package net.jumperz.security;

import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertPathBuilder;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
import javax.net.ServerSocketFactory;
import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import net.jumperz.net.MCookie;
import net.jumperz.net.MHttpRequest;
import net.jumperz.net.MHttpResponse;
import net.jumperz.net.MParameter;
import net.jumperz.util.Base64;
import net.jumperz.util.MRegEx;
import net.jumperz.util.MStreamUtil;
import net.jumperz.util.MStringUtil;
import net.jumperz.util.MSystemUtil;
import weka.gui.visualize.Plot2D;

/* loaded from: input_file:WEB-INF/classes/net/jumperz/security/MSecurityUtil.class */
public class MSecurityUtil {
    public static final String KEYSTORE_TYPE = "JKS";
    public static final String KEYSTORE_ALIAS = "alias";
    public static final String KEY_PASS = "keyPass";
    private static final String CLIENT_SESSION_EXPIRE_KEY = "_CsEx_";
    private static final String CLIENT_SESSION_KEY = "_CsSs_";
    private static final int CLIENT_SESSION_COOKIE_COUNT = 15;
    private static final int CLIENT_SESSION_COOKIE_LENGTH = 4000;
    public static final int DEFAULT_SESSION_EXPIRE_MIN = 30;

    public static List sortIntermediateCAList(X509Certificate x509Certificate, List list) {
        ArrayList arrayList = new ArrayList();
        X509Certificate x509Certificate2 = x509Certificate;
        while (true) {
            if (list.size() <= 0) {
                break;
            }
            boolean z = false;
            String principal = x509Certificate2.getIssuerDN().toString();
            int i = 0;
            while (true) {
                if (i >= list.size()) {
                    break;
                }
                X509Certificate x509Certificate3 = (X509Certificate) list.get(i);
                if (x509Certificate3.getSubjectDN().toString().equals(principal)) {
                    z = true;
                    x509Certificate2 = x509Certificate3;
                    arrayList.add(x509Certificate3);
                    list.remove(x509Certificate3);
                    break;
                }
                i++;
            }
            if (!z) {
                arrayList.addAll(list);
                break;
            }
        }
        return arrayList;
    }

    public static boolean isValidChain(List list) {
        if (list.size() < 2) {
            return false;
        }
        try {
            X509Certificate x509Certificate = null;
            X509Certificate x509Certificate2 = null;
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i < list.size(); i++) {
                if (i == 0) {
                    x509Certificate = (X509Certificate) list.get(i);
                } else if (i == list.size() - 1) {
                    x509Certificate2 = (X509Certificate) list.get(i);
                } else {
                    arrayList.add(list.get(i));
                }
            }
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
            keyStore.load(null, null);
            keyStore.setCertificateEntry("root", x509Certificate);
            X509CertSelector x509CertSelector = new X509CertSelector();
            x509CertSelector.setCertificate(x509Certificate2);
            PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore, x509CertSelector);
            pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList)));
            pKIXBuilderParameters.setRevocationEnabled(false);
            CertPathBuilder.getInstance("PKIX").build(pKIXBuilderParameters);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public static void setSSLv2Hello(SSLSocket sSLSocket) {
        sSLSocket.setEnabledProtocols(new String[]{"SSLv2Hello", "SSLv3", "TLSv1"});
    }

    public static String getClientHelloVersion(SSLSocket sSLSocket) {
        try {
            return Class.forName("sun.security.ssl.SSLSocketImpl").getDeclaredField("clientHelloProtocol").get(sSLSocket).toString();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static Collection getClientCipherSuiteCollection(SSLSocket sSLSocket) {
        try {
            return (Collection) Class.forName("sun.security.ssl.SSLSocketImpl").getDeclaredField("clientCipherSuiteCollection").get(sSLSocket);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static byte[] xor(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr3[i] = (byte) (bArr[i] ^ bArr2[i]);
        }
        return bArr3;
    }

    public static X509TrustManager getDefaultTrustManager() throws KeyStoreException, NoSuchAlgorithmException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        return (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
    }

    public static Certificate[] loadCertificatesFromFile(String str) throws IOException, CertificateException {
        return loadCertificatesFromStream(new FileInputStream(str));
    }

