package de.tu_darmstadt.seemoo.nfcgate.network.transport;

import android.util.Log;
import de.tu_darmstadt.seemoo.nfcgate.network.UserTrustManager;
import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class TLSTransport extends Transport {
    private static final String TAG = "TLSTransport";
    protected SSLContext mSslContext;

    /* renamed from: de.tu_darmstadt.seemoo.nfcgate.network.transport.TLSTransport$1, reason: invalid class name */
    /* loaded from: classes.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$de$tu_darmstadt$seemoo$nfcgate$network$UserTrustManager$Trust;

        static {
            int[] iArr = new int[UserTrustManager.Trust.values().length];
            $SwitchMap$de$tu_darmstadt$seemoo$nfcgate$network$UserTrustManager$Trust = iArr;
            try {
                iArr[UserTrustManager.Trust.TRUSTED.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$de$tu_darmstadt$seemoo$nfcgate$network$UserTrustManager$Trust[UserTrustManager.Trust.UNKNOWN.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$de$tu_darmstadt$seemoo$nfcgate$network$UserTrustManager$Trust[UserTrustManager.Trust.UNTRUSTED.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes.dex */
    public static class UserX509TrustManager implements X509TrustManager {
        protected X509TrustManager mDefaultManager;

        public UserX509TrustManager(X509TrustManager x509TrustManager) {
            this.mDefaultManager = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.mDefaultManager.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.mDefaultManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                if (!(e.getCause() instanceof CertPathValidatorException)) {
                    throw e;
                }
                int i = AnonymousClass1.$SwitchMap$de$tu_darmstadt$seemoo$nfcgate$network$UserTrustManager$Trust[UserTrustManager.getInstance().checkCertificate(x509CertificateArr).ordinal()];
                if (i != 1) {
                    if (i != 2) {
                        throw new UserTrustManager.UntrustedException();
                    }
                    UserTrustManager.getInstance().setCachedCertificateChain(x509CertificateArr);
                    throw new UserTrustManager.UnknownTrustException();
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.mDefaultManager.getAcceptedIssuers();
        }
    }

    public TLSTransport(String str, int i) {
        super(str, i);
        createSslContext();
    }

    protected TrustManager[] buildTrustManagers() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            return new X509TrustManager[]{new UserX509TrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0])};
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // de.tu_darmstadt.seemoo.nfcgate.network.transport.Transport
    protected void connectSocket() throws IOException {
        this.mSocket.connect(this.mAddress, 10000);
        ((SSLSocket) this.mSocket).startHandshake();
        if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(this.mAddress.getHostName(), ((SSLSocket) this.mSocket).getSession())) {
            throw new SSLHandshakeException("Hostname in certificate does not match");
        }
    }

    @Override // de.tu_darmstadt.seemoo.nfcgate.network.transport.Transport
    protected Socket createSocket() {
        try {
            return this.mSslContext.getSocketFactory().createSocket();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    protected void createSslContext() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            this.mSslContext = sSLContext;
            sSLContext.init(null, buildTrustManagers(), null);
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            Log.wtf(TAG, "Cannot instantiate SSLContext");
            throw new RuntimeException(e);
        }
    }
}
