package com.giamping.brvpn.layer;

import android.net.Uri;
import androidx.documentfile.provider.DocumentFile;
import com.giamping.brvpn.ControlClient;
import com.giamping.brvpn.misc.NetworkSetting;
import com.google.common.base.Ascii;
import com.vungle.ads.VungleError;
import java.io.BufferedInputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.Socket;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import kotlin.Metadata;
import kotlin.collections.ArraysKt;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;
import kotlinx.coroutines.sync.Mutex;
import kotlinx.coroutines.sync.MutexKt;
import kotlinx.serialization.json.internal.AbstractJsonLexerKt;

/* compiled from: SslTerminal.kt */
@Metadata(d1 = {"\u0000:\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0002\n\u0000\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0000\u0018\u00002\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\b\u0010\r\u001a\u00020\u000eH\u0002J\u0013\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u00110\u0010H\u0002¢\u0006\u0002\u0010\u0012J\b\u0010\u0013\u001a\u00020\u000eH\u0002J\r\u0010\u0014\u001a\u00020\u000eH\u0000¢\u0006\u0002\b\u0015J\r\u0010\u0016\u001a\u00020\u000eH\u0010¢\u0006\u0002\b\u0017J\u001b\u0010\u0018\u001a\u00020\u000e2\u0006\u0010\u0019\u001a\u00020\u001aH\u0080@ø\u0001\u0000¢\u0006\u0004\b\u001b\u0010\u001cR\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n\u0000R\u001a\u0010\u0007\u001a\u00020\bX\u0080.¢\u0006\u000e\n\u0000\u001a\u0004\b\t\u0010\n\"\u0004\b\u000b\u0010\f\u0082\u0002\u0004\n\u0002\b\u0019¨\u0006\u001d"}, d2 = {"Lcom/giamping/brvpn/layer/SslTerminal;", "Lcom/giamping/brvpn/layer/Terminal;", "parent", "Lcom/giamping/brvpn/ControlClient;", "(Lcom/giamping/brvpn/ControlClient;)V", "mutex", "Lkotlinx/coroutines/sync/Mutex;", "socket", "Ljavax/net/ssl/SSLSocket;", "getSocket$app_release", "()Ljavax/net/ssl/SSLSocket;", "setSocket$app_release", "(Ljavax/net/ssl/SSLSocket;)V", "createSocket", "", "createTrustManagers", "", "Ljavax/net/ssl/TrustManager;", "()[Ljavax/net/ssl/TrustManager;", "establishHttpLayer", "initializeSocket", "initializeSocket$app_release", "release", "release$app_release", "send", "bytes", "Ljava/nio/ByteBuffer;", "send$app_release", "(Ljava/nio/ByteBuffer;Lkotlin/coroutines/Continuation;)Ljava/lang/Object;", "app_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes.dex */
public final class SslTerminal extends Terminal {
    private final Mutex mutex;
    public SSLSocket socket;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public SslTerminal(ControlClient parent) {
        super(parent);
        Intrinsics.checkNotNullParameter(parent, "parent");
        this.mutex = MutexKt.Mutex$default(false, 1, null);
    }

