package sun.net.www.protocol.https;

import com.xiaomi.mipush.sdk.Constants;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.Socket;
import java.net.SocketException;
import java.net.URL;
import java.security.AccessController;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import sun.net.www.http.HttpClient;
import sun.net.www.protocol.http.HttpURLConnection;
import sun.security.action.GetPropertyAction;
import sun.security.util.HostnameChecker;
import sun.util.logging.PlatformLogger;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes6.dex */
public final class HttpsClient extends HttpClient implements HandshakeCompletedListener {
    static final /* synthetic */ boolean $assertionsDisabled = false;
    private static final String defaultHVCanonicalName = "javax.net.ssl.HttpsURLConnection.DefaultHostnameVerifier";
    private static final int httpsPortNumber = 443;
    private HostnameVerifier hv;
    private SSLSession session;
    private SSLSocketFactory sslSocketFactory;

    private HttpsClient(SSLSocketFactory sSLSocketFactory, URL url) throws IOException {
        this(sSLSocketFactory, url, (String) null, -1);
    }

    HttpsClient(SSLSocketFactory sSLSocketFactory, URL url, String str, int i) throws IOException {
        this(sSLSocketFactory, url, str, i, -1);
    }

    HttpsClient(SSLSocketFactory sSLSocketFactory, URL url, String str, int i, int i2) throws IOException {
        this(sSLSocketFactory, url, str == null ? null : HttpClient.newHttpProxy(str, i, "https"), i2);
    }

    HttpsClient(SSLSocketFactory sSLSocketFactory, URL url, Proxy proxy, int i) throws IOException {
        PlatformLogger httpLogger = HttpURLConnection.getHttpLogger();
        if (httpLogger.isLoggable(PlatformLogger.Level.FINEST)) {
            httpLogger.finest("Creating new HttpsClient with url:" + url + " and proxy:" + proxy + " with connect timeout:" + i);
        }
        this.proxy = proxy;
        setSSLSocketFactory(sSLSocketFactory);
        this.proxyDisabled = true;
        this.host = url.getHost();
        this.url = url;
        this.port = url.getPort();
        if (this.port == -1) {
            this.port = getDefaultPort();
        }
        setConnectTimeout(i);
        openServer();
    }

    static HttpClient New(SSLSocketFactory sSLSocketFactory, URL url, HostnameVerifier hostnameVerifier, String str, int i, HttpURLConnection httpURLConnection) throws IOException {
        return New(sSLSocketFactory, url, hostnameVerifier, str, i, true, httpURLConnection);
    }

    static HttpClient New(SSLSocketFactory sSLSocketFactory, URL url, HostnameVerifier hostnameVerifier, String str, int i, boolean z, int i2, HttpURLConnection httpURLConnection) throws IOException {
        return New(sSLSocketFactory, url, hostnameVerifier, str == null ? null : HttpClient.newHttpProxy(str, i, "https"), z, i2, httpURLConnection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static HttpClient New(SSLSocketFactory sSLSocketFactory, URL url, HostnameVerifier hostnameVerifier, String str, int i, boolean z, HttpURLConnection httpURLConnection) throws IOException {
        return New(sSLSocketFactory, url, hostnameVerifier, str, i, z, -1, httpURLConnection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static HttpClient New(SSLSocketFactory sSLSocketFactory, URL url, HostnameVerifier hostnameVerifier, Proxy proxy, boolean z, int i, HttpURLConnection httpURLConnection) throws IOException {
        if (proxy == null) {
            proxy = Proxy.NO_PROXY;
        }
        PlatformLogger httpLogger = HttpURLConnection.getHttpLogger();
        if (httpLogger.isLoggable(PlatformLogger.Level.FINEST)) {
            httpLogger.finest("Looking for HttpClient for URL " + url + " and proxy value of " + proxy);
        }
        HttpsClient httpsClient = null;
        if (z) {
            HttpsClient httpsClient2 = (HttpsClient) kac.get(url, sSLSocketFactory);
            if (httpsClient2 != null && httpURLConnection != null && httpURLConnection.streaming() && httpURLConnection.getRequestMethod() == "POST" && !httpsClient2.available()) {
                httpsClient2 = null;
            }
            if (httpsClient2 != null) {
                if ((httpsClient2.proxy == null || !httpsClient2.proxy.equals(proxy)) && !(httpsClient2.proxy == null && proxy == Proxy.NO_PROXY)) {
                    synchronized (httpsClient2) {
                        if (httpLogger.isLoggable(PlatformLogger.Level.FINEST)) {
                            httpLogger.finest("Not returning this connection to cache: " + httpsClient2);
                        }
                        httpsClient2.inCache = false;
                        httpsClient2.closeServer();
                    }
                } else {
                    synchronized (httpsClient2) {
                        httpsClient2.cachedHttpClient = true;
                        httpsClient2.inCache = false;
                        if (httpURLConnection != null && httpsClient2.needsTunneling()) {
                            httpURLConnection.setTunnelState(HttpURLConnection.TunnelState.TUNNELING);
                        }
                        if (httpLogger.isLoggable(PlatformLogger.Level.FINEST)) {
                            httpLogger.finest("KeepAlive stream retrieved from the cache, " + httpsClient2);
                        }
                    }
                }
            }
            httpsClient = httpsClient2;
        }
        if (httpsClient == null) {
            httpsClient = new HttpsClient(sSLSocketFactory, url, proxy, i);
        } else {
            SecurityManager securityManager = System.getSecurityManager();
            if (securityManager != null) {
                if (httpsClient.proxy == Proxy.NO_PROXY || httpsClient.proxy == null) {
                    securityManager.checkConnect(InetAddress.getByName(url.getHost()).getHostAddress(), url.getPort());
                } else {
                    securityManager.checkConnect(url.getHost(), url.getPort());
                }
            }
            httpsClient.url = url;
        }
        httpsClient.setHostnameVerifier(hostnameVerifier);
        return httpsClient;
    }

