package com.oovoo.net.ssl;

import android.content.Context;
import android.net.http.AndroidHttpClient;
import com.bottlerocketapps.http.NemoMultiPartFileSSL;
import com.bottlerocketapps.http.ssl.CustomKeyStoreSSLSocketFactory;
import com.mopub.common.Constants;
import com.oovoo.R;
import com.oovoo.account.errormonitor.ErrorMonitorManager;
import com.oovoo.net.soap.SoapRequest;
import com.oovoo.ooVooApp;
import com.oovoo.utils.ApiHelper;
import com.oovoo.utils.ReleaseInfo;
import com.oovoo.utils.logs.Logger;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import org.apache.http.HttpVersion;
import org.apache.http.client.params.HttpClientParams;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.entity.mime.MIME;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.params.HttpParams;

/* loaded from: classes.dex */
public class SSLSocketManager {
    private static final String TAG = "SSLSocketManager";
    private AdditionalKeyStoresTrustManager mAdditionalKeyStoresTrustManager;
    private Context mContext;
    private Scheme mCustomKeystoreScheme;
    private boolean mDisableCertificateValidation;
    private boolean mIsTrustMode;
    private KeyStore mOriginalooVooKeystore;
    private SSLSocketFactory mSSLSocketFactory;
    private byte mSSLState;
    private SSLContext mSslContext;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class a {
        public static final SSLSocketManager instance = new SSLSocketManager();

        private a() {
        }
    }

    /* loaded from: classes2.dex */
    private class b implements HandshakeCompletedListener {
        private SSLSocketManagerListener listener;

        public b(SSLSocketManagerListener sSLSocketManagerListener) {
            this.listener = null;
            this.listener = sSLSocketManagerListener;
        }

        @Override // javax.net.ssl.HandshakeCompletedListener
        public final void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
            try {
                if (this.listener != null) {
                    this.listener.onConnect(handshakeCompletedEvent.getSocket());
                }
            } catch (Exception e) {
                Logger.e(SSLSocketManager.TAG, "", e);
                this.listener.onConnect(null);
            }
        }
    }

    private SSLSocketManager() {
        this.mSSLSocketFactory = null;
        this.mOriginalooVooKeystore = null;
        this.mIsTrustMode = false;
        this.mCustomKeystoreScheme = null;
        this.mDisableCertificateValidation = false;
        this.mContext = null;
        this.mSSLState = (byte) -1;
    }

    public static DefaultHttpClient createDefaultHttpClient(HttpParams httpParams) {
        Scheme scheme = new Scheme(Constants.HTTP, new PlainSocketFactory(), 80);
        HttpClientParams.setRedirecting(httpParams, true);
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient(httpParams);
        defaultHttpClient.getConnectionManager().getSchemeRegistry().register(scheme);
        return defaultHttpClient;
    }

    public static void disableCertificateValidation() {
        a.instance.mDisableCertificateValidation = true;
        if (a.instance.mAdditionalKeyStoresTrustManager != null) {
            a.instance.mAdditionalKeyStoresTrustManager.disableCertificateValidation();
        }
    }

    public static void disableUrlConnectionHostNameValidation() {
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { // from class: com.oovoo.net.ssl.SSLSocketManager.1
            @Override // javax.net.ssl.HostnameVerifier
            public final boolean verify(String str, SSLSession sSLSession) {
                Logger.i(SSLSocketManager.TAG, "Verified " + str + ", for " + sSLSession);
                return true;
            }
        });
    }

    private Scheme getHttpsScheme() {
        if (this.mCustomKeystoreScheme == null && this.mSSLSocketFactory != null) {
            this.mCustomKeystoreScheme = new Scheme("https", this.mSSLSocketFactory, 443);
        }
        return this.mCustomKeystoreScheme;
    }

    public static boolean getIsProxyUsed() {
        return a.instance.mIsTrustMode;
    }

    public static boolean getIsTrustMode() {
        return a.instance.mIsTrustMode;
    }

