package com.sun.midp.io.j2me.https;

import com.sun.j2me.security.AccessController;
import com.sun.j2me.security.InterruptedSecurityException;
import com.sun.midp.io.HttpUrl;
import com.sun.midp.io.j2me.http.StreamConnectionElement;
import com.sun.midp.main.Configuration;
import com.sun.midp.pki.SubjectAlternativeName;
import com.sun.midp.pki.X509Certificate;
import com.sun.midp.publickeystore.WebPublicKeyStore;
import com.sun.midp.security.ImplicitlyTrustedClass;
import com.sun.midp.security.SecurityInitializer;
import com.sun.midp.security.SecurityToken;
import com.sun.midp.ssl.SSLStreamConnection;
import com.sun.midp.util.Properties;
import java.io.IOException;
import java.io.InputStream;
import java.io.InterruptedIOException;
import java.io.OutputStream;
import java.util.Vector;
import javax.microedition.io.Connection;
import javax.microedition.io.ConnectionNotFoundException;
import javax.microedition.io.HttpsConnection;
import javax.microedition.io.SecurityInfo;
import javax.microedition.io.StreamConnection;
import javax.microedition.pki.CertificateException;

/* loaded from: input_file:com/sun/midp/io/j2me/https/Protocol.class */
public class Protocol extends com.sun.midp.io.j2me.http.Protocol implements HttpsConnection {
    private static final String HTTPS_PERMISSION_NAME = "javax.microedition.io.Connector.https";
    private static final String COMMON_NAME_LABEL = "CN=";
    private static final int COMMON_NAME_LABEL_LENGTH = COMMON_NAME_LABEL.length();
    private static SecurityToken classSecurityToken = SecurityInitializer.requestToken(new SecurityTrusted(null));
    private Properties proxyHeaders = new Properties();
    private SSLStreamConnection sslConnection;

    /* renamed from: com.sun.midp.io.j2me.https.Protocol$1, reason: invalid class name */
    /* loaded from: input_file:com/sun/midp/io/j2me/https/Protocol$1.class */
    static class AnonymousClass1 {
    }

    /* loaded from: input_file:com/sun/midp/io/j2me/https/Protocol$SecurityTrusted.class */
    private static class SecurityTrusted implements ImplicitlyTrustedClass {
        private SecurityTrusted() {
        }

        SecurityTrusted(AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    private static String getCommonName(String str) {
        int indexOf;
        if (str == null || (indexOf = str.indexOf(COMMON_NAME_LABEL)) < 0) {
            return null;
        }
        int i = indexOf + COMMON_NAME_LABEL_LENGTH;
        int indexOf2 = str.indexOf(59, i);
        if (indexOf2 < 0) {
            indexOf2 = str.length();
        }
        return str.substring(i, indexOf2);
    }

    private static boolean checkSiteName(String str, String str2) {
        int i;
        int length;
        if (str2 == null) {
            return false;
        }
        if (str.length() == str2.length() && str.regionMatches(true, 0, str2, 0, str2.length())) {
            return true;
        }
        if (!str2.startsWith("*.")) {
            return false;
        }
        int indexOf = str.indexOf(46);
        return indexOf != -1 && str2.length() - 2 == (length = str.length() - (i = indexOf + 1)) && str.regionMatches(true, i, str2, 2, length);
    }

    public Protocol() {
        this.protocol = "https";
        this.default_port = 443;
    }

    @Override // com.sun.midp.io.j2me.http.Protocol, com.sun.midp.io.ConnectionBaseAdapter, com.sun.cldc.io.ConnectionBaseInterface
    public Connection openPrim(String str, int i, boolean z) throws IOException, IllegalArgumentException, ConnectionNotFoundException {
        checkForPermission(str);
        initStreamConnection(i);
        this.url = new HttpUrl(this.protocol, str);
        if (this.url.port == -1) {
            this.url.port = this.default_port;
        }
        if (this.url.host == null) {
            throw new IllegalArgumentException("missing host in URL");
        }
        this.hostAndPort = new StringBuffer().append(this.url.host).append(":").append(this.url.port).toString();
        return this;
    }

    private void checkForPermission(String str) throws InterruptedIOException {
        try {
            AccessController.checkPermission(HTTPS_PERMISSION_NAME, new StringBuffer().append(this.protocol).append(":").append(str).toString());
            this.permissionChecked = true;
            try {
                AccessController.checkPermission(AccessController.TRUSTED_APP_PERMISSION_NAME);
                this.ownerTrusted = true;
            } catch (SecurityException e) {
                this.ownerTrusted = false;
            }
        } catch (InterruptedSecurityException e2) {
            throw new InterruptedIOException("Interrupted while trying to ask the user permission");
        }
    }

