package com.fxcm.messaging.https;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/fxcm/messaging/https/V4ContextAdapter.class */
public class V4ContextAdapter implements IContextAdapter {
    private SSLContext context = SSLContext.getInstance(IContextAdapter.ALGORITHM);
    private ISSLVerifier verifier;
    private int verifierMode;
    private PrivateKey privateKey;
    private X509Certificate[] certChain;
    private KeyStore keyStore;
    private String keyStorePassword;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.fxcm.messaging.https.V4ContextAdapter$1, reason: invalid class name */
    /* loaded from: input_file:com/fxcm/messaging/https/V4ContextAdapter$1.class */
    public static class AnonymousClass1 {
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/fxcm/messaging/https/V4ContextAdapter$MyKeyManager.class */
    public class MyKeyManager implements X509KeyManager {
        private final V4ContextAdapter this$0;

        private MyKeyManager(V4ContextAdapter v4ContextAdapter) {
            this.this$0 = v4ContextAdapter;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return IContextAdapter.ALIAS;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return IContextAdapter.ALIAS;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return IContextAdapter.ALIASES;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return IContextAdapter.ALIASES;
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            if (IContextAdapter.ALIAS.equals(str)) {
                return this.this$0.certChain;
            }
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            if (IContextAdapter.ALIAS.equals(str)) {
                return this.this$0.privateKey;
            }
            return null;
        }

        MyKeyManager(V4ContextAdapter v4ContextAdapter, AnonymousClass1 anonymousClass1) {
            this(v4ContextAdapter);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/fxcm/messaging/https/V4ContextAdapter$MyTrustManager.class */
    public class MyTrustManager implements X509TrustManager {
        private X509TrustManager baseManager;
        private final V4ContextAdapter this$0;

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.baseManager.getAcceptedIssuers();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.this$0.verifier == null) {
                this.baseManager.checkClientTrusted(x509CertificateArr, str);
                return;
            }
            switch (this.this$0.verifierMode) {
                case 0:
                    try {
                        checkVerified(x509CertificateArr);
                        return;
                    } catch (CertificateException e) {
                        this.baseManager.checkClientTrusted(x509CertificateArr, str);
                        return;
                    }
                case 1:
                    checkVerified(x509CertificateArr);
                    this.baseManager.checkClientTrusted(x509CertificateArr, str);
                    return;
                case 2:
                    checkVerified(x509CertificateArr);
                    return;
                default:
                    throw new IllegalArgumentException(new StringBuffer().append("Unknown verifierMode: ").append(this.this$0.verifierMode).toString());
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.this$0.verifier == null) {
                this.baseManager.checkServerTrusted(x509CertificateArr, str);
                return;
            }
            switch (this.this$0.verifierMode) {
                case 0:
                    try {
                        checkVerified(x509CertificateArr);
                        return;
                    } catch (CertificateException e) {
                        this.baseManager.checkServerTrusted(x509CertificateArr, str);
                        return;
                    }
                case 1:
                    checkVerified(x509CertificateArr);
                    this.baseManager.checkServerTrusted(x509CertificateArr, str);
                    return;
                case 2:
                    checkVerified(x509CertificateArr);
                    return;
                default:
                    throw new IllegalArgumentException(new StringBuffer().append("Unknown verifierMode: ").append(this.this$0.verifierMode).toString());
            }
        }

        private void checkVerified(X509Certificate[] x509CertificateArr) throws CertificateException {
            try {
                this.this$0.verifier.verifyTrust(x509CertificateArr);
            } catch (SSLVerifierException e) {
                throw new CertificateException(e.toString());
            }
        }

        private MyTrustManager(V4ContextAdapter v4ContextAdapter, X509TrustManager x509TrustManager) {
            this.this$0 = v4ContextAdapter;
            this.baseManager = x509TrustManager;
        }

        MyTrustManager(V4ContextAdapter v4ContextAdapter, X509TrustManager x509TrustManager, AnonymousClass1 anonymousClass1) {
            this(v4ContextAdapter, x509TrustManager);
        }
    }

    /* loaded from: input_file:com/fxcm/messaging/https/V4ContextAdapter$NullHostnameVerifier.class */
    private static class NullHostnameVerifier implements HostnameVerifier {
        private NullHostnameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }

        NullHostnameVerifier(AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public V4ContextAdapter(ISSLVerifier iSSLVerifier, int i, PrivateKey privateKey, X509Certificate[] x509CertificateArr) throws GeneralSecurityException {
        this.verifier = iSSLVerifier;
        this.verifierMode = i;
        this.privateKey = privateKey;
        this.certChain = x509CertificateArr;
        this.context.init(getKeyManagers(), getTrustManagers(), null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public V4ContextAdapter(ISSLVerifier iSSLVerifier, int i, KeyStore keyStore, String str) throws GeneralSecurityException {
        this.verifier = iSSLVerifier;
        this.verifierMode = i;
        this.keyStore = keyStore;
        this.keyStorePassword = str;
        this.context.init(getKeyManagers(), getTrustManagers(), null);
    }

    @Override // com.fxcm.messaging.https.IContextAdapter
    public SSLSocketFactory getSocketFactory() throws GeneralSecurityException {
        return this.context.getSocketFactory();
    }

    @Override // com.fxcm.messaging.https.IContextAdapter
    public SSLServerSocketFactory getServerSocketFactory() throws GeneralSecurityException {
        return this.context.getServerSocketFactory();
    }

    private KeyManager[] getKeyManagers() throws GeneralSecurityException {
        if (this.privateKey != null) {
            return new KeyManager[]{new MyKeyManager(this, null)};
        }
        if (this.keyStore == null) {
            return null;
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(this.keyStore, this.keyStorePassword.toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    private TrustManager[] getTrustManagers() throws GeneralSecurityException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(loadCaCerts());
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        boolean z = false;
        int i = 0;
        while (true) {
            if (i < trustManagers.length) {
                if (trustManagers[i] instanceof X509TrustManager) {
                    trustManagers[i] = new MyTrustManager(this, (X509TrustManager) trustManagers[i], null);
                    z = true;
                    break;
                }
                i++;
            } else {
                break;
            }
        }
        if (z) {
            return trustManagers;
        }
        throw new RuntimeException("No default X509TrustManager available");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore loadCaCerts() throws GeneralSecurityException {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            FileInputStream fileInputStream = new FileInputStream(new StringBuffer().append(System.getProperty("java.home")).append("/lib/security/cacerts").toString());
            keyStore.load(new BufferedInputStream(fileInputStream), null);
            fileInputStream.close();
            return keyStore;
        } catch (IOException e) {
            throw new GeneralSecurityException(e.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void disableHostnameVerification(HttpsURLConnection httpsURLConnection) {
        httpsURLConnection.setHostnameVerifier(new NullHostnameVerifier(null));
    }
}
