package be.iminds.ilabt.jfed.lowlevel.connection;

import be.iminds.ilabt.jfed.lowlevel.JFedException;
import be.iminds.ilabt.jfed.lowlevel.connection.JFedConnection;
import be.iminds.ilabt.jfed.util.KeyUtil;
import be.iminds.ilabt.jfed.util.SSLCertificateDownloader;
import be.iminds.ilabt.jfed.util.SocksProxyHelper;
import be.iminds.ilabt.jfed.util.SshServerProxyHelper;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Collection;
import javax.net.ssl.SSLException;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.AbstractVerifier;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.BasicHttpParams;
import org.apache.http.params.CoreConnectionPNames;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.slf4j.Marker;

/* loaded from: input_file:be/iminds/ilabt/jfed/lowlevel/connection/HttpsClientWithoutUserAuthenticationFactory.class */
public class HttpsClientWithoutUserAuthenticationFactory {
    private static final Logger LOG = LogManager.getLogger();
    private static int extraTrustCount = 7000;

    /* loaded from: input_file:be/iminds/ilabt/jfed/lowlevel/connection/HttpsClientWithoutUserAuthenticationFactory$INSECURE_TRUSTALL_HandleUntrustedCallback.class */
    public static class INSECURE_TRUSTALL_HandleUntrustedCallback implements HandleUntrustedCallback {
        public INSECURE_TRUSTALL_HandleUntrustedCallback() {
            HttpsClientWithoutUserAuthenticationFactory.LOG.warn("SECURITY WARNING: constructing INSECURE_TRUSTALL_HandleUntrustedCallback");
        }

        @Override // be.iminds.ilabt.jfed.lowlevel.connection.HandleUntrustedCallback
        public boolean trust(SSLCertificateDownloader.SSLCertificateJFedInfo sSLCertificateJFedInfo) {
            return true;
        }
    }

    public static DefaultHttpClient getHttpClient(JFedConnection.ProxyInfo proxyInfo, String str, KeyStore keyStore, Collection<String> collection, boolean z, HandleUntrustedCallback handleUntrustedCallback) throws JFedException {
        DefaultHttpClient defaultHttpClient;
        SSLSocketFactory sSLSocketFactory;
        SSLCertificateDownloader.SSLCertificateJFedInfo certificateInfo;
        if (str == null) {
            throw new RuntimeException("serverUrlStr == null");
        }
        final ArrayList arrayList = new ArrayList(collection);
        try {
            URL url = new URL(str);
            try {
                BasicHttpParams basicHttpParams = new BasicHttpParams();
                basicHttpParams.setParameter(CoreConnectionPNames.SO_TIMEOUT, 120000);
                basicHttpParams.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 10000);
                if (System.getProperty("proxySet") == null || !System.getProperty("proxySet").equals(SchemaSymbols.ATTVAL_TRUE) || System.getProperty("socksProxyHost") == null) {
                    defaultHttpClient = new DefaultHttpClient(basicHttpParams);
                } else {
                    LOG.info("Using SOCKS proxy: " + System.getProperty("socksProxyHost"));
                    defaultHttpClient = SocksProxyHelper.getHttpClientOverSocksProxy(basicHttpParams);
                }
                SecureRandom secureRandom = new SecureRandom();
                AbstractVerifier abstractVerifier = new AbstractVerifier() { // from class: be.iminds.ilabt.jfed.lowlevel.connection.HttpsClientWithoutUserAuthenticationFactory.1
                    private BrowserCompatHostnameVerifier base = new BrowserCompatHostnameVerifier();

                    @Override // org.apache.http.conn.ssl.X509HostnameVerifier
                    public final void verify(String str2, String[] strArr, String[] strArr2) throws SSLException {
                        ArrayList arrayList2 = new ArrayList();
                        ArrayList arrayList3 = new ArrayList();
                        if (strArr2 != null) {
                            for (String str3 : strArr2) {
                                arrayList2.add(str3);
                            }
                        }
                        if (strArr != null) {
                            for (String str4 : strArr) {
                                arrayList3.add(str4);
                            }
                        }
                        for (String str5 : arrayList) {
                            if (arrayList3.contains(str5) || arrayList2.contains(str5) || str5.equals(Marker.ANY_MARKER)) {
                                arrayList2.clear();
                                arrayList3.clear();
                                arrayList2.add(str2);
                                arrayList3.add(str2);
                                break;
                            }
                        }
                        String[] strArr3 = new String[arrayList2.size()];
                        for (int i = 0; i < arrayList2.size(); i++) {
                            strArr3[i] = (String) arrayList2.get(i);
                        }
                        String[] strArr4 = new String[arrayList3.size()];
                        for (int i2 = 0; i2 < arrayList3.size(); i2++) {
                            strArr4[i2] = (String) arrayList3.get(i2);
                        }
                        try {
                            this.base.verify(str2, strArr4, strArr3);
                        } catch (SSLException e) {
                            HttpsClientWithoutUserAuthenticationFactory.LOG.warn("HttpsClientWithoutUserAuthenticationFactory hostnameVerifier host name verification failed:" + e.getMessage() + "\nhost=" + str2 + "\ncns=" + strArr + "\nsubjectAlts=" + strArr2 + "\nnewCns=" + strArr4 + "\nnewSubjectAlts=" + strArr3, (Throwable) e);
                            throw e;
                        }
                    }
                };
                if (handleUntrustedCallback != null && (certificateInfo = SSLCertificateDownloader.getCertificateInfo(url)) != null && certificateInfo.isSelfSigned() != null && certificateInfo.isSelfSigned().booleanValue()) {
                    if (handleUntrustedCallback.trust(certificateInfo)) {
                        keyStore.setCertificateEntry("allTrustCert" + extraTrustCount, certificateInfo.getCert());
                        if (!certificateInfo.getSubjectMatchesHostname().booleanValue()) {
                            arrayList.add(certificateInfo.getSubject());
                        }
                    } else {
                        LOG.info("User does not trust certificate -> Not adding anything to trust store.");
                    }
                }
                if (proxyInfo == null || !(proxyInfo instanceof JFedConnection.SshProxyInfo)) {
                    sSLSocketFactory = new SSLSocketFactory("TLS", (KeyStore) null, (String) null, keyStore, secureRandom, abstractVerifier);
                } else {
                    JFedConnection.SshProxyInfo sshProxyInfo = (JFedConnection.SshProxyInfo) proxyInfo;
                    LOG.debug("Using SSH Proxy for connection: " + sshProxyInfo.getHostname());
                    sSLSocketFactory = new SshServerProxyHelper.SslOverSshProxySocketFactory(new SshServerProxyHelper.SshProxyInfo(new InetSocketAddress(sshProxyInfo.getHostname(), sshProxyInfo.getPort()), sshProxyInfo.getUsername(), sshProxyInfo.getHostKey(), new String(KeyUtil.privateKeyToAnyPem(sshProxyInfo.getSshKeyInfo().getPrivateKey()))), "TLS", null, null, keyStore, secureRandom, abstractVerifier);
                }
                defaultHttpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 443, sSLSocketFactory));
                return defaultHttpClient;
            } catch (Exception e) {
                throw new JFedException("Error creating SSL connection to " + str, e);
            }
        } catch (MalformedURLException e2) {
            LOG.error("ERROR: MalformedURLException url=\"" + str + "\"", (Throwable) e2);
            return null;
        }
    }
}
