package net.i2p.util;

import android.support.v4.media.a;
import com.arialyy.aria.core.ProtocolType;
import com.vungle.ads.internal.protos.Sdk;
import j$.util.DesugarCollections;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import net.i2p.I2PAppContext;
import net.i2p.crypto.KeyStoreUtil;
import net.i2p.data.DataHelper;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.util.PublicSuffixList;
import org.apache.http.conn.util.PublicSuffixListParser;
import org.apache.http.conn.util.PublicSuffixMatcher;

/* loaded from: classes5.dex */
public class I2PSSLSocketFactory {
    public static PublicSuffixMatcher c;
    public static boolean d;
    public static final String[] e = {"arpa", "asia", "biz", "cat", "com", "coop", "edu", "gov", "info", "int", "jobs", "mil", "mobi", "museum", "name", "net", "org", "post", "pro", "tel", "travel", "xxx"};
    public static final String[] f = {"i2p", "mooo.com", "onion"};
    public static final List g = DesugarCollections.unmodifiableList(Arrays.asList("SSLv2Hello", ProtocolType.SSLv3));
    public static final List h = DesugarCollections.unmodifiableList(Arrays.asList(ProtocolType.TLSv1, ProtocolType.TLSv1_1, ProtocolType.TLSv1_2, "TLSv1.3"));
    public static final List i = DesugarCollections.unmodifiableList(Arrays.asList("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_WITH_DES_CBC_SHA", "SSL_DH_anon_WITH_RC4_128_MD5", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA", "TLS_DH_anon_WITH_AES_128_CBC_SHA", "TLS_DH_anon_WITH_AES_128_CBC_SHA256", "TLS_DH_anon_WITH_AES_128_GCM_SHA256", "TLS_DH_anon_WITH_AES_256_CBC_SHA", "TLS_DH_anon_WITH_AES_256_CBC_SHA256", "TLS_DH_anon_WITH_AES_256_GCM_SHA384", "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", "TLS_ECDH_anon_WITH_NULL_SHA", "TLS_ECDH_anon_WITH_RC4_128_SHA", "TLS_ECDH_ECDSA_WITH_NULL_SHA", "TLS_ECDHE_ECDSA_WITH_NULL_SHA", "TLS_ECDHE_RSA_WITH_NULL_SHA", "TLS_ECDH_RSA_WITH_NULL_SHA", "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", "TLS_KRB5_EXPORT_WITH_RC4_40_MD5", "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", "TLS_KRB5_WITH_DES_CBC_MD5", "TLS_KRB5_WITH_DES_CBC_SHA", "TLS_KRB5_WITH_RC4_128_MD5", "TLS_KRB5_WITH_RC4_128_SHA", "TLS_RSA_WITH_NULL_SHA256", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", "TLS_ECDH_RSA_WITH_RC4_128_SHA", "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA", "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"));
    public static final List j = Collections.EMPTY_LIST;

    /* renamed from: a, reason: collision with root package name */
    public final SSLSocketFactory f11713a;
    public final I2PAppContext b;

    public I2PSSLSocketFactory(I2PAppContext i2PAppContext) {
        File file;
        Log b = i2PAppContext.j().b(I2PSSLSocketFactory.class);
        String str = "";
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, "".toCharArray());
            File file2 = new File("certificates/i2cp");
            boolean isAbsolute = file2.isAbsolute();
            file2 = isAbsolute ? file2 : new File(i2PAppContext.f11531z, "certificates/i2cp");
            int a2 = KeyStoreUtil.a(file2, keyStore);
            if (a2 > 0 && b.k(20)) {
                StringBuilder t = a.t(a2, "Loaded ", " trusted certificates from ");
                t.append(file2.getAbsolutePath());
                b.e(t.toString());
            }
            if (isAbsolute) {
                file = file2;
            } else {
                file = new File(i2PAppContext.f11530y, "certificates/i2cp");
                if (!file2.getAbsolutePath().equals(file.getAbsolutePath())) {
                    int a3 = KeyStoreUtil.a(file, keyStore);
                    a2 += a3;
                    if (a3 > 0 && b.k(20)) {
                        StringBuilder t2 = a.t(a3, "Loaded ", " trusted certificates from ");
                        t2.append(file2.getAbsolutePath());
                        b.e(t2.toString());
                    }
                }
            }
            if (a2 <= 0) {
                StringBuilder sb = new StringBuilder("No trusted certificates loaded (looked in ");
                sb.append(file2.getAbsolutePath());
                if (!file2.getAbsolutePath().equals(file.getAbsolutePath())) {
                    str = " and " + file.getAbsolutePath();
                }
                throw new GeneralSecurityException(a.q(sb, str, ", SSL connections will fail. Copy the cert in certificates/i2cp from the router to the directory."));
            }
            if (b.k(20)) {
                b.e("Loaded total of " + a2 + " new trusted certificates");
            }
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), i2PAppContext.l());
            this.f11713a = sSLContext.getSocketFactory();
            this.b = i2PAppContext;
        } catch (IOException e2) {
            throw new GeneralSecurityException("Key Store init error", e2);
        }
    }

