package org.apache.http.conn.ssl;

import android.annotation.TargetApi;
import android.util.Log;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import org.apache.http.HttpHost;
import org.apache.http.protocol.HttpContext;

/* compiled from: SSLConnectionSocketFactory.java */
@z8.d
/* loaded from: classes5.dex */
public class g implements f9.b {
    public static final String SSL = "SSL";
    public static final String SSLV2 = "SSLv2";
    public static final String TLS = "TLS";

    /* renamed from: e, reason: collision with root package name */
    private static final String f70460e = "HttpClient";

    /* renamed from: a, reason: collision with root package name */
    private final javax.net.ssl.SSLSocketFactory f70461a;

    /* renamed from: b, reason: collision with root package name */
    private final X509HostnameVerifier f70462b;

    /* renamed from: c, reason: collision with root package name */
    private final String[] f70463c;

    /* renamed from: d, reason: collision with root package name */
    private final String[] f70464d;
    public static final X509HostnameVerifier ALLOW_ALL_HOSTNAME_VERIFIER = new b();
    public static final X509HostnameVerifier BROWSER_COMPATIBLE_HOSTNAME_VERIFIER = new c();
    public static final X509HostnameVerifier STRICT_HOSTNAME_VERIFIER = new j();

    public g(SSLContext sSLContext) {
        this(sSLContext, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
    }

    public g(SSLContext sSLContext, X509HostnameVerifier x509HostnameVerifier) {
        this(((SSLContext) org.apache.http.util.a.notNull(sSLContext, "SSL context")).getSocketFactory(), (String[]) null, (String[]) null, x509HostnameVerifier);
    }

    public g(SSLContext sSLContext, String[] strArr, String[] strArr2, X509HostnameVerifier x509HostnameVerifier) {
        this(((SSLContext) org.apache.http.util.a.notNull(sSLContext, "SSL context")).getSocketFactory(), strArr, strArr2, x509HostnameVerifier);
    }

    public g(javax.net.ssl.SSLSocketFactory sSLSocketFactory, X509HostnameVerifier x509HostnameVerifier) {
        this(sSLSocketFactory, (String[]) null, (String[]) null, x509HostnameVerifier);
    }

    public g(javax.net.ssl.SSLSocketFactory sSLSocketFactory, String[] strArr, String[] strArr2, X509HostnameVerifier x509HostnameVerifier) {
        this.f70461a = (javax.net.ssl.SSLSocketFactory) org.apache.http.util.a.notNull(sSLSocketFactory, "SSL socket factory");
        this.f70463c = strArr;
        this.f70464d = strArr2;
        this.f70462b = x509HostnameVerifier == null ? BROWSER_COMPATIBLE_HOSTNAME_VERIFIER : x509HostnameVerifier;
    }

    private static String[] c(String str) {
        if (org.apache.http.util.f.isBlank(str)) {
            return null;
        }
        return str.split(" *, *");
    }

    private void d(SSLSocket sSLSocket, String str) throws IOException {
        try {
            if (Log.isLoggable(f70460e, 3)) {
                try {
                    SSLSession session = sSLSocket.getSession();
                    Log.d(f70460e, "Secure session established");
                    Log.d(f70460e, " negotiated protocol: " + session.getProtocol());
                    Log.d(f70460e, " negotiated cipher suite: " + session.getCipherSuite());
                    X509Certificate x509Certificate = (X509Certificate) session.getPeerCertificates()[0];
                    Log.d(f70460e, " peer principal: " + x509Certificate.getSubjectX500Principal().toString());
                    Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                    if (subjectAlternativeNames != null) {
                        ArrayList arrayList = new ArrayList();
                        for (List<?> list : subjectAlternativeNames) {
                            if (!list.isEmpty()) {
                                arrayList.add((String) list.get(1));
                            }
                        }
                        Log.d(f70460e, " peer alternative names: " + arrayList);
                    }
                    Log.d(f70460e, " issuer principal: " + x509Certificate.getIssuerX500Principal().toString());
                    Collection<List<?>> issuerAlternativeNames = x509Certificate.getIssuerAlternativeNames();
                    if (issuerAlternativeNames != null) {
                        ArrayList arrayList2 = new ArrayList();
                        for (List<?> list2 : issuerAlternativeNames) {
                            if (!list2.isEmpty()) {
                                arrayList2.add((String) list2.get(1));
                            }
                        }
                        Log.d(f70460e, " issuer alternative names: " + arrayList2);
                    }
                } catch (Exception unused) {
                }
            }
            this.f70462b.verify(str, sSLSocket);
        } catch (IOException e10) {
            try {
                sSLSocket.close();
            } catch (Exception unused2) {
            }
            throw e10;
        }
    }

