package com.iiordanov.b.b;

import com.iiordanov.bVNC.RemoteCanvas;
import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;

/* loaded from: classes.dex */
public class o extends j {
    public static au b = new au("x509ca", "X509 CA certificate", com.zte.rdp.c.c.y);
    public static au c = new au("x509crl", "X509 CRL file", com.zte.rdp.c.c.y);
    static ah g = new ah("CSecurityTLS");
    protected d d;
    TrustManager[] e;
    RemoteCanvas f;
    private boolean h;
    private SSLSession i;
    private String j;
    private String k;
    private com.iiordanov.b.a.d l;
    private SSLSocket m;

    public o(boolean z, RemoteCanvas remoteCanvas) {
        this.f = remoteCanvas;
        this.h = z;
        c();
        this.j = b.f();
        this.k = c.f();
    }

    public static void c() {
        if (0 == 0) {
            g.a("Could not obtain VNC home directory path");
            return;
        }
        String str = new String(((String) null) + "x509_ca.pem");
        String str2 = new String(((String) null) + "x509_crl.pem");
        if (new File(str).exists()) {
            b.b(str);
        }
        if (new File(str2).exists()) {
            c.b(str2);
        }
    }

    private void d() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            if (this.h) {
                sSLContext.init(null, null, null);
            } else {
                sSLContext.init(null, new TrustManager[]{new q(this)}, null);
            }
            try {
                this.m = (SSLSocket) sSLContext.getSocketFactory().createSocket(d.z, d.z.getInetAddress().getHostName(), d.z.getPort(), true);
                this.m.setTcpNoDelay(true);
                if (this.h) {
                    ArrayList arrayList = new ArrayList();
                    String[] supportedCipherSuites = this.m.getSupportedCipherSuites();
                    for (int i = 0; i < supportedCipherSuites.length; i++) {
                        if (supportedCipherSuites[i].matches("TLS_DH_anon.*")) {
                            arrayList.add(supportedCipherSuites[i]);
                        }
                    }
                    if (arrayList.size() == 0) {
                        throw new ab("Your device lacks support for ciphers necessary for this encryption mode (Anonymous Diffie-Hellman ciphers). This is a known issue with devices running Android 2.2.x and older. You can work around this by using VeNCrypt with x509 certificates instead.");
                    }
                    this.m.setEnabledCipherSuites((String[]) arrayList.toArray(new String[0]));
                } else {
                    this.m.setEnabledCipherSuites(this.m.getSupportedCipherSuites());
                }
                this.m.setEnabledProtocols(this.m.getSupportedProtocols());
                this.m.addHandshakeCompletedListener(new p(this));
            } catch (IOException e) {
                throw new ab(e.toString());
            }
        } catch (GeneralSecurityException e2) {
            g.a("TLS handshake failed " + e2.toString());
        }
    }

    @Override // com.iiordanov.b.b.j
    public final int a() {
        return this.h ? 257 : 260;
    }

    @Override // com.iiordanov.b.b.j
    public boolean a(d dVar) {
        this.l = dVar.i();
        d();
        if (!this.l.b(1)) {
            return false;
        }
        if (this.l.d() == 0) {
            int f = this.l.f();
            throw new b((f == 1 || f == 2) ? this.l.g() : new String("Authentication failure (protocol error)"));
        }
        this.i = this.m.getSession();
        if (!this.i.isValid()) {
            throw new ab("TLS Handshake failed!");
        }
        try {
            dVar.a(new com.iiordanov.b.a.e(this.m.getInputStream()), new com.iiordanov.b.a.f(this.m.getOutputStream()));
            return true;
        } catch (IOException e) {
            throw new ab("Failed to set streams");
        }
    }

    @Override // com.iiordanov.b.b.j
    public final String b() {
        return this.h ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth";
    }
}