    public static X509Certificate loadCertificateFromPem(String str) throws IOException, CertificateException {
        if (str == null) {
            throw new IOException("pem str is null");
        }
        return (X509Certificate) loadCertificatesFromStream(MStreamUtil.stringToStream(str))[0];
    }

    public static Certificate[] loadCertificatesFromStream(InputStream inputStream) throws IOException, CertificateException {
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(inputStream);
        Certificate[] certificateArr = new Certificate[generateCertificates.size()];
        Iterator<? extends Certificate> it = generateCertificates.iterator();
        int i = 0;
        while (it.hasNext()) {
            certificateArr[i] = it.next();
            i++;
        }
        return certificateArr;
    }

    public static Certificate loadCertificateFromFile(String str) throws IOException, CertificateException {
        return CertificateFactory.getInstance("X.509").generateCertificate(new BufferedInputStream(new FileInputStream(str)));
    }

    public static PrivateKey loadPrivateKeyFromFile(String str, String str2) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        return loadPrivateKeyFromStream(new FileInputStream(str), str2);
    }

    public static PrivateKey loadPrivateKeyFromStream(InputStream inputStream, String str) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        MStreamUtil.connectStream(inputStream, byteArrayOutputStream);
        return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(byteArrayOutputStream.toByteArray()));
    }

    public static PublicKey loadPublicKeyFromStream(InputStream inputStream, String str) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        MStreamUtil.connectStream(inputStream, byteArrayOutputStream);
        return KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(byteArrayOutputStream.toByteArray()));
    }

    public static PublicKey loadPublicKeyFromFile(String str, String str2) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        FileInputStream fileInputStream = new FileInputStream(str);
        PublicKey loadPublicKeyFromStream = loadPublicKeyFromStream(fileInputStream, str2);
        fileInputStream.close();
        return loadPublicKeyFromStream;
    }

    public static TrustManager[] getTrustManagerForSSLClientAuth(String str) throws NoSuchAlgorithmException, IOException, CertificateException, KeyStoreException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(str);
            Certificate[] loadCertificatesFromStream = loadCertificatesFromStream(fileInputStream);
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
            keyStore.load(null, null);
            keyStore.setCertificateEntry("foo", loadCertificatesFromStream[0]);
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            MStreamUtil.closeStream(fileInputStream);
            return trustManagers;
        } catch (Throwable th) {
            MStreamUtil.closeStream(fileInputStream);
            throw th;
        }
    }

    public static ServerSocketFactory getServerSocketFactory(String str, String str2, String str3, String str4) throws KeyManagementException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeySpecException, CertificateException, IOException {
        return str4 == null ? getServerSocketFactory(str, str2, str3) : getServerSocketFactory(generateKeyStore(str, str2, str3), getTrustManagerForSSLClientAuth(str4));
    }

    public static ServerSocketFactory getServerSocketFactory(String str, String str2, String str3) throws KeyManagementException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeySpecException, CertificateException, IOException {
        return getServerSocketFactory(generateKeyStore(str, str2, str3));
    }

    public static ServerSocketFactory getServerSocketFactory(InputStream inputStream, InputStream inputStream2, String str) throws KeyManagementException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeySpecException, CertificateException, IOException {
        return getServerSocketFactory(generateKeyStore(inputStream, inputStream2, str));
    }

    public static KeyStore generateKeyStore(String str, String str2, String str3) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, CertificateException, KeyStoreException {
        Certificate[] loadCertificatesFromFile = loadCertificatesFromFile(str);
        PrivateKey loadPrivateKeyFromFile = loadPrivateKeyFromFile(str2, str3);
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        keyStore.load(null, null);
        keyStore.setKeyEntry(KEYSTORE_ALIAS, loadPrivateKeyFromFile, KEY_PASS.toCharArray(), loadCertificatesFromFile);
        return keyStore;
    }

    public static KeyStore generateKeyStore(Certificate[] certificateArr, PrivateKey privateKey, String str) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, CertificateException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        keyStore.load(null, null);
        keyStore.setKeyEntry(KEYSTORE_ALIAS, privateKey, KEY_PASS.toCharArray(), certificateArr);
        return keyStore;
    }

    public static KeyStore generateKeyStore(String str, PrivateKey privateKey, String str2) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, CertificateException, KeyStoreException {
        Certificate[] loadCertificatesFromStream = loadCertificatesFromStream(MStreamUtil.stringToStream(str));
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        keyStore.load(null, null);
        keyStore.setKeyEntry(KEYSTORE_ALIAS, privateKey, KEY_PASS.toCharArray(), loadCertificatesFromStream);
        return keyStore;
    }

