package net.openvpn.openvpn;

import android.app.AlertDialog;
import android.content.Context;
import android.content.DialogInterface;
import android.os.Handler;
import android.util.Base64;
import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.FutureTask;
import java.util.regex.Pattern;
import java8.util.concurrent.CompletableFuture;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;
import net.openvpn.openvpn.IPC.IPCUtils;
import net.openvpn.openvpn.TrustMan;
import okhttp3.CertificatePinner;
import okhttp3.internal.tls.OkHostnameVerifier;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;

/* loaded from: classes.dex */
public class HttpsClient {
    private static final String TAG = "HttpsClient";

    /* loaded from: classes.dex */
    public static class AdaptiveHostnameVerifier implements HostnameVerifier {
        private RequestContext context;
        private boolean shouldAllowAll = false;
        private HostnameVerifier bchv = new BrowserCompatHostnameVerifier();

        AdaptiveHostnameVerifier(RequestContext requestContext) {
            this.context = requestContext;
        }

        private SSLPeerUnverifiedException getException(SSLSession sSLSession) {
            try {
                X509Certificate x509Certificate = (X509Certificate) sSLSession.getPeerCertificates()[0];
                return new SSLPeerUnverifiedException("Hostname " + sSLSession.getPeerHost() + "not verified:\n    certificate: " + CertificatePinner.pin(x509Certificate) + "\n    DN: " + x509Certificate.getSubjectDN().getName() + "\n    subjectAltNames: " + OkHostnameVerifier.allSubjectAltNames(x509Certificate));
            } catch (SSLPeerUnverifiedException e) {
                return e;
            }
        }

        void allowAll(boolean z) {
            this.shouldAllowAll = z;
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            if (this.shouldAllowAll) {
                return true;
            }
            boolean verify = this.bchv.verify(str, sSLSession);
            if (!verify) {
                try {
                    TrustMan.TrustContext trustContext = new TrustMan.TrustContext();
                    trustContext.chain = (X509Certificate[]) sSLSession.getPeerCertificates();
                    trustContext.authType = "";
                    trustContext.excep = getException(sSLSession);
                    this.context.setTrustContext(trustContext);
                } catch (SSLPeerUnverifiedException unused) {
                }
            }
            return verify;
        }
    }

    /* loaded from: classes.dex */
    public static class AsyncExecutor extends Executor {
        private ExecutorService service;

        public AsyncExecutor(Context context, Boolean bool, Long l) {
            super(context, bool, l);
            this.service = Executors.newCachedThreadPool();
        }

        @Override // net.openvpn.openvpn.HttpsClient.Executor
        protected <T> T execute(Request<T> request) throws Exception {
            FutureTask futureTask = new FutureTask(request);
            try {
                this.service.execute(futureTask);
                return (T) futureTask.get();
            } catch (ExecutionException e) {
                Exception exc = (Exception) e.getCause();
                if ((exc instanceof SSLHandshakeException) && (exc.getCause() instanceof TrustMan.TrustFail)) {
                    throw ((Exception) exc.getCause());
                }
                throw exc;
            }
        }

        @Override // net.openvpn.openvpn.HttpsClient.Executor
        public void shutdown() {
            if (this.service.isShutdown()) {
                return;
            }
            this.service.shutdownNow();
        }
    }

    /* loaded from: classes.dex */
    public static class Credentials {
        private String password;
        private String username;

        public Credentials() {
        }

        public Credentials(String str, String str2) {
            this.username = str;
            this.password = str2;
        }

        public String getPassword() {
            return this.password;
        }

        public String getUsername() {
            return this.username;
        }

        public boolean isEmpty() {
            return this.username == null || this.password == null;
        }

        public void setPassword(String str) {
            this.password = str;
        }

        public void setUsername(String str) {
            this.username = str;
        }
    }

    /* loaded from: classes.dex */
    public static abstract class Executor {
        private Context context;
        private Boolean enable_cert_dialog;
        private Long max_download_size;
        private TrustMan trustMan;

        protected Executor(Context context, Boolean bool, Long l) {
            this.context = context;
            this.enable_cert_dialog = bool;
            this.max_download_size = l;
            this.trustMan = new TrustMan(context);
        }

        protected void alertDialog(final Context context, final String str, final String str2) {
            new Handler(context.getMainLooper()).post(new Runnable() { // from class: net.openvpn.openvpn.HttpsClient.Executor.2
                @Override // java.lang.Runnable
                public void run() {
                    new AlertDialog.Builder(context).setTitle(str).setMessage(str2).setPositiveButton(R.string.ok, new DialogInterface.OnClickListener() { // from class: net.openvpn.openvpn.HttpsClient.Executor.2.1
                        @Override // android.content.DialogInterface.OnClickListener
                        public void onClick(DialogInterface dialogInterface, int i) {
                        }
                    }).show();
                }
            });
        }

