitializationException pluginInitializationException4 = new PluginInitializationException();
                    pluginInitializationException4.reason = "IceSSL: `NONE' must be first in cipher list `" + str + "'";
                    throw pluginInitializationException4;
                }
                this._noCiphers = true;
            }
        }
        CipherExpression[] cipherExpressionArr = new CipherExpression[arrayList.size()];
        this._ciphers = cipherExpressionArr;
        arrayList.toArray(cipherExpressionArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addSeedStream(InputStream inputStream) {
        this._seeds.add(inputStream);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Communicator communicator() {
        return this._communicator;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLContext context() {
        return this._context;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void context(SSLContext sSLContext) {
        if (!this._initialized) {
            this._context = sSLContext;
        } else {
            PluginInitializationException pluginInitializationException = new PluginInitializationException();
            pluginInitializationException.reason = "IceSSL: plug-in is already initialized";
            throw pluginInitializationException;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public javax.net.ssl.SSLEngine createSSLEngine(boolean z, InetSocketAddress inetSocketAddress) {
        javax.net.ssl.SSLEngine createSSLEngine = inetSocketAddress != null ? this._context.createSSLEngine(inetSocketAddress.getAddress().getHostAddress(), inetSocketAddress.getPort()) : this._context.createSSLEngine();
        createSSLEngine.setUseClientMode(!z);
        String[] filterCiphers = filterCiphers(createSSLEngine.getSupportedCipherSuites(), createSSLEngine.getEnabledCipherSuites());
        try {
            createSSLEngine.setEnabledCipherSuites(filterCiphers);
            if (this._securityTraceLevel >= 1) {
                StringBuilder sb = new StringBuilder(128);
                sb.append("enabling SSL ciphersuites:");
                for (String str : filterCiphers) {
                    sb.append("\n  ");
                    sb.append(str);
                }
                this._logger.trace(this._securityTraceCategory, sb.toString());
            }
            String[] strArr = this._protocols;
            if (strArr != null) {
                try {
                    createSSLEngine.setEnabledProtocols(strArr);
                } catch (IllegalArgumentException e) {
                    throw new SecurityException("IceSSL: invalid protocol", e);
                }
            } else {
                ArrayList arrayList = new ArrayList(Arrays.asList(createSSLEngine.getEnabledProtocols()));
                arrayList.remove("SSLv3");
                createSSLEngine.setEnabledProtocols((String[]) arrayList.toArray(new String[arrayList.size()]));
            }
            if (z) {
                int i = this._verifyPeer;
                if (i == 0) {
                    createSSLEngine.setWantClientAuth(false);
                    createSSLEngine.setNeedClientAuth(false);
                } else if (i == 1) {
                    createSSLEngine.setWantClientAuth(true);
                } else {
                    createSSLEngine.setNeedClientAuth(true);
                }
            }
            try {
                createSSLEngine.beginHandshake();
                return createSSLEngine;
            } catch (SSLException e2) {
                throw new SecurityException("IceSSL: handshake error", e2);
            }
        } catch (IllegalArgumentException e3) {
            throw new SecurityException("IceSSL: invalid ciphersuite", e3);
        }
    }

    String[] filterCiphers(String[] strArr, String[] strArr2) {
        LinkedList linkedList = new LinkedList();
        if (this._allCiphers) {
            for (String str : strArr) {
                linkedList.add(str);
            }
        } else if (!this._noCiphers) {
            for (String str2 : strArr2) {
                linkedList.add(str2);
            }
        }
        CipherExpression[] cipherExpressionArr = this._ciphers;
        if (cipherExpressionArr != null) {
            for (CipherExpression cipherExpression : cipherExpressionArr) {
                if (cipherExpression.not) {
                    Iterator it = linkedList.iterator();
                    while (it.hasNext()) {
                        String str3 = (String) it.next();
