package com.romzkie.ultrasshservice.tunnel;

import android.content.Context;
import com.romzkie.ultrasshservice.config.Settings;
import com.romzkie.ultrasshservice.config.SettingsConstants;
import com.romzkie.ultrasshservice.logger.SkStatus;
import com.trilead.ssh2.HTTPProxyException;
import com.trilead.ssh2.ProxyData;
import com.trilead.ssh2.crypto.Base64;
import com.trilead.ssh2.transport.ClientServerHello;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.nio.channels.SocketChannel;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.conscrypt.Conscrypt;

/* loaded from: classes.dex */
public class SSLProxy implements ProxyData {
    private Settings mConfig;
    private Context mContext;
    private Socket mSocket;
    private boolean modoDropbear;
    private final String proxyHost;
    private final int proxyPort;
    private final String requestPayload;
    private String stunnelHostSNI;
    private int stunnelPort;
    private String stunnelServer;
    private final String proxyUser = null;
    private final String proxyPass = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class HandshakeTunnelCompletedListener implements HandshakeCompletedListener {
        private final String val$host;
        private final int val$port;
        private final SSLSocket val$sslSocket;

        HandshakeTunnelCompletedListener(String str, int i, SSLSocket sSLSocket) {
            this.val$host = str;
            this.val$port = i;
            this.val$sslSocket = sSLSocket;
        }

        @Override // javax.net.ssl.HandshakeCompletedListener
        public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
            SkStatus.logInfo(new StringBuffer("SSL: Supported protocols: <br>").append(Arrays.toString(this.val$sslSocket.getSupportedProtocols())).toString().replace("[", "").replace("]", "").replace(",", "<br>"));
            SkStatus.logInfo(new StringBuffer("SSL: Enabled protocols: <br>").append(Arrays.toString(this.val$sslSocket.getEnabledProtocols())).toString().replace("[", "").replace("]", "").replace(",", "<br>"));
            SkStatus.logInfo("SSL: Using cipher " + handshakeCompletedEvent.getSession().getCipherSuite());
            SkStatus.logInfo("SSL: Using protocol " + handshakeCompletedEvent.getSession().getProtocol());
            SkStatus.logInfo("SSL: Handshake finished");
        }
    }

    static {
        try {
            Security.insertProviderAt(Conscrypt.newProvider(), 1);
        } catch (NoClassDefFoundError e) {
            e.printStackTrace();
        }
    }

    public SSLProxy(String str, int i, String str2, String str3, boolean z, Context context) {
        this.modoDropbear = false;
        this.stunnelPort = 443;
        this.stunnelServer = str;
        this.stunnelPort = i;
        this.stunnelHostSNI = str2;
        this.proxyHost = str;
        this.proxyPort = i;
        this.requestPayload = str3;
        this.modoDropbear = z;
        this.mContext = context;
        this.mConfig = new Settings(context);
    }

    private SSLSocket doSSLHandshake(String str, String str2, int i) throws IOException {
        new TrustManager[1][0] = new X509TrustManager() { // from class: com.romzkie.ultrasshservice.tunnel.SSLProxy.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str3) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str3) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        try {
            SSLContext.getInstance("TLS", "Conscrypt").init(null, new TrustManager[]{Conscrypt.getDefaultX509TrustManager()}, null);
            SSLSocket sSLSocket = (SSLSocket) new TLSSocketFactory().createSocket(str, i);
            try {
                sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str2);
            } catch (Throwable unused) {
            }
            SkStatus.logInfo("Configurando SNI...");
            sSLSocket.addHandshakeCompletedListener(new HandshakeTunnelCompletedListener(str, i, sSLSocket));
            SkStatus.logInfo("Iniciando SSL Handshake...");
            sSLSocket.startHandshake();
            return sSLSocket;
        } catch (Exception e) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("Não foi possível concluir SSL handshake: ");
            stringBuffer.append(e);
            throw new IOException(stringBuffer.toString());
        }
    }

