package de.rub.nds.tlsattacker.core.util;

import de.rub.nds.modifiablevariable.util.BadRandom;
import de.rub.nds.tlsattacker.core.connection.AliasedConnection;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import java.io.IOException;
import java.net.ConnectException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/util/BasicTlsClient.class */
public class BasicTlsClient extends Thread {
    private static final Logger LOGGER = LogManager.getLogger();
    private final CipherSuite cipherSuite;
    private final ProtocolVersion tlsVersion;
    private final String serverHost;
    private final int serverPort;
    private final String serverPrettyName;
    private boolean retryConnect;
    private int retryTimeout;
    private volatile boolean finished;

    public BasicTlsClient(String str, int i, ProtocolVersion protocolVersion, CipherSuite cipherSuite) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException {
        this.retryTimeout = 100;
        this.finished = false;
        this.cipherSuite = cipherSuite;
        this.serverHost = str;
        this.serverPort = i;
        this.serverPrettyName = str + ":" + i;
        this.tlsVersion = protocolVersion;
        this.retryConnect = true;
    }

    public BasicTlsClient() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException {
        this(AliasedConnection.DEFAULT_IP, 4433, ProtocolVersion.TLS12, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA);
    }

    public void setRetryConnect(boolean z) {
        this.retryConnect = z;
    }

    @Override // java.lang.Thread, java.lang.Runnable
    public void run() {
        SSLSocket sSLSocket = null;
        try {
            try {
                LOGGER.info("Connecting to " + this.serverPrettyName);
                if (this.retryConnect) {
                    while (true) {
                        try {
                            sSLSocket = getFreshSocket(this.tlsVersion);
                            break;
                        } catch (ConnectException e) {
                            LOGGER.info("retry: connect to " + this.serverPrettyName);
                            TimeUnit.MILLISECONDS.sleep(this.retryTimeout);
                        }
                    }
                } else {
                    sSLSocket = getFreshSocket(this.tlsVersion);
                }
                sSLSocket.getSession().invalidate();
                LOGGER.info("Closing session with " + this.serverPrettyName);
                sSLSocket.close();
                LOGGER.info("Closed (" + this.serverPrettyName + ")");
                if (sSLSocket != null) {
                    try {
                        sSLSocket.close();
                    } catch (IOException e2) {
                        LOGGER.debug(e2);
                    }
                }
                this.finished = true;
                LOGGER.info("Shutdown complete");
            } catch (Throwable th) {
                if (sSLSocket != null) {
                    try {
                        sSLSocket.close();
                    } catch (IOException e3) {
                        LOGGER.debug(e3);
                        this.finished = true;
                        LOGGER.info("Shutdown complete");
                        throw th;
                    }
                }
                this.finished = true;
                LOGGER.info("Shutdown complete");
                throw th;
            }
        } catch (IOException | InterruptedException e4) {
            LOGGER.error(e4);
            if (sSLSocket != null) {
                try {
                    sSLSocket.close();
                } catch (IOException e5) {
                    LOGGER.debug(e5);
                    this.finished = true;
                    LOGGER.info("Shutdown complete");
                }
            }
            this.finished = true;
            LOGGER.info("Shutdown complete");
        } catch (Exception e6) {
            LOGGER.error(e6);
            if (sSLSocket != null) {
                try {
                    sSLSocket.close();
                } catch (IOException e7) {
                    LOGGER.debug(e7);
                    this.finished = true;
                    LOGGER.info("Shutdown complete");
                }
            }
            this.finished = true;
            LOGGER.info("Shutdown complete");
        }
    }

    private SSLSocket getFreshSocket(ProtocolVersion protocolVersion) throws IOException, Exception {
        SSLSocket sSLSocket = (SSLSocket) getAllowAllContext().getSocketFactory().createSocket(this.serverHost, this.serverPort);
        sSLSocket.setEnabledCipherSuites(new String[]{this.cipherSuite.name()});
        String[] strArr = new String[1];
        switch (protocolVersion) {
            case SSL3:
                strArr[0] = "SSLv3";
                break;
            case TLS10:
                strArr[0] = "TLSv1";
                break;
            case TLS11:
                strArr[0] = "TLSv1.1";
                break;
            case TLS12:
                strArr[0] = "TLSv1.2";
                break;
            default:
                throw new UnsupportedOperationException("This version is not supported");
        }
        sSLSocket.setEnabledProtocols(strArr);
        return sSLSocket;
    }

    protected SSLContext getAllowAllContext() {
        SSLContext sSLContext = null;
        try {
            sSLContext = SSLContext.getInstance("TLS");
            sSLContext.getClientSessionContext().setSessionCacheSize(1);
            sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: de.rub.nds.tlsattacker.core.util.BasicTlsClient.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            }}, new BadRandom());
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            LOGGER.warn(e);
        }
        return sSLContext;
    }

    public boolean isFinished() {
        return this.finished;
    }
}
