package com.citrix.client.io.net.ip;

import com.citrix.client.Constants;
import com.citrix.client.SectionStrings;
import com.citrix.client.icaprofile.ReadableICAProfile;
import com.citrix.client.util.ReflectionUtilities;
import java.io.File;
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;

/* loaded from: classes.dex */
public class SSLConfig {
    public static final int ALL_CIPHER_SUITES = 0;
    public static final int COM_CIPHER_SUITES = 1;
    public static final int GOV_CIPHER_SUITES = 2;
    public static final int PROTOCOL_DETECT = 3;
    public static final int PROTOCOL_SSL = 1;
    public static final int PROTOCOL_TLS = 2;
    public static final String REVOCATION_POLICY_FULL_CHECK = "FullAccessCheck";
    public static final String REVOCATION_POLICY_MUST_CHECK = "FullAccessCheckAndCRLRequired";
    public static final String REVOCATION_POLICY_NO_CHECK = "NoCheck";
    public static final String REVOCATION_POLICY_NO_NETWORK_ACCESS = "CheckWithNoNetworkAccess";
    private static Method addAllowedProtocolMethod = null;
    private static Class connectionModelClass = null;
    private static Constructor crlCache = null;
    private static Class crlCacheClass = null;
    private static final String crlCacheDirectory = "crl";
    private static Method setCipherSuitesMethod = null;
    private static Method setCommonNameMethod = null;
    private static Method setRevocationCacheMethod = null;
    private static Method setRevocationPolicyMethod = null;
    private static final String unixDefaultDirectory = ".citrix";
    private static final String windowsDefaultDirectory = "Citrix";
    private int cipherSuite;
    private String commonName;
    private int crlPolicy;
    private boolean enabled;
    private int protocolVersion;
    private String proxyHost;
    private int proxyPort;
    private static HostPort hostPort = null;
    private static boolean calledSetupClasses = false;

    public SSLConfig() {
        this.enabled = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLConfig(ReadableICAProfile readableICAProfile) {
        this.enabled = false;
        Boolean tristateProperty = readableICAProfile.getTristateProperty(SectionStrings.STR_SSL_ENABLE);
        tristateProperty = tristateProperty == null ? readableICAProfile.getTristateProperty("user", SectionStrings.CLIENT, SectionStrings.STR_SSL_ENABLE) : tristateProperty;
        if (tristateProperty == null) {
            this.enabled = false;
        } else {
            this.enabled = tristateProperty.booleanValue();
        }
        this.proxyHost = readableICAProfile.getStringProperty(SectionStrings.STR_SSL_PROXY_HOST, null);
        if (this.proxyHost == null) {
            this.proxyHost = readableICAProfile.getStringProperty("user", SectionStrings.CLIENT, SectionStrings.STR_SSL_PROXY_HOST, "*");
        }
        if ("".equals(this.proxyHost)) {
            this.proxyHost = "*";
        }
        int lastIndexOf = this.proxyHost.lastIndexOf(58);
        if (lastIndexOf != -1) {
            this.proxyPort = Integer.parseInt(this.proxyHost.substring(lastIndexOf + 1));
            this.proxyHost = this.proxyHost.substring(0, lastIndexOf);
        } else {
            this.proxyPort = readableICAProfile.getIntProperty(SectionStrings.STR_SSL_PROXY_PORT, 10, -1);
            if (this.proxyPort == -1) {
                this.proxyPort = readableICAProfile.getIntProperty("user", SectionStrings.CLIENT, SectionStrings.STR_SSL_PROXY_PORT, 10, Constants.SSL_DEFAULT_PORT);
            }
        }
        String stringProperty = readableICAProfile.getStringProperty(SectionStrings.STR_SSL_CIPHERS, null);
        stringProperty = stringProperty == null ? readableICAProfile.getStringProperty("user", SectionStrings.CLIENT, SectionStrings.STR_SSL_CIPHERS, "") : stringProperty;
        String stringProperty2 = readableICAProfile.getStringProperty(SectionStrings.CRL_POLICY_CHECK, null);
        stringProperty2 = stringProperty2 == null ? readableICAProfile.getStringProperty("user", SectionStrings.CLIENT, SectionStrings.CRL_POLICY_CHECK, REVOCATION_POLICY_NO_NETWORK_ACCESS) : stringProperty2;
        if (stringProperty2.equalsIgnoreCase(REVOCATION_POLICY_NO_CHECK)) {
            this.crlPolicy = 0;
        } else if (stringProperty2.equalsIgnoreCase(REVOCATION_POLICY_NO_NETWORK_ACCESS)) {
            this.crlPolicy = 1;
        } else if (stringProperty2.equalsIgnoreCase(REVOCATION_POLICY_FULL_CHECK)) {
            this.crlPolicy = 2;
        } else if (stringProperty2.equalsIgnoreCase(REVOCATION_POLICY_MUST_CHECK)) {
            this.crlPolicy = 3;
        } else {
            this.crlPolicy = 1;
        }
        this.cipherSuite = SectionStrings.STR_COM_SSL_CIPHERS.equalsIgnoreCase(stringProperty) ? 1 : SectionStrings.STR_GOV_SSL_CIPHERS.equalsIgnoreCase(stringProperty) ? 2 : 0;
        String stringProperty3 = readableICAProfile.getStringProperty(SectionStrings.STR_SSL_PROTOCOL_VERSION, null);
        stringProperty3 = stringProperty3 == null ? readableICAProfile.getStringProperty("user", SectionStrings.CLIENT, SectionStrings.STR_SSL_PROTOCOL_VERSION, "detect") : stringProperty3;
        if (stringProperty3.equalsIgnoreCase("detect")) {
            this.protocolVersion = 3;
            return;
        }
        if (stringProperty3.equalsIgnoreCase(SectionStrings.STR_SSL_PROTOCOL_VERSION_TLS)) {
            this.protocolVersion = 2;
        } else if (stringProperty3.equalsIgnoreCase(SectionStrings.STR_SSL_PROTOCOL_VERSION_SSL)) {
            this.protocolVersion = 1;
        } else {
            this.protocolVersion = 3;
        }
    }

