package org.apache.http.conn.ssl;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpHost;
import org.apache.http.annotation.Contract;
import org.apache.http.annotation.ThreadingBehavior;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.conn.util.PublicSuffixMatcherLoader;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.Args;
import org.apache.http.util.TextUtils;
import p000.p001.p002.p003.p004.p005.C0432;

@Contract(threading = ThreadingBehavior.SAFE)
/* loaded from: classes.dex */
public class SSLConnectionSocketFactory implements LayeredConnectionSocketFactory {
    private final HostnameVerifier hostnameVerifier;
    private final Log log;
    private final javax.net.ssl.SSLSocketFactory socketfactory;
    private final String[] supportedCipherSuites;
    private final String[] supportedProtocols;
    public static String TLS = C0432.m20("ScKit-34ea0947ae66dc1a104442434eb39ba3", "ScKit-0c3b3aa372ae8611");
    public static String SSLV2 = C0432.m20("ScKit-041000853f01ec0bffc327a0ed59b6d7", "ScKit-0c3b3aa372ae8611");
    public static String SSL = C0432.m20("ScKit-adf3ecaee85349232da7f9bc29720763", "ScKit-0c3b3aa372ae8611");

    @Deprecated
    public static final X509HostnameVerifier ALLOW_ALL_HOSTNAME_VERIFIER = AllowAllHostnameVerifier.INSTANCE;

    @Deprecated
    public static final X509HostnameVerifier BROWSER_COMPATIBLE_HOSTNAME_VERIFIER = BrowserCompatHostnameVerifier.INSTANCE;

    @Deprecated
    public static final X509HostnameVerifier STRICT_HOSTNAME_VERIFIER = StrictHostnameVerifier.INSTANCE;

    public SSLConnectionSocketFactory(SSLContext sSLContext) {
        this(sSLContext, getDefaultHostnameVerifier());
    }

    public SSLConnectionSocketFactory(SSLContext sSLContext, HostnameVerifier hostnameVerifier) {
        this(((SSLContext) Args.notNull(sSLContext, C0432.m20("ScKit-6d741aef1bfadf09d48ad503b9a1a56e", "ScKit-0c3b3aa372ae8611"))).getSocketFactory(), (String[]) null, (String[]) null, hostnameVerifier);
    }

    @Deprecated
    public SSLConnectionSocketFactory(SSLContext sSLContext, X509HostnameVerifier x509HostnameVerifier) {
        this(((SSLContext) Args.notNull(sSLContext, C0432.m20("ScKit-6d741aef1bfadf09d48ad503b9a1a56e", "ScKit-0c3b3aa372ae8611"))).getSocketFactory(), (String[]) null, (String[]) null, x509HostnameVerifier);
    }

    public SSLConnectionSocketFactory(SSLContext sSLContext, String[] strArr, String[] strArr2, HostnameVerifier hostnameVerifier) {
        this(((SSLContext) Args.notNull(sSLContext, C0432.m20("ScKit-6d741aef1bfadf09d48ad503b9a1a56e", "ScKit-0c3b3aa372ae8611"))).getSocketFactory(), strArr, strArr2, hostnameVerifier);
    }

    @Deprecated
    public SSLConnectionSocketFactory(SSLContext sSLContext, String[] strArr, String[] strArr2, X509HostnameVerifier x509HostnameVerifier) {
        this(((SSLContext) Args.notNull(sSLContext, C0432.m20("ScKit-6d741aef1bfadf09d48ad503b9a1a56e", "ScKit-0c3b3aa372ae8611"))).getSocketFactory(), strArr, strArr2, x509HostnameVerifier);
    }

    public SSLConnectionSocketFactory(javax.net.ssl.SSLSocketFactory sSLSocketFactory, HostnameVerifier hostnameVerifier) {
        this(sSLSocketFactory, (String[]) null, (String[]) null, hostnameVerifier);
    }

    @Deprecated
    public SSLConnectionSocketFactory(javax.net.ssl.SSLSocketFactory sSLSocketFactory, X509HostnameVerifier x509HostnameVerifier) {
        this(sSLSocketFactory, (String[]) null, (String[]) null, x509HostnameVerifier);
    }

    public SSLConnectionSocketFactory(javax.net.ssl.SSLSocketFactory sSLSocketFactory, String[] strArr, String[] strArr2, HostnameVerifier hostnameVerifier) {
        HostnameVerifier hostnameVerifier2 = hostnameVerifier;
        this.log = LogFactory.getLog(getClass());
        this.socketfactory = (javax.net.ssl.SSLSocketFactory) Args.notNull(sSLSocketFactory, C0432.m20("ScKit-37374a580c610cda596823bfb3a409db595b8c9d338b5ef4d0a33e2c6b8693dc", "ScKit-0c3b3aa372ae8611"));
        this.supportedProtocols = strArr;
        this.supportedCipherSuites = strArr2;
        this.hostnameVerifier = hostnameVerifier2 == null ? getDefaultHostnameVerifier() : hostnameVerifier2;
    }

