package org.hyperledger.fabric.sdk;

import com.google.common.collect.ImmutableMap;
import io.grpc.ac;
import io.grpc.okhttp.NegotiationType;
import io.grpc.okhttp.OkHttpChannelBuilder;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.asn1.w.a.b;
import org.bouncycastle.asn1.w.a.c;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.bouncycastle.crypto.b.q;
import org.bouncycastle.util.encoders.a;
import org.bouncycastle.util.encoders.d;
import org.hyperledger.fabric.sdk.exception.CryptoException;
import org.hyperledger.fabric.sdk.helper.Utils;
import org.hyperledger.fabric.sdk.security.CryptoPrimitives;
import org.zn.reward.activity.CashActivity;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class Endpoint {
    private static final String SSLNEGOTIATION = "TLS";
    private static final String SSLPROVIDER = "openSSL";
    private static final String TAG = "Endpoint";
    private final String addr;
    private OkHttpChannelBuilder channelBuilder;
    private byte[] clientTLSCertificateDigest;
    private final int port;
    private byte[] tlsClientCertificatePEMBytes;
    private final String url;
    private static final Map<String, String> CN_CACHE = Collections.synchronizedMap(new HashMap());
    private static final Pattern METHOD_PATTERN = Pattern.compile("grpc\\.NettyChannelBuilderOption\\.([^.]*)$");
    private static final Map<Class<?>, Class<?>> WRAPPERS_TO_PRIM = new ImmutableMap.a().a(Boolean.class, Boolean.TYPE).a(Byte.class, Byte.TYPE).a(Character.class, Character.TYPE).a(Double.class, Double.TYPE).a(Float.class, Float.TYPE).a(Integer.class, Integer.TYPE).a(Long.class, Long.TYPE).a(Short.class, Short.TYPE).a(Void.class, Void.TYPE).a();