    static HttpClient New(SSLSocketFactory sSLSocketFactory, URL url, HostnameVerifier hostnameVerifier, HttpURLConnection httpURLConnection) throws IOException {
        return New(sSLSocketFactory, url, hostnameVerifier, true, httpURLConnection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static HttpClient New(SSLSocketFactory sSLSocketFactory, URL url, HostnameVerifier hostnameVerifier, boolean z, HttpURLConnection httpURLConnection) throws IOException {
        return New(sSLSocketFactory, url, hostnameVerifier, (String) null, -1, z, httpURLConnection);
    }

    private void checkURLSpoofing(HostnameVerifier hostnameVerifier) throws IOException {
        String host = this.url.getHost();
        if (host != null && host.startsWith("[") && host.endsWith("]")) {
            host = host.substring(1, host.length() - 1);
        }
        String cipherSuite = this.session.getCipherSuite();
        try {
            HostnameChecker hostnameChecker = HostnameChecker.getInstance((byte) 1);
            if (cipherSuite.startsWith("TLS_KRB5")) {
                if (!HostnameChecker.match(host, getPeerPrincipal())) {
                    throw new SSLPeerUnverifiedException("Hostname checker failed for Kerberos");
                }
            } else {
                Certificate[] peerCertificates = this.session.getPeerCertificates();
                if (!(peerCertificates[0] instanceof X509Certificate)) {
                    throw new SSLPeerUnverifiedException("");
                }
                hostnameChecker.match(host, (X509Certificate) peerCertificates[0]);
            }
        } catch (CertificateException | SSLPeerUnverifiedException unused) {
            if (cipherSuite == null || cipherSuite.indexOf("_anon_") == -1) {
                if (hostnameVerifier == null || !hostnameVerifier.verify(host, this.session)) {
                    this.serverSocket.close();
                    this.session.invalidate();
                    throw new IOException("HTTPS hostname wrong:  should be <" + this.url.getHost() + ">");
                }
            }
        }
    }

    private String[] getCipherSuites() {
        String str = (String) AccessController.doPrivileged(new GetPropertyAction("https.cipherSuites"));
        if (str == null || "".equals(str)) {
            return null;
        }
        Vector vector = new Vector();
        StringTokenizer stringTokenizer = new StringTokenizer(str, Constants.ACCEPT_TIME_SEPARATOR_SP);
        while (stringTokenizer.hasMoreTokens()) {
            vector.addElement(stringTokenizer.nextToken());
        }
        int size = vector.size();
        String[] strArr = new String[size];
        for (int i = 0; i < size; i++) {
            strArr[i] = (String) vector.elementAt(i);
        }
        return strArr;
    }

    private String[] getProtocols() {
        String str = (String) AccessController.doPrivileged(new GetPropertyAction("https.protocols"));
        if (str == null || "".equals(str)) {
            return null;
        }
        Vector vector = new Vector();
        StringTokenizer stringTokenizer = new StringTokenizer(str, Constants.ACCEPT_TIME_SEPARATOR_SP);
        while (stringTokenizer.hasMoreTokens()) {
            vector.addElement(stringTokenizer.nextToken());
        }
        int size = vector.size();
        String[] strArr = new String[size];
        for (int i = 0; i < size; i++) {
            strArr[i] = (String) vector.elementAt(i);
        }
        return strArr;
    }

    private String getUserAgent() {
        String str = (String) AccessController.doPrivileged(new GetPropertyAction("https.agent"));
        return (str == null || str.length() == 0) ? "JSSE" : str;
    }