    public static KeyStore generateKeyStore(InputStream inputStream, InputStream inputStream2, String str) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, CertificateException, KeyStoreException {
        Certificate[] loadCertificatesFromStream = loadCertificatesFromStream(inputStream);
        PrivateKey loadPrivateKeyFromStream = loadPrivateKeyFromStream(inputStream2, str);
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        keyStore.load(null, null);
        keyStore.setKeyEntry(KEYSTORE_ALIAS, loadPrivateKeyFromStream, KEY_PASS.toCharArray(), loadCertificatesFromStream);
        return keyStore;
    }

    public static void initSslContext(SSLContext sSLContext, KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        initSslContextForServer(sSLContext, keyStore);
    }

    public static void initSslContextForServer(SSLContext sSLContext, KeyStore keyStore, TrustManager[] trustManagerArr) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        KeyManagerFactory keyManagerFactory;
        try {
            keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        } catch (NoSuchAlgorithmException e) {
            keyManagerFactory = KeyManagerFactory.getInstance("IbmX509");
        }
        keyManagerFactory.init(keyStore, KEY_PASS.toCharArray());
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerArr, null);
    }

    public static void initSslContextForServer(SSLContext sSLContext, KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        initSslContextForServer(sSLContext, keyStore, null);
    }

    public static SSLSocketFactory getSSLSocketFactory(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        SSLContext sslContext = getSslContext();
        initSslContextForServer(sslContext, keyStore);
        return sslContext.getSocketFactory();
    }

    public static ServerSocketFactory getServerSocketFactory(KeyStore keyStore, TrustManager[] trustManagerArr) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        SSLContext sslContext = getSslContext();
        initSslContextForServer(sslContext, keyStore, trustManagerArr);
        return sslContext.getServerSocketFactory();
    }

    public static ServerSocketFactory getServerSocketFactory(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        return getServerSocketFactory(keyStore, null);
    }

    public static SSLContext getSslContext() throws NoSuchAlgorithmException {
        SSLContext sSLContext;
        try {
            sSLContext = SSLContext.getInstance("SSL_TLS", "IBMJSSE2");
        } catch (GeneralSecurityException e) {
            sSLContext = SSLContext.getInstance("TLS");
        }
        return sSLContext;
    }

    public static void setClientSession(Map map, MHttpResponse mHttpResponse, MBlowfishCBCCipher mBlowfishCBCCipher, int i, String str, boolean z) throws IOException {
        setClientSession(map, mHttpResponse, mBlowfishCBCCipher, i, str, z, CLIENT_SESSION_KEY);
    }

    public static void setClientSession(Map map, MHttpResponse mHttpResponse, MBlowfishCBCCipher mBlowfishCBCCipher, int i, String str, boolean z, String str2) throws IOException {
        map.put(CLIENT_SESSION_EXPIRE_KEY, new StringBuffer(String.valueOf(System.currentTimeMillis() + (i * 60 * Plot2D.ERROR_SHAPE))).toString());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(new GZIPOutputStream(byteArrayOutputStream));
        objectOutputStream.writeObject(map);
        objectOutputStream.close();
        String encodeBytes = Base64.encodeBytes(mBlowfishCBCCipher.encrypt(byteArrayOutputStream.toByteArray()), false);
        for (int i2 = 0; i2 < 15; i2++) {
            if (encodeBytes.length() > CLIENT_SESSION_COOKIE_LENGTH) {
                MCookie mCookie = new MCookie(new StringBuffer(String.valueOf(str2)).append(i2).toString(), encodeBytes.substring(0, CLIENT_SESSION_COOKIE_LENGTH));
                setupCookie(mCookie, str, z);
                mHttpResponse.addCookie(mCookie);
                encodeBytes = encodeBytes.substring(CLIENT_SESSION_COOKIE_LENGTH);
            } else if (encodeBytes.length() > 0) {
                MCookie mCookie2 = new MCookie(new StringBuffer(String.valueOf(str2)).append(i2).toString(), encodeBytes);
                setupCookie(mCookie2, str, z);
                mHttpResponse.addCookie(mCookie2);
                encodeBytes = "";
            } else {
                MCookie mCookie3 = new MCookie(new StringBuffer(String.valueOf(str2)).append(i2).toString(), "");
                setupCookie(mCookie3, str, z);
                mHttpResponse.addCookie(mCookie3);
            }
        }
    }