    /* JADX INFO: Access modifiers changed from: package-private */
    public Endpoint(String str, Properties properties) {
        String str2;
        String str3;
        String str4;
        byte[] bArr;
        byte[] bArr2;
        String str5;
        Exception e;
        String str6;
        byte[] readAllBytes;
        byte[] readAllBytes2;
        byte[] bArr3;
        this.channelBuilder = null;
        LogUtils.trace(TAG, String.format("Creating endpoint for url %s", str));
        this.url = str;
        byte[] bArr4 = null;
        Properties parseGrpcUrl = Utils.parseGrpcUrl(str);
        String property = parseGrpcUrl.getProperty("protocol");
        this.addr = parseGrpcUrl.getProperty("host");
        this.port = Integer.parseInt(parseGrpcUrl.getProperty("port"));
        if (properties == null || !"grpcs".equals(property)) {
            str2 = null;
            str3 = null;
            str4 = null;
            bArr = null;
        } else {
            try {
                CryptoPrimitives cryptoPrimitives = new CryptoPrimitives();
                if (properties.containsKey("pemFile") && properties.containsKey("pemBytes")) {
                    throw new RuntimeException("Properties \"pemBytes\" and \"pemFile\" can not be both set.");
                }
                if (!properties.containsKey("pemFile")) {
                    bArr2 = properties.containsKey("pemBytes") ? (byte[]) properties.get("pemBytes") : null;
                } else if (AndroidUtils.isOldVersion()) {
                    try {
                        bArr2 = Utils.readFileFromPath(properties.getProperty("pemFile"));
                    } catch (IOException e2) {
                        LogUtils.e(TAG, e2);
                        bArr2 = null;
                    }
                } else {
                    try {
                        bArr4 = Files.readAllBytes(Paths.get(properties.getProperty("pemFile"), new String[0]));
                    } catch (IOException e3) {
                        LogUtils.e(TAG, e3);
                    }
                    bArr2 = bArr4;
                }
                if (bArr2 != null) {
                    try {
                        String property2 = properties.getProperty("hostnameOverride");
                        if (property2 == null) {
                            try {
                                if (CashActivity.VALUE_TRUE.equals(properties.getProperty("trustServerCertificate"))) {
                                    String str7 = new String(bArr2, StandardCharsets.UTF_8);
                                    str5 = CN_CACHE.get(str7);
                                    if (str5 == null) {
                                        try {
                                            str5 = c.a(new JcaX509CertificateHolder((X509Certificate) cryptoPrimitives.bytesToCertificate(bArr2)).a().a(b.e)[0].b().b());
                                            CN_CACHE.put(str7, str5);
                                        } catch (Exception e4) {
                                            e = e4;
                                            LogUtils.e(TAG, "Error getting Subject CN from certificate. Try setting it specifically with hostnameOverride property. " + e.getMessage(), new Object[0]);
                                            str6 = str5;
                                            byte[] bArr5 = null;
                                            if (!properties.containsKey("clientKeyFile")) {
                                            }
                                            if (!properties.containsKey("clientCertFile")) {
                                            }
                                            if (properties.containsKey("clientKeyFile")) {
                                            }
                                            if (properties.getProperty("clientKeyFile") != null) {
                                            }
                                            throw new RuntimeException("Properties \"clientKeyFile\" and \"clientCertFile\" must both be set or both be null");
                                        }
                                    }
                                    str6 = str5;
                                }
                            } catch (Exception e5) {
                                str5 = property2;
                                e = e5;
                            }
                        }
                        str5 = property2;
                        str6 = str5;
                    } catch (Exception e6) {
                        str5 = null;
                        e = e6;
                    }
                } else {
                    str6 = null;
                }
                byte[] bArr52 = null;
                if (!properties.containsKey("clientKeyFile") && properties.containsKey("clientKeyBytes")) {
                    throw new RuntimeException("Properties \"clientKeyFile\" and \"clientKeyBytes\" must cannot both be set");
                }
                if (!properties.containsKey("clientCertFile") && properties.containsKey("clientCertBytes")) {
                    throw new RuntimeException("Properties \"clientCertFile\" and \"clientCertBytes\" must cannot both be set");
                }
                if (!properties.containsKey("clientKeyFile") || properties.containsKey("clientCertFile")) {
                    if (properties.getProperty("clientKeyFile") != null || properties.getProperty("clientCertFile") == null) {
                        throw new RuntimeException("Properties \"clientKeyFile\" and \"clientCertFile\" must both be set or both be null");
                    }
                    try {
                        System.err.println("clientKeyFile:" + properties.getProperty("clientKeyFile"));
                        System.err.println("clientCertFile:" + properties.getProperty("clientCertFile"));
                        if (AndroidUtils.isOldVersion()) {
                            readAllBytes = Utils.readFileFromPath(properties.getProperty("clientKeyFile"));
                            readAllBytes2 = Utils.readFileFromPath(properties.getProperty("clientCertFile"));
                        } else {
                            readAllBytes = Files.readAllBytes(Paths.get(properties.getProperty("clientKeyFile"), new String[0]));
                            readAllBytes2 = Files.readAllBytes(Paths.get(properties.getProperty("clientCertFile"), new String[0]));
                        }
                        bArr3 = readAllBytes2;
                        bArr52 = readAllBytes;
                    } catch (Exception e7) {
                        throw new RuntimeException("Failed to parse TLS client key and/or cert", e7);
                    }
                } else if (properties.containsKey("clientKeyBytes") || properties.containsKey("clientCertBytes")) {
                    bArr52 = (byte[]) properties.get("clientKeyBytes");
                    byte[] bArr6 = (byte[]) properties.get("clientCertBytes");
                    if (bArr52 == null || bArr6 == null) {
                        throw new RuntimeException("Properties \"clientKeyBytes\" and \"clientCertBytes\" must both be set or both be null");
                    }
                    bArr3 = bArr6;
                } else {
                    bArr3 = null;
                }
                if (bArr52 != null && bArr3 != null) {
                    String str8 = "private key";
                    try {
                        LogUtils.trace(TAG, "client TLS private key bytes size:" + bArr52.length);
                        cryptoPrimitives.bytesToPrivateKey(bArr52);
                        LogUtils.trace(TAG, "converted TLS key.");
                        str8 = "certificate";
                        LogUtils.trace(TAG, "client TLS certificate bytes:" + d.a(bArr3));
                        new X509Certificate[1][0] = (X509Certificate) cryptoPrimitives.bytesToCertificate(bArr3);
                        LogUtils.trace(TAG, "converted client TLS certificate.");
                        this.tlsClientCertificatePEMBytes = bArr3;
                    } catch (CryptoException e8) {
                        throw new RuntimeException("Failed to parse TLS client " + str8, e8);
                    }
                }
                String property3 = properties.getProperty("sslProvider");
                if (property3 == null) {
                    property3 = "openSSL";
                    LogUtils.trace(TAG, String.format("Endpoint %s specific SSL provider not found use global value: %s ", str, "openSSL"));
                }
                if (!"openSSL".equals(property3) && !"JDK".equals(property3)) {
                    throw new RuntimeException(String.format("Endpoint %s property of sslProvider has to be either openSSL or JDK. value: '%s'", str, property3));
                }
                String property4 = properties.getProperty("negotiationType");
                if (property4 == null) {
                    property4 = "TLS";
                    LogUtils.trace(TAG, String.format("Endpoint %s specific Negotiation type not found use global value: %s ", str, "TLS"));
                }
                if (!"TLS".equals(property4) && !"plainText".equals(property4)) {
                    throw new RuntimeException(String.format("Endpoint %s property of negotiationType has to be either TLS or plainText. value: '%s'", str, property4));
                }
                byte[] bArr7 = bArr2;
                str4 = str6;
                str3 = property3;
                str2 = property4;
                bArr = bArr7;
            } catch (Exception e9) {
                throw new RuntimeException(e9);
            }
        }
        try {
            if (property.equalsIgnoreCase("grpc")) {
                this.channelBuilder = OkHttpChannelBuilder.forAddress(this.addr, this.port).usePlaintext(true);
                addNettyBuilderProps(this.channelBuilder, properties);
                return;
            }
            if (!property.equalsIgnoreCase("grpcs")) {
                throw new RuntimeException("invalid protocol: " + property);
            }
            if (bArr == null) {
                this.channelBuilder = OkHttpChannelBuilder.forAddress(this.addr, this.port);
                addNettyBuilderProps(this.channelBuilder, properties);
                return;
            }
            try {
                LogUtils.trace(TAG, String.format("Endpoint %s Negotiation type: '%s', SSLprovider: '%s'", str, str2, str3));
                this.channelBuilder = OkHttpChannelBuilder.forAddress(this.addr, this.port).sslSocketFactory(getSslSocketFactory(new ByteArrayInputStream(bArr))).negotiationType(str2.equals("TLS") ? NegotiationType.TLS : NegotiationType.PLAINTEXT);
                if (str4 != null) {
                    this.channelBuilder.overrideAuthority(str4);
                }
                addNettyBuilderProps(this.channelBuilder, properties);
            } catch (SSLException e10) {
                throw new RuntimeException(e10);
            }
        } catch (RuntimeException e11) {
            LogUtils.e(TAG, e11);
            throw e11;
        } catch (Exception e12) {
            LogUtils.e(TAG, e12);
            throw new RuntimeException(e12);
        }
    }

