package com.chinadevelopers.ultrasshservice.tunnel;

import android.annotation.SuppressLint;
import android.content.Context;
import android.net.SSLCertificateSocketFactory;
import android.os.Build;
import com.chinadevelopers.ultrasshservice.R;
import com.chinadevelopers.ultrasshservice.logger.SkStatus;
import com.trilead.ssh2.ProxyData;
import com.trilead.ssh2.transport.TransportManager;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class SSLTunnelProxy implements ProxyData {
    private boolean isProteger;
    private Context mContext;
    private Socket mSocket;
    private String stunnelHostSNI;
    private int stunnelPort;
    private String stunnelProtocol;
    private String stunnelServer;

    /* loaded from: classes.dex */
    class HandshakeTunnelCompletedListener implements HandshakeCompletedListener {
        private final String host;
        private final int port;
        private final SSLSocket sslSocket;
        private final SSLTunnelProxy this$0;

        HandshakeTunnelCompletedListener(SSLTunnelProxy sSLTunnelProxy, String str, int i, SSLSocket sSLSocket) {
            this.this$0 = sSLTunnelProxy;
            this.host = str;
            this.port = i;
            this.sslSocket = sSLSocket;
        }

        @Override // javax.net.ssl.HandshakeCompletedListener
        public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
            SkStatus.logInfo(new StringBuffer().append("SSL: Supported protocols: <br>").append(Arrays.toString(this.sslSocket.getSupportedProtocols())).toString().replace("[", "").replace("]", "").replace(",", "<br>"));
            SkStatus.logInfo(new StringBuffer().append("SSL: Enabled protocols: <br>").append(Arrays.toString(this.sslSocket.getEnabledProtocols())).toString().replace("[", "").replace("]", "").replace(",", "<br>"));
            SkStatus.logInfo(new StringBuffer().append("SSL: Using cipher ").append(handshakeCompletedEvent.getSession().getCipherSuite()).toString());
            SkStatus.logInfo(new StringBuffer().append("SSL: Using protocol ").append(handshakeCompletedEvent.getSession().getProtocol()).toString());
            SkStatus.logInfo("SSL: Handshake finished");
        }
    }

    public SSLTunnelProxy(Context context, String str, int i, String str2, String str3, boolean z) {
        this.stunnelPort = 443;
        this.stunnelProtocol = "TLSv1";
        this.isProteger = false;
        this.mContext = context;
        this.stunnelServer = str;
        this.stunnelPort = i <= 0 ? 443 : i;
        this.stunnelHostSNI = str2;
        this.isProteger = z;
        if (str3 != null) {
            this.stunnelProtocol = str3;
        }
        if (this.stunnelHostSNI == null || this.stunnelHostSNI.isEmpty()) {
            throw new IllegalArgumentException("Host SNI empty");
        }
    }

    public SSLTunnelProxy(Context context, String str, String str2, boolean z) {
        this(context, (String) null, 0, str, str2, z);
    }

    private Socket doSSLHandshake(Socket socket, String str, String str2, int i) throws IOException {
        TrustManager[] trustManagerArr = {new X509TrustManager(this) { // from class: com.chinadevelopers.ultrasshservice.tunnel.SSLTunnelProxy.100000001
            private final SSLTunnelProxy this$0;

