package defpackage;

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.URL;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Properties;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:SSLSocketToMe.class */
public class SSLSocketToMe {
    String host;
    int port;
    VncViewer viewer;
    boolean debug_certs;
    Socket proxySock;
    DataInputStream proxy_is;
    OutputStream proxy_os;
    SSLContext trustloc_ctx;
    SSLContext trustall_ctx;
    SSLContext trustsrv_ctx;
    SSLContext trusturl_ctx;
    SSLContext trustone_ctx;
    TrustManager[] trustAllCerts;
    TrustManager[] trustSrvCert;
    TrustManager[] trustUrlCert;
    TrustManager[] trustOneCert;
    KeyManager[] mykey;
    Certificate[] trustsrvCerts;
    boolean debug = true;
    SSLSocket socket = null;
    boolean proxy_in_use = false;
    boolean proxy_failure = false;
    public DataInputStream is = null;
    public OutputStream os = null;
    String proxy_auth_string = null;
    String proxy_dialog_host = null;
    int proxy_dialog_port = 0;
    boolean user_wants_to_see_cert = true;
    String cert_fail = null;
    Certificate[] trustallCerts = null;
    Certificate[] trusturlCerts = null;
    SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();

    byte[] hex2bytes(String str) {
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < str.length() / 2; i++) {
            int i2 = 2 * i;
            try {
                int parseInt = Integer.parseInt(str.substring(i2, i2 + 2), 16);
                if (parseInt > 127) {
                    parseInt -= 256;
                }
                bArr[i] = Byte.decode(new Integer(parseInt).toString()).byteValue();
            } catch (Exception e) {
            }
        }
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSocketToMe(String str, int i, VncViewer vncViewer) throws Exception {
        this.debug_certs = false;
        this.mykey = null;
        this.trustsrvCerts = null;
        this.host = str;
        this.port = i;
        this.viewer = vncViewer;
        this.debug_certs = vncViewer.debugCerts;
        dbg(new StringBuffer().append("SSL startup: ").append(this.host).append(" ").append(this.port).toString());
        this.trustAllCerts = new TrustManager[]{new X509TrustManager(this) { // from class: SSLSocketToMe.1
            private final SSLSocketToMe this$0;

            {
                this.this$0 = this;
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) {
                this.this$0.dbg("ALL: an untrusted connect to grab cert.");
            }
        }};
        this.trustUrlCert = new TrustManager[]{new X509TrustManager(this) { // from class: SSLSocketToMe.2
            private final SSLSocketToMe this$0;

            {
                this.this$0 = this;
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                throw new CertificateException("No Clients (URL)");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                if (this.this$0.trusturlCerts == null) {
                    throw new CertificateException("No Trust url Certs array.");
                }
                if (this.this$0.trusturlCerts.length < 1) {
                    throw new CertificateException("No Trust url Certs.");
                }
                if (x509CertificateArr == null) {
                    throw new CertificateException("No this-certs array.");
                }
                if (x509CertificateArr.length < 1) {
                    throw new CertificateException("No this-certs Certs.");
                }
                if (x509CertificateArr.length != this.this$0.trusturlCerts.length) {
                    throw new CertificateException(new StringBuffer().append("certs.length != trusturlCerts.length ").append(x509CertificateArr.length).append(" ").append(this.this$0.trusturlCerts.length).toString());
                }
                boolean z = true;
                for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
                    if (!this.this$0.trusturlCerts[i2].equals(x509CertificateArr[i2])) {
                        z = false;
                        this.this$0.dbg(new StringBuffer().append("URL: cert mismatch at i=").append(i2).toString());
                        this.this$0.dbg(new StringBuffer().append("URL: cert mismatch cert").append(x509CertificateArr[i2]).toString());
                        this.this$0.dbg(new StringBuffer().append("URL: cert mismatch  url").append(this.this$0.trusturlCerts[i2]).toString());
                        if (this.this$0.cert_fail == null) {
                            this.this$0.cert_fail = "cert-mismatch";
                        }
                    }
                    if (this.this$0.debug_certs) {
                        this.this$0.dbg("\n***********************************************");
                        this.this$0.dbg(new StringBuffer().append("URL: cert info at i=").append(i2).toString());
                        this.this$0.dbg(new StringBuffer().append("URL: cert info cert").append(x509CertificateArr[i2]).toString());
                        this.this$0.dbg("===============================================");
                        this.this$0.dbg(new StringBuffer().append("URL: cert info  url").append(this.this$0.trusturlCerts[i2]).toString());
                        this.this$0.dbg("***********************************************");
                    }
                }
                if (!z) {
                    throw new CertificateException("Server Cert Chain != URL Cert Chain.");
                }
                this.this$0.dbg(new StringBuffer().append("URL: trusturlCerts[i] matches certs[i] i=0:").append(x509CertificateArr.length - 1).toString());
            }
        }};
        this.trustSrvCert = new TrustManager[]{new X509TrustManager(this) { // from class: SSLSocketToMe.3