    private static void setupCookie(MCookie mCookie, String str, boolean z) {
        mCookie.setPath(MHttpRequest.DEFAULT_URI);
        if (str != null && !str.equals("")) {
            mCookie.setDomain(str);
        }
        if (z) {
            mCookie.setSecure(true);
        }
    }

    public static Map getClientSessionImpl(MParameter[] mParameterArr, MBlowfishCBCCipher mBlowfishCBCCipher) throws IOException, ClassNotFoundException {
        return getClientSessionImpl(mParameterArr, mBlowfishCBCCipher, CLIENT_SESSION_KEY);
    }

    public static Map getClientSessionImpl(MParameter[] mParameterArr, MBlowfishCBCCipher mBlowfishCBCCipher, String str) throws IOException, ClassNotFoundException {
        int parseInt;
        String[] strArr = new String[15];
        for (MParameter mParameter : mParameterArr) {
            String name = mParameter.getName();
            if (name.indexOf(str) == 0 && (parseInt = MStringUtil.parseInt(MRegEx.getMatch("[0-9]{1,}", name))) < 15) {
                strArr[parseInt] = mParameter.getValue();
            }
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < 15; i++) {
            if (strArr[i] != null) {
                stringBuffer.append(strArr[i]);
            }
        }
        if (stringBuffer.length() <= 0) {
            return new HashMap();
        }
        Map map = (Map) new ObjectInputStream(new GZIPInputStream(new ByteArrayInputStream(mBlowfishCBCCipher.decrypt(Base64.decode(stringBuffer.toString()))))).readObject();
        try {
            return System.currentTimeMillis() > Long.parseLong((String) map.get(CLIENT_SESSION_EXPIRE_KEY)) ? new HashMap() : map;
        } catch (Exception e) {
            e.printStackTrace();
            return new HashMap();
        }
    }

    public static Map getEncryptedDataFromCookie(MHttpRequest mHttpRequest, MBlowfishCBCCipher mBlowfishCBCCipher) {
        return getEncryptedDataFromCookie(mHttpRequest, mBlowfishCBCCipher, CLIENT_SESSION_KEY);
    }

    public static Map getEncryptedDataFromCookie(MHttpRequest mHttpRequest, MBlowfishCBCCipher mBlowfishCBCCipher, String str) {
        try {
            List cookieList = mHttpRequest.getCookieList();
            MParameter[] mParameterArr = new MParameter[cookieList.size()];
            for (int i = 0; i < cookieList.size(); i++) {
                MParameter mParameter = (MParameter) cookieList.get(i);
                String value = mParameter.getValue();
                if (value.matches("^\".*\"$")) {
                    value = value.substring(1, value.length() - 1);
                }
                mParameter.setValue(value);
                mParameterArr[i] = mParameter;
            }
            return getClientSessionImpl(mParameterArr, mBlowfishCBCCipher, str);
        } catch (Exception e) {
            return new HashMap();
        }
    }

    public static void preferRC4(SSLSocket sSLSocket) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList(sSLSocket.getEnabledCipherSuites()));
        if (arrayList.contains("SSL_RSA_WITH_RC4_128_SHA")) {
            String[] strArr = new String[arrayList.size()];
            strArr[0] = "SSL_RSA_WITH_RC4_128_SHA";
            arrayList.remove("SSL_RSA_WITH_RC4_128_SHA");
            for (int i = 0; i < arrayList.size(); i++) {
                strArr[i + 1] = (String) arrayList.get(i);
            }
            sSLSocket.setEnabledCipherSuites(strArr);
        }
    }

    public static void preferRC4(SSLServerSocket sSLServerSocket) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList(sSLServerSocket.getEnabledCipherSuites()));
        if (arrayList.contains("SSL_RSA_WITH_RC4_128_SHA")) {
            String[] strArr = new String[arrayList.size()];
            strArr[0] = "SSL_RSA_WITH_RC4_128_SHA";
            arrayList.remove("SSL_RSA_WITH_RC4_128_SHA");
            for (int i = 0; i < arrayList.size(); i++) {
                strArr[i + 1] = (String) arrayList.get(i);
            }
            sSLServerSocket.setEnabledCipherSuites(strArr);
        }
    }

