package com.sf.certificatevalidation.certificatevalidation.logic.utils;

import com.sf.certificatevalidation.certificatevalidation.dao.ConnectionConfigurationEntity;
import com.sf.certificatevalidation.certificatevalidation.logic.excepcion.LogicException;
import com.sf.certificatevalidation.certificatevalidation.logic.log.Log;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.cli.HelpFormatter;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Priority;
import sun.net.www.protocol.http.HttpURLConnection;

/* loaded from: input_file:com/sf/certificatevalidation/certificatevalidation/logic/utils/SSLSocketClientWithTunnelingLogicImpl.class */
public abstract class SSLSocketClientWithTunnelingLogicImpl {
    private static String tunnelHost;
    private static Integer tunnelPort;
    private static String serverHost;
    private static Integer serverPort;
    private static String Pass;
    private static SavingTrustManager tm;
    private static KeyStore ks;
    private static File dir;
    private static char[] keyStorePass;
    private static String jrePath;
    private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sf/certificatevalidation/certificatevalidation/logic/utils/SSLSocketClientWithTunnelingLogicImpl$SavingTrustManager.class */
    public static class SavingTrustManager implements X509TrustManager {
        private final X509TrustManager tm;
        private X509Certificate[] chain;

        SavingTrustManager(X509TrustManager x509TrustManager) {
            this.tm = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            Log.info("Obtiene certificados");
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            Log.info(x509CertificateArr + " " + str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.chain = x509CertificateArr;
            this.tm.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public static boolean Connect(ConnectionConfigurationEntity connectionConfigurationEntity, boolean z) throws LogicException, KeyStoreException, SSLException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException {
        SSLSocket sSLSocket;
        try {
            tunnelHost = connectionConfigurationEntity.getTunnelHost();
            tunnelPort = connectionConfigurationEntity.getTunnelPort();
            serverHost = connectionConfigurationEntity.getServerHost();
            serverPort = connectionConfigurationEntity.getServerPort();
            Pass = connectionConfigurationEntity.getKeyStorePass();
            keyStorePass = Pass != null ? Pass.toCharArray() : "changeit".toCharArray();
            jrePath = connectionConfigurationEntity.getJREPath();
            File file = new File("jssecacerts");
            char c = File.separatorChar;
            if (StringUtils.isNotEmpty(jrePath)) {
                dir = new File(jrePath);
            } else {
                dir = new File(System.getProperty("java.home") + c + "lib" + c + "security");
            }
            if (!file.isFile()) {
                file = new File(dir, "jssecacerts");
                if (!file.isFile()) {
                    file = new File(dir, "cacerts");
                }
            }
            try {
                Log.info("Cargando KeyStore " + file + "...");
                FileInputStream fileInputStream = new FileInputStream(file);
                ks = KeyStore.getInstance(KeyStore.getDefaultType());
                ks.load(fileInputStream, keyStorePass);
                fileInputStream.close();
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(ks);
                tm = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
                sSLContext.init(null, new TrustManager[]{tm}, null);
                SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
                if (tunnelHost == null || tunnelPort == null) {
                    Log.info("Realizando Conexion a: " + serverHost + ":" + serverPort + "...");
                    sSLSocket = (SSLSocket) socketFactory.createSocket();
                    sSLSocket.connect(new InetSocketAddress(serverHost, serverPort.intValue()), Priority.DEBUG_INT);
                } else {
                    Socket socket = new Socket(tunnelHost, tunnelPort.intValue());
                    socket.setSoTimeout(300000);
                    doTunnelHandshake(socket, serverHost, serverPort.intValue());
                    Log.info("Realizando Conexion a: " + serverHost + ":" + serverPort + "...");
                    sSLSocket = (SSLSocket) socketFactory.createSocket(socket, serverHost, serverPort.intValue(), true);
                }
                if (sSLSocket.isClosed()) {
                    throw new LogicException("la Conexion se encuentra cerrada");
                }
                sSLSocket.startHandshake();
                sSLSocket.close();
                Log.info("EL certificado ya se encuentra instalado");
                return true;
            } catch (IOException e) {
                throw new KeyStoreException(e.getMessage(), e);
            }
        } catch (SSLException e2) {
            if (!z) {
                throw new SSLException(e2.getMessage(), e2);
            }
            installcert();
            return true;
        } catch (IOException e3) {
            throw new IOException(e3.getMessage());
        }
    }