            private final SSLSocketToMe this$0;

            {
                this.this$0 = this;
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                throw new CertificateException("No Clients (SRV)");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                if (this.this$0.trustsrvCerts == null) {
                    throw new CertificateException("No Trust srv Certs array.");
                }
                if (this.this$0.trustsrvCerts.length < 1) {
                    throw new CertificateException("No Trust srv Certs.");
                }
                if (x509CertificateArr == null) {
                    throw new CertificateException("No this-certs array.");
                }
                if (x509CertificateArr.length < 1) {
                    throw new CertificateException("No this-certs Certs.");
                }
                if (x509CertificateArr.length != this.this$0.trustsrvCerts.length) {
                    throw new CertificateException(new StringBuffer().append("certs.length != trustsrvCerts.length ").append(x509CertificateArr.length).append(" ").append(this.this$0.trustsrvCerts.length).toString());
                }
                boolean z = true;
                for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
                    if (!this.this$0.trustsrvCerts[i2].equals(x509CertificateArr[i2])) {
                        z = false;
                        this.this$0.dbg(new StringBuffer().append("SRV: cert mismatch at i=").append(i2).toString());
                        this.this$0.dbg(new StringBuffer().append("SRV: cert mismatch cert").append(x509CertificateArr[i2]).toString());
                        this.this$0.dbg(new StringBuffer().append("SRV: cert mismatch  srv").append(this.this$0.trustsrvCerts[i2]).toString());
                        if (this.this$0.cert_fail == null) {
                            this.this$0.cert_fail = "server-cert-mismatch";
                        }
                    }
                    if (this.this$0.debug_certs) {
                        this.this$0.dbg("\n***********************************************");
                        this.this$0.dbg(new StringBuffer().append("SRV: cert info at i=").append(i2).toString());
                        this.this$0.dbg(new StringBuffer().append("SRV: cert info cert").append(x509CertificateArr[i2]).toString());
                        this.this$0.dbg("===============================================");
                        this.this$0.dbg(new StringBuffer().append("SRV: cert info  srv").append(this.this$0.trustsrvCerts[i2]).toString());
                        this.this$0.dbg("***********************************************");
                    }
                }
                if (!z) {
                    throw new CertificateException("Server Cert Chain != serverCert Applet Parameter Cert Chain.");
                }
                this.this$0.dbg(new StringBuffer().append("SRV: trustsrvCerts[i] matches certs[i] i=0:").append(x509CertificateArr.length - 1).toString());
            }
        }};
        this.trustOneCert = new TrustManager[]{new X509TrustManager(this) { // from class: SSLSocketToMe.4
            private final SSLSocketToMe this$0;

            {
                this.this$0 = this;
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                throw new CertificateException("No Clients (ONE)");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                if (this.this$0.trustallCerts == null) {
                    throw new CertificateException("No Trust All Server Certs array.");
                }
                if (this.this$0.trustallCerts.length < 1) {
                    throw new CertificateException("No Trust All Server Certs.");
                }
                if (x509CertificateArr == null) {
                    throw new CertificateException("No this-certs array.");
                }
                if (x509CertificateArr.length < 1) {
                    throw new CertificateException("No this-certs Certs.");
                }
                if (x509CertificateArr.length != this.this$0.trustallCerts.length) {
                    throw new CertificateException(new StringBuffer().append("certs.length != trustallCerts.length ").append(x509CertificateArr.length).append(" ").append(this.this$0.trustallCerts.length).toString());
                }
                boolean z = true;
                for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
                    if (!this.this$0.trustallCerts[i2].equals(x509CertificateArr[i2])) {
                        z = false;
                        this.this$0.dbg(new StringBuffer().append("ONE: cert mismatch at i=").append(i2).toString());
                        this.this$0.dbg(new StringBuffer().append("ONE: cert mismatch cert").append(x509CertificateArr[i2]).toString());
                        this.this$0.dbg(new StringBuffer().append("ONE: cert mismatch  all").append(this.this$0.trustallCerts[i2]).toString());
                    }
                    if (this.this$0.debug_certs) {
                        this.this$0.dbg("\n***********************************************");
                        this.this$0.dbg(new StringBuffer().append("ONE: cert info at i=").append(i2).toString());
                        this.this$0.dbg(new StringBuffer().append("ONE: cert info cert").append(x509CertificateArr[i2]).toString());
                        this.this$0.dbg("===============================================");
                        this.this$0.dbg(new StringBuffer().append("ONE: cert info  all").append(this.this$0.trustallCerts[i2]).toString());
                        this.this$0.dbg("***********************************************");
                    }
                }
