package ticktrader.terminal.connection;

import androidx.core.app.NotificationCompat;
import fxopen.mobile.trader.R;
import java.net.InetSocketAddress;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Locale;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.collections.ArraysKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Regex;
import kotlin.text.StringsKt;
import ticktrader.terminal.connection.sfx.SfxHelper;
import ticktrader.terminal.journal.LogSubItem;
import ticktrader.terminal.journal.log.AppComponent;
import ticktrader.terminal.journal.log.FxLog;
import ticktrader.terminal5.helper.CommonKt;
import ticktrader.terminal5.helper.ExtensionsKt;

/* compiled from: TrustManager.kt */
@Metadata(d1 = {"\u0000^\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\f\n\u0002\u0018\u0002\n\u0002\b\u0005\u0018\u0000 /2\u00020\u0001:\u0001/B\u001f\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0001\u0012\u0006\u0010\u0005\u001a\u00020\u0006¢\u0006\u0004\b\u0007\u0010\bJ\u0013\u0010\t\u001a\b\u0012\u0004\u0012\u00020\u000b0\nH\u0016¢\u0006\u0002\u0010\fJ#\u0010\r\u001a\u00020\u000e2\f\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u000b0\n2\u0006\u0010\u0010\u001a\u00020\u0011H\u0016¢\u0006\u0002\u0010\u0012J#\u0010\u0013\u001a\u00020\u000e2\f\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u000b0\n2\u0006\u0010\u0010\u001a\u00020\u0011H\u0016¢\u0006\u0002\u0010\u0012J$\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u000b2\n\u0010\u0017\u001a\u00060\u0018j\u0002`\u00192\u0006\u0010\u001a\u001a\u00020\u0015H\u0002J \u0010\u001b\u001a\u00020\u00152\u0016\u0010\u001c\u001a\u0012\u0012\u0004\u0012\u00020\u00110\u001dj\b\u0012\u0004\u0012\u00020\u0011`\u001eH\u0002J\u0012\u0010#\u001a\u00020\u00152\b\u0010$\u001a\u0004\u0018\u00010\u0011H\u0002J\u0012\u0010%\u001a\u00020\u00152\b\u0010$\u001a\u0004\u0018\u00010\u0011H\u0002J\u0012\u0010&\u001a\u00020\u00152\b\u0010$\u001a\u0004\u0018\u00010\u0011H\u0002J \u0010'\u001a\u0012\u0012\u0004\u0012\u00020\u00110\u001dj\b\u0012\u0004\u0012\u00020\u0011`\u001e2\u0006\u0010(\u001a\u00020\u0011H\u0002J\u0010\u0010)\u001a\u00020\u00112\u0006\u0010*\u001a\u00020+H\u0002J,\u0010,\u001a\u00020\u00152\n\u0010\u0017\u001a\u00060\u0018j\u0002`\u00192\u0006\u0010\u001a\u001a\u00020\u00152\u0006\u0010-\u001a\u00020\u00112\u0006\u0010.\u001a\u00020\u0011H\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0001X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n\u0000R\u0016\u0010\u001f\u001a\b\u0012\u0004\u0012\u00020\u00110\nX\u0082\u0004¢\u0006\u0004\n\u0002\u0010 R\u0016\u0010!\u001a\b\u0012\u0004\u0012\u00020\u00110\nX\u0082\u0004¢\u0006\u0004\n\u0002\u0010 R\u0016\u0010\"\u001a\b\u0012\u0004\u0012\u00020\u00110\nX\u0082\u0004¢\u0006\u0004\n\u0002\u0010 ¨\u00060"}, d2 = {"Lticktrader/terminal/connection/TrustManager;", "Ljavax/net/ssl/X509TrustManager;", "connection", "Lticktrader/terminal/connection/ConnectionObject;", "standardTrustManager", "remoteAddr", "Ljava/net/InetSocketAddress;", "<init>", "(Lticktrader/terminal/connection/ConnectionObject;Ljavax/net/ssl/X509TrustManager;Ljava/net/InetSocketAddress;)V", "getAcceptedIssuers", "", "Ljava/security/cert/X509Certificate;", "()[Ljava/security/cert/X509Certificate;", "checkClientTrusted", "", "certs", "authType", "", "([Ljava/security/cert/X509Certificate;Ljava/lang/String;)V", "checkServerTrusted", "verifyCertificate", "", "cert", "builder", "Ljava/lang/StringBuilder;", "Lkotlin/text/StringBuilder;", "tr", "untrustedCNs", "arrayOfCNs", "Ljava/util/ArrayList;", "Lkotlin/collections/ArrayList;", "trustedStarts", "[Ljava/lang/String;", "trustedEquals", "trustedEnds", "startsTrusted", "cn", "equalsTrusted", "endsTrusted", "findCN", "subject", "getLoginCertExceptionString", "e", "Ljava/security/cert/CertificateException;", "append", "s", NotificationCompat.CATEGORY_ERROR, "Companion", "Android.TTT.4.12.8522_fxoRelease"}, k = 1, mv = {2, 0, 0}, xi = 48)
/* loaded from: classes8.dex */
public final class TrustManager implements X509TrustManager {
    private static final boolean LOGCAT_OUTPUT_ENABLED = false;
    private final ConnectionObject connection;
    private final InetSocketAddress remoteAddr;
    private final X509TrustManager standardTrustManager;
    private final String[] trustedEnds;
    private final String[] trustedEquals;
    private final String[] trustedStarts;