    @Deprecated
    public SSLConnectionSocketFactory(javax.net.ssl.SSLSocketFactory sSLSocketFactory, String[] strArr, String[] strArr2, X509HostnameVerifier x509HostnameVerifier) {
        this(sSLSocketFactory, strArr, strArr2, (HostnameVerifier) x509HostnameVerifier);
    }

    public static HostnameVerifier getDefaultHostnameVerifier() {
        return new DefaultHostnameVerifier(PublicSuffixMatcherLoader.getDefault());
    }

    public static SSLConnectionSocketFactory getSocketFactory() {
        return new SSLConnectionSocketFactory(org.apache.http.ssl.SSLContexts.createDefault(), getDefaultHostnameVerifier());
    }

    public static SSLConnectionSocketFactory getSystemSocketFactory() {
        return new SSLConnectionSocketFactory((javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory.getDefault(), split(System.getProperty(C0432.m20("ScKit-15fb30692d34665ea706c55fa5e88bbf", "ScKit-0c3b3aa372ae8611"))), split(System.getProperty(C0432.m20("ScKit-12b6aa51fdf4273830d13b03aadedd71c4405e0683eee06a5ccf4b47784d5075", "ScKit-0c3b3aa372ae8611"))), getDefaultHostnameVerifier());
    }

    private static String[] split(String str) {
        if (TextUtils.isBlank(str)) {
            return null;
        }
        return str.split(C0432.m20("ScKit-ced5e3a9a0debd5cdd93a68f43354850", "ScKit-0c3b3aa372ae8611"));
    }

    private void verifyHostname(SSLSocket sSLSocket, String str) {
        try {
            SSLSession session = sSLSocket.getSession();
            if (session == null) {
                sSLSocket.getInputStream().available();
                session = sSLSocket.getSession();
                if (session == null) {
                    sSLSocket.startHandshake();
                    session = sSLSocket.getSession();
                }
            }
            if (session == null) {
                throw new SSLHandshakeException(C0432.m20("ScKit-29a07c0d4de4518024954d64e8638d8fe5fd9ba0fb206111b714e8d9f45167a9", "ScKit-9c1c95dd9706ffc4"));
            }
            if (this.log.isDebugEnabled()) {
                this.log.debug(C0432.m20("ScKit-b85ad482eeca018ff292e4ff0bcd7370872036265da0c8d757545083c434524d", "ScKit-0c3b3aa372ae8611"));
                this.log.debug(C0432.m20("ScKit-46489548d4fe741b42b5b3f419ff188a6be62f98ba573072c0306b22739ba657", "ScKit-0c3b3aa372ae8611") + session.getProtocol());
                this.log.debug(C0432.m20("ScKit-4938cfca903e16de215190cad005930855bc10f048b57156e922b83c24bc1b5f", "ScKit-0c3b3aa372ae8611") + session.getCipherSuite());
                try {
                    X509Certificate x509Certificate = (X509Certificate) session.getPeerCertificates()[0];
                    X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
                    this.log.debug(C0432.m20("ScKit-07a6fbc3c7e0ce929b96c1460fbd533471460b82a9f38b0a85637fd5142ee928", "ScKit-0c3b3aa372ae8611") + subjectX500Principal.toString());
                    Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                    if (subjectAlternativeNames != null) {
                        ArrayList arrayList = new ArrayList();
                        for (List<?> list : subjectAlternativeNames) {
                            if (!list.isEmpty()) {
                                arrayList.add((String) list.get(1));
                            }
                        }
                        this.log.debug(C0432.m20("ScKit-148c05eea98f7fb7c88cf605a81c8ef002566778df85399ee3e7333b638631c9", "ScKit-0c3b3aa372ae8611") + arrayList);
                    }
                    X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
                    this.log.debug(C0432.m20("ScKit-831e2b14f3cefe87a2760a2bae1e7ab65c94f3a3f1b6559abe37157b2d636eda", "ScKit-0c3b3aa372ae8611") + issuerX500Principal.toString());
                    Collection<List<?>> issuerAlternativeNames = x509Certificate.getIssuerAlternativeNames();
                    if (issuerAlternativeNames != null) {
                        ArrayList arrayList2 = new ArrayList();
                        for (List<?> list2 : issuerAlternativeNames) {
                            if (!list2.isEmpty()) {
                                arrayList2.add((String) list2.get(1));
                            }
                        }
                        this.log.debug(C0432.m20("ScKit-c8643f103a3ac7ea72c9ba20cc811283486150cba364343f6a8bad2e26df0e54", "ScKit-0c3b3aa372ae8611") + arrayList2);
                    }
                } catch (Exception unused) {
                }
            }
            if (this.hostnameVerifier.verify(str, session)) {
                return;
            }
            throw new SSLPeerUnverifiedException(C0432.m20("ScKit-ff15a66a0433a1c57f804e59ee0f03a1c4ff4f36dac666e17c83254ebec2b8c6", "ScKit-9c1c95dd9706ffc4") + str + C0432.m20("ScKit-6577393360ac2637800d84c1a18e760c0d4246dd5e987ada9b5a10f31b5825e6", "ScKit-9c1c95dd9706ffc4") + C0432.m20("ScKit-1af6473a74f5fa426bce515c6b07683730649ead8c2a20ac51289b913a0540e196049696b7108b7f4a1b001491c3de1c", "ScKit-9c1c95dd9706ffc4") + DefaultHostnameVerifier.getSubjectAltNames((X509Certificate) session.getPeerCertificates()[0]));
        } catch (IOException e2) {
            try {
                sSLSocket.close();
            } catch (Exception unused2) {
            }
            throw e2;
        }
    }