                if (!z) {
                    throw new CertificateException("Server Cert Chain != TRUSTALL Cert Chain.");
                }
                this.this$0.dbg(new StringBuffer().append("ONE: trustallCerts[i] matches certs[i] i=0:").append(x509CertificateArr.length - 1).toString());
            }
        }};
        if (this.viewer.oneTimeKey != null && this.viewer.oneTimeKey.equals("PROMPT")) {
            this.viewer.oneTimeKey = new ClientCertDialog().queryUser();
        }
        if (this.viewer.oneTimeKey != null && this.viewer.oneTimeKey.indexOf(",") > 0) {
            int indexOf = this.viewer.oneTimeKey.indexOf(",");
            byte[] hex2bytes = hex2bytes(this.viewer.oneTimeKey.substring(0, indexOf));
            byte[] hex2bytes2 = hex2bytes(this.viewer.oneTimeKey.substring(indexOf + 1));
            PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(hex2bytes));
            if (this.debug_certs) {
                dbg(new StringBuffer().append("one time key ").append(generatePrivate).toString());
            }
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            Collection<? extends Certificate> generateCertificates = certificateFactory.generateCertificates(new ByteArrayInputStream(hex2bytes2));
            Certificate[] certificateArr = new Certificate[generateCertificates.toArray().length];
            if (generateCertificates.size() == 1) {
                Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(hex2bytes2));
                if (this.debug_certs) {
                    dbg(new StringBuffer().append("one time cert").append(generateCertificate).toString());
                }
                certificateArr[0] = generateCertificate;
            } else {
                certificateArr = (Certificate[]) generateCertificates.toArray();
            }
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null, null);
            keyStore.setKeyEntry("onetimekey", generatePrivate, "".toCharArray(), certificateArr);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, "".toCharArray());
            this.mykey = keyManagerFactory.getKeyManagers();
        }
        if (this.viewer.serverCert != null) {
            CertificateFactory certificateFactory2 = CertificateFactory.getInstance("X.509");
            byte[] hex2bytes3 = hex2bytes(this.viewer.serverCert);
            Collection<? extends Certificate> generateCertificates2 = certificateFactory2.generateCertificates(new ByteArrayInputStream(hex2bytes3));
            this.trustsrvCerts = new Certificate[generateCertificates2.toArray().length];
            if (generateCertificates2.size() == 1) {
                this.trustsrvCerts[0] = certificateFactory2.generateCertificate(new ByteArrayInputStream(hex2bytes3));
            } else {
                this.trustsrvCerts = (Certificate[]) generateCertificates2.toArray();
            }
        }
        try {
            this.trustloc_ctx = SSLContext.getInstance("SSL");
            this.trustloc_ctx.init(this.mykey, null, null);
            try {
                this.trustall_ctx = SSLContext.getInstance("SSL");
                this.trustall_ctx.init(this.mykey, this.trustAllCerts, new SecureRandom());
                try {
                    this.trusturl_ctx = SSLContext.getInstance("SSL");
                    this.trusturl_ctx.init(this.mykey, this.trustUrlCert, new SecureRandom());
                    try {
                        this.trustsrv_ctx = SSLContext.getInstance("SSL");
                        this.trustsrv_ctx.init(this.mykey, this.trustSrvCert, new SecureRandom());
                        try {
                            this.trustone_ctx = SSLContext.getInstance("SSL");
                            this.trustone_ctx.init(this.mykey, this.trustOneCert, new SecureRandom());
                        } catch (Exception e) {
                            dbg("SSL trustone_ctx FAILED.");
                            throw new Exception("SSL trustone_ctx FAILED.");
                        }
                    } catch (Exception e2) {
                        dbg("SSL trustsrv_ctx FAILED.");
                        throw new Exception("SSL trustsrv_ctx FAILED.");
                    }
                } catch (Exception e3) {
                    dbg("SSL trusturl_ctx FAILED.");
                    throw new Exception("SSL trusturl_ctx FAILED.");
                }
            } catch (Exception e4) {
                dbg("SSL trustall_ctx FAILED.");
                throw new Exception("SSL trustall_ctx FAILED.");
            }
        } catch (Exception e5) {
            dbg("SSL trustloc_ctx FAILED.");
            throw new Exception("SSL trustloc_ctx FAILED.");
        }
    }

    public void check_for_proxy_and_grab_vnc_server_cert() {
        String headerField;
        String headerField2;
        this.trusturlCerts = null;
        this.proxy_in_use = false;
        if (this.viewer.ignoreProxy) {
            return;
        }
        dbg("------------------------------------------------");
        dbg("Into check_for_proxy_and_grab_vnc_server_cert():");
        dbg("TRYING HTTPS:");
        String stringBuffer = new StringBuffer().append("https://").append(this.host).append(":").toString();
        String stringBuffer2 = new StringBuffer().append(this.viewer.httpsPort != null ? new StringBuffer().append(stringBuffer).append(this.viewer.httpsPort).toString() : new StringBuffer().append(stringBuffer).append(this.port).toString()).append(this.viewer.urlPrefix).append("/check.https.proxy.connection").toString();
        dbg(new StringBuffer().append("ustr is: ").append(stringBuffer2).toString());
        try {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(stringBuffer2).openConnection();
            if (this.mykey != null) {
                if (this.trustsrvCerts != null) {