    public TrustManager(ConnectionObject connection, X509TrustManager standardTrustManager, InetSocketAddress remoteAddr) {
        Intrinsics.checkNotNullParameter(connection, "connection");
        Intrinsics.checkNotNullParameter(standardTrustManager, "standardTrustManager");
        Intrinsics.checkNotNullParameter(remoteAddr, "remoteAddr");
        this.connection = connection;
        this.standardTrustManager = standardTrustManager;
        this.remoteAddr = remoteAddr;
        this.trustedStarts = (String[]) ArraysKt.plus((Object[]) CommonKt.theStringArray(R.array.trustedStarts), (Object[]) CommonKt.theStringArray(R.array.trustedStartsDebug));
        this.trustedEquals = (String[]) ArraysKt.plus((Object[]) CommonKt.theStringArray(R.array.trustedEquals), (Object[]) CommonKt.theStringArray(R.array.trustedEqualsDebug));
        this.trustedEnds = (String[]) ArraysKt.plus((Object[]) CommonKt.theStringArray(R.array.trustedEnds), (Object[]) CommonKt.theStringArray(R.array.trustedEndsDebug));
    }

    private final boolean append(StringBuilder builder, boolean tr, String s, String err) {
        if (tr) {
            builder.append("\n");
        }
        builder.append(err);
        return true;
    }

    private final boolean endsTrusted(String cn) {
        if (ExtensionsKt.isNotNullOrBlank(cn)) {
            for (String str : this.trustedEnds) {
                if (ExtensionsKt.isNotNullOrBlank(str)) {
                    Intrinsics.checkNotNull(cn);
                    if (StringsKt.endsWith$default(cn, str, false, 2, (Object) null)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private final boolean equalsTrusted(String cn) {
        if (ExtensionsKt.isNotNullOrBlank(cn)) {
            for (String str : this.trustedEquals) {
                if (Intrinsics.areEqual(cn, str)) {
                    return true;
                }
            }
        }
        return false;
    }

    private final ArrayList<String> findCN(String subject) {
        ArrayList<String> arrayList = new ArrayList<>();
        Locale locale = Locale.getDefault();
        Intrinsics.checkNotNullExpressionValue(locale, "getDefault(...)");
        String lowerCase = subject.toLowerCase(locale);
        Intrinsics.checkNotNullExpressionValue(lowerCase, "toLowerCase(...)");
        String replace = new Regex("cn[0-9]* =").replace(new Regex("cn[0-9]*=").replace(lowerCase, "cn="), "cn=");
        int i = -1;
        while (true) {
            String str = replace;
            i = StringsKt.indexOf$default((CharSequence) str, "cn=", i + 1, false, 4, (Object) null);
            if (i == -1) {
                return arrayList;
            }
            int indexOf$default = StringsKt.indexOf$default((CharSequence) str, ",", i, false, 4, (Object) null);
            if (indexOf$default == -1) {
                indexOf$default = replace.length();
            }
            String substring = replace.substring(i + 3, indexOf$default);
            Intrinsics.checkNotNullExpressionValue(substring, "substring(...)");
            arrayList.add(substring);
        }
    }

    private final String getLoginCertExceptionString(CertificateException e) {
        return CommonKt.theString(R.string.log_login_cert_exp, this.remoteAddr.getHostName(), String.valueOf(this.remoteAddr.getPort()), e.getMessage());
    }

    private final boolean startsTrusted(String cn) {
        if (ExtensionsKt.isNotNullOrBlank(cn)) {
            for (String str : this.trustedStarts) {
                if (ExtensionsKt.isNotNullOrBlank(str)) {
                    Intrinsics.checkNotNull(cn);
                    if (StringsKt.startsWith$default(cn, str, false, 2, (Object) null)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private final boolean untrustedCNs(ArrayList<String> arrayOfCNs) {
        Iterator<String> it2 = arrayOfCNs.iterator();
        Intrinsics.checkNotNullExpressionValue(it2, "iterator(...)");
        boolean z = true;
        while (it2.hasNext()) {
            String next = it2.next();
            Intrinsics.checkNotNullExpressionValue(next, "next(...)");
            String str = next;
            if (str.length() > 0) {
                String hostName = this.remoteAddr.getHostName();
                Intrinsics.checkNotNullExpressionValue(hostName, "getHostName(...)");
                if (StringsKt.endsWith$default(hostName, str, false, 2, (Object) null)) {
                    z = false;
                }
            }
            if (!startsTrusted(str) && !equalsTrusted(str) && !endsTrusted(str)) {
            }
            z = false;
        }
        return z;
    }