            {
                this.this$0 = this;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str3) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str3) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return (X509Certificate[]) null;
            }
        }};
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init((KeyManager[]) null, trustManagerArr, new SecureRandom());
            SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(socket, str, i, true);
            if (!(sSLContext.getSocketFactory() instanceof SSLCertificateSocketFactory) || Build.VERSION.SDK_INT < 17) {
                try {
                    Class<?> cls = socket.getClass();
                    Class<?>[] clsArr = new Class[1];
                    try {
                        clsArr[0] = Class.forName("java.lang.String");
                        cls.getMethod("setHostname", clsArr).invoke(socket, str2);
                        SkStatus.logInfo(new StringBuffer().append("Setting up SNI: ").append(str2).toString());
                    } catch (ClassNotFoundException e) {
                        throw new NoClassDefFoundError(e.getMessage());
                    }
                } catch (Throwable th) {
                }
            } else {
                ((SSLCertificateSocketFactory) sSLContext.getSocketFactory()).setHostname(socket, str2);
            }
            sSLSocket.setEnabledProtocols(sSLSocket.getSupportedProtocols());
            sSLSocket.addHandshakeCompletedListener(new HandshakeTunnelCompletedListener(this, str, i, sSLSocket));
            SkStatus.logInfo("Starting SSL Handshake...");
            sSLSocket.startHandshake();
            return sSLSocket;
        } catch (Exception e2) {
            throw new IOException(new StringBuffer().append("Could not do SSL handshake: ").append(e2).toString());
        }
    }

    @Override // com.trilead.ssh2.ProxyData
    public void close() {
        try {
            if (this.mSocket != null) {
                this.mSocket.close();
            }
        } catch (IOException e) {
        }
    }

    @Override // com.trilead.ssh2.ProxyData
    public Socket openConnection(String str, int i, int i2, int i3) throws IOException {
        Class cls;
        Class<?>[] clsArr;
        this.mSocket = new Socket();
        if (this.stunnelServer == null) {
            this.stunnelServer = str;
            this.stunnelPort = i;
        }
        InetAddress createInetAddress = TransportManager.createInetAddress(this.stunnelServer);
        this.mSocket.connect(new InetSocketAddress(createInetAddress, this.stunnelPort), i2);
        this.mSocket.setSoTimeout(i3);
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager(this) { // from class: com.chinadevelopers.ultrasshservice.tunnel.SSLTunnelProxy.100000000
                private final SSLTunnelProxy this$0;

                {
                    this.this$0 = this;
                }

                @Override // javax.net.ssl.X509TrustManager
                @SuppressLint({"TrustAllX509TrustManager"})
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) {
                }

                @Override // javax.net.ssl.X509TrustManager
                @SuppressLint({"TrustAllX509TrustManager"})
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return (X509Certificate[]) null;
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init((KeyManager[]) null, trustManagerArr, new SecureRandom());
            SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(this.mSocket, createInetAddress.getHostName(), this.stunnelPort, true);
            sSLSocket.setSoTimeout(i3);
            if (sSLSocket instanceof SSLSocket) {
                sSLSocket.setEnabledProtocols(new String[]{this.stunnelProtocol});
            }
            if (sSLSocket.isConnected()) {
                if (VpnUtils2.isDetectVpnSniffer(this.mContext)) {
                    SkStatus.logInfo(new StringBuffer().append(new StringBuffer().append("<strong>").append(this.mContext.getString(R.string.error_vpn_sniffer_detected)).toString()).append("</strong>").toString());
                    throw new IOException("error detected");
                }
                try {
                    cls = sSLSocket.getClass();
                    clsArr = new Class[1];
                } catch (Throwable th) {
                }
                try {
                    clsArr[0] = Class.forName("java.lang.String");
                    cls.getMethod("setHostname", clsArr).invoke(sSLSocket, this.stunnelHostSNI);
                    if (this.isProteger) {
                        this.stunnelHostSNI = "*********";
                    }
                    SkStatus.logInfo(new StringBuffer().append("Setting up SNI: ").append(this.stunnelHostSNI).toString());
                    sSLSocket.addHandshakeCompletedListener(new HandshakeTunnelCompletedListener(this, createInetAddress.getHostAddress(), this.stunnelPort, sSLSocket));
                    SkStatus.logInfo("Starting SSL Handshake...");
                    sSLSocket.startHandshake();
                } catch (ClassNotFoundException e) {
                    throw new NoClassDefFoundError(e.getMessage());
                }
            }
            return sSLSocket;
        } catch (Exception e2) {
            throw new IOException(new StringBuffer().append("Could not do SSL handshake: ").append(e2).toString());
        }
    }
}
