package com.citrix.sdk.ssl.androidnative;

import com.citrix.sdk.ssl.androidnative.SslsdkConfig;
import defpackage.AbstractC5580kO0;
import defpackage.AbstractC8038tr2;
import defpackage.GL;
import defpackage.MZ;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocketFactory;
import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.conn.scheme.LayeredSocketFactory;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.SocketFactory;
import org.apache.http.params.HttpParams;

/* compiled from: chromium-ChromePublic.apk-beta-90206210 */
/* loaded from: classes.dex */
public class CitrixSSLSocketFactory extends SSLSocketFactory implements LayeredSocketFactory, SocketFactory {
    public static SslsdkConfig.ComplianceMode a = SslsdkConfig.ComplianceMode.SSLSDK_OPEN;
    public static volatile int b = -2;
    public static final String c;
    public static final String d;
    public static HashMap e;

    /* compiled from: chromium-ChromePublic.apk-beta-90206210 */
    /* loaded from: classes.dex */
    public enum Feature {
        FEATURE_RC4MD5,
        FEATURE_3DES,
        FEATURE_RC4SHA,
        FEATURE_RSA_KX
    }

    static {
        StringBuilder sb = new StringBuilder();
        sb.append(System.getProperty("java.home"));
        String str = File.separator;
        AbstractC5580kO0.a(sb, str, "lib", str, "security");
        c = GL.a(sb, str, "jssecacerts");
        StringBuilder sb2 = new StringBuilder();
        sb2.append(System.getProperty("java.home"));
        sb2.append(str);
        sb2.append("lib");
        sb2.append(str);
        sb2.append("security");
        d = GL.a(sb2, str, "cacerts");
        e = new HashMap(512);
    }

    public static KeyStore a(String str, String str2, String str3) {
        File file;
        try {
            file = new File(str);
        } catch (Throwable unused) {
            MZ.c("Exception while opening Android CA store [" + str + "] Returning empty");
        }
        if (!file.exists()) {
            MZ.e("CA keystore at [" + str + "] does NOT exist!");
            return null;
        }
        KeyStore keyStore = KeyStore.getInstance(str2);
        FileInputStream fileInputStream = new FileInputStream(file);
        keyStore.load(fileInputStream, str3 != null ? str3.toCharArray() : null);
        fileInputStream.close();
        if (MZ.a) {
            MZ.a("Loaded old-style keystore (" + keyStore.size() + " entries) at: " + str);
        }
        return keyStore;
    }

    public static int c() {
        int nativeGetFIPSMode;
        synchronized (CitrixSSLSocketFactory.class) {
            if (!(b == 0)) {
                if (MZ.a) {
                    MZ.a("calling getFIPSMode without initializing. Auto-init...");
                }
                e(0, null, a);
            }
            nativeGetFIPSMode = nativeGetFIPSMode();
        }
        return nativeGetFIPSMode;
    }

    public static Object[] d() {
        KeyStore a2;
        try {
            a2 = KeyStore.getInstance("AndroidCAStore");
            a2.load(null, null);
            MZ.e("Loaded Android ICS+ keystore. Implementation provided by " + a2.getProvider().getName());
        } catch (Throwable th) {
            MZ.e("Loading Android ICS+ keystore fails with: ".concat(String.valueOf(th)));
            a2 = a("/data/system/security/cacerts.bks", "BKS", null);
            if (a2 == null) {
                a2 = a(System.getProperty("javax.net.ssl.trustStore", c), System.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType()), System.getProperty("javax.net.ssl.trustStorePassword", null));
            }
            if (a2 == null) {
                a2 = a(System.getProperty("javax.net.ssl.trustStore", d), System.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType()), System.getProperty("javax.net.ssl.trustStorePassword", null));
            }
        }
        if (a2 == null) {
            MZ.c("a keystore with Android CAs could not be loaded!");
            return null;
        }
        try {
            if (MZ.a) {
                MZ.a("Adding certs from keystore...");
            }
            Enumeration<String> aliases = a2.aliases();
            ArrayList arrayList = new ArrayList();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                try {
                    arrayList.add(a2.getCertificate(nextElement).getEncoded());
                } catch (CertificateEncodingException e2) {
                    MZ.c("*** could not add cert with alias: [" + nextElement + "] due to ex: " + e2.getMessage());
                }
            }
            if (MZ.a) {
                MZ.a("Added " + arrayList.size() + " certificates.");
            }
            return arrayList.toArray();
        } catch (Throwable th2) {
            MZ.c("Problem getting CAs: ".concat(String.valueOf(th2)));
            AbstractC8038tr2.a.c(th2, System.err);
            return null;
        }
    }