    public static void a(I2PAppContext i2PAppContext, ArrayList arrayList) {
        Log b = i2PAppContext.j().b(I2PSSLSocketFactory.class);
        String f2 = i2PAppContext.f("geoip.dir", "geoip");
        File file = new File(f2);
        if (!file.isAbsolute()) {
            file = new File(i2PAppContext.f11530y, f2);
        }
        File file2 = new File(file, "countries.txt");
        if (!file2.exists()) {
            if (b.l()) {
                b.m("Country file not found: " + file2.getAbsolutePath());
                return;
            }
            return;
        }
        BufferedReader bufferedReader = null;
        try {
            try {
                try {
                    BufferedReader bufferedReader2 = new BufferedReader(new InputStreamReader(new FileInputStream(file2), "UTF-8"));
                    int i2 = 0;
                    while (true) {
                        try {
                            String readLine = bufferedReader2.readLine();
                            if (readLine == null) {
                                break;
                            }
                            try {
                                if (readLine.charAt(0) != '#') {
                                    arrayList.add(DataHelper.t(0, readLine, ",")[0].toLowerCase(Locale.US));
                                    i2++;
                                }
                            } catch (IndexOutOfBoundsException unused) {
                            }
                        } catch (IOException e2) {
                            e = e2;
                            bufferedReader = bufferedReader2;
                            b.c("Error reading the Country File", e);
                            if (bufferedReader != null) {
                                bufferedReader.close();
                            }
                            return;
                        } catch (Throwable th) {
                            th = th;
                            bufferedReader = bufferedReader2;
                            if (bufferedReader != null) {
                                try {
                                    bufferedReader.close();
                                } catch (IOException unused2) {
                                }
                            }
                            throw th;
                        }
                    }
                    if (b.j()) {
                        b.e("Loaded " + i2 + " TLDs from " + file2.getAbsolutePath());
                    }
                    bufferedReader2.close();
                } catch (Throwable th2) {
                    th = th2;
                }
            } catch (IOException e3) {
                e = e3;
            }
        } catch (IOException unused3) {
        }
    }

    public static PublicSuffixList b(PublicSuffixList publicSuffixList, PublicSuffixList publicSuffixList2) {
        List list = publicSuffixList.f12020a;
        int size = list.size();
        List list2 = publicSuffixList2.f12020a;
        ArrayList arrayList = new ArrayList(list2.size() + size);
        List list3 = publicSuffixList.b;
        int size2 = list3.size();
        List list4 = publicSuffixList2.b;
        ArrayList arrayList2 = new ArrayList(list4.size() + size2);
        arrayList.addAll(list);
        arrayList.addAll(list2);
        arrayList2.addAll(list3);
        arrayList2.addAll(list4);
        return new PublicSuffixList(arrayList, arrayList2);
    }

    public static String[] c(String[] strArr, String[] strArr2, List list, List list2) {
        Log b = I2PAppContext.d().j().b(I2PSSLSocketFactory.class);
        HashSet hashSet = new HashSet(strArr.length);
        hashSet.addAll(Arrays.asList(strArr));
        hashSet.removeAll(list2);
        HashSet hashSet2 = new HashSet(strArr2.length);
        hashSet2.addAll(Arrays.asList(strArr2));
        Iterator it = list.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            if (hashSet2.contains(str)) {
                if (hashSet.add(str) && b.k(20)) {
                    b.e("Added, previously disabled: " + str);
                }
            } else if (b.k(20)) {
                b.e("Not supported in this JVM: " + str);
            }
        }
        if (hashSet.isEmpty()) {
            b.h("No TLS support for SSLEepGet, falling back");
            return strArr;
        }
        if (b.k(10)) {
            ArrayList arrayList = new ArrayList(hashSet);
            Collections.sort(arrayList);
            b.a("Selected: " + arrayList);
        }
        return (String[]) hashSet.toArray(new String[hashSet.size()]);
    }

