package org.gudy.azureus2.core3.security.impl;

import com.aelitis.azureus.core.networkmanager.admin.NetworkAdmin;
import com.aelitis.azureus.core.util.CopyOnWriteList;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.lang.reflect.Constructor;
import java.net.Authenticator;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.PasswordAuthentication;
import java.net.Socket;
import java.net.URL;
import java.security.Key;
import java.security.KeyStore;
import java.security.Permission;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.gudy.azureus2.core3.config.COConfigurationManager;
import org.gudy.azureus2.core3.config.ParameterListener;
import org.gudy.azureus2.core3.logging.LogAlert;
import org.gudy.azureus2.core3.logging.LogEvent;
import org.gudy.azureus2.core3.logging.LogIDs;
import org.gudy.azureus2.core3.logging.Logger;
import org.gudy.azureus2.core3.security.SECertificateListener;
import org.gudy.azureus2.core3.security.SEKeyDetails;
import org.gudy.azureus2.core3.security.SEPasswordListener;
import org.gudy.azureus2.core3.security.SESecurityManager;
import org.gudy.azureus2.core3.util.AEMonitor;
import org.gudy.azureus2.core3.util.Base32;
import org.gudy.azureus2.core3.util.Constants;
import org.gudy.azureus2.core3.util.Debug;
import org.gudy.azureus2.core3.util.FileUtil;
import org.gudy.azureus2.core3.util.RandomUtils;

/* loaded from: input_file:org/gudy/azureus2/core3/security/impl/SESecurityManagerImpl.class */
public class SESecurityManagerImpl {
    private static final LogIDs LOGID = LogIDs.NET;
    protected static final SESecurityManagerImpl singleton = new SESecurityManagerImpl();
    protected static String KEYSTORE_TYPE;
    private static boolean auto_install_certs;
    protected String keystore_name;
    protected String truststore_name;
    private static final ThreadLocal tls;
    private AzureusSecurityManager my_sec_man;
    private boolean hack_constructor_tried;
    private Constructor<TrustManager> hack_constructor;
    protected final List<SECertificateListener> certificate_listeners = new ArrayList();
    protected final CopyOnWriteList password_listeners = new CopyOnWriteList();
    protected final Map password_handlers = new HashMap();
    protected final Map certificate_handlers = new HashMap();
    protected boolean exit_vm_permitted = false;
    protected final AEMonitor this_mon = new AEMonitor("SESecurityManager");
    private boolean initialized = false;
    final List stoppable_threads = new ArrayList();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/gudy/azureus2/core3/security/impl/SESecurityManagerImpl$AzureusSecurityManager.class */
    public final class AzureusSecurityManager extends SecurityManager {
        private final SecurityManager old_sec_man;

        private AzureusSecurityManager(SecurityManager securityManager) {
            this.old_sec_man = securityManager;
        }

        @Override // java.lang.SecurityManager
        public void checkAccept(String str, int i) {
        }

        @Override // java.lang.SecurityManager
        public void checkRead(String str) {
        }

        @Override // java.lang.SecurityManager
        public void checkWrite(String str) {
        }

        @Override // java.lang.SecurityManager
        public void checkConnect(String str, int i) {
        }

        @Override // java.lang.SecurityManager
        public void checkExit(int i) {
            if (this.old_sec_man != null) {
                this.old_sec_man.checkExit(i);
            }
            if (!SESecurityManagerImpl.this.exit_vm_permitted && System.getProperty("azureus.security.manager.permitexit", "0").equals("0")) {
                throw new SecurityException("VM exit operation prohibited");
            }
        }

        @Override // java.lang.SecurityManager
        public void checkPermission(Permission permission) {
            checkPermission(permission, null);
        }

        @Override // java.lang.SecurityManager
        public void checkPermission(Permission permission, Object obj) {
            if (permission instanceof RuntimePermission) {
                String name = permission.getName();
                if (name.equals("stopThread")) {
                    synchronized (SESecurityManagerImpl.this.stoppable_threads) {
                        if (!SESecurityManagerImpl.this.stoppable_threads.contains(Thread.currentThread())) {
                            throw new SecurityException("Thread.stop operation prohibited");
                        }
                        return;
                    }
                }
                if (name.equals("setSecurityManager")) {
                    throw new SecurityException("Permission Denied");
                }
            }
            if (this.old_sec_man != null) {
                if (obj == null) {
                    this.old_sec_man.checkPermission(permission);
                } else {
                    this.old_sec_man.checkPermission(permission, obj);
                }
            }
        }

        @Override // java.lang.SecurityManager
        public Class[] getClassContext() {
            Class[] classContext = super.getClassContext();
            if (classContext.length <= 3) {
                return new Class[0];
            }
            Class[] clsArr = new Class[classContext.length - 3];
            System.arraycopy(classContext, 3, clsArr, 0, clsArr.length);
            return clsArr;
        }
    }

    public static SESecurityManagerImpl getSingleton() {
        return singleton;
    }

