package org.kontalk.client;

import android.annotation.SuppressLint;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.AllowAllHostnameVerifier;
import org.jivesoftware.smack.ConnectionConfiguration;
import org.jivesoftware.smack.SASLAuthentication;
import org.jivesoftware.smack.SmackException;
import org.jivesoftware.smack.filter.StanzaFilter;
import org.jivesoftware.smack.packet.Message;
import org.jivesoftware.smack.packet.Stanza;
import org.jivesoftware.smack.sm.predicates.ForMatchingPredicateOrAfterXStanzas;
import org.jivesoftware.smack.tcp.XMPPTCPConnectionConfiguration;
import org.jivesoftware.smackx.receipts.DeliveryReceipt;
import org.jivesoftware.smackx.receipts.DeliveryReceiptRequest;
import org.jxmpp.stringprep.XmppStringprepException;
import org.kontalk.Kontalk;
import org.kontalk.Log;
import org.kontalk.authenticator.LegacyAuthentication;
import org.kontalk.service.msgcenter.SecureConnectionManager;

/* loaded from: classes.dex */
public class KontalkConnection extends XMPPTCPConnection {
    public static final int DEFAULT_PACKET_TIMEOUT = 15000;
    private static final String TAG = Kontalk.TAG;
    protected EndpointServer mServer;

    /* loaded from: classes.dex */
    private static final class AckPredicate extends ForMatchingPredicateOrAfterXStanzas {
        public static final AckPredicate INSTANCE = new AckPredicate();

        private AckPredicate() {
            super(new StanzaFilter() { // from class: org.kontalk.client.KontalkConnection.AckPredicate.1
                @Override // org.jivesoftware.smack.filter.StanzaFilter
                public boolean accept(Stanza stanza) {
                    return (stanza instanceof Message) && !(((Message) stanza).getBody() == null && DeliveryReceipt.from((Message) stanza) == null && DeliveryReceiptRequest.from(stanza) == null);
                }
            }, 5);
        }
    }

    public KontalkConnection(String str, EndpointServer endpointServer, boolean z, PrivateKey privateKey, X509Certificate x509Certificate, boolean z2, KeyStore keyStore, String str2) throws XmppStringprepException {
        super(buildConfiguration(str, endpointServer, z, privateKey, x509Certificate, z2, keyStore, str2));
        this.mServer = endpointServer;
        setUseStreamManagement(true);
        setUseStreamManagementResumption(false);
        addRequestAckPredicate(AckPredicate.INSTANCE);
        setPacketReplyTimeout(15000L);
    }

    public KontalkConnection(String str, EndpointServer endpointServer, boolean z, boolean z2, KeyStore keyStore, String str2) throws XmppStringprepException {
        this(str, endpointServer, z, null, null, z2, keyStore, str2);
    }

    private static XMPPTCPConnectionConfiguration buildConfiguration(String str, EndpointServer endpointServer, boolean z, PrivateKey privateKey, X509Certificate x509Certificate, boolean z2, KeyStore keyStore, String str2) throws XmppStringprepException {
        XMPPTCPConnectionConfiguration.Builder builder = XMPPTCPConnectionConfiguration.builder();
        String host = endpointServer.getHost();
        InetAddress inetAddress = null;
        if (host != null) {
            try {
                inetAddress = InetAddress.getByName(host);
            } catch (UnknownHostException e) {
                Log.w(TAG, "unable to resolve host " + host + ", will try again during connect", e);
            }
        }
        XMPPTCPConnectionConfiguration.Builder hostAddress = builder.setHostAddress(inetAddress);
        if (inetAddress != null) {
            host = null;
        }
        XMPPTCPConnectionConfiguration.Builder resource = hostAddress.setHost(host).setPort(z ? endpointServer.getSecurePort() : endpointServer.getPort()).setXmppDomain(endpointServer.getNetwork()).setResource(str);
        if (str2 == null) {
            str2 = "dummy";
        }
        resource.setUsernameAndPassword(null, str2).allowEmptyOrNullUsernames().setCompressionEnabled(true).setSecurityMode(z ? ConnectionConfiguration.SecurityMode.disabled : ConnectionConfiguration.SecurityMode.required).setSendPresence(false).setLegacySessionDisabled(true).setDebuggerEnabled(Log.isDebug());
        setupSSL(builder, z, privateKey, x509Certificate, z2, keyStore);
        return builder.build();
    }

    @SuppressLint({"AllowAllHostnameVerifier"})
    private static void setupSSL(XMPPTCPConnectionConfiguration.Builder builder, boolean z, PrivateKey privateKey, X509Certificate x509Certificate, boolean z2, KeyStore keyStore) {
        TrustManager[] trustManagers;
        try {
            SecureConnectionManager.waitForInit();
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyManager[] keyManagerArr = null;
            if (privateKey != null && x509Certificate != null) {
                KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore2.load(null, null);
                keyStore2.setKeyEntry("private", privateKey, null, new Certificate[]{x509Certificate});
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore2, null);
                keyManagerArr = keyManagerFactory.getKeyManagers();
                if (!LegacyAuthentication.isUpgrading()) {
                    SASLAuthentication.blacklistSASLMechanism("PLAIN");
                }
            }
            if (z2) {
                trustManagers = new TrustManager[]{new X509TrustManager() { // from class: org.kontalk.client.KontalkConnection.1
                    @Override // javax.net.ssl.X509TrustManager
                    @SuppressLint({"TrustAllX509TrustManager"})
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    @SuppressLint({"TrustAllX509TrustManager"})
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }
                }};
                builder.setHostnameVerifier(new AllowAllHostnameVerifier());
            } else {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                trustManagers = trustManagerFactory.getTrustManagers();
            }
            sSLContext.init(keyManagerArr, trustManagers, null);
            builder.setCustomSSLContext(sSLContext);
            if (z) {
                builder.setSocketFactory(sSLContext.getSocketFactory());
            }
        } catch (Exception e) {
            Log.w(TAG, "unable to setup SSL connection", e);
        }
    }

    public EndpointServer getServer() {
        return this.mServer;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jivesoftware.smack.AbstractXMPPConnection
    public void processStanza(Stanza stanza) throws InterruptedException {
        boolean z = stanza instanceof Message;
        if (z) {
            suspendSmAck();
        }
        super.processStanza(stanza);
        if (z) {
            try {
                resumeSmAck();
            } catch (SmackException e) {
            }
        }
    }
}