                    dbg("passing trustsrv_ctx to HttpsURLConnection to provide client cert.");
                    httpsURLConnection.setSSLSocketFactory(this.trustsrv_ctx.getSocketFactory());
                } else if (this.trustloc_ctx != null) {
                    dbg("passing trustloc_ctx to HttpsURLConnection to provide client cert.");
                    httpsURLConnection.setSSLSocketFactory(this.trustloc_ctx.getSocketFactory());
                }
            }
            httpsURLConnection.setUseCaches(false);
            httpsURLConnection.setRequestMethod("GET");
            httpsURLConnection.setRequestProperty("Pragma", "No-Cache");
            httpsURLConnection.setRequestProperty("Proxy-Connection", "Keep-Alive");
            httpsURLConnection.setDoInput(true);
            dbg("trying https.connect()");
            httpsURLConnection.connect();
            dbg("trying https.getServerCertificates()");
            this.trusturlCerts = httpsURLConnection.getServerCertificates();
            if (this.trusturlCerts == null) {
                dbg("set trusturlCerts to null!");
            } else {
                dbg("set trusturlCerts to non-null");
            }
            if (httpsURLConnection.usingProxy()) {
                this.proxy_in_use = true;
                dbg("An HTTPS proxy is in use. There may be connection problems.");
            }
            dbg("trying https.getContent()");
            httpsURLConnection.getContent();
            dbg("trying https.disconnect()");
            httpsURLConnection.disconnect();
            if (!this.viewer.GET && (headerField2 = httpsURLConnection.getHeaderField("VNC-Server")) != null && headerField2.startsWith("x11vnc")) {
                dbg("detected x11vnc server (1), setting GET=1");
                this.viewer.GET = true;
            }
        } catch (Exception e) {
            dbg(new StringBuffer().append("HttpsURLConnection: ").append(e.getMessage()).toString());
        }
        if (this.proxy_in_use) {
            dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
            dbg("------------------------------------------------");
            return;
        }
        if (this.trusturlCerts != null && !this.viewer.forceProxy) {
            dbg("SKIPPING HTTP PROXY CHECK: got trusturlCerts, assuming proxy info is correct.");
            dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
            dbg("------------------------------------------------");
            return;
        }
        dbg("TRYING HTTP:");
        String stringBuffer3 = new StringBuffer().append(new StringBuffer().append("http://").append(this.host).append(":").append(this.port).toString()).append(this.viewer.urlPrefix).append("/index.vnc").toString();
        dbg(new StringBuffer().append("ustr is: ").append(stringBuffer3).toString());
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(stringBuffer3).openConnection();
            httpURLConnection.setUseCaches(false);
            httpURLConnection.setRequestMethod("GET");
            httpURLConnection.setRequestProperty("Pragma", "No-Cache");
            httpURLConnection.setRequestProperty("Proxy-Connection", "Keep-Alive");
            httpURLConnection.setDoInput(true);
            dbg("trying http.connect()");
            httpURLConnection.connect();
            if (httpURLConnection.usingProxy()) {
                this.proxy_in_use = true;
                dbg("An HTTP proxy is in use. There may be connection problems.");
            }
            dbg("trying http.getContent()");
            httpURLConnection.getContent();
            dbg("trying http.disconnect()");
            httpURLConnection.disconnect();
            if (!this.viewer.GET && (headerField = httpURLConnection.getHeaderField("VNC-Server")) != null && headerField.startsWith("x11vnc")) {
                dbg("detected x11vnc server (2), setting GET=1");
                this.viewer.GET = true;
            }
        } catch (Exception e2) {
            dbg(new StringBuffer().append("HttpURLConnection:  ").append(e2.getMessage()).toString());
        }
        dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
        dbg("------------------------------------------------");
    }

    public Socket connectSock() throws IOException {
        check_for_proxy_and_grab_vnc_server_cert();
        boolean z = false;
        if (this.trustsrvCerts != null) {
            dbg("viewer.trustSrvCert-0 using trustsrv_ctx");
            this.factory = this.trustsrv_ctx.getSocketFactory();
            z = true;
        } else if (this.viewer.trustAllVncCerts) {
            dbg("viewer.trustAllVncCerts-0 using trustall_ctx");
            this.factory = this.trustall_ctx.getSocketFactory();
        } else if (this.trusturlCerts != null) {
            dbg("using trusturl_ctx");
            this.factory = this.trusturl_ctx.getSocketFactory();
        } else {
            dbg("using trustloc_ctx");
            this.factory = this.trustloc_ctx.getSocketFactory();
        }
        this.socket = null;
        try {
        } catch (Exception e) {
            dbg(new StringBuffer().append("socket error: ").append(e.getMessage()).toString());
            if (this.proxy_in_use || this.viewer.CONNECT != null) {
                this.proxy_failure = true;
                if (this.proxy_in_use) {
                    dbg("HTTPS proxy in use. Trying to go with it.");
                } else {
                    dbg("viewer.CONNECT reverse proxy in use. Trying to go with it.");
                }
                try {
                    this.socket = proxy_socket(this.factory);
                } catch (Exception e2) {
                    dbg(new StringBuffer().append("proxy_socket error: ").append(e2.getMessage()).toString());
                }
            }
        }
        if (this.proxy_in_use && this.viewer.forceProxy) {