                        if (cipherExpression.cipher != null) {
                            if (cipherExpression.cipher.equals(str3)) {
                                it.remove();
                            }
                        } else if (cipherExpression.re.matcher(str3).find()) {
                            it.remove();
                        }
                    }
                } else if (cipherExpression.cipher != null) {
                    linkedList.add(0, cipherExpression.cipher);
                } else {
                    for (String str4 : strArr) {
                        if (cipherExpression.re.matcher(str4).find()) {
                            linkedList.add(0, str4);
                        }
                    }
                }
            }
        }
        String[] strArr3 = new String[linkedList.size()];
        linkedList.toArray(strArr3);
        return strArr3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CertificateVerifier getCertificateVerifier() {
        return this._verifier;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PasswordCallback getPasswordCallback() {
        return this._passwordCallback;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate[] getVerifiedCertificateChain(Certificate[] certificateArr) {
        if (this._validator == null) {
            return certificateArr;
        }
        if (this._validatorParams == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList(Arrays.asList(certificateArr));
        try {
            X509Certificate trustedCert = ((PKIXCertPathValidatorResult) this._validator.validate(CertificateFactory.getInstance("X.509").generateCertPath(arrayList), this._validatorParams)).getTrustAnchor().getTrustedCert();
            if (!trustedCert.equals(certificateArr[certificateArr.length - 1])) {
                arrayList.add(trustedCert);
            }
            return (Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]);
        } catch (Exception unused) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Can't wrap try/catch for region: R(26:(23:(2:146|(18:148|149|(14:154|155|(1:157)(13:190|(1:(1:193)(1:194))(1:196)|195|(2:163|164)|167|(4:169|(3:171|(2:173|174)(1:176)|175)|177|178)|179|180|(1:182)(1:189)|183|(2:186|184)|187|188)|158|(3:160|163|164)|167|(0)|179|180|(0)(0)|183|(1:184)|187|188)|197|(10:206|207|208|(1:210)(2:233|(2:235|236))|211|(1:213)(2:223|(1:225)(6:226|(4:231|215|(1:217)|(2:219|220))|232|215|(0)|(0)))|214|215|(0)|(0))(1:201)|155|(0)(0)|158|(0)|167|(0)|179|180|(0)(0)|183|(1:184)|187|188))|(1:264)(2:305|(1:307)(42:308|(40:313|266|(1:268)|(2:301|302)|270|(1:272)(2:298|(1:300))|273|(1:275)|276|(2:278|(2:279|(2:281|(2:283|284)(1:285))(1:286)))(0)|287|(2:289|(3:291|(2:294|292)|295)(2:296|297))|149|(15:151|154|155|(0)(0)|158|(0)|167|(0)|179|180|(0)(0)|183|(1:184)|187|188)|197|(1:199)|202|206|207|208|(0)(0)|211|(0)(0)|214|215|(0)|(0)|155|(0)(0)|158|(0)|167|(0)|179|180|(0)(0)|183|(1:184)|187|188)|314|266|(0)|(0)|270|(0)(0)|273|(0)|276|(0)(0)|287|(0)|149|(0)|197|(0)|202|206|207|208|(0)(0)|211|(0)(0)|214|215|(0)|(0)|155|(0)(0)|158|(0)|167|(0)|179|180|(0)(0)|183|(1:184)|187|188))|208|(0)(0)|211|(0)(0)|214|215|(0)|(0)|155|(0)(0)|158|(0)|167|(0)|179|180|(0)(0)|183|(1:184)|187|188)|256|257|258|(1:260)(2:315|(2:317|318))|261|262|265|266|(0)|(0)|270|(0)(0)|273|(0)|276|(0)(0)|287|(0)|149|(0)|197|(0)|202|206|207) */
    /* JADX WARN: Code restructure failed: missing block: B:166:0x0435, code lost:
    
        r2.init(r5);
        r3 = r2.getTrustManagers();
     */
    /* JADX WARN: Code restructure failed: missing block: B:252:0x04c4, code lost:
    
        r0 = e;
     */
    /* JADX WARN: Code restructure failed: missing block: B:253:0x04c5, code lost:
    
        r7 = null;
     */
    /* JADX WARN: Code restructure failed: missing block: B:254:0x04c1, code lost:
    
        r0 = th;
     */
    /* JADX WARN: Code restructure failed: missing block: B:255:0x04c2, code lost:
    
        r7 = null;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:151:0x0391 A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:157:0x0406  */
    /* JADX WARN: Removed duplicated region for block: B:160:0x0424 A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:169:0x044d A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:182:0x0476 A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:186:0x0487 A[Catch: GeneralSecurityException -> 0x0522, LOOP:5: B:184:0x0484->B:186:0x0487, LOOP_END, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:189:0x0482  */