    public void initialise() {
        synchronized (this) {
            if (this.initialized) {
                return;
            }
            this.initialized = true;
            this.keystore_name = FileUtil.getUserFile(SESecurityManager.SSL_KEYS).getAbsolutePath();
            this.truststore_name = FileUtil.getUserFile(SESecurityManager.SSL_CERTS).getAbsolutePath();
            System.setProperty("javax.net.ssl.trustStore", this.truststore_name);
            System.setProperty("javax.net.ssl.trustStorePassword", SESecurityManager.SSL_PASSWORD);
            installAuthenticator();
            String[] strArr = {"com.sun.net.ssl.internal.ssl.Provider", "org.metastatic.jessie.provider.Jessie", "org.gudy.bouncycastle.jce.provider.BouncyCastleProvider"};
            String str = null;
            for (int i = 0; i < strArr.length; i++) {
                try {
                    Class.forName(strArr[i]).newInstance();
                    str = strArr[i];
                    break;
                } catch (Throwable th) {
                }
            }
            if (str == null) {
                Debug.out("No SSL provider available");
            }
            try {
                SESecurityManagerBC.initialise();
            } catch (Throwable th2) {
                Debug.out(th2);
                Logger.log(new LogEvent(LOGID, 3, "Bouncy Castle not available"));
            }
            installSecurityManager();
            ensureStoreExists(this.keystore_name);
            ensureStoreExists(this.truststore_name);
            initEmptyTrustStore();
        }
    }

    private void initEmptyTrustStore() {
        try {
            File file = new File(this.truststore_name);
            if (!file.exists() || file.length() <= 2048) {
                if (getTrustStore().size() == 0) {
                    File file2 = new File(new File(new File(System.getProperty("java.home"), "lib"), "security"), "cacerts");
                    if (file2.exists()) {
                        FileUtil.copyFile(file2, file);
                        try {
                            getTrustStore();
                        } catch (Throwable th) {
                            file.delete();
                            ensureStoreExists(this.truststore_name);
                        }
                    }
                }
            }
        } catch (Throwable th2) {
        }
    }

    public boolean resetTrustStore(boolean z) {
        return resetTrustStore(z, false);
    }

    private boolean resetTrustStore(boolean z, boolean z2) {
        File file = new File(new File(new File(System.getProperty("java.home"), "lib"), "security"), "cacerts");
        if (!file.exists()) {
            return false;
        }
        if (z) {
            return true;
        }
        File file2 = new File(this.truststore_name);
        if (file2.exists() && !file2.delete()) {
            Debug.out("Failed to delete " + file2);
            return false;
        }
        if (!FileUtil.copyFile(file, file2)) {
            Debug.out("Failed to copy file from " + file + " to " + file2);
            return false;
        }
        try {
            getTrustStore(!z2);
            return true;
        } catch (Throwable th) {
            Debug.out(th);
            file2.delete();
            ensureStoreExists(this.truststore_name);
            return false;
        }
    }

    public String getKeystoreName() {
        return this.keystore_name;
    }

    public String getKeystorePassword() {
        return SESecurityManager.SSL_PASSWORD;
    }

    protected void installSecurityManager() {
        if (Constants.isAndroid) {
            return;
        }
        if (System.getProperty("azureus.security.manager.install", "1").equals("0")) {
            Debug.outNoStack("Not installing security manager - disabled by system property");
            return;
        }
        try {
            this.my_sec_man = new AzureusSecurityManager(System.getSecurityManager());
            System.setSecurityManager(this.my_sec_man);
        } catch (Throwable th) {
            Debug.printStackTrace(th);
        }
    }

    public void stopThread(Thread thread) {
        synchronized (this.stoppable_threads) {
            this.stoppable_threads.add(Thread.currentThread());
        }
        try {
            thread.stop();
            synchronized (this.stoppable_threads) {
                this.stoppable_threads.remove(Thread.currentThread());
            }
        } catch (Throwable th) {
            synchronized (this.stoppable_threads) {
                this.stoppable_threads.remove(Thread.currentThread());
                throw th;
            }
        }
    }

    public void exitVM(int i) {
        try {
            this.exit_vm_permitted = true;
            try {
                System.exit(i);
            } catch (Throwable th) {
            }
        } finally {
            this.exit_vm_permitted = false;
        }
    }

    public void installAuthenticator() {
        Authenticator.setDefault(new Authenticator() { // from class: org.gudy.azureus2.core3.security.impl.SESecurityManagerImpl.3
            protected final AEMonitor auth_mon = new AEMonitor("SESecurityManager:auth");

            @Override // java.net.Authenticator
            protected PasswordAuthentication getPasswordAuthentication() {
                try {
                    this.auth_mon.enter();
                    PasswordAuthentication authentication = SESecurityManagerImpl.this.getAuthentication(getRequestingPrompt(), getRequestingProtocol(), getRequestingHost(), getRequestingPort());
                    this.auth_mon.exit();
                    return authentication;
                } catch (Throwable th) {
                    this.auth_mon.exit();
                    throw th;
                }
            }
        });
    }

    public PasswordAuthentication getAuthentication(String str, String str2, String str3, int i) {
        PasswordAuthentication authentication;
        try {
            URL url = new URL(str2 + "://" + str3 + ":" + i + "/");
            if (!str2.toLowerCase().startsWith("socks")) {
                return getPasswordAuthentication(str, url);
            }
            SEPasswordListener sEPasswordListener = (SEPasswordListener) tls.get();
            if (sEPasswordListener != null && (authentication = sEPasswordListener.getAuthentication(str, url)) != null) {
                return authentication;
            }
            String trim = COConfigurationManager.getStringParameter("Proxy.Username").trim();
            String trim2 = COConfigurationManager.getStringParameter("Proxy.Password").trim();
            if (trim.equalsIgnoreCase("<none>")) {
                return new PasswordAuthentication("", "".toCharArray());
            }
            if (trim.length() == 0) {
                Logger.log(new LogAlert(false, 1, "Socks server is requesting authentication, please setup user and password in config"));
            }
            return new PasswordAuthentication(trim, trim2.toCharArray());
        } catch (MalformedURLException e) {
            Debug.printStackTrace(e);
            return null;
        }
    }