    public static SSLSocketManager getSSLSocketManager() {
        return a.instance;
    }

    public static SSLSocketManager getSSLSocketManager(Context context) {
        if (a.instance.getSSLState() == -1) {
            a.instance.initAndLoadKeystore(context, R.raw.oovoo_cert_keystore, R.string.ssl_keystore_password);
        }
        return a.instance;
    }

    private byte getSSLState() {
        byte b2;
        synchronized (this) {
            b2 = this.mSSLState;
        }
        return b2;
    }

    private boolean initAndLoadKeystore(Context context, int i, int i2) {
        try {
            setSSLState((byte) 0);
            if (ReleaseInfo.IS_DEBUG) {
                Logger.i(TAG, "initAndLoadKeystore");
            }
            this.mSslContext = SSLContext.getInstance("TLS");
            this.mOriginalooVooKeystore = loadKeystore(context, i, i2);
            this.mAdditionalKeyStoresTrustManager = new AdditionalKeyStoresTrustManager(this.mOriginalooVooKeystore);
            this.mSslContext.init(null, new TrustManager[]{this.mAdditionalKeyStoresTrustManager}, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(this.mSslContext.getSocketFactory());
            this.mSSLSocketFactory = CustomKeyStoreSSLSocketFactory.createInstance(this.mOriginalooVooKeystore);
            this.mCustomKeystoreScheme = new Scheme("https", this.mSSLSocketFactory, 443);
            if (this.mDisableCertificateValidation) {
                this.mAdditionalKeyStoresTrustManager.disableCertificateValidation();
            }
            setSSLState((byte) 1);
            return true;
        } catch (Exception e) {
            Logger.e(TAG, "Failed to instantiate SSL Context.", e);
            ErrorMonitorManager.getInstance((ooVooApp) context.getApplicationContext()).trackExceptionReport(ErrorMonitorManager.CATEGORY_RND, "ssl_keys", e.getClass().getName(), e.getMessage());
            this.mSslContext = null;
            setSSLState((byte) -1);
            return false;
        }
    }

    private KeyStore loadKeystore(Context context, int i, int i2) throws IOException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance("BKS");
        InputStream openRawResource = context.getResources().openRawResource(i);
        try {
            keyStore.load(openRawResource, context.getString(i2).toCharArray());
        } catch (Exception e) {
            Logger.e(TAG, "Failed to load keystore.", e);
        } finally {
            openRawResource.close();
        }
        return keyStore;
    }

    private void restoreOriginalCertificate() {
        try {
            this.mAdditionalKeyStoresTrustManager = new AdditionalKeyStoresTrustManager(this.mOriginalooVooKeystore);
            this.mSslContext.init(null, new TrustManager[]{this.mAdditionalKeyStoresTrustManager}, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(this.mSslContext.getSocketFactory());
            this.mSSLSocketFactory = CustomKeyStoreSSLSocketFactory.createInstance(this.mOriginalooVooKeystore);
            this.mCustomKeystoreScheme = new Scheme("https", this.mSSLSocketFactory, 443);
            if (this.mDisableCertificateValidation) {
                this.mAdditionalKeyStoresTrustManager.disableCertificateValidation();
            }
        } catch (Exception e) {
            Logger.e(TAG, "Failed to instantiate SSL Context.", e);
        }
    }

    private void setSSLState(byte b2) {
        synchronized (this) {
            this.mSSLState = b2;
        }
    }

    private static void setStrictHostnameVerifier() {
        HttpsURLConnection.setDefaultHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
    }

    private static void setTrustAllHostnameVerifier() {
        HttpsURLConnection.setDefaultHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }

    public static void setTrustAllMode() {
        a.instance.mIsTrustMode = true;
        SSLSocketManager sSLSocketManager = a.instance;
        setTrustAllHostnameVerifier();
    }

    public static void setupApplicationContext(Context context) {
        a.instance.mContext = context;
    }