    public static void disableCipherSuites(SSLServerSocket sSLServerSocket) {
        disableCipherSuites(sSLServerSocket, "DHE");
        disableCipherSuites(sSLServerSocket, "SSL_RSA_WITH_DES_CBC_SHA");
        disableCipherSuites(sSLServerSocket, "SSL_RSA_EXPORT_WITH_RC4_40_MD5");
        disableCipherSuites(sSLServerSocket, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA");
    }

    public static void disableCipherSuites(SSLSocket sSLSocket, String str) {
        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
        ArrayList arrayList = new ArrayList();
        for (String str2 : enabledCipherSuites) {
            if (str2.toLowerCase().indexOf(str.toLowerCase()) == -1) {
                arrayList.add(str2);
            }
        }
        String[] strArr = new String[arrayList.size()];
        for (int i = 0; i < strArr.length; i++) {
            strArr[i] = (String) arrayList.get(i);
        }
        sSLSocket.setEnabledCipherSuites(strArr);
    }

    public static void disableCipherSuites(SSLServerSocket sSLServerSocket, String str) {
        String[] enabledCipherSuites = sSLServerSocket.getEnabledCipherSuites();
        ArrayList arrayList = new ArrayList();
        for (String str2 : enabledCipherSuites) {
            if (str2.toLowerCase().indexOf(str.toLowerCase()) == -1) {
                arrayList.add(str2);
            }
        }
        String[] strArr = new String[arrayList.size()];
        for (int i = 0; i < strArr.length; i++) {
            strArr[i] = (String) arrayList.get(i);
        }
        sSLServerSocket.setEnabledCipherSuites(strArr);
    }

    public static SocketFactory getBogusSslSocketFactory() {
        return getBogusSslSocketFactory(null);
    }

    public static SocketFactory getBogusSslSocketFactory(KeyManager[] keyManagerArr) {
        SSLContext sSLContext = null;
        try {
            sSLContext = getSslContext();
            sSLContext.init(keyManagerArr, new TrustManager[]{MBogusX509TrustManagerFactory.get()}, null);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return sSLContext.getSocketFactory();
    }

    public static Socket getBogusSslSocketViaProxy(String str, int i, String str2, int i2) throws IOException {
        return getBogusSslSocketViaProxy(str, i, str2, i2);
    }

    public static Socket getBogusSslSocketViaProxy(String str, int i, String str2, int i2, KeyManager[] keyManagerArr) throws IOException {
        String byteArrayOutputStream;
        Socket socket = new Socket(str2, i2);
        OutputStream outputStream = socket.getOutputStream();
        InputStream inputStream = socket.getInputStream();
        outputStream.write(new StringBuffer("CONNECT ").append(str).append(":").append(i).append(" HTTP/1.0\r\nHost: ").append(str).append(":").append(i).append("\r\n\r\n").toString().getBytes());
        byte[] bArr = new byte[256];
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream(256);
        do {
            int read = inputStream.read(bArr);
            if (read == -1) {
                throw new IOException("Proxy CONNECT failed.");
            }
            byteArrayOutputStream2.write(bArr, 0, read);
            byteArrayOutputStream = byteArrayOutputStream2.toString();
        } while (!byteArrayOutputStream.endsWith("\r\n\r\n"));
        MHttpResponse mHttpResponse = new MHttpResponse(byteArrayOutputStream);
        if (mHttpResponse.getStatusCode() != 200) {
            throw new IOException(mHttpResponse.getStatusLine());
        }
        return ((SSLSocketFactory) getBogusSslSocketFactory(keyManagerArr)).createSocket(socket, str, i, true);
    }

    public static void main(String[] strArr) throws Exception {
        testSslConnect();
        System.out.println("OK.");
    }

    public static void p(Object obj) {
        System.out.println(obj);
    }

    public static void testSslConnect() throws Exception {
        List asList = Arrays.asList("127.0.0.1", "www.gmail.com");
        Collections.shuffle(asList);
        p(asList);
        Socket sslConnect = sslConnect(asList, 443);
        p(sslConnect);
        sslConnect.close();
    }

    public static Socket getBogusSslSocket(String str, int i, KeyManager[] keyManagerArr) throws IOException {
        return getBogusSslSocketFactory(keyManagerArr).createSocket(str, i);
    }