    /* JADX WARN: Code restructure failed: missing block: B:19:0x0065, code lost:
    
        if (r0.equalsIgnoreCase("HTTPS") != false) goto L26;
     */
    @Override // sun.net.www.http.HttpClient
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void afterConnect() throws java.io.IOException, java.net.UnknownHostException {
        /*
            r6 = this;
            boolean r0 = r6.isCachedConnection()
            if (r0 != 0) goto Ld1
            javax.net.ssl.SSLSocketFactory r0 = r6.sslSocketFactory
            r1 = 1
            java.net.Socket r2 = r6.serverSocket     // Catch: java.io.IOException -> L2d
            boolean r2 = r2 instanceof javax.net.ssl.SSLSocket     // Catch: java.io.IOException -> L2d
            if (r2 != 0) goto L1c
            java.net.Socket r2 = r6.serverSocket     // Catch: java.io.IOException -> L2d
            java.lang.String r3 = r6.host     // Catch: java.io.IOException -> L2d
            int r4 = r6.port     // Catch: java.io.IOException -> L2d
            java.net.Socket r2 = r0.createSocket(r2, r3, r4, r1)     // Catch: java.io.IOException -> L2d
            javax.net.ssl.SSLSocket r2 = (javax.net.ssl.SSLSocket) r2     // Catch: java.io.IOException -> L2d
            goto L39
        L1c:
            java.net.Socket r2 = r6.serverSocket     // Catch: java.io.IOException -> L2d
            javax.net.ssl.SSLSocket r2 = (javax.net.ssl.SSLSocket) r2     // Catch: java.io.IOException -> L2d
            boolean r3 = r2 instanceof sun.security.ssl.SSLSocketImpl     // Catch: java.io.IOException -> L2d
            if (r3 == 0) goto L39
            r3 = r2
            sun.security.ssl.SSLSocketImpl r3 = (sun.security.ssl.SSLSocketImpl) r3     // Catch: java.io.IOException -> L2d
            java.lang.String r4 = r6.host     // Catch: java.io.IOException -> L2d
            r3.setHost(r4)     // Catch: java.io.IOException -> L2d
            goto L39
        L2d:
            r2 = move-exception
            java.lang.String r3 = r6.host     // Catch: java.io.IOException -> Ld0
            int r4 = r6.port     // Catch: java.io.IOException -> Ld0
            java.net.Socket r0 = r0.createSocket(r3, r4)     // Catch: java.io.IOException -> Ld0
            javax.net.ssl.SSLSocket r0 = (javax.net.ssl.SSLSocket) r0     // Catch: java.io.IOException -> Ld0
            r2 = r0
        L39:
            java.lang.String[] r0 = r6.getProtocols()
            java.lang.String[] r3 = r6.getCipherSuites()
            if (r0 == 0) goto L46
            r2.setEnabledProtocols(r0)
        L46:
            if (r3 == 0) goto L4b
            r2.setEnabledCipherSuites(r3)
        L4b:
            r2.addHandshakeCompletedListener(r6)
            javax.net.ssl.SSLParameters r0 = r2.getSSLParameters()
            java.lang.String r0 = r0.getEndpointIdentificationAlgorithm()
            java.lang.String r3 = "HTTPS"
            r4 = 0
            if (r0 == 0) goto L69
            int r5 = r0.length()
            if (r5 == 0) goto L69
            boolean r0 = r0.equalsIgnoreCase(r3)
            if (r0 == 0) goto L90
        L67:
            r1 = 0
            goto L90
        L69:
            javax.net.ssl.HostnameVerifier r0 = r6.hv
            if (r0 == 0) goto L82
            java.lang.Class r0 = r0.getClass()
            java.lang.String r0 = r0.getCanonicalName()
            if (r0 == 0) goto L80
            java.lang.String r5 = "javax.net.ssl.HttpsURLConnection.DefaultHostnameVerifier"
            boolean r0 = r0.equalsIgnoreCase(r5)
            if (r0 == 0) goto L80
            goto L82
        L80:
            r0 = 0
            goto L83
        L82:
            r0 = 1
        L83:
            if (r0 == 0) goto L90
            javax.net.ssl.SSLParameters r0 = r2.getSSLParameters()
            r0.setEndpointIdentificationAlgorithm(r3)
            r2.setSSLParameters(r0)
            goto L67
        L90:
            r2.startHandshake()
            javax.net.ssl.SSLSession r0 = r2.getSession()
            r6.session = r0
            r6.serverSocket = r2
            java.io.PrintStream r0 = new java.io.PrintStream     // Catch: java.io.UnsupportedEncodingException -> Lb7
            java.io.BufferedOutputStream r2 = new java.io.BufferedOutputStream     // Catch: java.io.UnsupportedEncodingException -> Lb7
            java.net.Socket r3 = r6.serverSocket     // Catch: java.io.UnsupportedEncodingException -> Lb7
            java.io.OutputStream r3 = r3.getOutputStream()     // Catch: java.io.UnsupportedEncodingException -> Lb7
            r2.<init>(r3)     // Catch: java.io.UnsupportedEncodingException -> Lb7
            java.lang.String r3 = sun.net.www.protocol.https.HttpsClient.encoding     // Catch: java.io.UnsupportedEncodingException -> Lb7
            r0.<init>(r2, r4, r3)     // Catch: java.io.UnsupportedEncodingException -> Lb7
            r6.serverOutput = r0     // Catch: java.io.UnsupportedEncodingException -> Lb7
            if (r1 == 0) goto Ldb
            javax.net.ssl.HostnameVerifier r0 = r6.hv
            r6.checkURLSpoofing(r0)
            goto Ldb
        Lb7:
            java.lang.InternalError r0 = new java.lang.InternalError
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r1.<init>()
            java.lang.String r2 = sun.net.www.protocol.https.HttpsClient.encoding
            r1.append(r2)
            java.lang.String r2 = " encoding not found"
            r1.append(r2)
            java.lang.String r1 = r1.toString()
            r0.<init>(r1)
            throw r0
        Ld0:
            throw r2
        Ld1:
            java.net.Socket r0 = r6.serverSocket
            javax.net.ssl.SSLSocket r0 = (javax.net.ssl.SSLSocket) r0
            javax.net.ssl.SSLSession r0 = r0.getSession()
            r6.session = r0
        Ldb:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: sun.net.www.protocol.https.HttpsClient.afterConnect():void");
    }

