package com.gargoylesoftware.htmlunit.httpclient;

import com.gargoylesoftware.htmlunit.WebClientOptions;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import org.apache.http.HttpHost;
import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.protocol.HttpContext;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.ssl.TrustStrategy;

/* loaded from: classes2.dex */
public final class HtmlUnitSSLConnectionSocketFactory extends SSLConnectionSocketFactory {
    private static final String SSL3ONLY = "htmlunit.SSL3Only";
    private final boolean useInsecureSSL_;

    private HtmlUnitSSLConnectionSocketFactory(KeyStore keyStore, char[] cArr, KeyStore keyStore2, boolean z, String[] strArr, String[] strArr2) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(SSLContexts.custom().loadKeyMaterial(keyStore, cArr).loadTrustMaterial(keyStore2, (TrustStrategy) null).build(), strArr, strArr2, new DefaultHostnameVerifier());
        this.useInsecureSSL_ = z;
    }

    private HtmlUnitSSLConnectionSocketFactory(SSLContext sSLContext, HostnameVerifier hostnameVerifier, boolean z, String[] strArr, String[] strArr2) {
        super(sSLContext, strArr, strArr2, hostnameVerifier);
        this.useInsecureSSL_ = z;
    }

    public static SSLConnectionSocketFactory buildSSLSocketFactory(WebClientOptions webClientOptions) {
        try {
            String[] sSLClientProtocols = webClientOptions.getSSLClientProtocols();
            String[] sSLClientCipherSuites = webClientOptions.getSSLClientCipherSuites();
            boolean isUseInsecureSSL = webClientOptions.isUseInsecureSSL();
            if (!isUseInsecureSSL) {
                KeyStore sSLClientCertificateStore = webClientOptions.getSSLClientCertificateStore();
                return new HtmlUnitSSLConnectionSocketFactory(sSLClientCertificateStore, sSLClientCertificateStore == null ? null : webClientOptions.getSSLClientCertificatePassword(), webClientOptions.getSSLTrustStore(), isUseInsecureSSL, sSLClientProtocols, sSLClientCipherSuites);
            }
            String sSLInsecureProtocol = webClientOptions.getSSLInsecureProtocol();
            if (sSLInsecureProtocol == null) {
                sSLInsecureProtocol = "SSL";
            }
            SSLContext sSLContext = SSLContext.getInstance(sSLInsecureProtocol);
            sSLContext.init(getKeyManagers(webClientOptions), new TrustManager[]{new InsecureTrustManager2()}, null);
            return new HtmlUnitSSLConnectionSocketFactory(sSLContext, NoopHostnameVerifier.INSTANCE, isUseInsecureSSL, sSLClientProtocols, sSLClientCipherSuites);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    private static void configureSocket(SSLSocket sSLSocket, HttpContext httpContext) {
        if (isUseSSL3Only(httpContext)) {
            sSLSocket.setEnabledProtocols(new String[]{"SSLv3"});
        }
    }

    private static KeyManager[] getKeyManagers(WebClientOptions webClientOptions) {
        if (webClientOptions.getSSLClientCertificateStore() == null) {
            return null;
        }
        try {
            KeyStore sSLClientCertificateStore = webClientOptions.getSSLClientCertificateStore();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(sSLClientCertificateStore, webClientOptions.getSSLClientCertificatePassword());
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private SSLSocketFactory getSSLSocketFactory() {
        try {
            Field declaredField = SSLConnectionSocketFactory.class.getDeclaredField("socketfactory");
            declaredField.setAccessible(true);
            return (SSLSocketFactory) declaredField.get(this);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    static boolean isUseSSL3Only(HttpContext httpContext) {
        return "TRUE".equalsIgnoreCase((String) httpContext.getAttribute(SSL3ONLY));
    }

    private static void setEmptyHostname(HttpHost httpHost) {
        try {
            Field declaredField = HttpHost.class.getDeclaredField("hostname");
            declaredField.setAccessible(true);
            declaredField.set(httpHost, "");
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static void setUseSSL3Only(HttpContext httpContext, boolean z) {
        httpContext.setAttribute(SSL3ONLY, Boolean.valueOf(z));
    }

    @Override // org.apache.http.conn.ssl.SSLConnectionSocketFactory, org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket connectSocket(int i, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
        HttpHost socksProxy = SocksConnectionSocketFactory.getSocksProxy(httpContext);
        if (socksProxy == null) {
            try {
                return super.connectSocket(i, socket, httpHost, inetSocketAddress, inetSocketAddress2, httpContext);
            } catch (IOException e) {
                if (!this.useInsecureSSL_ || !"handshake alert:  unrecognized_name".equals(e.getMessage())) {
                    throw e;
                }
                setEmptyHostname(httpHost);
                return super.connectSocket(i, createSocket(httpContext), httpHost, inetSocketAddress, inetSocketAddress2, httpContext);
            }
        }
        Socket createSocketWithSocksProxy = SocksConnectionSocketFactory.createSocketWithSocksProxy(socksProxy);
        createSocketWithSocksProxy.setReuseAddress(true);
        InetSocketAddress inetSocketAddress3 = new InetSocketAddress(socksProxy.getHostName(), socksProxy.getPort());
        try {
            createSocketWithSocksProxy.connect(inetSocketAddress, i);
            Socket createSocket = getSSLSocketFactory().createSocket(createSocketWithSocksProxy, socksProxy.getHostName(), socksProxy.getPort(), true);
            configureSocket((SSLSocket) createSocket, httpContext);
            return createSocket;
        } catch (SocketTimeoutException unused) {
            throw new ConnectTimeoutException("Connect to " + inetSocketAddress3 + " timed out");
        }
    }
}
