package com.tencent.wemusic.data.network.framework.okhttp;

import android.os.Build;
import com.tencent.wemusic.common.util.MLog;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.collections.u;
import kotlin.j;
import kotlin.jvm.internal.x;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: OkHttpSecureVerify.kt */
@j
/* loaded from: classes8.dex */
public final class OkHttpSecureVerify {

    @NotNull
    public static final OkHttpSecureVerify INSTANCE = new OkHttpSecureVerify();

    @NotNull
    public static final String TAG = "OkHttpSecureVerify";

    /* compiled from: OkHttpSecureVerify.kt */
    @j
    /* loaded from: classes8.dex */
    public static final class SniSSLSocketFactory extends SSLSocketFactory {

        @NotNull
        private HttpsURLConnection mConn;

        public SniSSLSocketFactory(@NotNull HttpsURLConnection conn) {
            x.g(conn, "conn");
            this.mConn = conn;
        }

        @Override // javax.net.SocketFactory
        @Nullable
        public Socket createSocket(@Nullable String str, int i10) {
            return null;
        }

        @Override // javax.net.SocketFactory
        @Nullable
        public Socket createSocket(@Nullable String str, int i10, @Nullable InetAddress inetAddress, int i11) {
            return null;
        }

        @Override // javax.net.SocketFactory
        @Nullable
        public Socket createSocket(@Nullable InetAddress inetAddress, int i10) {
            return null;
        }

        @Override // javax.net.SocketFactory
        @Nullable
        public Socket createSocket(@Nullable InetAddress inetAddress, int i10, @Nullable InetAddress inetAddress2, int i11) {
            return null;
        }

        @Override // javax.net.ssl.SSLSocketFactory
        @Nullable
        public Socket createSocket(@Nullable Socket socket, @Nullable String str, int i10, boolean z10) {
            List<SNIServerName> e10;
            String requestProperty = this.mConn.getRequestProperty("Host");
            if (requestProperty == null) {
                requestProperty = str;
            }
            MLog.i(OkHttpSecureVerify.TAG, x.p("customized createSocket host is : ", requestProperty));
            InetAddress inetAddress = socket == null ? null : socket.getInetAddress();
            if (z10 && socket != null) {
                socket.close();
            }
            SocketFactory socketFactory = SSLSocketFactory.getDefault();
            Objects.requireNonNull(socketFactory, "null cannot be cast to non-null type javax.net.ssl.SSLSocketFactory");
            Socket createSocket = ((SSLSocketFactory) socketFactory).createSocket(inetAddress, i10);
            Objects.requireNonNull(createSocket, "null cannot be cast to non-null type javax.net.ssl.SSLSocket");
            SSLSocket sSLSocket = (SSLSocket) createSocket;
            sSLSocket.setEnabledProtocols(sSLSocket.getSupportedProtocols());
            if (Build.VERSION.SDK_INT >= 24) {
                MLog.i(OkHttpSecureVerify.TAG, "Setting SNI hostname");
                SSLParameters sSLParameters = sSLSocket.getSSLParameters();
                MLog.i(OkHttpSecureVerify.TAG, "create socket ssl Paramtes : " + sSLParameters + ", name : " + sSLParameters.getServerNames());
                e10 = u.e(new SNIHostName(str));
                sSLParameters.setServerNames(e10);
                sSLSocket.setSSLParameters(sSLParameters);
            } else {
                MLog.d(OkHttpSecureVerify.TAG, "No documented SNI support on Android < 4.2, trying with reflection", new Object[0]);
                try {
                    Method method = sSLSocket.getClass().getMethod("setHostname", String.class);
                    x.f(method, "sslSocket.javaClass.getM…ame\", String::class.java)");
                    method.invoke(sSLSocket, requestProperty);
                } catch (Exception e11) {
                    MLog.w(OkHttpSecureVerify.TAG, x.p("SNI not useable : ", e11));
                }
            }
            SSLSession session = sSLSocket.getSession();
            if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(requestProperty, session)) {
                throw new SSLPeerUnverifiedException(x.p("Cannot verify hostname: ", requestProperty));
            }
            MLog.i(OkHttpSecureVerify.TAG, "Established " + session.getProtocol() + " connection with " + session.getPeerHost() + " using " + ((Object) session.getCipherSuite()));
            return sSLSocket;
        }

        @Override // javax.net.ssl.SSLSocketFactory
        @NotNull
        public String[] getDefaultCipherSuites() {
            return new String[]{"0"};
        }

        @Override // javax.net.ssl.SSLSocketFactory
        @NotNull
        public String[] getSupportedCipherSuites() {
            return new String[]{"0"};
        }
    }

    private OkHttpSecureVerify() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getTrustedHostnameVerifier$lambda-1, reason: not valid java name */
    public static final boolean m1131getTrustedHostnameVerifier$lambda1(String host, String str, SSLSession sSLSession) {
        x.g(host, "$host");
        return HttpsURLConnection.getDefaultHostnameVerifier().verify(host, sSLSession);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getTrustedHostnameVerifier$lambda-2, reason: not valid java name */
    public static final boolean m1132getTrustedHostnameVerifier$lambda2(String str, SSLSession sSLSession) {
        return true;
    }

    @NotNull
    public final SSLSocketFactory getSSLSocketFactory(@NotNull TrustManager trustManager) {
        x.g(trustManager, "trustManager");
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        x.f(sSLContext, "getInstance(\"TLS\")");
        sSLContext.init(null, new TrustManager[]{trustManager}, new SecureRandom());
        SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
        x.f(socketFactory, "sslContext.socketFactory");
        return socketFactory;
    }

    @NotNull
    public final X509TrustManager getTrustManager() {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        x.f(trustManagers, "trustManagerFactory.trustManagers");
        if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
            return (X509TrustManager) trustManagers[0];
        }
        String arrays = Arrays.toString(trustManagers);
        x.f(arrays, "toString(this)");
        throw new IllegalStateException(x.p("Unexpected default trust managers:", arrays).toString());
    }

    @NotNull
    public final HostnameVerifier getTrustedHostnameVerifier() {
        return new HostnameVerifier() { // from class: com.tencent.wemusic.data.network.framework.okhttp.b
            @Override // javax.net.ssl.HostnameVerifier
            public final boolean verify(String str, SSLSession sSLSession) {
                boolean m1132getTrustedHostnameVerifier$lambda2;
                m1132getTrustedHostnameVerifier$lambda2 = OkHttpSecureVerify.m1132getTrustedHostnameVerifier$lambda2(str, sSLSession);
                return m1132getTrustedHostnameVerifier$lambda2;
            }
        };
    }

    @NotNull
    public final HostnameVerifier getTrustedHostnameVerifier(@NotNull final String host) {
        x.g(host, "host");
        return new HostnameVerifier() { // from class: com.tencent.wemusic.data.network.framework.okhttp.a
            @Override // javax.net.ssl.HostnameVerifier
            public final boolean verify(String str, SSLSession sSLSession) {
                boolean m1131getTrustedHostnameVerifier$lambda1;
                m1131getTrustedHostnameVerifier$lambda1 = OkHttpSecureVerify.m1131getTrustedHostnameVerifier$lambda1(host, str, sSLSession);
                return m1131getTrustedHostnameVerifier$lambda1;
            }
        };
    }
}