    @Override // sun.net.www.http.HttpClient
    public void closeIdleConnection() {
        HttpClient httpClient = kac.get(this.url, this.sslSocketFactory);
        if (httpClient != null) {
            httpClient.closeServer();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // sun.net.NetworkClient
    public Socket createSocket() throws IOException {
        try {
            return this.sslSocketFactory.createSocket();
        } catch (SocketException e) {
            Throwable cause = e.getCause();
            if (cause == null || !(cause instanceof UnsupportedOperationException)) {
                throw e;
            }
            return super.createSocket();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getCipherSuite() {
        return this.session.getCipherSuite();
    }

    @Override // sun.net.www.http.HttpClient
    protected int getDefaultPort() {
        return 443;
    }

    public Certificate[] getLocalCertificates() {
        return this.session.getLocalCertificates();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Principal getLocalPrincipal() {
        try {
            return this.session.getLocalPrincipal();
        } catch (AbstractMethodError unused) {
            Certificate[] localCertificates = this.session.getLocalCertificates();
            if (localCertificates != null) {
                return ((X509Certificate) localCertificates[0]).getSubjectX500Principal();
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
        try {
            return this.session.getPeerPrincipal();
        } catch (AbstractMethodError unused) {
            return ((X509Certificate) this.session.getPeerCertificates()[0]).getSubjectX500Principal();
        }
    }

    @Override // sun.net.www.http.HttpClient
    public String getProxyHostUsed() {
        if (needsTunneling()) {
            return super.getProxyHostUsed();
        }
        return null;
    }

    @Override // sun.net.www.http.HttpClient
    public int getProxyPortUsed() {
        if (this.proxy == null || this.proxy.type() == Proxy.Type.DIRECT || this.proxy.type() == Proxy.Type.SOCKS) {
            return -1;
        }
        return ((InetSocketAddress) this.proxy.address()).getPort();
    }

    SSLSocketFactory getSSLSocketFactory() {
        return this.sslSocketFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public javax.security.cert.X509Certificate[] getServerCertificateChain() throws SSLPeerUnverifiedException {
        return this.session.getPeerCertificateChain();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate[] getServerCertificates() throws SSLPeerUnverifiedException {
        return this.session.getPeerCertificates();
    }

    @Override // javax.net.ssl.HandshakeCompletedListener
    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
        this.session = handshakeCompletedEvent.getSession();
    }

    @Override // sun.net.www.http.HttpClient
    public boolean needsTunneling() {
        return (this.proxy == null || this.proxy.type() == Proxy.Type.DIRECT || this.proxy.type() == Proxy.Type.SOCKS) ? false : true;
    }

    @Override // sun.net.www.http.HttpClient
    protected void putInKeepAliveCache() {
        if (this.inCache) {
            return;
        }
        this.inCache = true;
        kac.put(this.url, this.sslSocketFactory, this);
    }

    void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hv = hostnameVerifier;
    }

    void setSSLSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
    }
}