            throw new Exception("forcing proxy (forceProxy)");
        }
        if (this.viewer.CONNECT != null) {
            throw new Exception("forcing CONNECT");
        }
        if (6 > 0) {
            this.socket = (SSLSocket) this.factory.createSocket();
            InetSocketAddress inetSocketAddress = new InetSocketAddress(this.host, this.port);
            dbg(new StringBuffer().append("Using timeout of ").append(6).append(" secs to: ").append(this.host).append(":").append(this.port).toString());
            this.socket.connect(inetSocketAddress, 6 * 1000);
        } else {
            this.socket = (SSLSocket) this.factory.createSocket(this.host, this.port);
        }
        try {
            this.socket.startHandshake();
            dbg("The Server Connection Verified OK on 1st try.");
            Certificate[] peerCertificates = this.socket.getSession().getPeerCertificates();
            if (this.viewer.trustAllVncCerts) {
                dbg("viewer.trustAllVncCerts-1  keeping socket.");
            } else if (peerCertificates == null || peerCertificates.length < 1) {
                try {
                    this.socket.close();
                } catch (Exception e3) {
                    dbg("socket is grumpy.");
                }
                this.socket = null;
                throw new SSLHandshakeException("no current certs");
            }
            String str = "";
            try {
                str = new CertInfo(peerCertificates[0]).get_certinfo("CN");
            } catch (Exception e4) {
            }
            if (this.viewer.trustAllVncCerts) {
                dbg("viewer.trustAllVncCerts-2  skipping browser certs dialog");
                this.user_wants_to_see_cert = false;
            } else if (this.viewer.serverCert != null && this.trustsrvCerts != null) {
                dbg("viewer.serverCert-1  skipping browser certs dialog");
                this.user_wants_to_see_cert = false;
            } else if (this.viewer.trustUrlVncCert) {
                dbg("viewer.trustUrlVncCert-1  skipping browser certs dialog");
                this.user_wants_to_see_cert = false;
            } else {
                BrowserCertsDialog browserCertsDialog = new BrowserCertsDialog(str, new StringBuffer().append(this.host).append(":").append(this.port).toString());
                dbg("browser certs dialog begin.");
                browserCertsDialog.queryUser();
                dbg("browser certs dialog finished.");
                if (browserCertsDialog.showCertDialog) {
                    dbg("user wants to see cert");
                    this.user_wants_to_see_cert = true;
                    if (this.cert_fail == null) {
                        this.cert_fail = "user-view";
                    }
                    throw new SSLHandshakeException("user wants to see cert");
                }
                this.user_wants_to_see_cert = false;
                dbg("browser certs dialog: user said yes, accept it");
            }
        } catch (SSLHandshakeException e5) {
            dbg("SSLHandshakeException: could not automatically verify Server.");
            dbg(new StringBuffer().append("msg: ").append(e5.getMessage()).toString());
            try {
                this.socket.getOutputStream().write("GET /index.vnc HTTP/1.0\r\nConnection: close\r\n\r\n".getBytes());
                this.socket.close();
            } catch (Exception e6) {
                dbg("socket is grumpy!");
            }
            this.socket = null;
            String str2 = null;
            if (z) {
                throw new IOException("Fatal: VNC Server's Cert does not match Applet Parameter 'serverCert=...'");
            }
            this.factory = this.trustall_ctx.getSocketFactory();
            if (this.proxy_failure) {
                this.socket = proxy_socket(this.factory);
            } else {
                this.socket = (SSLSocket) this.factory.createSocket(this.host, this.port);
            }
            if (this.debug_certs) {
                dbg(new StringBuffer().append("trusturlCerts: ").append(this.trusturlCerts).toString());
                dbg(new StringBuffer().append("trustsrvCerts: ").append(this.trustsrvCerts).toString());
            }
            if (this.trusturlCerts == null && this.cert_fail == null) {
                this.cert_fail = "missing-certs";
            }
            try {
                this.socket.startHandshake();
                dbg("The TrustAll Server Cert-grab Connection (trivially) Verified OK.");
                try {
                    this.trustallCerts = this.socket.getSession().getPeerCertificates();
                    if (this.debug_certs) {
                        dbg(new StringBuffer().append("trustallCerts: ").append(this.trustallCerts).toString());
                    }
                    if (this.viewer.trustAllVncCerts) {
                        dbg("viewer.trustAllVncCerts-3.  skipping dialog, trusting everything.");
                    } else if (!browser_cert_match()) {
                        try {
                            this.socket.getOutputStream().write("GET /index.vnc HTTP/1.0\r\nConnection: close\r\n\r\n".getBytes());
                            this.socket.close();
                        } catch (Exception e7) {
                            dbg("socket is grumpy!!");
                        }
                        this.socket = null;
                        TrustDialog trustDialog = new TrustDialog(this.host, this.port, this.trustallCerts);
                        if (this.cert_fail != null) {
                            if (this.cert_fail.equals("user-view")) {
                                str2 = "Reason for this Dialog:\n\n        You Asked to View the Certificate.";
                            } else if (this.cert_fail.equals("server-cert-mismatch")) {
