package sun.plugin.protocol.https;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.Socket;
import java.net.URL;
import java.net.UnknownHostException;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.net.SocketFactory;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.security.cert.X509Certificate;
import sun.net.www.http.HttpClient;
import sun.net.www.protocol.http.HttpURLConnection;
import sun.plugin.protocol.ProxyHandler;
import sun.plugin.protocol.ProxyInfo;
import sun.plugin.protocol.http.SocksSocket;
import sun.security.AuthContext;
import sun.security.ssl.SSLSocketImpl;

/* loaded from: input_file:109611-01/SUNWj2pi/reloc/dt/appconfig/netscape/j2pi/lib/javaplugin.jar:sun/plugin/protocol/https/HttpsClient.class */
public final class HttpsClient extends HttpClient implements HandshakeCompletedListener {
    private static String[] ciphers = null;
    private static final int httpsPortNumber = 443;
    private String instTunnelHost;
    private int instTunnelPort;
    private SSLSession session;
    static ProxyHandler handler;

    protected int getDefaultPort() {
        return httpsPortNumber;
    }

    public static synchronized void resetSecureProperties() {
        String property = System.getProperty("https.cipherSuites");
        if (property == null || "".equals(property)) {
            ciphers = null;
            return;
        }
        Vector vector = new Vector();
        StringTokenizer stringTokenizer = new StringTokenizer(property, ",");
        while (stringTokenizer.hasMoreElements()) {
            vector.addElement(stringTokenizer.nextElement());
        }
        ciphers = new String[vector.size()];
        for (int i = 0; i < ciphers.length; i++) {
            ciphers[i] = (String) vector.elementAt(i);
        }
    }

    public static void setProxyHandler(ProxyHandler proxyHandler) {
        handler = proxyHandler;
    }

    public HttpsClient(URL url, String str, int i) throws IOException {
        super(url, true);
    }

    public HttpsClient(URL url) throws IOException {
        super(url, true);
    }

    public static HttpClient New(URL url) throws IOException {
        HttpsClient httpsClient = (HttpsClient) HttpClient.kac.get(url);
        if (httpsClient == null) {
            httpsClient = new HttpsClient(url);
        } else {
            ((HttpClient) httpsClient).url = url;
        }
        return httpsClient;
    }

    protected Socket doConnect(String str, int i) throws IOException, UnknownHostException {
        SSLSocketImpl sSLSocketImpl;
        Socket socksSocket;
        ProxyInfo proxyInfo = null;
        if (((HttpClient) this).proxyDisabled) {
            this.instTunnelHost = null;
            this.instTunnelPort = -1;
            if (handler != null) {
                proxyInfo = handler.getProxyInfo(((HttpClient) this).url);
            }
            if (proxyInfo != null) {
                this.instTunnelHost = proxyInfo.getProxy();
                this.instTunnelPort = proxyInfo.getPort();
            }
            this.instTunnelPort = this.instTunnelPort < 0 ? super.getDefaultPort() : this.instTunnelPort;
        }
        SocketFactory socketFactory = SSLSocketFactory.getDefault();
        if (proxyInfo == null || !proxyInfo.isProxyUsed()) {
            sSLSocketImpl = (SSLSocket) socketFactory.createSocket(str, i);
        } else {
            if (proxyInfo != null) {
                try {
                    if (proxyInfo.isSocksUsed()) {
                        socksSocket = new SocksSocket(this.instTunnelHost, this.instTunnelPort, proxyInfo.getSocksProxy(), proxyInfo.getSocksPort());
                        doTunnelHandshake(socksSocket, str, i);
                        sSLSocketImpl = new SSLSocketImpl(socksSocket, AuthContext.getDefault(), str, i);
                    }
                } catch (IOException e) {
                    try {
                        sSLSocketImpl = (SSLSocket) socketFactory.createSocket(str, i);
                    } catch (IOException unused) {
                        throw e;
                    }
                }
            }
            socksSocket = new Socket(this.instTunnelHost, this.instTunnelPort);
            doTunnelHandshake(socksSocket, str, i);
            sSLSocketImpl = new SSLSocketImpl(socksSocket, AuthContext.getDefault(), str, i);
        }
        if (ciphers != null) {
            sSLSocketImpl.setEnabledCipherSuites(ciphers);
        }
        sSLSocketImpl.addHandshakeCompletedListener(this);
        sSLSocketImpl.getOutputStream().write(new byte[0]);
        this.session = sSLSocketImpl.getSession();
        try {
            String commonName = this.session.getPeerCertificateChain()[0].getSubjectDN().getCommonName();
            if (commonName != null && commonName.equalsIgnoreCase(((HttpClient) this).url.getHost())) {
                return sSLSocketImpl;
            }
            sSLSocketImpl.close();
            this.session.invalidate();
            throw new IOException(new StringBuffer("HTTPS hostname wrong:  should be <").append(((HttpClient) this).url.getHost()).append(">, but cert says <").append(commonName).append(">").toString());
        } catch (SSLPeerUnverifiedException unused2) {
            return sSLSocketImpl;
        }
    }

    public String getCipherSuite() {
        return this.session.getCipherSuite();
    }

    public X509Certificate[] getServerCertificateChain() {
        try {
            return this.session.getPeerCertificateChain();
        } catch (SSLPeerUnverifiedException unused) {
            return null;
        }
    }

    private void doTunnelHandshake(Socket socket, String str, int i) throws IOException {
        byte[] bytes;
        String str2;
        OutputStream outputStream = socket.getOutputStream();
        String stringBuffer = new StringBuffer("CONNECT ").append(str).append(":").append(i).append(" HTTP/1.0\n").append("User-Agent: ").append(HttpURLConnection.userAgent).append("\r\n\r\n").toString();
        try {
            bytes = stringBuffer.getBytes("ASCII7");
        } catch (UnsupportedEncodingException unused) {
            bytes = stringBuffer.getBytes();
        }
        outputStream.write(bytes);
        outputStream.flush();
        byte[] bArr = new byte[200];
        int i2 = 0;
        int i3 = 0;
        boolean z = false;
        InputStream inputStream = socket.getInputStream();
        while (i3 < 2) {
            int read = inputStream.read();
            if (read < 0) {
                throw new IOException("Unexpected EOF from proxy");
            }
            if (read == 10) {
                z = true;
                i3++;
            } else if (read != 13) {
                i3 = 0;
                if (!z && i2 < bArr.length) {
                    int i4 = i2;
                    i2++;
                    bArr[i4] = (byte) read;
                }
            }
        }
        try {
            str2 = new String(bArr, 0, i2, "ASCII7");
        } catch (UnsupportedEncodingException unused2) {
            str2 = new String(bArr, 0, i2);
        }
        if (!str2.startsWith("HTTP/1.0 200")) {
            throw new IOException(new StringBuffer("Unable to tunnel through ").append(this.instTunnelHost).append(":").append(this.instTunnelPort).append(".  Proxy returns \"").append(str2).append("\"").toString());
        }
    }

    @Override // javax.net.ssl.HandshakeCompletedListener
    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
        this.session = handshakeCompletedEvent.getSession();
    }

    static {
        resetSecureProperties();
        handler = null;
    }
}