    public static Socket sslConnect(List list, int i) throws IOException {
        ArrayList arrayList = new ArrayList(list.size());
        for (int i2 = 0; i2 < list.size(); i2++) {
            arrayList.add(new StringBuffer(String.valueOf(i)).toString());
        }
        return sslConnect(list, arrayList);
    }

    public static Socket sslConnect(List list, List list2) throws IOException {
        IOException iOException = null;
        for (int i = 0; i < list.size(); i++) {
            try {
                return sslConnect((String) list.get(i), MStringUtil.parseInt(list2.get(i)));
            } catch (IOException e) {
                iOException = e;
            }
        }
        throw iOException;
    }

    public static Socket sslConnect(String str, int i) throws IOException {
        return sslConnect(str, i, 30);
    }

    public static Socket sslConnect(String str, int i, int i2) throws IOException {
        IOException iOException = null;
        InetSocketAddress inetSocketAddress = new InetSocketAddress(str, i);
        for (int i3 = 0; i3 < 3; i3++) {
            try {
                Socket createSocket = getBogusSslSocketFactory().createSocket();
                createSocket.connect(inetSocketAddress, i2);
                return createSocket;
            } catch (IOException e) {
                iOException = e;
                MSystemUtil.sleep(Plot2D.ERROR_SHAPE * (i3 + 1));
            }
        }
        throw iOException;
    }

    public static Socket getBogusSslSocket(String str, int i) throws IOException {
        return getBogusSslSocketFactory().createSocket(str, i);
    }

    public static void checkServerTrusted(Certificate certificate, Certificate certificate2) throws Exception {
        checkServerTrusted(new Certificate[]{certificate}, certificate2);
    }

    public static void checkServerTrusted(Certificate[] certificateArr, Certificate certificate, List list) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        keyStore.load(null, null);
        for (int i = 0; i < certificateArr.length; i++) {
            keyStore.setCertificateEntry(new StringBuffer(KEYSTORE_ALIAS).append(i).toString(), certificateArr[i]);
        }
        for (int i2 = 0; i2 < list.size(); i2++) {
            keyStore.setCertificateEntry(new StringBuffer("aliasR").append(i2).toString(), loadCertificateFromPem((String) ((Map) list.get(i2)).get("pem")));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        ((X509TrustManager) trustManagerFactory.getTrustManagers()[0]).checkServerTrusted(new X509Certificate[]{(X509Certificate) certificate}, "RSA");
    }

    public static void checkServerTrusted(Certificate[] certificateArr, Certificate certificate) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        keyStore.load(null, null);
        for (int i = 0; i < certificateArr.length; i++) {
            keyStore.setCertificateEntry(new StringBuffer(KEYSTORE_ALIAS).append(i).toString(), certificateArr[i]);
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        ((X509TrustManager) trustManagerFactory.getTrustManagers()[0]).checkServerTrusted(new X509Certificate[]{(X509Certificate) certificate}, "RSA");
    }

    public static boolean isRoot(X509Certificate x509Certificate) {
        return x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN());
    }

    public static List getTrustedPrincipals() throws Exception {
        List trustedCerts = getTrustedCerts();
        ArrayList arrayList = new ArrayList(trustedCerts.size());
        for (int i = 0; i < trustedCerts.size(); i++) {
            arrayList.add(((X509Certificate) trustedCerts.get(i)).getSubjectX500Principal());
        }
        return arrayList;
    }

    public static Map getTrustedCertMap() throws Exception {
        HashMap hashMap = new HashMap();
        List trustedCerts = getTrustedCerts();
        for (int i = 0; i < trustedCerts.size(); i++) {
            X509Certificate x509Certificate = (X509Certificate) trustedCerts.get(i);
            hashMap.put(x509Certificate.getSubjectDN().toString(), x509Certificate);
        }
        return hashMap;
    }

    public static List getTrustedCerts() throws Exception {
        ArrayList arrayList = new ArrayList();
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                arrayList.addAll(Arrays.asList(((X509TrustManager) trustManagers[i]).getAcceptedIssuers()));
            }
        }
        return arrayList;
    }

    public static HostnameVerifier getBogusHostnameVerifier() {
        return new HostnameVerifier() { // from class: net.jumperz.security.MSecurityUtil.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        };
    }
}
