package net.i2p.router.client;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Collection;
import java.util.HashMap;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import net.i2p.crypto.KeyStoreUtil;
import net.i2p.router.RouterContext;
import net.i2p.util.PortMapper;
import net.i2p.util.SecureDirectory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class SSLClientListenerRunner extends ClientListenerRunner {
    private static final String ASCII_KEYFILE = "i2cp.local.crt";
    private static final String DEFAULT_KEYSTORE_PASSWORD = "changeit";
    private static final String KEY_ALIAS = "i2cp";
    private static final String PROP_KEYSTORE_PASSWORD = "i2cp.keystorePassword";
    private static final String PROP_KEY_PASSWORD = "i2cp.keyPassword";
    private SSLServerSocketFactory _factory;

    public SSLClientListenerRunner(RouterContext routerContext, ClientManager clientManager, int i) {
        super(routerContext, clientManager, i);
    }

    private boolean createKeyStore(File file) {
        String randomString = KeyStoreUtil.randomString();
        String str = KeyStoreUtil.randomString() + ".i2cp.i2p.net";
        boolean createKeys = KeyStoreUtil.createKeys(file, KEY_ALIAS, str, PortMapper.SVC_I2CP, randomString);
        if (createKeys && (createKeys = file.exists())) {
            HashMap hashMap = new HashMap();
            hashMap.put(PROP_KEYSTORE_PASSWORD, "changeit");
            hashMap.put(PROP_KEY_PASSWORD, randomString);
            this._context.router().saveConfig(hashMap, (Collection<String>) null);
        }
        if (createKeys) {
            this._log.logAlways(20, "Created self-signed certificate for " + str + " in keystore: " + file.getAbsolutePath() + "\nThe certificate name was generated randomly, and is not associated with your IP address, host name, router identity, or destination keys.");
        } else {
            this._log.error("Failed to create I2CP SSL keystore.\nThis is for the Sun/Oracle keytool, others may be incompatible.\nIf you create the keystore manually, you must add i2cp.keystorePassword and i2cp.keyPassword to " + new File(this._context.getConfigDir(), "router.config").getAbsolutePath());
        }
        return createKeys;
    }

    private void exportCert(File file) {
        SecureDirectory secureDirectory = new SecureDirectory(this._context.getConfigDir(), "certificates/i2cp");
        if (!secureDirectory.exists() && !secureDirectory.mkdirs()) {
            this._log.error("Error saving ASCII SSL keys");
        } else {
            if (KeyStoreUtil.exportCert(file, this._context.getProperty(PROP_KEYSTORE_PASSWORD, "changeit"), KEY_ALIAS, new File(secureDirectory, ASCII_KEYFILE))) {
                return;
            }
            this._log.error("Error getting SSL cert to save as ASCII");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v13, types: [javax.net.ssl.KeyManagerFactory] */
    /* JADX WARN: Type inference failed for: r2v1, types: [net.i2p.router.RouterContext] */
    /* JADX WARN: Type inference failed for: r2v12, types: [java.io.FileInputStream, java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r2v2 */
    /* JADX WARN: Type inference failed for: r2v3, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r2v4 */
    /* JADX WARN: Type inference failed for: r2v5 */
    /* JADX WARN: Type inference failed for: r2v6 */
    /* JADX WARN: Type inference failed for: r2v7, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r2v8, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r2v9 */
    /* JADX WARN: Type inference failed for: r6v0, types: [java.security.KeyStore] */
    private boolean initializeFactory(File file) {
        boolean z = false;
        String property = this._context.getProperty(PROP_KEYSTORE_PASSWORD, "changeit");
        ?? r2 = this._context;
        String property2 = r2.getProperty(PROP_KEY_PASSWORD);
        try {
            if (property2 == null) {
                this._log.error("No key password, set i2cp.keyPassword in " + new File(this._context.getConfigDir(), "router.config").getAbsolutePath());
            } else {
                try {
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    ?? keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    r2 = new FileInputStream(file);
                    try {
                        keyStore.load(r2, property.toCharArray());
                        ?? keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                        keyManagerFactory.init(keyStore, property2.toCharArray());
                        sSLContext.init(keyManagerFactory.getKeyManagers(), null, this._context.random());
                        this._factory = sSLContext.getServerSocketFactory();
                        z = true;
                        if (r2 != 0) {
                            try {
                                r2.close();
                            } catch (IOException e) {
                            }
                        }
                    } catch (IOException e2) {
                        e = e2;
                        this._log.error("Error loading SSL keys", e);
                        if (r2 != 0) {
                            try {
                                r2.close();
                            } catch (IOException e3) {
                            }
                        }
                        return z;
                    } catch (GeneralSecurityException e4) {
                        e = e4;
                        this._log.error("Error loading SSL keys", e);
                        if (r2 != 0) {
                            try {
                                r2.close();
                            } catch (IOException e5) {
                            }
                        }
                        return z;
                    }
                } catch (IOException e6) {
                    e = e6;
                    r2 = 0;
                } catch (GeneralSecurityException e7) {
                    e = e7;
                    r2 = 0;
                } catch (Throwable th) {
                    th = th;
                    r2 = 0;
                    if (r2 != 0) {
                        try {
                            r2.close();
                        } catch (IOException e8) {
                        }
                    }
                    throw th;
                }
            }
            return z;
        } catch (Throwable th2) {
            th = th2;
        }
    }

    private boolean verifyKeyStore(File file) {
        if (file.exists()) {
            r0 = this._context.getProperty(PROP_KEY_PASSWORD) != null;
            if (!r0) {
                this._log.error("I2CP SSL error, must set i2cp.keyPassword in " + new File(this._context.getConfigDir(), "router.config").getAbsolutePath());
            }
        } else {
            File parentFile = file.getParentFile();
            if ((parentFile.exists() || new SecureDirectory(parentFile.getAbsolutePath()).mkdir()) && (r0 = createKeyStore(file))) {
                exportCert(file);
            }
        }
        return r0;
    }

    @Override // net.i2p.router.client.ClientListenerRunner
    protected ServerSocket getServerSocket() throws IOException {
        if (this._bindAllInterfaces) {
            if (this._log.shouldLog(20)) {
                this._log.info("Listening on port " + this._port + " on all interfaces");
            }
            return this._factory.createServerSocket(this._port);
        }
        String property = this._context.getProperty(ClientManagerFacadeImpl.PROP_CLIENT_HOST, ClientManagerFacadeImpl.DEFAULT_HOST);
        if (this._log.shouldLog(20)) {
            this._log.info("Listening on port " + this._port + " of the specific interface: " + property);
        }
        return this._factory.createServerSocket(this._port, 0, InetAddress.getByName(property));
    }

    @Override // net.i2p.router.client.ClientListenerRunner
    public void runServer() {
        File file = new File(this._context.getConfigDir(), "keystore/i2cp.ks");
        if (verifyKeyStore(file) && initializeFactory(file)) {
            super.runServer();
        } else {
            this._log.error("SSL I2CP server error - Failed to create or open key store");
        }
    }

    @Override // net.i2p.router.client.ClientListenerRunner
    protected boolean validate(Socket socket) {
        try {
            InputStream inputStream = socket.getInputStream();
            int soTimeout = socket.getSoTimeout();
            socket.setSoTimeout(20000);
            boolean z = inputStream.read() == 42;
            socket.setSoTimeout(soTimeout);
            return z;
        } catch (IOException e) {
            if (this._log.shouldLog(30)) {
                this._log.warn("Peer did not authenticate themselves as I2CP quickly enough, dropping");
            }
            return false;
        }
    }
}
