package com.rounds.retrofit.security;

import android.content.Context;
import com.rounds.android.rounds.R;
import com.rounds.android.rounds.report.Reporter;
import com.rounds.android.utils.RoundsLogger;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.jivesoftware.smack.util.TLSUtils;

/* loaded from: classes.dex */
public class SecurityUtils {
    private static final String TAG = SecurityUtils.class.getSimpleName();
    private static final Pattern IP_ADDR = Pattern.compile("(:?https://)?([0-9]{1,3}\\.){3}[0-9]{1,3}.*");

    /* loaded from: classes.dex */
    private static class RoundsApacheHostNameverifier implements X509HostnameVerifier {
        private BrowserCompatHostnameVerifier defaultverifier;

        private RoundsApacheHostNameverifier() {
            this.defaultverifier = new BrowserCompatHostnameVerifier();
        }

        /* synthetic */ RoundsApacheHostNameverifier(byte b) {
            this();
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public final void verify(String str, X509Certificate x509Certificate) throws SSLException {
            this.defaultverifier.verify(str, x509Certificate);
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public final void verify(String str, SSLSocket sSLSocket) throws IOException {
            try {
                this.defaultverifier.verify(str, sSLSocket);
            } catch (SSLException e) {
                if (!SecurityUtils.getIPAddressMatcher(str).matches()) {
                    throw e;
                }
            }
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public final void verify(String str, String[] strArr, String[] strArr2) throws SSLException {
            this.defaultverifier.verify(str, strArr, strArr2);
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier, javax.net.ssl.HostnameVerifier
        public final boolean verify(String str, SSLSession sSLSession) {
            boolean verify = this.defaultverifier.verify(str, sSLSession);
            if (verify || !SecurityUtils.getIPAddressMatcher(str).matches()) {
                return verify;
            }
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class RoundsSecurityException extends Exception {
        public RoundsSecurityException(Throwable th) {
            super(th);
        }
    }

    private static void closeQuietly(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (IOException e) {
            }
        }
    }

    public static SSLSocketFactory getApacheSSLSocketFactory(Context context) {
        KeyStore javaStdKeyStore = getJavaStdKeyStore(context);
        SSLSocketFactory sSLSocketFactory = null;
        try {
            if (javaStdKeyStore == null) {
                throw new IllegalStateException("Keystore was null!!");
            }
            SSLSocketFactory sSLSocketFactory2 = new SSLSocketFactory(javaStdKeyStore);
            try {
                sSLSocketFactory2.setHostnameVerifier(new RoundsApacheHostNameverifier((byte) 0));
                return sSLSocketFactory2;
            } catch (Exception e) {
                e = e;
                sSLSocketFactory = sSLSocketFactory2;
                RoundsLogger.error(TAG, "error creating socket factory", e);
                Reporter.getInstance().error(new RoundsSecurityException(e));
                return sSLSocketFactory;
            }
        } catch (Exception e2) {
            e = e2;
        }
    }

    public static Matcher getIPAddressMatcher(CharSequence charSequence) {
        return IP_ADDR.matcher(charSequence);
    }

    public static KeyStore getJavaStdKeyStore(Context context) {
        InputStream inputStream = null;
        KeyStore keyStore = null;
        try {
            inputStream = getKeyStoreStream(context);
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            if (certificateFactory == null || keyStore == null) {
                keyStore = null;
            } else {
                Certificate generateCertificate = certificateFactory.generateCertificate(inputStream);
                keyStore.load(null, null);
                keyStore.setCertificateEntry("ca", generateCertificate);
            }
        } catch (Exception e) {
            e.printStackTrace();
            RoundsLogger.error(TAG, "error creating keystore", e);
            Reporter.getInstance().error(new RoundsSecurityException(e));
        } finally {
            closeQuietly(inputStream);
        }
        return keyStore;
    }

    public static SSLContext getJavaStdSSLContext(Context context) {
        SSLContext sSLContext = null;
        KeyStore javaStdKeyStore = getJavaStdKeyStore(context);
        if (javaStdKeyStore == null) {
            Reporter.getInstance().error(new RoundsSecurityException(new IllegalStateException("Keystore was null!!")));
            return null;
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(javaStdKeyStore);
            sSLContext = SSLContext.getInstance(TLSUtils.TLS);
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (Exception e) {
            Reporter.getInstance().error(new RoundsSecurityException(e));
            return sSLContext;
        }
    }

    public static InputStream getKeyStoreStream(Context context) {
        return context.getResources().openRawResource(R.raw.rootca);
    }

    public static HostnameVerifier getRoundsSelfSignedHostNameVerifier(Context context, final HostnameVerifier hostnameVerifier) {
        return new HostnameVerifier() { // from class: com.rounds.retrofit.security.SecurityUtils.1
            @Override // javax.net.ssl.HostnameVerifier
            public final boolean verify(String str, SSLSession sSLSession) {
                if (SecurityUtils.getIPAddressMatcher(str).matches()) {
                    return true;
                }
                return hostnameVerifier.verify(str, sSLSession);
            }
        };
    }
}