        protected Future<Boolean> attemptTrust(final Context context, final TrustMan trustMan, final TrustMan.TrustContext trustContext) {
            final CompletableFuture completableFuture = new CompletableFuture();
            new Handler(context.getMainLooper()).post(new Runnable() { // from class: net.openvpn.openvpn.HttpsClient.Executor.1
                @Override // java.lang.Runnable
                public void run() {
                    new CertWarn(context, trustContext.chain[0], trustContext.excep.toString()) { // from class: net.openvpn.openvpn.HttpsClient.Executor.1.1
                        @Override // net.openvpn.openvpn.CertWarn
                        protected void done(int i) {
                            if (i != 1) {
                                completableFuture.complete(false);
                            } else {
                                trustMan.trustCert(trustContext);
                                completableFuture.complete(true);
                            }
                        }
                    };
                }
            });
            return completableFuture;
        }

        protected abstract <T> T execute(Request<T> request) throws Exception;

        public void shutdown() {
        }

        public <T> T submit(Request<T> request) throws Exception {
            final RequestContext requestContext = new RequestContext();
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new X509TrustManager[]{this.trustMan}, new SecureRandom());
            final AdaptiveHostnameVerifier adaptiveHostnameVerifier = new AdaptiveHostnameVerifier(requestContext);
            request.sslContext = sSLContext;
            request.hostnameVerifier = adaptiveHostnameVerifier;
            Long l = this.max_download_size;
            if (l != null) {
                request.max_download_size = l.longValue();
            }
            this.trustMan.setCallback(new TrustMan.Callback() { // from class: net.openvpn.openvpn.HttpsClient.Executor.3
                @Override // net.openvpn.openvpn.TrustMan.Callback
                public void onTrustFail(TrustMan.TrustContext trustContext) {
                    requestContext.setTrustContext(trustContext);
                }

                @Override // net.openvpn.openvpn.TrustMan.Callback
                public void onTrustSucceed(boolean z) {
                    adaptiveHostnameVerifier.allowAll(z);
                }
            });
            try {
                return (T) execute(request);
            } catch (CertificateException | SSLPeerUnverifiedException e) {
                TrustMan.TrustContext trustContext = requestContext.getTrustContext();
                if (this.enable_cert_dialog.booleanValue()) {
                    if (attemptTrust(this.context, this.trustMan, trustContext).get().booleanValue()) {
                        return (T) submit(request);
                    }
                    throw e;
                }
                Context context = this.context;
                alertDialog(context, context.getString(R.string.profile_import_error), this.context.getString(R.string.profile_import_invalid_cert));
                throw e;
            }
        }
    }

    /* loaded from: classes.dex */
    public static class GeneralException extends Exception {
        /* JADX INFO: Access modifiers changed from: package-private */
        public GeneralException() {
            super("HttpsClient.GeneralException");
        }
    }

    /* loaded from: classes.dex */
    public static class PresettableHostnameVerifier implements HostnameVerifier {
        private HostnameVerifier bchv = new BrowserCompatHostnameVerifier();
        public String hostname;

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return this.bchv.verify(this.hostname, sSLSession);
        }
    }

    /* loaded from: classes.dex */
    public static abstract class Request<T> implements Callable<T> {
        HttpsURLConnection connection;
        HostnameVerifier hostnameVerifier;
        long max_download_size;
        RequestOptions options;
        SSLContext sslContext;

        public Request(RequestOptions requestOptions) {
            this.options = requestOptions;
        }

        public HttpsURLConnection connect() throws IOException {
            RequestOptions requestOptions = this.options;
            URL url = requestOptions.getUrl();
            String method = requestOptions.getMethod();
            Integer timeout = requestOptions.getTimeout();
            String hostname = requestOptions.getHostname();
            Credentials credentials = requestOptions.getCredentials();
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
            httpsURLConnection.setRequestMethod(method);
            httpsURLConnection.setConnectTimeout(timeout.intValue());
            httpsURLConnection.setReadTimeout(timeout.intValue());
            if (hostname.isEmpty()) {
                httpsURLConnection.setHostnameVerifier(this.hostnameVerifier);
            } else {
                PresettableHostnameVerifier presettableHostnameVerifier = new PresettableHostnameVerifier();
                presettableHostnameVerifier.hostname = hostname;
                httpsURLConnection.setHostnameVerifier(presettableHostnameVerifier);
            }
            if (credentials != null && !credentials.isEmpty()) {
                String encodeToString = Base64.encodeToString((credentials.getUsername() + ":" + credentials.getPassword()).getBytes("UTF-8"), 2);
                StringBuilder sb = new StringBuilder();
                sb.append("Basic ");
                sb.append(encodeToString);
                httpsURLConnection.setRequestProperty("Authorization", sb.toString());
            }
            httpsURLConnection.setSSLSocketFactory(this.sslContext.getSocketFactory());
            this.connection = httpsURLConnection;
            return httpsURLConnection;
        }

        public void disconnect() {
            HttpsURLConnection httpsURLConnection = this.connection;
            if (httpsURLConnection != null) {
                httpsURLConnection.disconnect();
            }
        }

        public String read() throws IOException {
            return FileUtil.readStream(new BufferedInputStream(this.connection.getInputStream()), this.max_download_size, "");
        }

        public void write(String str) throws IOException {
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(this.connection.getOutputStream());
            outputStreamWriter.write(str);
            outputStreamWriter.flush();
        }
    }