    public static void setupNonSecuredCertificatesNotTrustMode() {
        if (a.instance.mIsTrustMode) {
            a.instance.mIsTrustMode = false;
            setStrictHostnameVerifier();
            if (a.instance.getSSLState() == 1) {
                a.instance.restoreOriginalCertificate();
            }
            NemoMultiPartFileSSL.restoreOriginalCertificate();
        }
    }

    public static void setupNonSecuredCertificatesTrustMode(X509Certificate[] x509CertificateArr) {
        a.instance.mIsTrustMode = true;
        setTrustAllHostnameVerifier();
        if (a.instance.getSSLState() == 1) {
            a.instance.addCertificate(x509CertificateArr);
        }
        NemoMultiPartFileSSL.getInstance().addCertificate(x509CertificateArr);
    }

    public boolean addCertificate(X509Certificate[] x509CertificateArr) {
        try {
            if (getSSLState() == -1) {
                initAndLoadKeystore(this.mContext, R.raw.oovoo_cert_keystore, R.string.ssl_keystore_password);
            }
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            for (X509Certificate x509Certificate : x509CertificateArr) {
                Logger.w(TAG, "Cert chain: DN=" + x509Certificate.getSubjectDN() + " Serial=" + x509Certificate.getSerialNumber() + " Version=" + x509Certificate.getVersion() + " Valid from " + x509Certificate.getNotBefore() + " to " + x509Certificate.getNotAfter());
                keyStore.setCertificateEntry("ca", x509Certificate);
            }
            this.mAdditionalKeyStoresTrustManager = new AdditionalKeyStoresTrustManager(this.mOriginalooVooKeystore, keyStore);
            this.mSslContext.init(null, new TrustManager[]{this.mAdditionalKeyStoresTrustManager}, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(this.mSslContext.getSocketFactory());
            this.mSSLSocketFactory = CustomKeyStoreSSLSocketFactory.createInstance(this.mOriginalooVooKeystore, keyStore);
            this.mCustomKeystoreScheme = new Scheme("https", this.mSSLSocketFactory, 443);
            if (!this.mDisableCertificateValidation) {
                return true;
            }
            this.mAdditionalKeyStoresTrustManager.disableCertificateValidation();
            return true;
        } catch (Exception e) {
            Logger.e(TAG, "", e);
            return false;
        }
    }

    public void connectToSSL(SSLSocketManagerListener sSLSocketManagerListener) throws Exception {
        if (getSSLState() == -1) {
            initAndLoadKeystore(this.mContext, R.raw.oovoo_cert_keystore, R.string.ssl_keystore_password);
        }
        if (this.mSslContext == null) {
            throw new Exception("SSL context is invalid!");
        }
        Logger.i(TAG, "connectToSSL(listener)-> Host: " + sSLSocketManagerListener.host() + " Timeout: " + sSLSocketManagerListener.getIISConnectTimeout());
        InetSocketAddress inetSocketAddress = new InetSocketAddress(sSLSocketManagerListener.host(), 443);
        Socket socket = new Socket();
        socket.connect(inetSocketAddress, sSLSocketManagerListener.getIISConnectTimeout());
        socket.setSoTimeout(sSLSocketManagerListener.getIISResponseTimeout());
        SSLSocket sSLSocket = (SSLSocket) this.mSslContext.getSocketFactory().createSocket(socket, sSLSocketManagerListener.host(), 443, true);
        if (!ApiHelper.SOCKET_HANDSHAKE_SUPPORT) {
            sSLSocketManagerListener.onConnect(sSLSocket);
        } else {
            sSLSocket.addHandshakeCompletedListener(new b(sSLSocketManagerListener));
            sSLSocket.startHandshake();
        }
    }