    protected boolean checkKeyStoreHasEntry() {
        if (!new File(this.keystore_name).exists()) {
            Logger.logTextResource(new LogAlert(false, 3, "Security.keystore.empty"), new String[]{this.keystore_name});
            return false;
        }
        try {
            if (loadKeyStore().aliases().hasMoreElements()) {
                return true;
            }
            Logger.logTextResource(new LogAlert(false, 3, "Security.keystore.empty"), new String[]{this.keystore_name});
            return false;
        } catch (Throwable th) {
            Logger.logTextResource(new LogAlert(false, 3, "Security.keystore.corrupt"), new String[]{this.keystore_name});
            return false;
        }
    }

    protected boolean ensureStoreExists(String str) {
        try {
            try {
                this.this_mon.enter();
                KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
                if (new File(str).exists()) {
                    this.this_mon.exit();
                    return false;
                }
                keyStore.load(null, null);
                FileOutputStream fileOutputStream = null;
                try {
                    fileOutputStream = new FileOutputStream(str);
                    keyStore.store(fileOutputStream, SESecurityManager.SSL_PASSWORD.toCharArray());
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    this.this_mon.exit();
                    return true;
                } catch (Throwable th) {
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    throw th;
                }
            } catch (Throwable th2) {
                Debug.printStackTrace(th2);
                this.this_mon.exit();
                return false;
            }
        } catch (Throwable th3) {
            this.this_mon.exit();
            throw th3;
        }
    }

    public KeyStore getKeyStore() throws Exception {
        return loadKeyStore();
    }

    public KeyStore getTrustStore() throws Exception {
        return getTrustStore(true);
    }

    public KeyStore getTrustStore(boolean z) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        File file = new File(this.truststore_name);
        try {
            if (file.exists()) {
                FileInputStream fileInputStream = null;
                try {
                    fileInputStream = new FileInputStream(file);
                    keyStore.load(fileInputStream, SESecurityManager.SSL_PASSWORD.toCharArray());
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                } catch (Throwable th) {
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    throw th;
                }
            } else {
                keyStore.load(null, null);
            }
            return keyStore;
        } catch (Throwable th2) {
            if (!z) {
                if (th2 instanceof Exception) {
                    throw ((Exception) th2);
                }
                throw new Exception(th2);
            }
            Debug.out("Failed to load trust store - resetting", th2);
            try {
                if (file.exists()) {
                    File file2 = new File(file.getAbsolutePath() + ".bad");
                    file2.delete();
                    file.renameTo(file2);
                }
            } catch (Throwable th3) {
                Debug.out(th3);
            }
            resetTrustStore(false, true);
            return getTrustStore(false);
        }
    }

    protected KeyStore loadKeyStore() throws Exception {
        return loadKeyStore(KeyManagerFactory.getInstance("SunX509"));
    }

    protected KeyStore loadKeyStore(KeyManagerFactory keyManagerFactory) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        if (new File(this.keystore_name).exists()) {
            FileInputStream fileInputStream = null;
            try {
                fileInputStream = new FileInputStream(this.keystore_name);
                keyStore.load(fileInputStream, SESecurityManager.SSL_PASSWORD.toCharArray());
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        } else {
            keyStore.load(null, null);
        }
        keyManagerFactory.init(keyStore, SESecurityManager.SSL_PASSWORD.toCharArray());
        return keyStore;
    }

    public SSLServerSocketFactory getSSLServerSocketFactory() throws Exception {
        if (!checkKeyStoreHasEntry()) {
            return null;
        }
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        loadKeyStore(keyManagerFactory);
        sSLContext.init(keyManagerFactory.getKeyManagers(), null, RandomUtils.SECURE_RANDOM);
        return sSLContext.getServerSocketFactory();
    }

    public SEKeyDetails getKeyDetails(String str) throws Exception {
        KeyStore loadKeyStore = loadKeyStore();
        final Key key = loadKeyStore.getKey(str, SESecurityManager.SSL_PASSWORD.toCharArray());
        if (key == null) {
            return null;
        }
        Certificate[] certificateChain = loadKeyStore.getCertificateChain(str);
        final X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
        for (int i = 0; i < certificateChain.length; i++) {
            if (!(certificateChain[i] instanceof X509Certificate)) {
                throw new Exception("Certificate chain must be comprised of X509Certificate entries");
            }
            x509CertificateArr[i] = (X509Certificate) certificateChain[i];
        }
        return new SEKeyDetails() { // from class: org.gudy.azureus2.core3.security.impl.SESecurityManagerImpl.4
            @Override // org.gudy.azureus2.core3.security.SEKeyDetails
            public Key getKey() {
                return key;
            }

