package com.sun.midp.io.j2me.https;

import com.sun.kssl.HandshakeListener;
import com.sun.kssl.SSLStreamConnection;
import com.sun.kssl.X509Certificate;
import com.sun.midp.Configuration;
import com.sun.midp.io.InternalConnector;
import com.sun.midp.io.Properties;
import com.sun.midp.io.j2me.storage.File;
import com.sun.midp.io.j2me.storage.RandomAccessStream;
import com.sun.midp.publickeystore.WebPublicKeyStore;
import com.sun.midp.security.ImplicitlyTrustedClass;
import com.sun.midp.security.SecurityDomain;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import javax.microedition.io.ConnectionNotFoundException;
import javax.microedition.io.OutputConnection;
import javax.microedition.io.StreamConnection;

/* loaded from: input_file:com/sun/midp/io/j2me/https/Protocol.class */
public class Protocol extends com.sun.midp.io.j2me.http.Protocol implements ImplicitlyTrustedClass, HandshakeListener {
    private static SecurityDomain classSecurityDomain;
    private static boolean caLoaded;
    private Properties proxyHeaders = new Properties();
    private byte handshakeError;
    private X509Certificate badCert;

    private static void loadCertificateAuthorities() {
        try {
            RandomAccessStream randomAccessStream = new RandomAccessStream(classSecurityDomain);
            randomAccessStream.connect(new StringBuffer().append(File.getStorageRoot()).append("_main.ks").toString(), 1);
            try {
                try {
                    WebPublicKeyStore.setTrustedKeyStore(new WebPublicKeyStore(randomAccessStream.openInputStream()));
                } finally {
                    try {
                        randomAccessStream.disconnect();
                    } catch (Exception e) {
                    }
                }
            } catch (Exception e2) {
                System.out.println("Corrupt key store file, cannot authenticate HTTPS servers");
                e2.printStackTrace();
                try {
                    randomAccessStream.disconnect();
                } catch (Exception e3) {
                }
            }
        } catch (Exception e4) {
            System.out.println("Could not open the trusted key store, cannot authenticate HTTPS servers");
        }
    }

    public Protocol() {
        this.protocol = "https";
        this.default_port = 443;
    }

    @Override // com.sun.midp.security.ImplicitlyTrustedClass
    public void initSecurityDomain(SecurityDomain securityDomain) {
        if (classSecurityDomain == null) {
            classSecurityDomain = securityDomain;
        }
    }

    @Override // com.sun.midp.io.j2me.http.Protocol, javax.microedition.io.HttpConnection
    public String getRequestProperty(String str) {
        return str.startsWith("Proxy-") ? this.proxyHeaders.getProperty(str) : super.getRequestProperty(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.midp.io.j2me.http.Protocol
    public void setRequestField(String str, String str2) {
        if (str.startsWith("Proxy-")) {
            this.proxyHeaders.setProperty(str, str2);
        } else {
            super.setRequestField(str, str2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.midp.io.j2me.http.Protocol
    public StreamConnection connect() throws IOException {
        OutputConnection outputConnection;
        OutputStream openOutputStream;
        InputStream openInputStream;
        if (!caLoaded) {
            caLoaded = true;
            loadCertificateAuthorities();
        }
        String property = Configuration.getProperty("com.sun.midp.io.http.proxy");
        if (property != null && property.indexOf("://") == -1) {
            property = new StringBuffer().append("socket://").append(property).toString();
        }
        if (property != null) {
            outputConnection = (StreamConnection) InternalConnector.openInternal(property, 3, false);
            openOutputStream = outputConnection.openOutputStream();
            openInputStream = outputConnection.openInputStream();
            try {
                doTunnelHandshake(openOutputStream, openInputStream);
            } catch (IOException e) {
                String message = e.getMessage();
                outputConnection.close();
                openOutputStream.close();
                openInputStream.close();
                if (message.indexOf(" 500 ") > -1) {
                    throw new ConnectionNotFoundException(message);
                }
                throw e;
            }
        } else {
            outputConnection = (StreamConnection) InternalConnector.openInternal(new StringBuffer().append("socket://").append(this.hostAndPort).toString(), 3, false);
            openOutputStream = outputConnection.openOutputStream();
            openInputStream = outputConnection.openInputStream();
        }
        outputConnection.close();
        try {
            return new SSLStreamConnection(this.url.host, this.url.port, openInputStream, openOutputStream, this);
        } catch (IOException e2) {
            if (this.handshakeError == 0) {
                throw e2;
            }
            throw new IOException(new StringBuffer().append("(").append((int) this.handshakeError).append(") ").append(e2.getMessage()).append(" ").append(this.badCert).toString());
        }
    }

    @Override // com.sun.midp.io.j2me.http.Protocol
    protected void disconnect(StreamConnection streamConnection, InputStream inputStream, OutputStream outputStream) throws IOException {
        if (inputStream != null) {
            inputStream.close();
        }
        if (outputStream != null) {
            outputStream.close();
        }
        if (streamConnection != null) {
            streamConnection.close();
        }
    }

    @Override // com.sun.kssl.HandshakeListener
    public void SSLHandshakeUpdate(String str) {
    }

    @Override // com.sun.kssl.HandshakeListener
    public boolean SSLCertificateOk(X509Certificate x509Certificate, byte b) {
        this.handshakeError = b;
        this.badCert = x509Certificate;
        return false;
    }
}