    /* JADX WARN: Removed duplicated region for block: B:190:0x0409 A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:199:0x039f A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:210:0x03b7 A[Catch: all -> 0x04c1, IOException -> 0x04c4, TryCatch #23 {IOException -> 0x04c4, all -> 0x04c1, blocks: (B:207:0x03b3, B:210:0x03b7, B:233:0x03ba), top: B:206:0x03b3 }] */
    /* JADX WARN: Removed duplicated region for block: B:213:0x03ca A[Catch: all -> 0x04a2, IOException -> 0x04a5, TryCatch #22 {IOException -> 0x04a5, all -> 0x04a2, blocks: (B:211:0x03c0, B:213:0x03ca, B:215:0x03ef, B:217:0x03f4, B:223:0x03d1, B:225:0x03d5, B:226:0x03dc, B:228:0x03e2, B:232:0x03ec, B:235:0x04a8, B:236:0x04c0), top: B:208:0x03b5 }] */
    /* JADX WARN: Removed duplicated region for block: B:217:0x03f4 A[Catch: all -> 0x04a2, IOException -> 0x04a5, TRY_LEAVE, TryCatch #22 {IOException -> 0x04a5, all -> 0x04a2, blocks: (B:211:0x03c0, B:213:0x03ca, B:215:0x03ef, B:217:0x03f4, B:223:0x03d1, B:225:0x03d5, B:226:0x03dc, B:228:0x03e2, B:232:0x03ec, B:235:0x04a8, B:236:0x04c0), top: B:208:0x03b5 }] */
    /* JADX WARN: Removed duplicated region for block: B:219:0x03f9 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:223:0x03d1 A[Catch: all -> 0x04a2, IOException -> 0x04a5, TryCatch #22 {IOException -> 0x04a5, all -> 0x04a2, blocks: (B:211:0x03c0, B:213:0x03ca, B:215:0x03ef, B:217:0x03f4, B:223:0x03d1, B:225:0x03d5, B:226:0x03dc, B:228:0x03e2, B:232:0x03ec, B:235:0x04a8, B:236:0x04c0), top: B:208:0x03b5 }] */
    /* JADX WARN: Removed duplicated region for block: B:233:0x03ba A[Catch: all -> 0x04c1, IOException -> 0x04c4, TRY_LEAVE, TryCatch #23 {IOException -> 0x04c4, all -> 0x04c1, blocks: (B:207:0x03b3, B:210:0x03b7, B:233:0x03ba), top: B:206:0x03b3 }] */
    /* JADX WARN: Removed duplicated region for block: B:246:0x04e0 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:268:0x0300 A[Catch: IOException -> 0x04e4, all -> 0x051b, TRY_LEAVE, TryCatch #14 {IOException -> 0x04e4, blocks: (B:262:0x02cc, B:264:0x02d6, B:266:0x02fb, B:268:0x0300, B:305:0x02dd, B:307:0x02e1, B:308:0x02e8, B:310:0x02ee, B:314:0x02f8, B:317:0x04e6, B:318:0x04fe), top: B:258:0x02bf }] */
    /* JADX WARN: Removed duplicated region for block: B:272:0x0319 A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:275:0x032e A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:278:0x033c A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:289:0x0359 A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:298:0x031e A[Catch: GeneralSecurityException -> 0x0522, TryCatch #4 {GeneralSecurityException -> 0x0522, blocks: (B:92:0x01ad, B:94:0x01c6, B:96:0x01d0, B:98:0x01d2, B:100:0x01d8, B:102:0x01e0, B:103:0x01f8, B:106:0x01fa, B:107:0x0210, B:109:0x0211, B:111:0x0219, B:112:0x0221, B:114:0x0227, B:121:0x0247, B:130:0x0256, B:131:0x0259, B:139:0x025a, B:140:0x025d, B:143:0x0290, B:146:0x02b0, B:149:0x038d, B:151:0x0391, B:155:0x03fc, B:160:0x0424, B:163:0x042b, B:164:0x0432, B:166:0x0435, B:167:0x043c, B:169:0x044d, B:171:0x0459, B:173:0x0461, B:175:0x046a, B:178:0x046d, B:180:0x0470, B:182:0x0476, B:184:0x0484, B:186:0x0487, B:188:0x0495, B:190:0x0409, B:194:0x0414, B:197:0x039b, B:199:0x039f, B:202:0x03a5, B:204:0x03ab, B:220:0x03f9, B:247:0x04e0, B:245:0x04e3, B:302:0x0305, B:270:0x0308, B:272:0x0319, B:273:0x0328, B:275:0x032e, B:276:0x0332, B:278:0x033c, B:279:0x0340, B:281:0x0346, B:287:0x0353, B:289:0x0359, B:292:0x0360, B:294:0x0363, B:296:0x0371, B:297:0x038c, B:298:0x031e, B:300:0x0322, B:326:0x051e, B:324:0x0521, B:116:0x022d, B:118:0x0233, B:119:0x0244, B:126:0x0236, B:135:0x024e, B:136:0x0255), top: B:91:0x01ad, inners: #1, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:301:0x0305 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:325:0x051e A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Type inference failed for: r7v37 */
    /* JADX WARN: Type inference failed for: r7v38 */
    /* JADX WARN: Type inference failed for: r7v6 */
    /* JADX WARN: Type inference failed for: r7v7 */
    /* JADX WARN: Type inference failed for: r7v9, types: [java.io.InputStream] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void initialize() {
        /*
            Method dump skipped, instructions count: 1337
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: IceSSL.SSLEngine.initialize():void");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean initialized() {
        return this._initialized;
    }

    String[] protocols() {
        return this._protocols;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String securityTraceCategory() {