    private final void createSocket() {
        SSLSocketFactory sSLSocketFactory;
        if (getParent().getNetworkSetting$app_release().getSSL_DO_ADD_CERT()) {
            SSLContext sSLContext = SSLContext.getInstance(getParent().getNetworkSetting$app_release().getSSL_VERSION());
            Intrinsics.checkNotNull(sSLContext, "null cannot be cast to non-null type javax.net.ssl.SSLContext");
            sSLContext.init(null, createTrustManagers(), null);
            sSLSocketFactory = sSLContext.getSocketFactory();
        } else {
            sSLSocketFactory = SSLSocketFactory.getDefault();
        }
        Socket createSocket = sSLSocketFactory.createSocket(getParent().getNetworkSetting$app_release().getHOME_HOST(), getParent().getNetworkSetting$app_release().getSSL_PORT());
        Intrinsics.checkNotNull(createSocket, "null cannot be cast to non-null type javax.net.ssl.SSLSocket");
        setSocket$app_release((SSLSocket) createSocket);
        String ssl_version = getParent().getNetworkSetting$app_release().getSSL_VERSION();
        if (!Intrinsics.areEqual(ssl_version, "DEFAULT")) {
            getSocket$app_release().setEnabledProtocols(new String[]{ssl_version});
        }
        if (getParent().getNetworkSetting$app_release().getSSL_DO_SELECT_SUITES()) {
            String[] supportedCipherSuites = getSocket$app_release().getSupportedCipherSuites();
            Intrinsics.checkNotNullExpressionValue(supportedCipherSuites, "socket.supportedCipherSuites");
            ArrayList arrayList = new ArrayList();
            for (String str : supportedCipherSuites) {
                if (getParent().getNetworkSetting$app_release().getSSL_SUITES$app_release().contains(str)) {
                    arrayList.add(str);
                }
            }
            getSocket$app_release().setEnabledCipherSuites((String[]) arrayList.toArray(new String[0]));
        }
        if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(getParent().getNetworkSetting$app_release().getHOME_HOST(), getSocket$app_release().getSession()) && !getParent().getNetworkSetting$app_release().getSSL_DO_VERIFY()) {
            throw new Exception("Failed to verify the hostname");
        }
        NetworkSetting networkSetting$app_release = getParent().getNetworkSetting$app_release();
        Certificate certificate = getSocket$app_release().getSession().getPeerCertificates()[0];
        Intrinsics.checkNotNullExpressionValue(certificate, "socket.session.peerCertificates[0]");
        networkSetting$app_release.setServerCertificate$app_release(certificate);
        getSocket$app_release().startHandshake();
    }

    private final TrustManager[] createTrustManagers() {
        DocumentFile fromTreeUri = DocumentFile.fromTreeUri(getParent().getVpnService(), Uri.parse(getParent().getNetworkSetting$app_release().getSSL_CERT_DIR()));
        Intrinsics.checkNotNull(fromTreeUri);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        DocumentFile[] listFiles = fromTreeUri.listFiles();
        Intrinsics.checkNotNullExpressionValue(listFiles, "document.listFiles()");
        for (DocumentFile documentFile : listFiles) {
            if (documentFile.isFile()) {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(getParent().getVpnService().getContentResolver().openInputStream(documentFile.getUri()));
                Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
                Intrinsics.checkNotNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
                keyStore.setCertificateEntry(documentFile.getName(), (X509Certificate) generateCertificate);
                bufferedInputStream.close();
            }
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        Intrinsics.checkNotNullExpressionValue(trustManagers, "tmFactory.trustManagers");
        return trustManagers;
    }

    private final void establishHttpLayer() {
        InputStreamReader inputStreamReader = new InputStreamReader(getSocket$app_release().getInputStream(), "US-ASCII");
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(getSocket$app_release().getOutputStream(), "US-ASCII");
        outputStreamWriter.write(ArraysKt.joinToString$default(new String[]{"SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1", "Content-Length: 18446744073709551615", "Host: " + getParent().getNetworkSetting$app_release().getHOME_HOST(), "SSTPCORRELATIONID: {" + getParent().getNetworkSetting$app_release().getGuid() + AbstractJsonLexerKt.END_OBJ}, "\r\n", (CharSequence) null, "\r\n\r\n", 0, (CharSequence) null, (Function1) null, 58, (Object) null));
        outputStreamWriter.flush();
        List mutableListOf = CollectionsKt.mutableListOf((byte) 0, (byte) 0, (byte) 0);
        Byte valueOf = Byte.valueOf(Ascii.CR);
        List listOf = CollectionsKt.listOf((Object[]) new Byte[]{valueOf, (byte) 10, valueOf, (byte) 10});
        getSocket$app_release().setSoTimeout(VungleError.DEFAULT);
        do {
            mutableListOf.add(Byte.valueOf((byte) inputStreamReader.read()));
        } while (!Intrinsics.areEqual(mutableListOf.subList(mutableListOf.size() - 4, mutableListOf.size()), listOf));
        getSocket$app_release().setSoTimeout(1000);
        getParent().getVpnService().protect(getSocket$app_release());
    }

    public final SSLSocket getSocket$app_release() {
        SSLSocket sSLSocket = this.socket;
        if (sSLSocket != null) {
            return sSLSocket;
        }
        Intrinsics.throwUninitializedPropertyAccessException("socket");
        return null;
    }

    public final void initializeSocket$app_release() {
        createSocket();
        establishHttpLayer();
    }