            @Override // org.gudy.azureus2.core3.security.SEKeyDetails
            public X509Certificate[] getCertificateChain() {
                return x509CertificateArr;
            }
        };
    }

    public Certificate createSelfSignedCertificate(String str, String str2, int i) throws Exception {
        return SESecurityManagerBC.createSelfSignedCertificate(this, str, str2, i);
    }

    public TrustManagerFactory getTrustManagerFactory() {
        try {
            try {
                this.this_mon.enter();
                KeyStore trustStore = getTrustStore();
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(trustStore);
                this.this_mon.exit();
                return trustManagerFactory;
            } catch (Throwable th) {
                Debug.out(th);
                this.this_mon.exit();
                return null;
            }
        } catch (Throwable th2) {
            this.this_mon.exit();
            throw th2;
        }
    }

    public SSLSocketFactory getSSLSocketFactory() {
        try {
            try {
                this.this_mon.enter();
                KeyStore trustStore = getTrustStore();
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(trustStore);
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
                this.this_mon.exit();
                return socketFactory;
            } catch (Throwable th) {
                Debug.printStackTrace(th);
                SSLSocketFactory sSLSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
                this.this_mon.exit();
                return sSLSocketFactory;
            }
        } catch (Throwable th2) {
            this.this_mon.exit();
            throw th2;
        }
    }

    public SSLSocketFactory installServerCertificates(URL url) {
        return installServerCertificates(url, false, false);
    }

    public TrustManager[] getAllTrustingTrustManager() {
        return getAllTrustingTrustManager(null);
    }