    @Override // org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket connectSocket(int i2, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) {
        Socket socket2 = socket;
        Args.notNull(httpHost, C0432.m20("ScKit-a76332b7802b804dcd813ccc79523e89", "ScKit-9c1c95dd9706ffc4"));
        Args.notNull(inetSocketAddress, C0432.m20("ScKit-45f79697f9729167fc3c961734c4e7fd", "ScKit-9c1c95dd9706ffc4"));
        if (socket2 == null) {
            socket2 = createSocket(httpContext);
        }
        if (inetSocketAddress2 != null) {
            socket2.bind(inetSocketAddress2);
        }
        if (i2 > 0) {
            try {
                if (socket2.getSoTimeout() == 0) {
                    socket2.setSoTimeout(i2);
                }
            } catch (IOException e2) {
                try {
                    socket2.close();
                } catch (IOException unused) {
                }
                throw e2;
            }
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug(C0432.m20("ScKit-2788f519adc311c511b48afb410008893a66fdaa9d2d980dca006224d66d2f8a", "ScKit-9c1c95dd9706ffc4") + inetSocketAddress + C0432.m20("ScKit-51a7972f57e74ae43623e5ee543f7299", "ScKit-9c1c95dd9706ffc4") + i2);
        }
        socket2.connect(inetSocketAddress, i2);
        if (!(socket2 instanceof SSLSocket)) {
            return createLayeredSocket(socket2, httpHost.getHostName(), inetSocketAddress.getPort(), httpContext);
        }
        SSLSocket sSLSocket = (SSLSocket) socket2;
        this.log.debug(C0432.m20("ScKit-51a45f5d20f979c52d146339bc4470764a154f78ae16eed4bded8956b3443021", "ScKit-9c1c95dd9706ffc4"));
        sSLSocket.startHandshake();
        verifyHostname(sSLSocket, httpHost.getHostName());
        return socket2;
    }

    @Override // org.apache.http.conn.socket.LayeredConnectionSocketFactory
    public Socket createLayeredSocket(Socket socket, String str, int i2, HttpContext httpContext) {
        SSLSocket sSLSocket = (SSLSocket) this.socketfactory.createSocket(socket, str, i2, true);
        String[] strArr = this.supportedProtocols;
        if (strArr != null) {
            sSLSocket.setEnabledProtocols(strArr);
        } else {
            String[] enabledProtocols = sSLSocket.getEnabledProtocols();
            ArrayList arrayList = new ArrayList(enabledProtocols.length);
            for (String str2 : enabledProtocols) {
                if (!str2.startsWith(C0432.m20("ScKit-94e4196259df5234930a4e5bac3f8d57", "ScKit-9c1c95dd9706ffc4"))) {
                    arrayList.add(str2);
                }
            }
            if (!arrayList.isEmpty()) {
                sSLSocket.setEnabledProtocols((String[]) arrayList.toArray(new String[arrayList.size()]));
            }
        }
        String[] strArr2 = this.supportedCipherSuites;
        if (strArr2 != null) {
            sSLSocket.setEnabledCipherSuites(strArr2);
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug(C0432.m20("ScKit-c19d9912891cfe0accf035f7a51ba767985f3efea3d8238819db3300d0b1405e", "ScKit-9c1c95dd9706ffc4") + Arrays.asList(sSLSocket.getEnabledProtocols()));
            this.log.debug(C0432.m20("ScKit-b6bd7fa27deb0413344a065fbeb9fbcd8bfe28775deb85ee886facf2e50a7117", "ScKit-9c1c95dd9706ffc4") + Arrays.asList(sSLSocket.getEnabledCipherSuites()));
        }
        prepareSocket(sSLSocket);
        this.log.debug(C0432.m20("ScKit-51a45f5d20f979c52d146339bc4470764a154f78ae16eed4bded8956b3443021", "ScKit-9c1c95dd9706ffc4"));
        sSLSocket.startHandshake();
        verifyHostname(sSLSocket, str);
        return sSLSocket;
    }

    @Override // org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket createSocket(HttpContext httpContext) {
        return SocketFactory.getDefault().createSocket();
    }

    public void prepareSocket(SSLSocket sSLSocket) {
    }
}