    private File getCRLCacheDirectory() {
        String property = System.getProperty("user.home");
        String str = '/' == File.separatorChar ? unixDefaultDirectory : windowsDefaultDirectory;
        if (new File(property).exists()) {
            File file = new File(property, str);
            if ((file.exists() && file.isDirectory()) || file.mkdir()) {
                File file2 = new File(file, crlCacheDirectory);
                if ((file2.exists() && file2.isDirectory()) || file2.mkdir()) {
                    return file2;
                }
            }
        }
        return null;
    }

    private static void setupClasses() {
        try {
            connectionModelClass = ReflectionUtilities.getClass("com.citrix.sdk.jsse.ConnectionModel");
            addAllowedProtocolMethod = ReflectionUtilities.getMethod(connectionModelClass, "addAllowedProtocol", new Class[]{String.class});
            setCommonNameMethod = ReflectionUtilities.getMethod(connectionModelClass, "setCommonName", new Class[]{String.class});
            setCipherSuitesMethod = ReflectionUtilities.getMethod(connectionModelClass, "setCipherSuites", new Class[]{String[].class});
            setRevocationPolicyMethod = ReflectionUtilities.getMethod(connectionModelClass, "setRevocationPolicy", new Class[]{Integer.TYPE});
            crlCacheClass = ReflectionUtilities.getClass("com.citrix.sdk.jsse.CRLCache");
            crlCache = crlCacheClass.getDeclaredConstructor(Class.forName("java.io.File"));
            setRevocationCacheMethod = ReflectionUtilities.getMethod(connectionModelClass, "setRevocationCache", new Class[]{crlCacheClass});
        } catch (Exception e) {
            crlCache = null;
        }
        calledSetupClasses = true;
    }

    public void conditionalSetCommonName(String str) {
        if (!defaultProxyHost()) {
            str = this.proxyHost;
        }
        this.commonName = str;
    }

    public boolean defaultProxyHost() {
        return "*".equals(this.proxyHost);
    }

    public Object getConnectionModel() throws IOException {
        if (!calledSetupClasses) {
            setupClasses();
        }
        try {
            Object newInstance = connectionModelClass.newInstance();
            switch (this.cipherSuite) {
                case 1:
                    setCipherSuitesMethod.invoke(newInstance, SSLConnectionParameters.COM_MODEL);
                    break;
                case 2:
                    setCipherSuitesMethod.invoke(newInstance, SSLConnectionParameters.GOV_MODEL);
                    break;
                default:
                    setCipherSuitesMethod.invoke(newInstance, SSLConnectionParameters.ALL_MODEL);
                    break;
            }
            if ((this.protocolVersion & 2) != 0) {
                addAllowedProtocolMethod.invoke(newInstance, "TLSv1");
            }
            if ((this.protocolVersion & 1) != 0) {
                addAllowedProtocolMethod.invoke(newInstance, "SSLv3");
            }
            setCommonNameMethod.invoke(newInstance, this.commonName);
            setRevocationPolicyMethod.invoke(newInstance, Integer.valueOf(this.crlPolicy));
            if (crlCache != null) {
                setRevocationCacheMethod.invoke(newInstance, crlCache.newInstance(getCRLCacheDirectory()));
            }
            return newInstance;
        } catch (Exception e) {
            e.printStackTrace();
            IOException iOException = new IOException("*** Error in initialising/invoking connection model class");
            iOException.initCause(e);
            throw iOException;
        }
    }

    public HostPort getFinalHostPort() {
        return hostPort;
    }

    public String getProxyHost() {
        return this.proxyHost;
    }

    public int getProxyPort() {
        return this.proxyPort;
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public void setFinalHostPort(HostPort hostPort2) {
        hostPort = hostPort2;
    }

    public void setProxyHost(String str) {
        if (str != null) {
            this.proxyHost = str;
        } else {
            this.proxyHost = "*";
        }
    }

    public void setProxyPort(int i) {
        this.proxyPort = i;
    }

    public String toString() {
        String str;
        StringBuilder append = new StringBuilder().append("SSLConfig ");
        if (this.enabled) {
            str = (this.commonName == null ? this.proxyHost : this.proxyHost + "(" + this.commonName + ")") + "/" + this.proxyPort;
        } else {
            str = "disabled";
        }
        return append.append(str).toString();
    }
}