    private static final CharSequence untrustedCNs$lambda$1(String it2) {
        Intrinsics.checkNotNullParameter(it2, "it");
        return "'" + it2 + "'";
    }

    private final boolean verifyCertificate(X509Certificate cert, StringBuilder builder, boolean tr) {
        String str = "";
        try {
            try {
                cert.checkValidity();
            } catch (CertificateExpiredException e) {
                tr = append(builder, tr, getLoginCertExceptionString(e), CommonKt.theString(R.string.ui_ssl_error_expired));
                FxLog fxLog = FxLog.INSTANCE;
                String hostName = this.remoteAddr.getHostName();
                int port = this.remoteAddr.getPort();
                StringBuilder sb = new StringBuilder();
                sb.append(port);
                String sb2 = sb.toString();
                String message = e.getMessage();
                if (message != null) {
                    str = message;
                }
                fxLog.info(new LogSubItem(27, new String[]{hostName, sb2, str}), AppComponent.LOGIN, false, this.connection);
            } catch (CertificateNotYetValidException e2) {
                tr = append(builder, tr, getLoginCertExceptionString(e2), CommonKt.theString(R.string.ui_ssl_error_not_yet));
                FxLog fxLog2 = FxLog.INSTANCE;
                String hostName2 = this.remoteAddr.getHostName();
                int port2 = this.remoteAddr.getPort();
                StringBuilder sb3 = new StringBuilder();
                sb3.append(port2);
                String sb4 = sb3.toString();
                String message2 = e2.getMessage();
                if (message2 != null) {
                    str = message2;
                }
                fxLog2.info(new LogSubItem(27, new String[]{hostName2, sb4, str}), AppComponent.LOGIN, false, this.connection);
            }
            String obj = cert.getSubjectDN().toString();
            boolean untrustedCNs = untrustedCNs(findCN(obj));
            if (untrustedCNs) {
                untrustedCNs = untrustedCNs(findCN(cert.getIssuerDN().toString()));
            }
            if (!untrustedCNs) {
                return tr;
            }
            String hostName3 = this.remoteAddr.getHostName();
            int port3 = this.remoteAddr.getPort();
            StringBuilder sb5 = new StringBuilder();
            sb5.append(port3);
            tr = append(builder, tr, CommonKt.theString(R.string.log_login_different_addr, obj, hostName3, sb5.toString()), CommonKt.theString(R.string.ui_ssl_error_different_host));
            FxLog fxLog3 = FxLog.INSTANCE;
            String hostName4 = this.remoteAddr.getHostName();
            int port4 = this.remoteAddr.getPort();
            StringBuilder sb6 = new StringBuilder();
            sb6.append(port4);
            fxLog3.info(new LogSubItem(28, new String[]{obj, hostName4, sb6.toString()}), AppComponent.LOGIN, false, this.connection);
            return tr;
        } catch (Exception unused) {
            return tr;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] certs, String authType) {
        Intrinsics.checkNotNullParameter(certs, "certs");
        Intrinsics.checkNotNullParameter(authType, "authType");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] certs, String authType) {
        boolean append;
        X509Certificate x509Certificate;
        Intrinsics.checkNotNullParameter(certs, "certs");
        Intrinsics.checkNotNullParameter(authType, "authType");
        StringBuilder sb = new StringBuilder(CommonKt.theString(R.string.ui_ssl_error_header, this.remoteAddr.getHostName(), Integer.valueOf(this.remoteAddr.getPort())));
        if (certs.length == 0 || (x509Certificate = certs[0]) == null) {
            String hostName = this.remoteAddr.getHostName();
            int port = this.remoteAddr.getPort();
            StringBuilder sb2 = new StringBuilder();
            sb2.append(port);
            append = append(sb, false, CommonKt.theString(R.string.log_login_cert_exp, hostName, sb2.toString(), CommonKt.theString(R.string.log_login_no_cert)), CommonKt.theString(R.string.log_login_no_cert));
            FxLog.INSTANCE.info(new LogSubItem(27, new LogSubItem[]{new LogSubItem(this.remoteAddr.getHostName(), this.remoteAddr.getHostName()), new LogSubItem(String.valueOf(this.remoteAddr.getPort()), String.valueOf(this.remoteAddr.getPort())), new LogSubItem(29, null, null)}), AppComponent.LOGIN, false, this.connection);
        } else {
            append = verifyCertificate(x509Certificate, sb, false);
        }
        synchronized (this.connection.getSslErrorManager().getTypeMutex()) {
            if (append) {
                if (!this.connection.getSslErrorManager().getIgnoreSSLError()) {
                    this.connection.stopConnectTimer();
                    SfxHelper.stopPeers$default(this.connection.sfx, 0, 1, null);
                    this.connection.sfx.getSfxHelperGroup().interrupt();
                    this.connection.getCoc().interruptMgr();
                    if (StringsKt.isBlank(this.connection.getSslErrorManager().getError())) {
                        this.connection.getSslErrorManager().setError(sb.toString());
                        this.connection.getSslErrorManager().showError();
                    }
                }
            }
            Unit unit = Unit.INSTANCE;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