    public static g getSocketFactory() throws SSLInitializationException {
        return new g((javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory.getDefault(), BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
    }

    public static g getSystemSocketFactory() throws SSLInitializationException {
        return new g((javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory.getDefault(), c(System.getProperty("https.protocols")), c(System.getProperty("https.cipherSuites")), BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
    }

    X509HostnameVerifier a() {
        return this.f70462b;
    }

    protected void b(SSLSocket sSLSocket) throws IOException {
    }

    @Override // f9.a
    public Socket connectSocket(int i10, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
        org.apache.http.util.a.notNull(httpHost, "HTTP host");
        org.apache.http.util.a.notNull(inetSocketAddress, "Remote address");
        if (socket == null) {
            socket = createSocket(httpContext);
        }
        if (inetSocketAddress2 != null) {
            socket.bind(inetSocketAddress2);
        }
        if (i10 > 0) {
            try {
                if (socket.getSoTimeout() == 0) {
                    socket.setSoTimeout(i10);
                }
            } catch (IOException e10) {
                try {
                    socket.close();
                } catch (IOException unused) {
                }
                throw e10;
            }
        }
        if (Log.isLoggable(f70460e, 3)) {
            Log.d(f70460e, "Connecting socket to " + inetSocketAddress + " with timeout " + i10);
        }
        socket.connect(inetSocketAddress, i10);
        if (!(socket instanceof SSLSocket)) {
            return createLayeredSocket(socket, httpHost.getHostName(), inetSocketAddress.getPort(), httpContext);
        }
        SSLSocket sSLSocket = (SSLSocket) socket;
        if (Log.isLoggable(f70460e, 3)) {
            Log.d(f70460e, "Starting handshake");
        }
        sSLSocket.startHandshake();
        d(sSLSocket, httpHost.getHostName());
        return socket;
    }

    @Override // f9.b
    @TargetApi(17)
    public Socket createLayeredSocket(Socket socket, String str, int i10, HttpContext httpContext) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.f70461a.createSocket(socket, str, i10, true);
        String[] strArr = this.f70463c;
        if (strArr != null) {
            sSLSocket.setEnabledProtocols(strArr);
        } else {
            String[] enabledProtocols = sSLSocket.getEnabledProtocols();
            ArrayList arrayList = new ArrayList(enabledProtocols.length);
            for (String str2 : enabledProtocols) {
                if (!str2.startsWith(SSL)) {
                    arrayList.add(str2);
                }
            }
            if (!arrayList.isEmpty()) {
                sSLSocket.setEnabledProtocols((String[]) arrayList.toArray(new String[arrayList.size()]));
            }
        }
        String[] strArr2 = this.f70464d;
        if (strArr2 != null) {
            sSLSocket.setEnabledCipherSuites(strArr2);
        }
        if (Log.isLoggable(f70460e, 3)) {
            Log.d(f70460e, "Enabled protocols: " + Arrays.asList(sSLSocket.getEnabledProtocols()));
            Log.d(f70460e, "Enabled cipher suites:" + Arrays.asList(sSLSocket.getEnabledCipherSuites()));
        }
        b(sSLSocket);
        if (Log.isLoggable(f70460e, 3)) {
            Log.d(f70460e, "Enabling SNI for " + str);
        }
        try {
            sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str);
        } catch (Exception e10) {
            if (Log.isLoggable(f70460e, 3)) {
                Log.d(f70460e, "SNI configuration failed", e10);
            }
        }
        if (Log.isLoggable(f70460e, 3)) {
            Log.d(f70460e, "Starting handshake");
        }
        sSLSocket.startHandshake();
        d(sSLSocket, str);
        return sSLSocket;
    }

    @Override // f9.a
    public Socket createSocket(HttpContext httpContext) throws IOException {
        return SocketFactory.getDefault().createSocket();
    }
}