    private void addNettyBuilderProps(OkHttpChannelBuilder okHttpChannelBuilder, Properties properties) {
        if (properties == null) {
            return;
        }
        for (Map.Entry entry : properties.entrySet()) {
            Object key = entry.getKey();
            if (key != null) {
                Matcher matcher = METHOD_PATTERN.matcher(String.valueOf(key));
                String trim = (matcher.matches() && matcher.groupCount() == 1) ? matcher.group(1).trim() : null;
                if (trim != null && !"forAddress".equals(trim) && !"build".equals(trim)) {
                    Object value = entry.getValue();
                    Object[] objArr = !(value instanceof Object[]) ? new Object[]{value} : (Object[]) value;
                    Class<?>[] clsArr = new Class[objArr.length];
                    int i = -1;
                    int length = objArr.length;
                    int i2 = 0;
                    while (i2 < length) {
                        Object obj = objArr[i2];
                        int i3 = i + 1;
                        if (obj == null) {
                            clsArr[i3] = Object.class;
                        } else {
                            Class<?> cls = WRAPPERS_TO_PRIM.get(obj.getClass());
                            if (cls != null) {
                                clsArr[i3] = cls;
                            } else {
                                Class<?> cls2 = obj.getClass();
                                Class<?> enclosingClass = cls2.getEnclosingClass();
                                if (enclosingClass == null || !enclosingClass.isEnum()) {
                                    enclosingClass = cls2;
                                }
                                clsArr[i3] = enclosingClass;
                            }
                        }
                        i2++;
                        i = i3;
                    }
                    okHttpChannelBuilder.getClass().getMethod(trim, clsArr).invoke(okHttpChannelBuilder, objArr);
                }
            }
        }
    }

    private static SSLSocketFactory getSslSocketFactory(InputStream inputStream) {
        if (inputStream == null) {
            return (SSLSocketFactory) SSLSocketFactory.getDefault();
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, getTrustManagers(inputStream), null);
        return sSLContext.getSocketFactory();
    }

    private static TrustManager[] getTrustManagers(InputStream inputStream) {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(FabricConfig.CERTIFICATE_FORMAT).generateCertificate(inputStream);
        keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName("RFC2253"), x509Certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ac<?> getChannelBuilder() {
        return this.channelBuilder;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getClientTLSCertificateDigest() {
        if (this.tlsClientCertificatePEMBytes != null && this.clientTLSCertificateDigest == null) {
            byte[] a = a.a(new String(this.tlsClientCertificatePEMBytes, StandardCharsets.UTF_8).replaceAll("-+[ \t]*(BEGIN|END)[ \t]+CERTIFICATE[ \t]*-+", "").replaceAll("\\s", "").trim());
            q qVar = new q();
            this.clientTLSCertificateDigest = new byte[qVar.b()];
            qVar.a(a, 0, a.length);
            qVar.a(this.clientTLSCertificateDigest, 0);
        }
        return this.clientTLSCertificateDigest;
    }

    String getHost() {
        return this.addr;
    }

    int getPort() {
        return this.port;
    }
}