        return this._securityTraceCategory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int securityTraceLevel() {
        return this._securityTraceLevel;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCertificateVerifier(CertificateVerifier certificateVerifier) {
        this._verifier = certificateVerifier;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setKeystoreStream(InputStream inputStream) {
        if (!this._initialized) {
            this._keystoreStream = inputStream;
        } else {
            PluginInitializationException pluginInitializationException = new PluginInitializationException();
            pluginInitializationException.reason = "IceSSL: plugin is already initialized";
            throw pluginInitializationException;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPasswordCallback(PasswordCallback passwordCallback) {
        this._passwordCallback = passwordCallback;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setTruststoreStream(InputStream inputStream) {
        if (!this._initialized) {
            this._truststoreStream = inputStream;
        } else {
            PluginInitializationException pluginInitializationException = new PluginInitializationException();
            pluginInitializationException.reason = "IceSSL: plugin is already initialized";
            throw pluginInitializationException;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void traceConnection(SocketChannel socketChannel, javax.net.ssl.SSLEngine sSLEngine, boolean z) {
        SSLSession session = sSLEngine.getSession();
        StringBuilder sb = new StringBuilder();
        sb.append("SSL summary for ");
        sb.append(z ? "incoming" : "outgoing");
        sb.append(" connection\n");
        sb.append("cipher = ");
        sb.append(session.getCipherSuite());
        sb.append("\n");
        sb.append("protocol = ");
        sb.append(session.getProtocol());
        sb.append("\n");
        sb.append(Network.fdToString(socketChannel));
        this._logger.trace(this._securityTraceCategory, sb.toString());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void trustManagerFailure(boolean z, CertificateException certificateException) throws CertificateException {
        if (this._verifyPeer != 0) {
            throw certificateException;
        }
        int i = this._securityTraceLevel;
        if (i >= 1) {
            String str = "ignoring peer verification failure";
            if (i > 1) {
                StringWriter stringWriter = new StringWriter();
                PrintWriter printWriter = new PrintWriter(stringWriter);
                certificateException.printStackTrace(printWriter);
                printWriter.flush();
                str = "ignoring peer verification failure:\n" + stringWriter.toString();
            }
            this._logger.trace(this._securityTraceCategory, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void verifyPeer(NativeConnectionInfo nativeConnectionInfo, SelectableChannel selectableChannel, String str) {
        if (!nativeConnectionInfo.incoming && this._verifyPeer > 0 && !nativeConnectionInfo.verified) {
            throw new SecurityException("IceSSL: server did not supply a certificate");
        }
        if (nativeConnectionInfo.nativeCerts != null && nativeConnectionInfo.nativeCerts.length > 0 && str.length() > 0) {
            X509Certificate x509Certificate = (X509Certificate) nativeConnectionInfo.nativeCerts[0];
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            try {
                Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                if (subjectAlternativeNames != null) {
                    for (List<?> list : subjectAlternativeNames) {
                        Integer num = (Integer) list.get(0);
                        if (num.intValue() == 7) {
                            arrayList.add((String) list.get(1));
                        } else if (num.intValue() == 2) {
                            arrayList2.add(((String) list.get(1)).toLowerCase());
                        }
                    }
                }
            } catch (CertificateParsingException unused) {
            }
            String lowerCase = str.toLowerCase();
            String name = x509Certificate.getSubjectX500Principal().getName("CANONICAL");
            String str2 = "cn=" + lowerCase;
            int indexOf = name.indexOf(str2);
            boolean z = indexOf >= 0 && (str2.length() + indexOf == name.length() || name.charAt(indexOf + str2.length()) == ',');
