package com.facebook.flipper.android;

import X.AbstractRunnableC64612Vm2;
import X.C07200a4;
import X.C0YQ;
import X.W1I;
import android.net.TrafficStats;
import android.util.Log;
import com.facebook.flipper.BuildConfig;
import com.facebook.flipper.core.FlipperObject;
import com.facebook.flipper.core.FlipperSocket;
import com.facebook.flipper.core.FlipperSocketEventHandler;
import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.net.Socket;
import java.net.URI;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes11.dex */
public class FlipperSocketImpl extends AbstractRunnableC64612Vm2 implements FlipperSocket {
    public static final int CERTIFICATE_TTL_DAYS = 30;
    public FlipperSocketEventHandler mEventHandler;

    /* loaded from: classes10.dex */
    public class FlipperTrustManager implements X509TrustManager {
        public Certificate mCA;

        public FlipperTrustManager(String str) {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(str));
            try {
                this.mCA = certificateFactory.generateCertificate(bufferedInputStream);
                bufferedInputStream.close();
                if (this.mCA == null) {
                    throw new Exception("Unable to find a valid trust manager.");
                }
            } catch (Throwable th) {
                bufferedInputStream.close();
                throw th;
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            throw new CertificateException("No client certificate verification provided");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            try {
                checkServerTrustedImpl(x509CertificateArr);
            } catch (Exception e) {
                if (!(e instanceof CertificateException)) {
                    throw new CertificateException(e);
                }
                throw e;
            }
        }

        /* JADX WARN: Code restructure failed: missing block: B:31:0x007e, code lost:
        
            r1 = move-exception;
         */
        /* JADX WARN: Code restructure failed: missing block: B:33:0x0084, code lost:
        
            throw new java.security.cert.CertificateException(r1);
         */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public void checkServerTrustedImpl(java.security.cert.X509Certificate[] r11) {
            /*
                r10 = this;
                int r7 = r11.length
                r0 = 2
                if (r7 != r0) goto L91
                java.util.Date r6 = new java.util.Date
                r6.<init>()
                r5 = 0
                r4 = 0
            Lb:
                r0 = r11[r4]
                r0.checkValidity(r6)
                java.util.Date r2 = r0.getNotBefore()
                boolean r0 = r2.after(r6)
                java.lang.String r3 = "Unable to accept certificate in the chain"
                if (r0 != 0) goto L8b
                long r0 = r6.getTime()
                long r8 = r2.getTime()
                long r0 = r0 - r8
                java.util.concurrent.TimeUnit r8 = java.util.concurrent.TimeUnit.DAYS
                java.util.concurrent.TimeUnit r2 = java.util.concurrent.TimeUnit.MILLISECONDS
                long r8 = r8.convert(r0, r2)
                r1 = 0
                int r0 = (r8 > r1 ? 1 : (r8 == r1 ? 0 : -1))
                if (r0 < 0) goto L85
                r1 = 30
                int r0 = (r8 > r1 ? 1 : (r8 == r1 ? 0 : -1))
                if (r0 > 0) goto L85
                int r4 = r4 + 1
                if (r4 < r7) goto Lb
                java.lang.String r0 = java.security.cert.CertPathValidator.getDefaultType()     // Catch: java.security.NoSuchAlgorithmException -> L7e
                java.security.cert.CertPathValidator r4 = java.security.cert.CertPathValidator.getInstance(r0)     // Catch: java.security.NoSuchAlgorithmException -> L7e
                java.lang.String r0 = "X.509"
                java.security.cert.CertificateFactory r1 = java.security.cert.CertificateFactory.getInstance(r0)
                java.util.List r0 = java.util.Arrays.asList(r11)
                java.security.cert.CertPath r3 = r1.generateCertPath(r0)
                java.security.cert.Certificate r2 = r10.mCA
                java.security.cert.X509Certificate r2 = (java.security.cert.X509Certificate) r2
                r1 = 0
                java.security.cert.TrustAnchor r0 = new java.security.cert.TrustAnchor
                r0.<init>(r2, r1)
                java.util.Set r1 = java.util.Collections.singleton(r0)     // Catch: java.security.InvalidAlgorithmParameterException -> L77
                java.security.cert.PKIXParameters r0 = new java.security.cert.PKIXParameters     // Catch: java.security.InvalidAlgorithmParameterException -> L77
                r0.<init>(r1)     // Catch: java.security.InvalidAlgorithmParameterException -> L77
                r0.setDate(r6)
                r0.setRevocationEnabled(r5)
                r4.validate(r3, r0)     // Catch: java.lang.Throwable -> L70
                return
            L70:
                r1 = move-exception
                java.security.cert.CertificateException r0 = new java.security.cert.CertificateException
                r0.<init>(r1)
                throw r0
            L77:
                r1 = move-exception
                java.security.cert.CertificateException r0 = new java.security.cert.CertificateException
                r0.<init>(r1)
                throw r0
            L7e:
                r1 = move-exception
                java.security.cert.CertificateException r0 = new java.security.cert.CertificateException
                r0.<init>(r1)
                throw r0
            L85:
                java.security.cert.CertificateException r0 = new java.security.cert.CertificateException
                r0.<init>(r3)
                throw r0
            L8b:
                java.security.cert.CertificateException r0 = new java.security.cert.CertificateException
                r0.<init>(r3)
                throw r0
            L91:
                java.lang.String r1 = "Certificate chain is invalid. Invalid length"
                java.security.cert.CertificateException r0 = new java.security.cert.CertificateException
                r0.<init>(r1)
                throw r0
            */
            throw new UnsupportedOperationException("Method not decompiled: com.facebook.flipper.android.FlipperSocketImpl.FlipperTrustManager.checkServerTrustedImpl(java.security.cert.X509Certificate[]):void");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[]{(X509Certificate) this.mCA};
        }
    }