    /* JADX WARN: Type inference failed for: r0v22, types: [org.gudy.azureus2.core3.security.impl.SESecurityManagerImpl$1HackClassLoader] */
    public TrustManager[] getAllTrustingTrustManager(final X509TrustManager x509TrustManager) {
        try {
            this.this_mon.enter();
            TrustManager[] trustManagerArr = null;
            if (!this.hack_constructor_tried) {
                this.hack_constructor_tried = true;
                try {
                    this.hack_constructor = new ClassLoader() { // from class: org.gudy.azureus2.core3.security.impl.SESecurityManagerImpl.1HackClassLoader
                        /* JADX WARN: Multi-variable type inference failed */
                        public Class<TrustManager> loadClass(String str, byte[] bArr) {
                            Class defineClass = defineClass(str, bArr, 0, bArr.length);
                            resolveClass(defineClass);
                            return defineClass;
                        }
                    }.loadClass("org.gudy.azureus2.core3.security.impl.SETrustingManager", Base32.decode("ZL7LVPQAAAADGABRA4AAEAIAG5XXEZZPM52WI6JPMF5HK4TFOVZTEL3DN5ZGKMZPONSWG5LSNF2HSL3JNVYGYL2TIVKHE5LTORUW4Z2NMFXGCZ3FOIDQABABAATGUYLWMF4C63TFOQXXG43MF5MDKMBZIV4HIZLOMRSWIVDSOVZXITLBNZQWOZLSAEAAQZDFNRSWOYLUMUAQAICMNJQXMYLYF5XGK5BPONZWYL2YGUYDSVDSOVZXITLBNZQWOZLSHMAQABR4NFXGS5B6AEACGKCMNJQXMYLYF5XGK5BPONZWYL2YGUYDSVDSOVZXITLBNZQWOZLSHMUVMAIAARBW6ZDFBIAAGAALBQAAOAAMAEAAGKBJKYEQAAIABYGAABIAAYAQAD2MNFXGKTTVNVRGK4SUMFRGYZIBAAJEY33DMFWFMYLSNFQWE3DFKRQWE3DFAEAAI5DINFZQCABZJRXXEZZPM52WI6JPMF5HK4TFOVZTEL3DN5ZGKMZPONSWG5LSNF2HSL3JNVYGYL2TIVKHE5LTORUW4Z2NMFXGCZ3FOI5QCAAJL5SGK3DFM5QXIZIBAAJGG2DFMNVUG3DJMVXHIVDSOVZXIZLEAEADUKC3JRVGC5TBF5ZWKY3VOJUXI6JPMNSXE5BPLA2TAOKDMVZHI2LGNFRWC5DFHNGGUYLWMEXWYYLOM4XVG5DSNFXGOOZJKYAQACSFPBRWK4DUNFXW44YHAAMACABHNJQXMYJPONSWG5LSNF2HSL3DMVZHIL2DMVZHI2LGNFRWC5DFIV4GGZLQORUW63QLAANAAHAHAANQCAA6NJQXMYLYF5XGK5BPONZWYL2YGUYDSVDSOVZXITLBNZQWOZLSBQABIAAVAEAAKY3IMFUW4AIAEVNUY2TBOZQS643FMN2XE2LUPEXWGZLSOQXVQNJQHFBWK4TUNFTGSY3BORSTWAIABBQXK5DIKR4XAZIBAAJEY2TBOZQS63DBNZTS6U3UOJUW4ZZ3AEAA2U3UMFRWWTLBOBKGCYTMMUAQASZILNGGUYLWMEXXGZLDOVZGS5DZF5RWK4TUF5MDKMBZINSXE5DJMZUWGYLUMU5UY2TBOZQS63DBNZTS6U3UOJUW4ZZ3JRVGC5TBF5XGK5BPKNXWG23FOQ5SSVQBAADHG33DNNSXIAIACFGGUYLWMEXW4ZLUF5JW6Y3LMV2DWAIAKMUFWTDKMF3GCL3TMVRXK4TJOR4S6Y3FOJ2C6WBVGA4UGZLSORUWM2LDMF2GKO2MNJQXMYJPNRQW4ZZPKN2HE2LOM45UY2TBOZQXQL3OMV2C643TNQXVGU2MIVXGO2LOMU5SSVQBAADGK3THNFXGKAIADFGGUYLWMF4C63TFOQXXG43MF5JVGTCFNZTWS3TFHMAQAETDNBSWG22TMVZHMZLSKRZHK43UMVSAWAA2AAVAYABIAAKQCAASM5SXIQLDMNSXA5DFMREXG43VMVZHGAIAE4UCSW2MNJQXMYJPONSWG5LSNF2HSL3DMVZHIL2YGUYDSQ3FOJ2GSZTJMNQXIZJ3BMABUABOBQACWABMAEAAUU3POVZGGZKGNFWGKAIACZJUKVDSOVZXI2LOM5GWC3TBM5SXELTKMF3GCABBAAAQAAYAAAAACAACAACQABQAAAAAQAABAADQACAAAEAASAAAABDAAAQAAIAAAAAKFK3QACRKFO2QADNRAAAAAAQAB4AAAAAOAABQAAAAFAAAIABLAAEQALAACAAAAAAWAABAAAAABIABCAASAAAAAAAABIABGAAGAAAQAAIACQABKAACAALAAAAAAQAACAAXAAEQAAAAMIAAGAADAAAAAEZKWQAA3RQABYVLIAANFMWLSAAZAMALCAAAAABQADYAAAAA4AADAAAAAMIAA4ADEAASAA2AAEAAAAACAAADAAAAAEYACEABEAAAAAAAAEYADUAB4AABAAAAAEYAD4ACAAACAAQQAAAAAMAACEQAAEABIABCAABAAFQAAAAAIAABAALQACIAAAAGYAADAACAAAAACMVLIAANYYAA4KVUAAGSWLFZAAMQGAFRAAAAAAYAB4AAAAAOAABQAAAAHAAAOABZAAJAAOYACAAAAABKAACAAAAACMABCAASAAAAAAAACMAB2AA6AAAQAAAACMAB6ABAAABAAAAACMACGABEAABQAIIAAAAAGAABCIAACAAUAASQAAQACYAAAAAEAAAQAFYABEAAAADMAABQABAAAAABGKVUAAG4MAAOFK2AADJLFS4QAGIDACYQAAAAAMAA6AAAAAHAAAYAAAAD6AAHABAAAEQAIIABAAAAAAVAABAAAAABGAARAAJAAAAAAAABGAA5AAPAAAIAAAABGAA7AAQAAAQAAAABGABGAATQAAYAEEAAAAADAAAREAABAAUAAFIAAIABMAAAAACAAAIAC4AASAAAABRAAAYAAMAAAAATFK2AADOGAAHCVNAABUVSZOIAFEBQBMIAAAAAGAAPAAAAADQAAMAAAACGAADQARYACIAESAAQAAAAAIAAAMAAAAATAAIQAEQAAAAAAAATAAOQAHQAAEAAAAATAAPQAIAAAIACCAAAAABQAAISAAAQAKAAEIAAEAAWAAAAABAAAEABOAAJAAAAA3AAAMAAIAAAAAJSVNAABXDAADRKWQAA2KZMXEACSAYAWEAAAAADAAHQAAAABYAAGAAAABGQABYAJYABEACQAAIAAAAAFIAAIAAAAAJQAEIACIAAAAAAAAJQAHIADYAACAAAAAJQAHYAEAAAEAAAAAJQAIYAEQAAGABBAAAAAAYAAEJAAAIAFAACKAACAALAAAAAAQAACAAXAAEQAAAANQAAGAAEAAAAAEZKWQAA3RQABYVLIAANFMWLSABJAMALCAAAAABQADYAAAAA4AADAAAAAVAAA4AFKAASABLQAEAAAAACUAAEAAAAAEYACEABEAAAAAAAAEYADUAB4AABAAAAAEYAD4ACAAACAAAAAEYAEYACOAADAAQQAAAAAMAACEQAAEACWABMAAAQACIAAAAE4AABAAAQAAAACMVLIAANYYAA2KVUAAG3SABNAEALAANQAAAAAAYAB4AAAAAOAABQAAAALIAAOAC3AAIQAXIACAAAAAAMAAAQAAAACMABCAASAAAAAIIAAAAAGAABCEAACABPAAAAAAQAGA")).getConstructor(X509TrustManager.class);
                } catch (Throwable th) {
                }
            }
            if (this.hack_constructor != null) {
                try {
                    trustManagerArr = new TrustManager[]{this.hack_constructor.newInstance(x509TrustManager)};
                } catch (Throwable th2) {
                }
            }
            if (trustManagerArr == null) {
                trustManagerArr = new TrustManager[]{new X509TrustManager() { // from class: org.gudy.azureus2.core3.security.impl.SESecurityManagerImpl.5
                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        if (x509TrustManager != null) {
                            return x509TrustManager.getAcceptedIssuers();
                        }
                        return null;
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                        if (x509TrustManager != null) {
                            x509TrustManager.checkClientTrusted(x509CertificateArr, str);
                        }
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                        if (x509TrustManager != null) {
                            x509TrustManager.checkServerTrusted(x509CertificateArr, str);
                        }
                    }
                }};
            }
            return trustManagerArr;
        } finally {
            this.this_mon.exit();
        }
    }