                                str2 = "Reason for this Dialog:\n\n        The VNC Server's Certificate does not match the Certificate\n        specified in the supplied 'serverCert' Applet Parameter.";
                            } else if (this.cert_fail.equals("cert-mismatch")) {
                                str2 = "Reason for this Dialog:\n\n        The VNC Server's Certificate does not match the Website's\n        HTTPS Certificate (that you previously accepted; either\n        manually or automatically via Certificate Authority.)";
                            } else if (this.cert_fail.equals("missing-certs")) {
                                str2 = "Reason for this Dialog:\n\n        Not all Certificates could be obtained to check.";
                            }
                        }
                        if (!trustDialog.queryUser(str2)) {
                            dbg("User decided against it.");
                            throw new IOException("User decided against it.");
                        }
                    }
                    if (this.socket != null) {
                        try {
                            this.socket.close();
                        } catch (Exception e8) {
                            dbg("socket is grumpy!!!");
                        }
                        this.socket = null;
                    }
                    this.factory = this.trustone_ctx.getSocketFactory();
                    if (this.proxy_failure) {
                        this.socket = proxy_socket(this.factory);
                    } else {
                        this.socket = (SSLSocket) this.factory.createSocket(this.host, this.port);
                    }
                    try {
                        this.socket.startHandshake();
                        dbg("TrustAll/TrustOne Server Connection Verified #3.");
                    } catch (Exception e9) {
                        dbg("** Could not TrustAll/TrustOne Verify Server #3.");
                        throw new IOException(e9.getMessage());
                    }
                } catch (Exception e10) {
                    throw new Exception("Could not get Peer Certificate");
                }
            } catch (Exception e11) {
                dbg("** Could not TrustAll Verify Server!");
                throw new IOException(e11.getMessage());
            }
        }
        if (this.socket != null && this.viewer.GET) {
            String stringBuffer = new StringBuffer().append(new StringBuffer().append(new StringBuffer().append(new StringBuffer().append(new StringBuffer().append("GET ").append(this.viewer.urlPrefix).toString()).append("/request.https.vnc.connection").toString()).append(" HTTP/1.0\r\n").toString()).append("Pragma: No-Cache\r\n").toString()).append("\r\n").toString();
            System.out.println(new StringBuffer().append("sending: ").append(stringBuffer).toString());
            OutputStream outputStream = this.socket.getOutputStream();
            if ("os" == "os") {
                outputStream.write(stringBuffer.getBytes());
                outputStream.flush();
                System.out.println("used OutputStream");
            } else if ("os" == "bs") {
                BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(outputStream);
                bufferedOutputStream.write(stringBuffer.getBytes());
                bufferedOutputStream.flush();
                System.out.println("used BufferedOutputStream");
            } else if ("os" == "ds") {
                DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
                dataOutputStream.write(stringBuffer.getBytes());
                dataOutputStream.flush();
                System.out.println("used DataOutputStream");
            }
        }
        dbg("SSL returning socket to caller.");
        dbg("");
        return this.socket;
    }

    boolean browser_cert_match() {
        if (this.user_wants_to_see_cert) {
            return false;
        }
        if ((this.viewer.serverCert != null || this.trustsrvCerts != null) && this.cert_fail == null) {
            this.cert_fail = "server-cert-mismatch";
        }
        if (this.trustallCerts == null || this.trusturlCerts == null || this.trustallCerts.length != this.trusturlCerts.length) {
            if (this.cert_fail != null) {
                return false;
            }
            this.cert_fail = "missing-certs";
            return false;
        }
        boolean z = true;
        for (int i = 0; i < this.trusturlCerts.length; i++) {
            if (!this.trustallCerts[i].equals(this.trusturlCerts[i])) {
                dbg(new StringBuffer().append("BCM: cert mismatch at i=").append(i).toString());
                dbg(new StringBuffer().append("BCM: cert mismatch  url").append(this.trusturlCerts[i]).toString());
                dbg(new StringBuffer().append("BCM: cert mismatch  all").append(this.trustallCerts[i]).toString());
                z = false;
            }
        }
        if (!z) {
            if (this.cert_fail != null) {
                return false;
            }
            this.cert_fail = "cert-mismatch";
            return false;
        }
        System.out.println("Browser URL accept previously accepted cert");
        if (this.cert_fail != null) {
            return true;
        }
        this.cert_fail = "did-not-fail";
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void dbg(String str) {
        if (this.debug) {
            System.out.println(str);
        }
    }

    private int gint(String str) {
        try {
            return new Integer(str).intValue();
        } catch (Exception e) {
            return -1;
        }
    }

    private void proxy_helper(String str, int i) {
        String readline;
        int indexOf;