    static {
        if (BuildConfig.IS_INTERNAL_BUILD || BuildConfig.LOAD_FLIPPER_EXPLICIT) {
            C07200a4.A0A("flipper");
        }
    }

    public FlipperSocketImpl(String str) {
        super(new URI(str));
    }

    @Override // com.facebook.flipper.core.FlipperSocket
    public void flipperConnect() {
        if (isOpen()) {
            return;
        }
        try {
            FlipperObject onAuthenticationChallengeReceived = this.mEventHandler.onAuthenticationChallengeReceived();
            if (onAuthenticationChallengeReceived.mJson.has("certificates_client_path") && onAuthenticationChallengeReceived.mJson.has("certificates_client_pass")) {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                String string = onAuthenticationChallengeReceived.getString("certificates_client_path");
                String string2 = onAuthenticationChallengeReceived.getString("certificates_client_pass");
                String string3 = onAuthenticationChallengeReceived.getString("certificates_ca_path");
                FileInputStream fileInputStream = new FileInputStream(string);
                try {
                    keyStore.load(fileInputStream, string2.toCharArray());
                    fileInputStream.close();
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(keyStore, string2.toCharArray());
                    sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{new FlipperTrustManager(string3)}, null);
                    this.socketFactory = new DelegatingSocketFactory(sSLContext.getSocketFactory()) { // from class: com.facebook.flipper.android.FlipperSocketImpl.1
                        @Override // com.facebook.flipper.android.DelegatingSocketFactory
                        public Socket configureSocket(Socket socket) {
                            TrafficStats.setThreadStatsTag(589824);
                            return socket;
                        }
                    };
                } catch (Throwable th) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable unused) {
                    }
                    throw th;
                }
            }
            connect();
        } catch (Exception e) {
            Log.e(FlipperProps.TAG, C0YQ.A0v("Failed to initialize the socket before connect. ", e));
            this.mEventHandler.onConnectionEvent(FlipperSocketEventHandler.SocketEvent.ERROR);
        }
    }

    @Override // com.facebook.flipper.core.FlipperSocket
    public void flipperDisconnect() {
        this.mEventHandler.onConnectionEvent(FlipperSocketEventHandler.SocketEvent.CLOSE);
        this.mEventHandler = new FlipperSocketEventHandler() { // from class: com.facebook.flipper.android.FlipperSocketImpl.2
            @Override // com.facebook.flipper.core.FlipperSocketEventHandler
            public FlipperObject onAuthenticationChallengeReceived() {
                return null;
            }

            @Override // com.facebook.flipper.core.FlipperSocketEventHandler
            public void onConnectionEvent(FlipperSocketEventHandler.SocketEvent socketEvent) {
            }

            @Override // com.facebook.flipper.core.FlipperSocketEventHandler
            public void onMessageReceived(String str) {
            }
        };
        super.close();
    }

    @Override // com.facebook.flipper.core.FlipperSocket
    public void flipperSend(String str) {
        send(str);
    }

    @Override // com.facebook.flipper.core.FlipperSocket
    public void flipperSetEventHandler(FlipperSocketEventHandler flipperSocketEventHandler) {
        this.mEventHandler = flipperSocketEventHandler;
    }

    @Override // X.AbstractRunnableC64612Vm2
    public void onClose(int i, String str, boolean z) {
        this.mEventHandler.onConnectionEvent(FlipperSocketEventHandler.SocketEvent.CLOSE);
    }

    @Override // X.AbstractRunnableC64612Vm2
    public void onError(Exception exc) {
        this.mEventHandler.onConnectionEvent(exc instanceof SSLHandshakeException ? FlipperSocketEventHandler.SocketEvent.SSL_ERROR : FlipperSocketEventHandler.SocketEvent.ERROR);
    }

    @Override // X.AbstractRunnableC64612Vm2
    public void onMessage(String str) {
        this.mEventHandler.onMessageReceived(str);
    }

    @Override // X.AbstractRunnableC64612Vm2
    public void onOpen(W1I w1i) {
        this.mEventHandler.onConnectionEvent(FlipperSocketEventHandler.SocketEvent.OPEN);
    }

    @Override // X.AbstractRunnableC64612Vm2
    public void onSetSSLParameters(SSLParameters sSLParameters) {
        sSLParameters.setNeedClientAuth(true);
    }
}