    private static void installcert() throws LogicException {
        try {
            X509Certificate[] x509CertificateArr = tm.chain;
            if (x509CertificateArr == null) {
                throw new LogicException("Could not obtain server certificate chain");
            }
            Log.info(StringUtils.EMPTY);
            Log.info("Server sent " + x509CertificateArr.length + " certificate(s):");
            Log.info(StringUtils.EMPTY);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            MessageDigest messageDigest2 = MessageDigest.getInstance("MD5");
            for (int i = 0; i < x509CertificateArr.length; i++) {
                X509Certificate x509Certificate = x509CertificateArr[i];
                Log.info(" " + (i + 1) + " Subject " + x509Certificate.getSubjectDN());
                Log.info(" Serial Number " + toHexString(x509Certificate.getSerialNumber().toByteArray()));
                Log.info("   Issuer  " + x509Certificate.getIssuerDN());
                messageDigest.update(x509Certificate.getEncoded());
                Log.info("   sha1    " + toHexString(messageDigest.digest()));
                messageDigest2.update(x509Certificate.getEncoded());
                Log.info("   md5     " + toHexString(messageDigest2.digest()));
                Log.info(StringUtils.EMPTY);
            }
            X509Certificate x509Certificate2 = x509CertificateArr[1];
            ks.setCertificateEntry(serverHost + HelpFormatter.DEFAULT_OPT_PREFIX + 2, x509Certificate2);
            FileOutputStream fileOutputStream = new FileOutputStream(new File(dir, "jssecacerts"));
            ks.store(fileOutputStream, keyStorePass);
            fileOutputStream.close();
            Log.info(StringUtils.EMPTY);
            Log.info(x509Certificate2.toString());
        } catch (Exception e) {
            throw new LogicException(e.getMessage(), e);
        }
    }

    private static String toHexString(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer(bArr.length * 3);
        int i = 0;
        while (i < bArr.length) {
            int i2 = i & 255;
            stringBuffer.append(HEXDIGITS[i2 >> 4]);
            stringBuffer.append(HEXDIGITS[i2 & 15]);
            stringBuffer.append(' ');
            i = i2 + 1;
        }
        return stringBuffer.toString();
    }

    private static void doTunnelHandshake(Socket socket, String str, int i) throws IOException {
        byte[] bytes;
        String str2;
        OutputStream outputStream = socket.getOutputStream();
        String str3 = "CONNECT " + str + ":" + i + " HTTP/1.0\nUser-Agent: " + HttpURLConnection.userAgent + "\r\n\r\n";
        try {
            bytes = str3.getBytes("ASCII7");
        } catch (UnsupportedEncodingException e) {
            bytes = str3.getBytes();
        }
        outputStream.write(bytes);
        outputStream.flush();
        byte[] bArr = new byte[200];
        int i2 = 0;
        int i3 = 0;
        boolean z = false;
        InputStream inputStream = socket.getInputStream();
        while (i3 < 2) {
            int read = inputStream.read();
            if (read < 0) {
                throw new IOException("Unexpected EOF from proxy");
            }
            if (read == 10) {
                z = true;
                i3++;
            } else if (read != 13) {
                i3 = 0;
                if (!z && i2 < bArr.length) {
                    int i4 = i2;
                    i2++;
                    bArr[i4] = (byte) read;
                }
            }
        }
        try {
            str2 = new String(bArr, 0, i2, "ASCII7");
        } catch (UnsupportedEncodingException e2) {
            str2 = new String(bArr, 0, i2);
        }
        if (!str2.startsWith("HTTP/1.0 200")) {
            throw new IOException("Unable to tunnel through .  Proxy returns \"" + str2 + "\"");
        }
    }
}