    private SSLSocketFactory installServerCertificates(URL url, boolean z, boolean z2) {
        try {
            this.this_mon.enter();
            String host = url.getHost();
            int port = url.getPort();
            if (port == -1) {
                port = 443;
            }
            SSLSocket sSLSocket = null;
            try {
                try {
                    TrustManager[] allTrustingTrustManager = getAllTrustingTrustManager();
                    SSLContext sSLContext = SSLContext.getInstance("SSL");
                    sSLContext.init(null, allTrustingTrustManager, RandomUtils.SECURE_RANDOM);
                    SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
                    InetSocketAddress inetSocketAddress = new InetSocketAddress(InetAddress.getByName(host), port);
                    InetAddress singleHomedServiceBindAddress = NetworkAdmin.getSingleton().getSingleHomedServiceBindAddress(inetSocketAddress.getAddress() instanceof Inet6Address ? 2 : 1);
                    if (z) {
                        Socket socket = new Socket();
                        if (singleHomedServiceBindAddress != null) {
                            socket.bind(new InetSocketAddress(singleHomedServiceBindAddress, 0));
                        }
                        socket.connect(inetSocketAddress);
                        sSLSocket = (SSLSocket) socketFactory.createSocket(socket, "", socket.getPort(), true);
                        sSLSocket.setEnabledProtocols(new String[]{"TLSv1"});
                        sSLSocket.setUseClientMode(true);
                    } else {
                        sSLSocket = singleHomedServiceBindAddress != null ? (SSLSocket) socketFactory.createSocket(host, port, singleHomedServiceBindAddress, 0) : (SSLSocket) socketFactory.createSocket(host, port);
                    }
                    if (z2) {
                        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
                        ArrayList arrayList = new ArrayList();
                        for (String str : enabledCipherSuites) {
                            if (!str.contains("_DH_") && !str.contains("_DHE_")) {
                                arrayList.add(str);
                            }
                        }
                        sSLSocket.setEnabledCipherSuites((String[]) arrayList.toArray(new String[arrayList.size()]));
                    }
                    sSLSocket.startHandshake();
                    Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
                    SSLSocketFactory sSLSocketFactory = null;
                    for (int i = 0; i < peerCertificates.length; i++) {
                        Certificate certificate = peerCertificates[i];
                        X509Certificate x509Certificate = certificate instanceof X509Certificate ? (X509Certificate) certificate : (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certificate.getEncoded()));
                        String url2 = url.toString();
                        int indexOf = url2.indexOf("?");
                        if (indexOf != -1) {
                            url2 = url2.substring(0, indexOf);
                        }
                        Object[] objArr = (Object[]) this.certificate_handlers.get(url.getProtocol() + "://" + url.getHost() + ":" + url.getPort() + "/");
                        String concat = host.concat(":").concat(String.valueOf(port));
                        if (i > 0) {
                            concat = concat + "[" + i + "]";
                        }
                        KeyStore trustStore = getTrustStore();
                        byte[] encoded = x509Certificate.getEncoded();
                        int i2 = 0;
                        boolean z3 = false;
                        while (true) {
                            if (i2 >= 256) {
                                break;
                            }
                            String str2 = i2 == 0 ? concat : concat + "." + i2;
                            Certificate certificate2 = trustStore.getCertificate(str2);
                            if (certificate2 == null) {
                                concat = str2;
                                break;
                            }
                            if (Arrays.equals(encoded, certificate2.getEncoded())) {
                                concat = str2;
                                z3 = true;
                                break;
                            }
                            i2++;
                        }
                        if (auto_install_certs || z3 || sSLSocketFactory != null) {
                            sSLSocketFactory = addCertToTrustStore(concat, certificate, true);
                        } else {
                            if (objArr != null && ((SECertificateListener) objArr[0]).trustCertificate(url2, x509Certificate)) {
                                sSLSocketFactory = addCertToTrustStore(concat, certificate, true);
                            }
                            Iterator<SECertificateListener> it = this.certificate_listeners.iterator();
                            while (it.hasNext()) {
                                if (it.next().trustCertificate(url2, x509Certificate)) {
                                    sSLSocketFactory = addCertToTrustStore(concat, certificate, true);
                                }
                            }
                        }
                    }
                    SSLSocketFactory sSLSocketFactory2 = sSLSocketFactory;
                    if (sSLSocket != null) {
                        try {
                            sSLSocket.close();
                        } catch (Throwable th) {
                            Debug.printStackTrace(th);
                        }
                    }
                    this.this_mon.exit();
                    return sSLSocketFactory2;
                } finally {
                }
            } catch (Throwable th2) {
                String nestedExceptionMessage = Debug.getNestedExceptionMessage(th2);
                if (nestedExceptionMessage.contains("unrecognized_name") && !z) {
                    SSLSocketFactory installServerCertificates = installServerCertificates(url, true, z2);
                    if (sSLSocket != null) {
                        try {
                            sSLSocket.close();
                        } catch (Throwable th3) {
                            Debug.printStackTrace(th3);
                        }
                    }
                    this.this_mon.exit();
                    return installServerCertificates;
                }
                if (!nestedExceptionMessage.contains("DH keypair") || z2) {
                    Debug.out(th2);
                    if (sSLSocket != null) {
                        try {
                            sSLSocket.close();
                        } catch (Throwable th4) {
                            Debug.printStackTrace(th4);
                        }
                    }
                    this.this_mon.exit();
                    return null;
                }
                SSLSocketFactory installServerCertificates2 = installServerCertificates(url, z, true);
                if (sSLSocket != null) {
                    try {
                        sSLSocket.close();
                    } catch (Throwable th5) {
                        Debug.printStackTrace(th5);
                    }
                }
                this.this_mon.exit();
                return installServerCertificates2;
            }
        } catch (Throwable th6) {
            this.this_mon.exit();
            throw th6;
        }
    }