    @Deprecated
    public static synchronized void e(int i, Object[] objArr, SslsdkConfig.ComplianceMode complianceMode) {
        synchronized (CitrixSSLSocketFactory.class) {
            if (MZ.a) {
                MZ.a("calling CitrixSSLSocketFactory.setupSSLSDK2 with table ".concat(String.valueOf(i)));
            }
            if (b == 0) {
                if (MZ.a) {
                    MZ.a("SSLSDK was already initialized so terminating first...");
                }
                nativeTerminate();
                b = -2;
            }
            if (objArr == null) {
                if (MZ.a) {
                    MZ.a("No CAs provided. Using system keystore");
                }
                objArr = d();
                if (objArr == null) {
                    MZ.c("SSLSDK could not initialize! No system CA store");
                    throw new RuntimeException("No system CA store!");
                }
            } else if (MZ.a) {
                MZ.a("Using " + objArr.length + " custom CAs provided");
            }
            try {
                b = nativeInitNative(i, objArr, complianceMode.ordinal());
                if (b != 0) {
                    throw new RuntimeException("SSLSDK could not initialize. Status is " + b);
                }
                StringBuilder sb = new StringBuilder("Current FIPS status is ");
                sb.append(c() == 1 ? "ENABLED" : "DISABLED");
                MZ.e(sb.toString());
            } catch (Throwable th) {
                MZ.c("SSLSDK could not initialize due to unexpected exception! Rethrowing RT from ".concat(String.valueOf(th)));
                AbstractC8038tr2.a.c(th, System.err);
                throw new RuntimeException(th);
            }
        }
    }

    public static native void nativeEnableDebug(boolean z);

    public static native void nativeFeatureCtrl(int i, int i2);

    public static native int nativeGetFIPSMode();

    public static native byte[][] nativeGetPeerCerts(long j);

    public static native byte[] nativeGetSessionID(long j);

    public static native int nativeInitNative(long j, Object[] objArr, int i);

    public static native boolean nativeKeystoreSetRoot(String str);

    public static native boolean nativeSetFIPSMode(int i);

    public static native int nativeSetIdentity(long j, byte[] bArr, byte[] bArr2);

    public static native int nativeTerminate();

    public final SslsdkConfig b() throws SSLException {
        new SslsdkConfig(0);
        throw null;
    }

    @Override // org.apache.http.conn.scheme.SocketFactory
    public Socket connectSocket(Socket socket, String str, int i, InetAddress inetAddress, int i2, HttpParams httpParams) throws IOException, UnknownHostException, ConnectTimeoutException {
        if (MZ.a) {
            Object[] objArr = new Object[3];
            objArr[0] = (socket == null || !socket.isConnected()) ? "NOT" : "already";
            objArr[1] = str;
            objArr[2] = Integer.valueOf(i);
            MZ.b("connectSocket -- lower %s connected to [%s:%d]", objArr);
        }
        if (socket == null || !socket.isConnected()) {
            PlainSocketFactory.getSocketFactory().connectSocket(socket, str, i, inetAddress, i2, httpParams);
        }
        b();
        throw null;
    }

    @Override // javax.net.SocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        if (MZ.a) {
            MZ.a("createSocket 0 [not connected]");
        }
        b();
        throw null;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        if (MZ.a) {
            MZ.a("createSocket 1 to host [" + str + ":" + i + "]");
        }
        new Socket(str, i);
        b();
        throw null;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        if (MZ.a) {
            MZ.a("createSocket 2 to host [" + str + "]");
        }
        new Socket(str, i, inetAddress, i2);
        b();
        throw null;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        if (MZ.a) {
            MZ.a("createSocket 3");
        }
        new Socket(inetAddress, i);
        b();
        throw null;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        if (MZ.a) {
            MZ.a("createSocket 4");
        }
        new Socket(inetAddress, i, inetAddress2, i2);
        b();
        throw null;
    }

    @Override // javax.net.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        if (MZ.a) {
            StringBuilder sb = new StringBuilder("createSocket 5 (lower ");
            AbstractC5580kO0.a(sb, (socket == null || !socket.isConnected()) ? "NOT" : "already", " connected) to host [", str, ":");
            sb.append(i);
            sb.append("]");
            MZ.a(sb.toString());
        }
        if (socket == null) {
            new Socket(str, i);
        } else if (!socket.isConnected()) {
            socket.connect(new InetSocketAddress(str, i));
        }
        b();
        throw null;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return new String[0];
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return new String[0];
    }

    @Override // org.apache.http.conn.scheme.SocketFactory
    public boolean isSecure(Socket socket) throws IllegalArgumentException {
        return socket instanceof CitrixSSLSocket;
    }
}