    public void connectToSSL(SSLSocketManagerListener sSLSocketManagerListener, Socket socket) throws Exception {
        if (getSSLState() == -1) {
            initAndLoadKeystore(this.mContext, R.raw.oovoo_cert_keystore, R.string.ssl_keystore_password);
        }
        if (this.mSslContext == null) {
            if (sSLSocketManagerListener != null) {
                sSLSocketManagerListener.onConnect(null);
            }
            throw new Exception("SSL context is invalid!");
        }
        Logger.i(TAG, "connectToSSL(listener, socket)-> Host: " + sSLSocketManagerListener.host() + " Timeout: " + sSLSocketManagerListener.getIISConnectTimeout());
        SSLSocket sSLSocket = (SSLSocket) this.mSslContext.getSocketFactory().createSocket(socket, sSLSocketManagerListener.host(), 443, true);
        if (!ApiHelper.SOCKET_HANDSHAKE_SUPPORT) {
            sSLSocketManagerListener.onConnect(sSLSocket);
        } else {
            sSLSocket.addHandshakeCompletedListener(new b(sSLSocketManagerListener));
            sSLSocket.startHandshake();
        }
    }

    public void connectToSSLSocket(SSLSocketManagerListener sSLSocketManagerListener) throws Exception {
        if (this.mSslContext == null) {
            throw new Exception("SSL context is invalid!");
        }
        Logger.i(TAG, "connectToSSL(listener)-> Host: " + sSLSocketManagerListener.host() + " Timeout: " + sSLSocketManagerListener.getIISConnectTimeout());
        sSLSocketManagerListener.onConnect(this.mSSLSocketFactory, this.mSslContext);
    }

    public AndroidHttpClient getAndroidHttpClient(int i, int i2, String str) throws IllegalStateException {
        if (getSSLState() == -1) {
            initAndLoadKeystore(this.mContext, R.raw.oovoo_cert_keystore, R.string.ssl_keystore_password);
        }
        Scheme httpsScheme = getHttpsScheme();
        if (httpsScheme == null) {
            throw new IllegalStateException("Must call initAndLoadKeystore() before getAndroidHttpClient()");
        }
        Scheme scheme = new Scheme(Constants.HTTP, new PlainSocketFactory(), 80);
        AndroidHttpClient newInstance = AndroidHttpClient.newInstance(str);
        HttpParams params = newInstance.getParams();
        params.setParameter("http.protocol.version", HttpVersion.HTTP_1_1);
        params.setParameter(MIME.CONTENT_TYPE, SoapRequest.CONTENT_TYPE_XML);
        params.setParameter(SoapRequest.ACCEPT_ENCODING, SoapRequest.GZIP_ENCODING);
        HttpConnectionParams.setConnectionTimeout(params, i);
        HttpConnectionParams.setSoTimeout(params, i2);
        HttpClientParams.setRedirecting(params, true);
        newInstance.getConnectionManager().getSchemeRegistry().register(httpsScheme);
        newInstance.getConnectionManager().getSchemeRegistry().register(scheme);
        return newInstance;
    }

    public DefaultHttpClient getHttpClient(HttpParams httpParams) throws IllegalStateException {
        if (getSSLState() == -1) {
            initAndLoadKeystore(this.mContext, R.raw.oovoo_cert_keystore, R.string.ssl_keystore_password);
        }
        Scheme httpsScheme = getHttpsScheme();
        if (httpsScheme == null) {
            throw new IllegalStateException("Must call initAndLoadKeystore() before getHttpClient()");
        }
        Scheme scheme = new Scheme(Constants.HTTP, new PlainSocketFactory(), 80);
        HttpClientParams.setRedirecting(httpParams, true);
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient(httpParams);
        defaultHttpClient.getConnectionManager().getSchemeRegistry().register(httpsScheme);
        defaultHttpClient.getConnectionManager().getSchemeRegistry().register(scheme);
        return defaultHttpClient;
    }

    public SSLContext getSSLContext() {
        return this.mSslContext;
    }

    public SSLSocketFactory getSSLSocketFactory() {
        return this.mSSLSocketFactory;
    }

    public boolean isDisableCertificateValidation() {
        return this.mDisableCertificateValidation;
    }
}