    @Override // com.giamping.brvpn.layer.Terminal
    public void release$app_release() {
        if (this.socket != null) {
            getSocket$app_release().close();
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:21:0x0041  */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0025  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final java.lang.Object send$app_release(java.nio.ByteBuffer r6, kotlin.coroutines.Continuation<? super kotlin.Unit> r7) {
        /*
            r5 = this;
            boolean r0 = r7 instanceof com.giamping.brvpn.layer.SslTerminal$send$1
            if (r0 == 0) goto L14
            r0 = r7
            com.giamping.brvpn.layer.SslTerminal$send$1 r0 = (com.giamping.brvpn.layer.SslTerminal$send$1) r0
            int r1 = r0.label
            r2 = -2147483648(0xffffffff80000000, float:-0.0)
            r1 = r1 & r2
            if (r1 == 0) goto L14
            int r7 = r0.label
            int r7 = r7 - r2
            r0.label = r7
            goto L19
        L14:
            com.giamping.brvpn.layer.SslTerminal$send$1 r0 = new com.giamping.brvpn.layer.SslTerminal$send$1
            r0.<init>(r5, r7)
        L19:
            java.lang.Object r7 = r0.result
            java.lang.Object r1 = kotlin.coroutines.intrinsics.IntrinsicsKt.getCOROUTINE_SUSPENDED()
            int r2 = r0.label
            r3 = 0
            r4 = 1
            if (r2 == 0) goto L41
            if (r2 != r4) goto L39
            java.lang.Object r6 = r0.L$2
            kotlinx.coroutines.sync.Mutex r6 = (kotlinx.coroutines.sync.Mutex) r6
            java.lang.Object r1 = r0.L$1
            java.nio.ByteBuffer r1 = (java.nio.ByteBuffer) r1
            java.lang.Object r0 = r0.L$0
            com.giamping.brvpn.layer.SslTerminal r0 = (com.giamping.brvpn.layer.SslTerminal) r0
            kotlin.ResultKt.throwOnFailure(r7)
            r7 = r6
            r6 = r1
            goto L56
        L39:
            java.lang.IllegalStateException r6 = new java.lang.IllegalStateException
            java.lang.String r7 = "call to 'resume' before 'invoke' with coroutine"
            r6.<init>(r7)
            throw r6
        L41:
            kotlin.ResultKt.throwOnFailure(r7)
            kotlinx.coroutines.sync.Mutex r7 = r5.mutex
            r0.L$0 = r5
            r0.L$1 = r6
            r0.L$2 = r7
            r0.label = r4
            java.lang.Object r0 = r7.lock(r3, r0)
            if (r0 != r1) goto L55
            return r1
        L55:
            r0 = r5
        L56:
            javax.net.ssl.SSLSocket r1 = r0.getSocket$app_release()     // Catch: java.lang.Throwable -> L7d
            java.io.OutputStream r1 = r1.getOutputStream()     // Catch: java.lang.Throwable -> L7d
            byte[] r2 = r6.array()     // Catch: java.lang.Throwable -> L7d
            int r6 = r6.limit()     // Catch: java.lang.Throwable -> L7d
            r4 = 0
            r1.write(r2, r4, r6)     // Catch: java.lang.Throwable -> L7d
            javax.net.ssl.SSLSocket r6 = r0.getSocket$app_release()     // Catch: java.lang.Throwable -> L7d
            java.io.OutputStream r6 = r6.getOutputStream()     // Catch: java.lang.Throwable -> L7d
            r6.flush()     // Catch: java.lang.Throwable -> L7d
            kotlin.Unit r6 = kotlin.Unit.INSTANCE     // Catch: java.lang.Throwable -> L7d
            r7.unlock(r3)
            kotlin.Unit r6 = kotlin.Unit.INSTANCE
            return r6
        L7d:
            r6 = move-exception
            r7.unlock(r3)
            throw r6
        */
        throw new UnsupportedOperationException("Method not decompiled: com.giamping.brvpn.layer.SslTerminal.send$app_release(java.nio.ByteBuffer, kotlin.coroutines.Continuation):java.lang.Object");
    }

    public final void setSocket$app_release(SSLSocket sSLSocket) {
        Intrinsics.checkNotNullParameter(sSLSocket, "<set-?>");
        this.socket = sSLSocket;
    }
}