            if (!z) {
                z = arrayList.contains(lowerCase);
            }
            if (!z) {
                z = arrayList2.contains(lowerCase);
            }
            if (!z && (this._checkCertName || (this._securityTraceLevel >= 1 && this._verifier == null))) {
                StringBuilder sb = new StringBuilder(128);
                sb.append("IceSSL: ");
                if (!this._checkCertName) {
                    sb.append("ignoring ");
                }
                sb.append("certificate validation failure:\npeer certificate does not have `");
                sb.append(str);
                sb.append("' as its commonName or in its subjectAltName extension");
                if (name.length() > 0) {
                    sb.append("\nSubject DN: ");
                    sb.append(name);
                }
                if (!arrayList2.isEmpty()) {
                    sb.append("\nDNS names found in certificate: ");
                    for (int i = 0; i < arrayList2.size(); i++) {
                        if (i > 0) {
                            sb.append(", ");
                        }
                        sb.append((String) arrayList2.get(i));
                    }
                }
                if (!arrayList.isEmpty()) {
                    sb.append("\nIP addresses found in certificate: ");
                    for (int i2 = 0; i2 < arrayList.size(); i2++) {
                        if (i2 > 0) {
                            sb.append(", ");
                        }
                        sb.append((String) arrayList.get(i2));
                    }
                }
                if (this._securityTraceLevel >= 1) {
                    this._logger.trace(this._securityTraceCategory, sb.toString());
                }
                if (this._checkCertName) {
                    SecurityException securityException = new SecurityException();
                    securityException.reason = sb.toString();
                    throw securityException;
                }
            }
        }
        if (this._verifyDepthMax > 0 && nativeConnectionInfo.nativeCerts != null && nativeConnectionInfo.nativeCerts.length > this._verifyDepthMax) {
            StringBuilder sb2 = new StringBuilder();
            sb2.append(nativeConnectionInfo.incoming ? "incoming" : "outgoing");
            sb2.append(" connection rejected:\n");
            sb2.append("length of peer's certificate chain (");
            sb2.append(nativeConnectionInfo.nativeCerts.length);
            sb2.append(") exceeds maximum of ");
            sb2.append(this._verifyDepthMax);
            sb2.append("\n");
            sb2.append(Network.fdToString(selectableChannel));
            String sb3 = sb2.toString();
            if (this._securityTraceLevel >= 1) {
                this._logger.trace(this._securityTraceCategory, sb3);
            }
            SecurityException securityException2 = new SecurityException();
            securityException2.reason = sb3;
            throw securityException2;
        }
        if (!this._trustManager.verify(nativeConnectionInfo)) {
            StringBuilder sb4 = new StringBuilder();
            sb4.append(nativeConnectionInfo.incoming ? "incoming" : "outgoing");
            sb4.append(" connection rejected by trust manager\n");
            sb4.append(Network.fdToString(selectableChannel));
            String sb5 = sb4.toString();
            if (this._securityTraceLevel >= 1) {
                this._logger.trace(this._securityTraceCategory, sb5);
            }
            SecurityException securityException3 = new SecurityException();
            securityException3.reason = sb5;
            throw securityException3;
        }
        CertificateVerifier certificateVerifier = this._verifier;
        if (certificateVerifier == null || certificateVerifier.verify(nativeConnectionInfo)) {
            return;
        }
        StringBuilder sb6 = new StringBuilder();
        sb6.append(nativeConnectionInfo.incoming ? "incoming" : "outgoing");
        sb6.append(" connection rejected by certificate verifier\n");
        sb6.append(Network.fdToString(selectableChannel));
        String sb7 = sb6.toString();
        if (this._securityTraceLevel >= 1) {
            this._logger.trace(this._securityTraceCategory, sb7);
        }
        SecurityException securityException4 = new SecurityException();
        securityException4.reason = sb7;
        throw securityException4;
    }
}