    @Override // com.sun.midp.io.j2me.http.Protocol, javax.microedition.io.HttpConnection
    public String getRequestProperty(String str) {
        return str.toLowerCase().startsWith("proxy-") ? this.proxyHeaders.getPropertyIgnoreCase(str) : super.getRequestProperty(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.midp.io.j2me.http.Protocol
    public void setRequestField(String str, String str2) {
        if (str.toLowerCase().startsWith("proxy-")) {
            this.proxyHeaders.setPropertyIgnoreCase(str, str2);
        } else {
            super.setRequestField(str, str2);
        }
    }

    @Override // com.sun.midp.io.j2me.http.Protocol
    protected StreamConnection connect() throws IOException {
        OutputStream openOutputStream;
        InputStream openInputStream;
        if (!this.permissionChecked) {
            throw new SecurityException();
        }
        StreamConnectionElement streamConnectionElement = connectionPool.get(classSecurityToken, this.protocol, this.url.host, this.url.port);
        if (streamConnectionElement != null) {
            return streamConnectionElement;
        }
        com.sun.midp.io.j2me.socket.Protocol protocol = new com.sun.midp.io.j2me.socket.Protocol();
        String property = Configuration.getProperty("com.sun.midp.io.http.proxy");
        if (property != null) {
            protocol.openPrim(classSecurityToken, new StringBuffer().append("//").append(property).toString());
            protocol.setSocketOption((byte) 0, 0);
            openOutputStream = protocol.openOutputStream();
            openInputStream = protocol.openInputStream();
            try {
                doTunnelHandshake(openOutputStream, openInputStream);
            } catch (IOException e) {
                String message = e.getMessage();
                protocol.close();
                openOutputStream.close();
                openInputStream.close();
                if (message.indexOf(" 500 ") > -1) {
                    throw new ConnectionNotFoundException(message);
                }
                throw e;
            }
        } else {
            protocol.openPrim(classSecurityToken, new StringBuffer().append("//").append(this.hostAndPort).toString());
            protocol.setSocketOption((byte) 0, 0);
            openOutputStream = protocol.openOutputStream();
            openInputStream = protocol.openInputStream();
        }
        protocol.close();
        try {
            this.sslConnection = new SSLStreamConnection(this.url.host, this.url.port, openInputStream, openOutputStream, WebPublicKeyStore.getTrustedKeyStore());
            try {
                X509Certificate serverCertificate = this.sslConnection.getServerCertificate();
                Vector subjectAltNames = serverCertificate.getSubjectAltNames();
                boolean z = false;
                int i = 0;
                while (i < subjectAltNames.size()) {
                    SubjectAlternativeName subjectAlternativeName = (SubjectAlternativeName) subjectAltNames.elementAt(i);
                    if (subjectAlternativeName.getSubjectAltNameType() == 7) {
                        z = true;
                        if (this.url.host.equalsIgnoreCase((String) subjectAlternativeName.getSubjectAltName())) {
                            break;
                        }
                        i++;
                    } else {
                        if (subjectAlternativeName.getSubjectAltNameType() == 2) {
                            z = true;
                            if (checkSiteName(this.url.host, ((String) subjectAlternativeName.getSubjectAltName()).toLowerCase())) {
                                break;
                            }
                        } else {
                            continue;
                        }
                        i++;
                    }
                }
                if (!z) {
                    String commonName = getCommonName(serverCertificate.getSubject());
                    if (commonName == null) {
                        throw new CertificateException("Common name missing from subject name", serverCertificate, (byte) 7);
                    }
                    if (!checkSiteName(this.url.host, commonName)) {
                        throw new CertificateException(serverCertificate, (byte) 7);
                    }
                } else if (i == subjectAltNames.size()) {
                    throw new CertificateException("Subject alternative name did not match site name", serverCertificate, (byte) 7);
                }
                return this.sslConnection;
            } catch (Exception e2) {
                try {
                    this.sslConnection.close();
                } catch (Throwable th) {
                }
                if (e2 instanceof IOException) {
                    throw ((IOException) e2);
                }
                throw ((RuntimeException) e2);
            }
        } catch (Exception e3) {
            try {
                openInputStream.close();
            } catch (Throwable th2) {
            }
            try {
                openOutputStream.close();
            } catch (Throwable th3) {
            }
            if (e3 instanceof IOException) {
                throw ((IOException) e3);
            }
            throw ((RuntimeException) e3);
        }
    }

    protected void disconnect(StreamConnection streamConnection, InputStream inputStream, OutputStream outputStream) throws IOException {
        try {
            try {
                inputStream.close();
                try {
                    outputStream.close();
                    streamConnection.close();
                } finally {
                }
            } catch (Throwable th) {
                try {
                    outputStream.close();
                    streamConnection.close();
                    throw th;
                } finally {
                }
            }
        } catch (IOException e) {
        } catch (NullPointerException e2) {
        }
    }

    @Override // javax.microedition.io.HttpsConnection
    public SecurityInfo getSecurityInfo() throws IOException {
        ensureOpen();
        sendRequest();
        return this.sslConnection == null ? ((SSLStreamConnection) ((StreamConnectionElement) getStreamConnection()).getBaseConnection()).getSecurityInfo() : this.sslConnection.getSecurityInfo();
    }
}
