package kvj.taskw.sync;

import android.util.Base64;
import java.io.ByteArrayOutputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateCrtKeySpec;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kvj.taskw.sync.der.DerInputStream;
import kvj.taskw.sync.der.DerValue;
import org.kvj.bravo7.log.Logger;
import org.kvj.bravo7.util.Compat;

/* loaded from: classes.dex */
public class SSLHelper {
    static Logger logger = Logger.forClass(SSLHelper.class);

    /* loaded from: classes.dex */
    public enum TrustType {
        Strict,
        Hostname,
        All
    }

    protected static byte[] fromStream(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[1024];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                inputStream.close();
                byteArrayOutputStream.close();
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    protected static KeyManager[] keyManagerFactoryPEM(InputStream inputStream, InputStream inputStream2) throws GeneralSecurityException, IOException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        X509Certificate loadCertificate = loadCertificate(inputStream);
        keyStore.load(null);
        keyStore.setCertificateEntry("certificate", loadCertificate);
        keyStore.setKeyEntry("private-key", loadPrivateKey(inputStream2), "".toCharArray(), new Certificate[]{loadCertificate});
        keyManagerFactory.init(keyStore, "".toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    protected static X509Certificate loadCertificate(InputStream inputStream) throws CertificateException, FileNotFoundException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
    }

    protected static PrivateKey loadPrivateKey(InputStream inputStream) throws IOException, GeneralSecurityException {
        DerValue[] sequence = new DerInputStream(parseDERFromPEM(new String(fromStream(inputStream)))).getSequence(0);
        if (sequence.length < 9) {
            throw new GeneralSecurityException("Could not parse a PKCS1 private key.");
        }
        return KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateCrtKeySpec(sequence[1].getBigInteger(), sequence[2].getBigInteger(), sequence[3].getBigInteger(), sequence[4].getBigInteger(), sequence[5].getBigInteger(), sequence[6].getBigInteger(), sequence[7].getBigInteger(), sequence[8].getBigInteger()));
    }

    protected static byte[] parseDERFromPEM(String str) throws IOException {
        String[] split = str.split("\n");
        StringBuilder sb = new StringBuilder();
        int i = 0;
        for (String str2 : split) {
            if (str2.startsWith("-----") && str2.endsWith("-----")) {
                i++;
                if (i == 2) {
                    break;
                }
            } else if (i == 1) {
                sb.append(str2);
            }
        }
        return Base64.decode(sb.toString(), 0);
    }

    public static TrustType parseTrustType(String str) {
        TrustType trustType = TrustType.Strict;
        if ("ignore hostname".equals(str)) {
            trustType = TrustType.Hostname;
        }
        return "allow all".equals(str) ? TrustType.All : trustType;
    }

    public static SSLSocketFactory tlsSocket(InputStream inputStream, InputStream inputStream2, InputStream inputStream3, TrustType trustType) throws GeneralSecurityException, IOException {
        return tlsSocket(keyManagerFactoryPEM(inputStream2, inputStream3), trustManagerFactoryPEM(inputStream, trustType));
    }

    protected static SSLSocketFactory tlsSocket(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr) throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, InvalidKeySpecException, UnrecoverableKeyException, KeyManagementException, UnrecoverableKeyException {
        SSLContext sSLContext = (SSLContext) Compat.produceLevelAware(16, new Compat.Producer<SSLContext>() { // from class: kvj.taskw.sync.SSLHelper.2
            @Override // org.kvj.bravo7.util.Compat.Producer
            public SSLContext produce() {
                try {
                    return SSLContext.getInstance("TLSv1.2");
                } catch (NoSuchAlgorithmException e) {
                    return null;
                }
            }
        }, new Compat.Producer<SSLContext>() { // from class: kvj.taskw.sync.SSLHelper.3
            @Override // org.kvj.bravo7.util.Compat.Producer
            public SSLContext produce() {
                try {
                    return SSLContext.getInstance("TLSv1");
                } catch (NoSuchAlgorithmException e) {
                    return null;
                }
            }
        });
        sSLContext.init(keyManagerArr, trustManagerArr, null);
        return sSLContext.getSocketFactory();
    }

    protected static TrustManager[] trustManagerFactoryPEM(InputStream inputStream, final TrustType trustType) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        final X509Certificate loadCertificate = loadCertificate(inputStream);
        logger.d("Truststore:", loadCertificate.getIssuerDN().getName(), loadCertificate.getSubjectDN().getName());
        keyStore.setCertificateEntry("ca", loadCertificate);
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        TrustManager[] trustManagerArr = new TrustManager[trustManagers.length + 1];
        System.arraycopy(trustManagers, 0, trustManagerArr, 1, trustManagers.length);
        trustManagerArr[0] = new X509TrustManager() { // from class: kvj.taskw.sync.SSLHelper.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                SSLHelper.logger.d("Check server cert:", Integer.valueOf(x509CertificateArr.length), str, TrustType.this);
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    SSLHelper.logger.d("Check certificate:", x509Certificate.getIssuerDN().getName(), x509Certificate.getSubjectDN().getName());
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                SSLHelper.logger.d("Issuers:");
                return new X509Certificate[]{loadCertificate};
            }
        };
        return trustManagers;
    }
}