    public SSLSocketFactory installServerCertificates(String str, String str2, int i) {
        return installServerCertificates(str, str2, i, false);
    }

    public SSLSocketFactory installServerCertificates(String str, String str2, int i, boolean z) {
        try {
            this.this_mon.enter();
            if (i == -1) {
                i = 443;
            }
            SSLSocket sSLSocket = null;
            try {
                try {
                    TrustManager[] allTrustingTrustManager = getAllTrustingTrustManager();
                    SSLContext sSLContext = SSLContext.getInstance("SSL");
                    sSLContext.init(null, allTrustingTrustManager, RandomUtils.SECURE_RANDOM);
                    SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
                    InetSocketAddress inetSocketAddress = new InetSocketAddress(InetAddress.getByName(str2), i);
                    InetAddress singleHomedServiceBindAddress = NetworkAdmin.getSingleton().getSingleHomedServiceBindAddress(inetSocketAddress.getAddress() instanceof Inet6Address ? 2 : 1);
                    if (z) {
                        Socket socket = new Socket();
                        if (singleHomedServiceBindAddress != null) {
                            socket.bind(new InetSocketAddress(singleHomedServiceBindAddress, 0));
                        }
                        socket.connect(inetSocketAddress);
                        sSLSocket = (SSLSocket) socketFactory.createSocket(socket, "", socket.getPort(), true);
                        sSLSocket.setEnabledProtocols(new String[]{"TLSv1"});
                        sSLSocket.setUseClientMode(true);
                    } else {
                        sSLSocket = singleHomedServiceBindAddress != null ? (SSLSocket) socketFactory.createSocket(str2, i, singleHomedServiceBindAddress, 0) : (SSLSocket) socketFactory.createSocket(str2, i);
                    }
                    sSLSocket.startHandshake();
                    SSLSocketFactory sSLSocketFactory = null;
                    for (Certificate certificate : sSLSocket.getSession().getPeerCertificates()) {
                        sSLSocketFactory = addCertToTrustStore(str, certificate instanceof X509Certificate ? (X509Certificate) certificate : (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certificate.getEncoded())), false);
                    }
                    SSLSocketFactory sSLSocketFactory2 = sSLSocketFactory;
                    if (sSLSocket != null) {
                        try {
                            sSLSocket.close();
                        } catch (Throwable th) {
                            Debug.printStackTrace(th);
                        }
                    }
                    this.this_mon.exit();
                    return sSLSocketFactory2;
                } finally {
                }
            } catch (Throwable th2) {
                if (!Debug.getNestedExceptionMessage(th2).contains("unrecognized_name") || z) {
                    Debug.out(th2);
                    if (sSLSocket != null) {
                        try {
                            sSLSocket.close();
                        } catch (Throwable th3) {
                            Debug.printStackTrace(th3);
                        }
                    }
                    this.this_mon.exit();
                    return null;
                }
                SSLSocketFactory installServerCertificates = installServerCertificates(str, str2, i, true);
                if (sSLSocket != null) {
                    try {
                        sSLSocket.close();
                    } catch (Throwable th4) {
                        Debug.printStackTrace(th4);
                    }
                }
                this.this_mon.exit();
                return installServerCertificates;
            }
        } catch (Throwable th5) {
            this.this_mon.exit();
            throw th5;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addCertToKeyStore(String str, Key key, Certificate[] certificateArr) throws Exception {
        try {
            this.this_mon.enter();
            KeyStore loadKeyStore = loadKeyStore();
            if (loadKeyStore.containsAlias(str)) {
                loadKeyStore.deleteEntry(str);
            }
            loadKeyStore.setKeyEntry(str, key, SESecurityManager.SSL_PASSWORD.toCharArray(), certificateArr);
            FileOutputStream fileOutputStream = null;
            try {
                try {
                    fileOutputStream = new FileOutputStream(this.keystore_name);
                    loadKeyStore.store(fileOutputStream, SESecurityManager.SSL_PASSWORD.toCharArray());
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                } finally {
                }
            } catch (Throwable th) {
                Debug.printStackTrace(th);
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
            }
            this.this_mon.exit();
        } catch (Throwable th2) {
            this.this_mon.exit();
            throw th2;
        }
    }

    protected SSLSocketFactory addCertToTrustStore(String str, Certificate certificate, boolean z) throws Exception {
        try {
            this.this_mon.enter();
            KeyStore trustStore = getTrustStore();
            if (certificate != null) {
                if (trustStore.containsAlias(str)) {
                    trustStore.deleteEntry(str);
                }
                trustStore.setCertificateEntry(str, certificate);
                FileOutputStream fileOutputStream = null;
                try {
                    fileOutputStream = new FileOutputStream(this.truststore_name);
                    trustStore.store(fileOutputStream, SESecurityManager.SSL_PASSWORD.toCharArray());
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                } catch (Throwable th) {
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    throw th;
                }
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(trustStore);
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            if (z) {
                HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);
            }
            return socketFactory;
        } finally {
            this.this_mon.exit();
        }
    }