        boolean z = false;
        String str2 = "";
        String stringBuffer = new StringBuffer().append(this.host).append(":").append(this.port).toString();
        dbg(new StringBuffer().append("proxy_helper: ").append(str).append(":").append(i).append(" hp: ").append(stringBuffer).toString());
        for (int i2 = 0; i2 < 2; i2++) {
            dbg(new StringBuffer().append("proxy_in_use psocket: ").append(i2).toString());
            if (this.proxySock != null) {
                try {
                    this.proxySock.close();
                } catch (Exception e) {
                    dbg("proxy socket is grumpy.");
                }
            }
            this.proxySock = psocket(str, i);
            if (this.proxySock == null) {
                dbg("1-a sadly, returning a null socket");
                return;
            }
            String stringBuffer2 = new StringBuffer().append("CONNECT ").append(stringBuffer).append(" HTTP/1.1\r\n").append("Host: ").append(stringBuffer).append("\r\n").toString();
            dbg(new StringBuffer().append("requesting via proxy: ").append(stringBuffer2).toString());
            if (z) {
                if (this.proxy_auth_string == null) {
                    ProxyPasswdDialog proxyPasswdDialog = new ProxyPasswdDialog(str, i, str2);
                    proxyPasswdDialog.queryUser();
                    this.proxy_auth_string = proxyPasswdDialog.getAuth();
                }
                stringBuffer2 = new StringBuffer().append(stringBuffer2).append("Proxy-Authorization: Basic ").append(Base64Coder.encodeString(this.proxy_auth_string)).append("\r\n").toString();
                dbg("added Proxy-Authorization: Basic ... to request");
            }
            try {
                this.proxy_os.write(new StringBuffer().append(stringBuffer2).append("\r\n").toString().getBytes());
                String readline2 = readline(this.proxy_is);
                dbg(new StringBuffer().append("proxy replied: ").append(readline2.trim()).toString());
                if (readline2.indexOf("HTTP/1.") == 0 && readline2.indexOf(" 407 ") > 0) {
                    z = true;
                    this.proxySock.close();
                } else if (readline2.indexOf("HTTP/1.") < 0 && readline2.indexOf(" 200") < 0) {
                    this.proxySock.close();
                    this.proxySock = psocket(str, i);
                    if (this.proxySock == null) {
                        dbg("2-a sadly, returning a null socket");
                        return;
                    }
                }
            } catch (Exception e2) {
                dbg(new StringBuffer().append("some proxy socket problem: ").append(e2.getMessage()).toString());
            }
            do {
                readline = readline(this.proxy_is);
                dbg(new StringBuffer().append("proxy line: ").append(readline.trim()).toString());
                if (z) {
                    String lowerCase = readline.toLowerCase();
                    if (lowerCase.indexOf("proxy-authenticate:") == 0 && lowerCase.indexOf(" basic ") >= 0 && (indexOf = lowerCase.indexOf(" realm")) >= 0) {
                        str2 = lowerCase.substring(indexOf + 1);
                    }
                }
                if (readline.equals("\r\n")) {
                    break;
                }
            } while (!readline.equals("\n"));
            if (!z || str2.equals("")) {
                return;
            }
        }
    }

    public SSLSocket proxy_socket(SSLSocketFactory sSLSocketFactory) {
        String readline;
        Properties properties = null;
        String str = null;
        int i = 0;
        String str2 = null;
        int i2 = 0;
        try {
            properties = System.getProperties();
        } catch (Exception e) {
            dbg(new StringBuffer().append("props failed: ").append(e.getMessage()).toString());
        }
        if (this.viewer.proxyHost != null) {
            dbg(new StringBuffer().append("Using supplied proxy ").append(this.viewer.proxyHost).append(" ").append(this.viewer.proxyPort).append(" applet parameters.").toString());
            str = this.viewer.proxyHost;
            i = this.viewer.proxyPort != null ? gint(this.viewer.proxyPort) : 8080;
        } else if (properties != null) {
            dbg("\n---------------\nAll props:");
            properties.list(System.out);
            dbg("\n---------------\n\n");
            Enumeration<?> propertyNames = properties.propertyNames();
            while (propertyNames.hasMoreElements()) {
                String str3 = (String) propertyNames.nextElement();
                String property = System.getProperty(str3);
                String lowerCase = str3.toLowerCase();
                String lowerCase2 = property.toLowerCase();
                if (lowerCase.indexOf("proxy.https.host") >= 0) {
                    str = lowerCase2;
                } else if (lowerCase.indexOf("proxy.https.port") >= 0) {
                    i = gint(lowerCase2);
                } else if (lowerCase.indexOf("proxy.http.host") >= 0) {
                    str2 = lowerCase2;
                } else if (lowerCase.indexOf("proxy.http.port") >= 0) {
                    i2 = gint(lowerCase2);
                }
            }
            Enumeration<?> propertyNames2 = properties.propertyNames();
            while (propertyNames2.hasMoreElements()) {
                String str4 = (String) propertyNames2.nextElement();
                String property2 = System.getProperty(str4);
                String lowerCase3 = str4.toLowerCase();
                String lowerCase4 = property2.toLowerCase();
                if (str != null && i > 0) {
                    break;
                }
                if (lowerCase3.indexOf("proxy") >= 0 || lowerCase4.indexOf("proxy") >= 0) {
