package com.dkfqs.tools.crypto;

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLProtocolException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;

/* loaded from: input_file:com/dkfqs/tools/crypto/EncryptedSocket.class */
public class EncryptedSocket {
    public static final int DEFAULT_TCP_CONNECT_TIMEOUT_MILLIS = 10000;
    public static final int DEFAULT_HANDSHAKE_TIMEOUT_MILLIS = 8000;
    private static TrustManager[] trustAllCerts = {new X509ExtendedTrustManager() { // from class: com.dkfqs.tools.crypto.EncryptedSocket.1
        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) {
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) {
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) {
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }
    }};
    private static SecureRandom sslSecureRandom = new SecureRandom();
    private String severIpAddress;
    private final String serverHost;
    private final int serverPort;
    private InetAddress localOutboundAddress;
    private String limitSSLVersion;
    private TrustManager[] trustManagers;
    private KeyManager[] clientAuthKeyManagers;
    private HandshakeCompletedListener handshakeCompletedListener;
    private int tcpConnectTimeoutMillis;
    private int sslHandshakeTimeoutMillis;
    private long sslPrepareTime;
    private long tcpConnectTime;
    private long sslHandshakeTime;

    public EncryptedSocket(String str, int i) {
        this.severIpAddress = null;
        this.localOutboundAddress = null;
        this.limitSSLVersion = null;
        this.trustManagers = trustAllCerts;
        this.clientAuthKeyManagers = null;
        this.handshakeCompletedListener = null;
        this.tcpConnectTimeoutMillis = 10000;
        this.sslHandshakeTimeoutMillis = DEFAULT_HANDSHAKE_TIMEOUT_MILLIS;
        this.sslPrepareTime = -1L;
        this.tcpConnectTime = -1L;
        this.sslHandshakeTime = -1L;
        this.serverHost = str;
        this.serverPort = i;
    }

    public EncryptedSocket(String str, String str2, int i) {
        this.severIpAddress = null;
        this.localOutboundAddress = null;
        this.limitSSLVersion = null;
        this.trustManagers = trustAllCerts;
        this.clientAuthKeyManagers = null;
        this.handshakeCompletedListener = null;
        this.tcpConnectTimeoutMillis = 10000;
        this.sslHandshakeTimeoutMillis = DEFAULT_HANDSHAKE_TIMEOUT_MILLIS;
        this.sslPrepareTime = -1L;
        this.tcpConnectTime = -1L;
        this.sslHandshakeTime = -1L;
        this.severIpAddress = str;
        this.serverHost = str2;
        this.serverPort = i;
    }

    public void setLimitSSLVersion(String str) {
        this.limitSSLVersion = str;
    }

    public void setTrustManager(TrustManager[] trustManagerArr) {
        this.trustManagers = trustManagerArr;
    }

    public void setClientAuthKeyManagers(KeyManager[] keyManagerArr) {
        this.clientAuthKeyManagers = keyManagerArr;
    }

    public void setLocalOutboundAddress(InetAddress inetAddress) {
        this.localOutboundAddress = inetAddress;
    }

    public void setHandshakeCompletedListener(HandshakeCompletedListener handshakeCompletedListener) {
        this.handshakeCompletedListener = handshakeCompletedListener;
    }

    public void setTCPConnectTimeoutMillis(int i) {
        this.tcpConnectTimeoutMillis = i;
    }

    public void setSSLHandshakeTimeoutMillis(int i) {
        this.sslHandshakeTimeoutMillis = i;
    }

    public SSLSocket connect() throws NoSuchAlgorithmException, KeyManagementException, EncryptedSocketHandshakeTimeoutException, IOException {
        long nanoTime = System.nanoTime();
        SSLContext sSLContext = this.limitSSLVersion == null ? SSLContext.getInstance("TLS") : SSLContext.getInstance(this.limitSSLVersion);
        sSLContext.init(this.clientAuthKeyManagers, this.trustManagers, sslSecureRandom);
        SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket();
        if (this.severIpAddress != null) {
            SNIHostName sNIHostName = new SNIHostName(this.serverHost);
            ArrayList arrayList = new ArrayList();
            arrayList.add(sNIHostName);
            SSLParameters sSLParameters = sSLSocket.getSSLParameters();
            sSLParameters.setServerNames(arrayList);
            sSLSocket.setSSLParameters(sSLParameters);
        }
        if (this.localOutboundAddress != null) {
            sSLSocket.bind(new InetSocketAddress(this.localOutboundAddress, 0));
        }
        if (this.handshakeCompletedListener != null) {
            sSLSocket.addHandshakeCompletedListener(this.handshakeCompletedListener);
        }
        this.sslPrepareTime = (System.nanoTime() - nanoTime) / 1000000;
        long nanoTime2 = System.nanoTime();
        if (this.severIpAddress == null) {
            sSLSocket.connect(new InetSocketAddress(this.serverHost, this.serverPort), this.tcpConnectTimeoutMillis);
        } else {
            sSLSocket.connect(new InetSocketAddress(this.severIpAddress, this.serverPort), this.tcpConnectTimeoutMillis);
        }
        this.tcpConnectTime = (System.nanoTime() - nanoTime2) / 1000000;
        EncryptedSocketHandshakeTimeoutThread encryptedSocketHandshakeTimeoutThread = new EncryptedSocketHandshakeTimeoutThread(sSLSocket, this.sslHandshakeTimeoutMillis);
        encryptedSocketHandshakeTimeoutThread.setName(encryptedSocketHandshakeTimeoutThread.getClass().getSimpleName() + "-" + this.serverHost + ":" + this.serverPort + "@" + sSLSocket.getLocalPort());
        encryptedSocketHandshakeTimeoutThread.setDaemon(true);
        encryptedSocketHandshakeTimeoutThread.start();
        try {
            try {
                long nanoTime3 = System.nanoTime();
                sSLSocket.startHandshake();
                this.sslHandshakeTime = (System.nanoTime() - nanoTime3) / 1000000;
                encryptedSocketHandshakeTimeoutThread.setHandshakeDone();
                encryptedSocketHandshakeTimeoutThread.interrupt();
                return sSLSocket;
            } catch (SocketException | SSLProtocolException e) {
                if (encryptedSocketHandshakeTimeoutThread.isTimeoutExceeded()) {
                    throw new EncryptedSocketHandshakeTimeoutException("SSL handshake timeout after " + this.sslHandshakeTimeoutMillis + " ms exceeded");
                }
                throw e;
            }
        } catch (Throwable th) {
            encryptedSocketHandshakeTimeoutThread.setHandshakeDone();
            encryptedSocketHandshakeTimeoutThread.interrupt();
            throw th;
        }
    }

    public long getSSLPrepareTime() {
        return this.sslPrepareTime;
    }

    public long getTCPConnectTime() {
        return this.tcpConnectTime;
    }

    public long getSSLHandshakeTime() {
        return this.sslHandshakeTime;
    }
}