    public static void d(SSLSocket sSLSocket) {
        sSLSocket.setEnabledProtocols(c(sSLSocket.getEnabledProtocols(), sSLSocket.getSupportedProtocols(), h, g));
        sSLSocket.setEnabledCipherSuites(c(sSLSocket.getEnabledCipherSuites(), sSLSocket.getSupportedCipherSuites(), j, i));
    }

    public static void e(I2PAppContext i2PAppContext, SSLSocket sSLSocket, String str) {
        HostnameVerifier defaultHostnameVerifier;
        Log b = i2PAppContext.j().b(I2PSSLSocketFactory.class);
        if (Boolean.parseBoolean(i2PAppContext.e("i2p.disableSSLHostnameVerification")) || str.equals("localhost") || str.equals("127.0.0.1") || str.equals("::1") || str.equals("0:0:0:0:0:0:0:1")) {
            if (b.l()) {
                b.m("Skipping hostname validation for " + str);
                return;
            }
            return;
        }
        if (SystemVersion.f) {
            defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
        } else {
            synchronized (I2PSSLSocketFactory.class) {
                try {
                    if (!d) {
                        String f2 = i2PAppContext.f("geoip.dir", "geoip");
                        File file = new File(f2);
                        if (!file.isAbsolute()) {
                            file = new File(i2PAppContext.f11530y, f2);
                        }
                        File file2 = new File(file, "public-suffix-list.txt");
                        Log b2 = i2PAppContext.j().b(I2PSSLSocketFactory.class);
                        FileInputStream fileInputStream = null;
                        if (file2.exists()) {
                            try {
                                long currentTimeMillis = System.currentTimeMillis();
                                PublicSuffixList publicSuffixList = new PublicSuffixList(Arrays.asList(f), Collections.EMPTY_LIST);
                                try {
                                    FileInputStream fileInputStream2 = new FileInputStream(file2);
                                    try {
                                        PublicSuffixList b3 = b(publicSuffixList, PublicSuffixListParser.a(new InputStreamReader(fileInputStream2, "UTF-8")));
                                        try {
                                            fileInputStream2.close();
                                        } catch (IOException unused) {
                                        }
                                        c = new PublicSuffixMatcher(b3.f12020a, b3.b);
                                        if (b2.l()) {
                                            b2.m("Loaded " + file2 + " in " + (System.currentTimeMillis() - currentTimeMillis) + " ms and created list with " + b3.f12020a.size() + " entries and " + b3.b.size() + " exceptions");
                                        }
                                    } catch (Throwable th) {
                                        th = th;
                                        fileInputStream = fileInputStream2;
                                        if (fileInputStream != null) {
                                            try {
                                                fileInputStream.close();
                                            } catch (IOException unused2) {
                                            }
                                        }
                                        throw th;
                                    }
                                } catch (Throwable th2) {
                                    th = th2;
                                }
                            } catch (IOException e2) {
                                b2.c("Failure loading public suffix list from " + file2, e2);
                            }
                        } else {
                            ArrayList arrayList = new ArrayList(Sdk.SDKError.Reason.WEBVIEW_ERROR_VALUE);
                            a(i2PAppContext, arrayList);
                            arrayList.addAll(Arrays.asList(e));
                            arrayList.addAll(Arrays.asList(f));
                            c = new PublicSuffixMatcher(arrayList, null);
                            if (b2.l()) {
                                b2.m("No public suffix list found at " + file2 + " - created default with " + arrayList.size() + " entries");
                            }
                        }
                    }
                    d = true;
                } catch (Throwable th3) {
                    throw th3;
                }
            }
            defaultHostnameVerifier = new DefaultHostnameVerifier(c);
        }
        if (!defaultHostnameVerifier.verify(str, sSLSocket.getSession())) {
            throw new SSLHandshakeException(a.D("SSL hostname verify failed, Expected ", str, " - set i2p.disableSSLHostnameVerification=true to disable verification (dangerous!)"));
        }
    }
}