    /* loaded from: classes.dex */
    public static class RequestContext {
        private TrustMan.TrustContext trustContext;

        public TrustMan.TrustContext getTrustContext() {
            return this.trustContext;
        }

        public void setTrustContext(TrustMan.TrustContext trustContext) {
            this.trustContext = trustContext;
        }
    }

    /* loaded from: classes.dex */
    public static class RequestOptions {
        static Pattern protocol_pattern = Pattern.compile("^https?://");
        private Credentials credentials;
        private String hostname;
        private String method;
        private Integer timeout;
        private URL url;

        public RequestOptions() {
            this.method = "GET";
            this.timeout = Integer.valueOf(IPCUtils.StringChunker.CHUNK_LIMIT);
            this.credentials = new Credentials();
        }

        /* JADX WARN: Illegal instructions before constructor call */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public RequestOptions(java.lang.String r8, java.lang.String r9, java.lang.Integer r10, java.lang.String r11, java.lang.String r12, java.lang.String r13) throws java.net.MalformedURLException {
            /*
                r7 = this;
                java.net.URL r1 = new java.net.URL
                java.util.regex.Pattern r0 = net.openvpn.openvpn.HttpsClient.RequestOptions.protocol_pattern
                java.util.regex.Matcher r0 = r0.matcher(r8)
                boolean r0 = r0.find()
                if (r0 == 0) goto Lf
                goto L20
            Lf:
                java.lang.StringBuilder r0 = new java.lang.StringBuilder
                r0.<init>()
                java.lang.String r2 = "https://"
                r0.append(r2)
                r0.append(r8)
                java.lang.String r8 = r0.toString()
            L20:
                r1.<init>(r8)
                r0 = r7
                r2 = r9
                r3 = r10
                r4 = r11
                r5 = r12
                r6 = r13
                r0.<init>(r1, r2, r3, r4, r5, r6)
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: net.openvpn.openvpn.HttpsClient.RequestOptions.<init>(java.lang.String, java.lang.String, java.lang.Integer, java.lang.String, java.lang.String, java.lang.String):void");
        }

        public RequestOptions(URL url, String str, Integer num, String str2, String str3, String str4) {
            this.method = "GET";
            int i = IPCUtils.StringChunker.CHUNK_LIMIT;
            this.timeout = Integer.valueOf(IPCUtils.StringChunker.CHUNK_LIMIT);
            this.url = url;
            this.timeout = Integer.valueOf(num != null ? num.intValue() : i);
            this.method = str == null ? "GET" : str;
            this.hostname = str2 == null ? "" : str2;
            this.credentials = new Credentials(str3, str4);
        }

        public RequestOptions copy() {
            return new RequestOptions(this.url, this.method, this.timeout, this.hostname, this.credentials.getUsername(), this.credentials.getPassword());
        }

        public Credentials getCredentials() {
            return this.credentials;
        }

        public String getHostname() {
            return this.hostname;
        }

        public String getMethod() {
            return this.method;
        }

        public Integer getTimeout() {
            return this.timeout;
        }

        public URL getUrl() {
            return this.url;
        }

        public void setCredentials(String str, String str2) {
            this.credentials.setUsername(str);
            this.credentials.setPassword(str2);
        }

        public void setCredentials(Credentials credentials) {
            this.credentials = credentials;
        }

        public void setHostname(String str) {
            this.hostname = str;
        }

        public void setMethod(String str) {
            this.method = str;
        }

        public void setTimeout(Integer num) {
            this.timeout = num;
        }

        public void setUrl(String str) throws MalformedURLException {
            if (!protocol_pattern.matcher(str).find()) {
                str = "https://" + str;
            }
            setUrl(new URL(str));
        }

        public void setUrl(URL url) {
            this.url = url;
        }
    }

    /* loaded from: classes.dex */
    public static class SyncExectutor extends Executor {
        public SyncExectutor(Context context, Boolean bool, Long l) {
            super(context, bool, l);
        }

        @Override // net.openvpn.openvpn.HttpsClient.Executor
        protected <T> T execute(Request<T> request) throws Exception {
            try {
                return request.call();
            } catch (SSLHandshakeException e) {
                if (e.getCause() instanceof TrustMan.TrustFail) {
                    throw ((TrustMan.TrustFail) e.getCause());
                }
                throw e;
            }
        }
    }
}