                    if (lowerCase4.indexOf("http") >= 0) {
                        String[] split = property2.split("[,;]");
                        int i3 = 0;
                        while (true) {
                            if (i3 < split.length) {
                                String str5 = split[i3];
                                int indexOf = str5.indexOf("https");
                                if (indexOf < 0) {
                                    indexOf = str5.indexOf("http");
                                    if (indexOf < 0) {
                                        continue;
                                        i3++;
                                    }
                                }
                                int indexOf2 = str5.indexOf("=", indexOf);
                                if (indexOf2 >= 0) {
                                    String[] split2 = str5.substring(indexOf2 + 1).split(":");
                                    if (split2.length == 2 && split2[0].length() > 1 && split2[1].length() > 1) {
                                        i = gint(split2[1]);
                                        if (i >= 0) {
                                            str = new String(split2[0]);
                                            break;
                                        }
                                    }
                                } else {
                                    continue;
                                }
                                i3++;
                            }
                        }
                    }
                }
            }
        }
        if (str != null && str2 != null && i2 > 0) {
            dbg("Using http proxy info instead of https.");
            str = str2;
            i = i2;
        }
        if (this.proxy_in_use) {
            if (this.proxy_dialog_host != null && this.proxy_dialog_port > 0) {
                str = this.proxy_dialog_host;
                i = this.proxy_dialog_port;
            }
            if (str != null) {
                dbg(new StringBuffer().append("Lucky us! we figured out the Proxy parameters: ").append(str).append(" ").append(i).toString());
            } else {
                ProxyDialog proxyDialog = new ProxyDialog(str, i);
                proxyDialog.queryUser();
                str = proxyDialog.getHost();
                i = proxyDialog.getPort();
                this.proxy_dialog_host = new String(str);
                this.proxy_dialog_port = i;
                dbg(new StringBuffer().append("User said host: ").append(proxyDialog.getHost()).append(" port: ").append(proxyDialog.getPort()).toString());
            }
            proxy_helper(str, i);
            if (this.proxySock == null) {
                return null;
            }
        } else if (this.viewer.CONNECT != null) {
            dbg("viewer.CONNECT psocket:");
            this.proxySock = psocket(this.host, this.port);
            if (this.proxySock == null) {
                dbg("1-b sadly, returning a null socket");
                return null;
            }
        }
        if (this.viewer.CONNECT != null) {
            String str6 = this.viewer.CONNECT;
            String stringBuffer = new StringBuffer().append("CONNECT ").append(str6).append(" HTTP/1.1\r\n").append("Host: ").append(str6).append("\r\n\r\n").toString();
            dbg(new StringBuffer().append("requesting2: ").append(stringBuffer).toString());
            try {
                this.proxy_os.write(stringBuffer.getBytes());
                String readline2 = readline(this.proxy_is);
                dbg(new StringBuffer().append("proxy replied2: ").append(readline2.trim()).toString());
                if (readline2.indexOf("HTTP/1.") < 0 && readline2.indexOf(" 200") < 0) {
                    this.proxySock.close();
                    this.proxySock = psocket(str, i);
                    if (this.proxySock == null) {
                        dbg("2-b sadly, returning a null socket");
                        return null;
                    }
                }
            } catch (Exception e2) {
                dbg(new StringBuffer().append("proxy socket problem-2: ").append(e2.getMessage()).toString());
            }
            do {
                readline = readline(this.proxy_is);
                dbg(new StringBuffer().append("proxy line2: ").append(readline.trim()).toString());
                if (readline.equals("\r\n")) {
                    break;
                }
            } while (!readline.equals("\n"));
        }
        Socket socket = null;
        try {
            socket = sSLSocketFactory.createSocket(this.proxySock, this.host, this.port, true);
        } catch (Exception e3) {
            dbg(new StringBuffer().append("sslsock prob: ").append(e3.getMessage()).toString());
            dbg("3 sadly, returning a null socket");
        }
        return (SSLSocket) socket;
    }

    Socket psocket(String str, int i) {
        try {
            Socket socket = new Socket(str, i);
            this.proxy_is = new DataInputStream(new BufferedInputStream(socket.getInputStream(), 16384));
            this.proxy_os = socket.getOutputStream();
            return socket;
        } catch (Exception e) {
            dbg(new StringBuffer().append("psocket prob: ").append(e.getMessage()).toString());
            return null;
        }
    }

    String readline(DataInputStream dataInputStream) {
        String str = new String("");
        byte[] bArr = {0};
        while (bArr[0] != 10) {
            try {
                bArr[0] = (byte) dataInputStream.readUnsignedByte();
                str = new StringBuffer().append(str).append(new String(bArr)).toString();
            } catch (Exception e) {
            }
        }
        return str;
    }
}