    private String getRequestPayload(String str, int i) {
        char[] encode;
        String str2 = this.requestPayload;
        String privString = this.mConfig.getPrivString(SettingsConstants.APP_HOST);
        String privString2 = this.mConfig.getPrivString(SettingsConstants.APP_HOST_PROXY);
        if (str2 != null) {
            return TunnelUtils.formatCustomPayload(str, privString, privString2, i, str2);
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("CONNECT ");
        stringBuffer.append(str);
        stringBuffer.append(':');
        stringBuffer.append(i);
        stringBuffer.append(" HTTP/1.0\r\n");
        if (this.proxyUser != null && this.proxyPass != null) {
            String str3 = this.proxyUser + ":" + this.proxyPass;
            try {
                encode = Base64.encode(str3.getBytes("ISO-8859-1"));
            } catch (UnsupportedEncodingException unused) {
                encode = Base64.encode(str3.getBytes());
            }
            stringBuffer.append("Proxy-Authorization: Basic ");
            stringBuffer.append(encode);
            stringBuffer.append("\r\n");
        }
        stringBuffer.append("\r\n");
        return stringBuffer.toString();
    }

    @Override // com.trilead.ssh2.ProxyData
    public void close() {
        try {
            Socket socket = this.mSocket;
            if (socket != null) {
                socket.close();
            }
        } catch (IOException unused) {
        }
    }

    @Override // com.trilead.ssh2.ProxyData
    public Socket openConnection(String str, int i, int i2, int i3) throws IOException {
        String str2;
        Socket socket = SocketChannel.open().socket();
        this.mSocket = socket;
        socket.connect(new InetSocketAddress(this.stunnelServer, this.stunnelPort));
        if (this.mSocket.isConnected()) {
            SSLSocket doSSLHandshake = doSSLHandshake(str, this.stunnelHostSNI, this.stunnelPort);
            this.mSocket = doSSLHandshake;
            doSSLHandshake.setKeepAlive(true);
            this.mSocket.setTcpNoDelay(true);
        }
        String requestPayload = getRequestPayload(str, i);
        OutputStream outputStream = this.mSocket.getOutputStream();
        if (!TunnelUtils.injectSplitPayload(requestPayload, outputStream)) {
            try {
                outputStream.write(requestPayload.getBytes("ISO-8859-1"));
            } catch (UnsupportedEncodingException unused) {
                outputStream.write(requestPayload.getBytes());
            }
            outputStream.flush();
        }
        if (this.modoDropbear) {
            return this.mSocket;
        }
        byte[] bArr = new byte[1024];
        InputStream inputStream = this.mSocket.getInputStream();
        int readLineRN = ClientServerHello.readLineRN(inputStream, bArr);
        try {
            str2 = new String(bArr, 0, readLineRN, "ISO-8859-1");
        } catch (UnsupportedEncodingException unused2) {
            str2 = new String(bArr, 0, readLineRN);
        }
        SkStatus.logInfo("<strong>" + str2 + "</strong>");
        int parseInt = Integer.parseInt(str2.substring(9, 12));
        if (parseInt == 200) {
            return this.mSocket;
        }
        if (parseInt == 101) {
            SkStatus.logInfo("<b>HTTP/1.1 200 CONEXÃO ESTABELECIDA</b>");
            return this.mSocket;
        }
        String str3 = str2;
        while (true) {
            int readLineRN2 = ClientServerHello.readLineRN(inputStream, bArr);
            if (readLineRN2 == 0) {
                break;
            }
            String str4 = str3 + "\n";
            try {
                str3 = str4 + new String(bArr, 0, readLineRN2, "ISO-8859-1");
            } catch (UnsupportedEncodingException unused3) {
                str3 = str4 + new String(bArr, 0, readLineRN2);
            }
        }
        if (!str3.isEmpty()) {
            SkStatus.logDebug(str3);
        }
        if (!str2.startsWith("HTTP/")) {
            throw new IOException("The proxy did not send back a valid HTTP response.");
        }
        if (str2.length() < 14 || str2.charAt(8) != ' ' || str2.charAt(12) != ' ') {
            throw new IOException("The proxy did not send back a valid HTTP response.");
        }
        try {
            int parseInt2 = Integer.parseInt(str2.substring(9, 12));
            if (parseInt2 < 0 || parseInt2 > 999) {
                throw new IOException("The proxy did not send back a valid HTTP response.");
            }
            if (parseInt2 == 200) {
                return this.mSocket;
            }
            throw new HTTPProxyException(str2.substring(13), parseInt2);
        } catch (NumberFormatException unused4) {
            throw new IOException("The proxy did not send back a valid HTTP response.");
        }
    }
}
