package org.bitbatzen.sslserverscanner.scantask;

import java.io.IOException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.bitbatzen.sslserverscanner.Util;

/* loaded from: input_file:org/bitbatzen/sslserverscanner/scantask/SSLUtil.class */
public class SSLUtil {
    private static final HashMap<String, String> certExtensionsMap = createCertExtensionsMap();
    private static HostnameVerifier DEFAULT_HOSTNAME_VERIFIER = HttpsURLConnection.getDefaultHostnameVerifier();
    private static SSLSocketFactory DEFAULT_SSL_SOCKET_FACTORY = HttpsURLConnection.getDefaultSSLSocketFactory();
    private static final TrustManager[] ALL_TRUSTING_TRUST_MANAGER = {new X509TrustManager() { // from class: org.bitbatzen.sslserverscanner.scantask.SSLUtil.1
        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }
    }};
    private static final HostnameVerifier ALL_TRUSTING_HOSTNAME_VERIFIER = new HostnameVerifier() { // from class: org.bitbatzen.sslserverscanner.scantask.SSLUtil.2
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    };

    public static SSLSocketFactory getSSLSocketFactory(boolean z) {
        HostnameVerifier hostnameVerifier = DEFAULT_HOSTNAME_VERIFIER;
        SSLSocketFactory sSLSocketFactory = DEFAULT_SSL_SOCKET_FACTORY;
        if (!z) {
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, ALL_TRUSTING_TRUST_MANAGER, new SecureRandom());
                sSLSocketFactory = sSLContext.getSocketFactory();
            } catch (Exception e) {
                e.printStackTrace();
            }
            hostnameVerifier = ALL_TRUSTING_HOSTNAME_VERIFIER;
        }
        HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
        HttpsURLConnection.setDefaultSSLSocketFactory(sSLSocketFactory);
        return HttpsURLConnection.getDefaultSSLSocketFactory();
    }

    public static List<String> getAvailableCipherSuites() {
        String[] defaultCipherSuites = HttpsURLConnection.getDefaultSSLSocketFactory().getDefaultCipherSuites();
        ArrayList arrayList = new ArrayList();
        for (String str : defaultCipherSuites) {
            arrayList.add(str);
        }
        return arrayList;
    }

    public static List<String> getAvailableProtocols() {
        ArrayList arrayList = new ArrayList();
        SSLSocket sSLSocket = null;
        try {
            sSLSocket = (SSLSocket) getSSLSocketFactory(false).createSocket();
            for (String str : sSLSocket.getSupportedProtocols()) {
                if (!str.equals("SSLv2Hello")) {
                    arrayList.add(str);
                }
            }
            Util.close(sSLSocket);
            return arrayList;
        } catch (IOException e) {
            Util.close(sSLSocket);
            return arrayList;
        } catch (Throwable th) {
            Util.close(sSLSocket);
            throw th;
        }
    }

    public static String getCertExtensionName(String str) {
        String str2 = certExtensionsMap.get(str);
        return str2 == null ? "Unkown" : str2;
    }

    private static HashMap<String, String> createCertExtensionsMap() {
        HashMap<String, String> hashMap = new HashMap<>();
        hashMap.put("1.3.6.1.5.5.7.1.1", "Authority Info Access");
        hashMap.put("2.5.29.1", "old Authority Key Identifier");
        hashMap.put("2.5.29.2", "old Primary Key Attributes ");
        hashMap.put("2.5.29.3", "Certificate Policies");
        hashMap.put("2.5.29.4", "Primary Key Usage Restriction");
        hashMap.put("2.5.29.9", "Subject Directory Attributes");
        hashMap.put("2.5.29.14", "Subject Key Identifier");
        hashMap.put("2.5.29.15", "Key Usage");
        hashMap.put("2.5.29.16", "Private Key Usage Period");
        hashMap.put("2.5.29.17", "Subject Alternative Name");
        hashMap.put("2.5.29.18", "Issuer Alternative Name");
        hashMap.put("2.5.29.19", "Basic Constraints");
        hashMap.put("2.5.29.20", "CRL Number");
        hashMap.put("2.5.29.21", "Reason code");
        hashMap.put("2.5.29.23", "Hold Instruction Code");
        hashMap.put("2.5.29.24", "Invalidity Date");
        hashMap.put("2.5.29.27", "Delta CRL indicator");
        hashMap.put("2.5.29.28", "Issuing Distribution Point");
        hashMap.put("2.5.29.29", "Certificate Issuer");
        hashMap.put("2.5.29.30", "Name Constraints");
        hashMap.put("2.5.29.31", "CRL Distribution Points");
        hashMap.put("2.5.29.32", "Certificate Policies");
        hashMap.put("2.5.29.33", "Policy Mappings");
        hashMap.put("2.5.29.35", "Authority Key Identifier");
        hashMap.put("2.5.29.36", "Policy Constraints");
        hashMap.put("2.5.29.37", "Extended key usage");
        hashMap.put("2.5.29.46", "FreshestCRL");
        hashMap.put("2.5.29.54", "X.509 version 3 certificate extension Inhibit Any-policy");
        return hashMap;
    }
}