    public PasswordAuthentication getPasswordAuthentication(String str, URL url) {
        PasswordAuthentication authentication;
        SEPasswordListener sEPasswordListener = (SEPasswordListener) tls.get();
        if (sEPasswordListener != null) {
            return sEPasswordListener.getAuthentication(str, url);
        }
        Object[] objArr = (Object[]) this.password_handlers.get(url.toString());
        if (objArr != null) {
            try {
                return ((SEPasswordListener) objArr[0]).getAuthentication(str, (URL) objArr[1]);
            } catch (Throwable th) {
                Debug.printStackTrace(th);
            }
        }
        Iterator it = this.password_listeners.iterator();
        while (it.hasNext()) {
            try {
                authentication = ((SEPasswordListener) it.next()).getAuthentication(str, url);
            } catch (Throwable th2) {
                Debug.printStackTrace(th2);
            }
            if (authentication != null) {
                return authentication;
            }
        }
        return null;
    }

    public void setPasswordAuthenticationOutcome(String str, URL url, boolean z) {
        SEPasswordListener sEPasswordListener = (SEPasswordListener) tls.get();
        if (sEPasswordListener != null) {
            sEPasswordListener.setAuthenticationOutcome(str, url, z);
        }
        Iterator it = this.password_listeners.iterator();
        while (it.hasNext()) {
            ((SEPasswordListener) it.next()).setAuthenticationOutcome(str, url, z);
        }
    }

    public void addPasswordListener(SEPasswordListener sEPasswordListener) {
        try {
            this.this_mon.enter();
            this.password_listeners.add(sEPasswordListener);
            this.this_mon.exit();
        } catch (Throwable th) {
            this.this_mon.exit();
            throw th;
        }
    }

    public void removePasswordListener(SEPasswordListener sEPasswordListener) {
        try {
            this.this_mon.enter();
            this.password_listeners.remove(sEPasswordListener);
            this.this_mon.exit();
        } catch (Throwable th) {
            this.this_mon.exit();
            throw th;
        }
    }

    public void clearPasswords() {
        SEPasswordListener sEPasswordListener = (SEPasswordListener) tls.get();
        if (sEPasswordListener != null) {
            sEPasswordListener.clearPasswords();
        }
        Iterator it = this.password_listeners.iterator();
        while (it.hasNext()) {
            try {
                ((SEPasswordListener) it.next()).clearPasswords();
            } catch (Throwable th) {
                Debug.printStackTrace(th);
            }
        }
    }

    public void setThreadPasswordHandler(SEPasswordListener sEPasswordListener) {
        tls.set(sEPasswordListener);
    }

    public void unsetThreadPasswordHandler() {
        tls.set(null);
    }

    public void setPasswordHandler(URL url, SEPasswordListener sEPasswordListener) {
        String str = url.getProtocol() + "://" + url.getHost() + ":" + url.getPort() + "/";
        if (sEPasswordListener == null) {
            this.password_handlers.remove(str);
        } else {
            this.password_handlers.put(str, new Object[]{sEPasswordListener, url});
        }
    }

    public void addCertificateListener(SECertificateListener sECertificateListener) {
        try {
            this.this_mon.enter();
            this.certificate_listeners.add(sECertificateListener);
            this.this_mon.exit();
        } catch (Throwable th) {
            this.this_mon.exit();
            throw th;
        }
    }

    public void setCertificateHandler(URL url, SECertificateListener sECertificateListener) {
        String str = url.getProtocol() + "://" + url.getHost() + ":" + url.getPort() + "/";
        if (sECertificateListener == null) {
            this.certificate_handlers.remove(str);
        } else {
            this.certificate_handlers.put(str, new Object[]{sECertificateListener, url});
        }
    }

    public void removeCertificateListener(SECertificateListener sECertificateListener) {
        try {
            this.this_mon.enter();
            this.certificate_listeners.remove(sECertificateListener);
            this.this_mon.exit();
        } catch (Throwable th) {
            this.this_mon.exit();
            throw th;
        }
    }

    public Class[] getClassContext() {
        return this.my_sec_man == null ? new Class[0] : this.my_sec_man.getClassContext();
    }

    public static void main(String[] strArr) {
        SESecurityManagerImpl singleton2 = getSingleton();
        singleton2.initialise();
        try {
            singleton2.createSelfSignedCertificate("SomeAlias", "CN=fred,OU=wap,O=wip,L=here,ST=there,C=GB", 1000);
        } catch (Throwable th) {
            Debug.printStackTrace(th);
        }
    }

    static {
        String[] strArr = {"JKS", "GKR", "BKS"};
        for (int i = 0; i < strArr.length; i++) {
            try {
                KeyStore.getInstance(strArr[i]);
                KEYSTORE_TYPE = strArr[i];
                break;
            } catch (Throwable th) {
            }
        }
        if (KEYSTORE_TYPE == null) {
            KEYSTORE_TYPE = "JKS";
        }
        Logger.log(new LogEvent(LOGID, "Keystore type is " + KEYSTORE_TYPE));
        COConfigurationManager.addAndFireParameterListener("security.cert.auto.install", new ParameterListener() { // from class: org.gudy.azureus2.core3.security.impl.SESecurityManagerImpl.1
            @Override // org.gudy.azureus2.core3.config.ParameterListener
            public void parameterChanged(String str) {
                boolean unused = SESecurityManagerImpl.auto_install_certs = COConfigurationManager.getBooleanParameter(str);
            }
        });
        tls = new ThreadLocal() { // from class: org.gudy.azureus2.core3.security.impl.SESecurityManagerImpl.2
            @Override // java.lang.ThreadLocal
            public Object initialValue() {
                return null;
            }
        };
    }
}
