package com.huawei.secure.android.common.ssl;

import android.content.Context;
import com.huawei.secure.android.common.ssl.util.g;
import com.tencent.matrix.trace.core.AppMethodBeat;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.StrictHostnameVerifier;
import org.apache.http.conn.ssl.X509HostnameVerifier;

/* loaded from: classes8.dex */
public class SecureApacheSSLSocketFactory extends SSLSocketFactory {
    public static final X509HostnameVerifier BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
    public static final X509HostnameVerifier STRICT_HOSTNAME_VERIFIER;

    /* renamed from: i, reason: collision with root package name */
    private static final String f26948i;

    /* renamed from: j, reason: collision with root package name */
    private static volatile SecureApacheSSLSocketFactory f26949j;

    /* renamed from: a, reason: collision with root package name */
    private SSLContext f26950a;

    /* renamed from: b, reason: collision with root package name */
    private SSLSocket f26951b;

    /* renamed from: c, reason: collision with root package name */
    private Context f26952c;

    /* renamed from: d, reason: collision with root package name */
    private String[] f26953d;

    /* renamed from: e, reason: collision with root package name */
    private X509TrustManager f26954e;

    /* renamed from: f, reason: collision with root package name */
    private String[] f26955f;

    /* renamed from: g, reason: collision with root package name */
    private String[] f26956g;

    /* renamed from: h, reason: collision with root package name */
    private String[] f26957h;

    static {
        AppMethodBeat.i(3297);
        BROWSER_COMPATIBLE_HOSTNAME_VERIFIER = new BrowserCompatHostnameVerifier();
        STRICT_HOSTNAME_VERIFIER = new StrictHostnameVerifier();
        f26948i = SecureApacheSSLSocketFactory.class.getSimpleName();
        f26949j = null;
        AppMethodBeat.o(3297);
    }

    private SecureApacheSSLSocketFactory(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore);
        AppMethodBeat.i(3280);
        this.f26951b = null;
        AppMethodBeat.o(3280);
    }

    private SecureApacheSSLSocketFactory(KeyStore keyStore, Context context) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException, IllegalArgumentException {
        super(keyStore);
        AppMethodBeat.i(3282);
        this.f26951b = null;
        if (context == null) {
            g.b(f26948i, "SecureSSLSocketFactory: context is null");
            AppMethodBeat.o(3282);
            return;
        }
        setContext(context);
        setSslContext(SSLUtil.setSSLContext());
        SecureX509TrustManager secureX509SingleInstance = SecureX509SingleInstance.getInstance(context);
        this.f26954e = secureX509SingleInstance;
        this.f26950a.init(null, new X509TrustManager[]{secureX509SingleInstance}, null);
        AppMethodBeat.o(3282);
    }

    public SecureApacheSSLSocketFactory(KeyStore keyStore, InputStream inputStream, String str) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException, IllegalArgumentException {
        super(keyStore);
        AppMethodBeat.i(3283);
        this.f26951b = null;
        this.f26950a = SSLUtil.setSSLContext();
        HiCloudX509TrustManager hiCloudX509TrustManager = new HiCloudX509TrustManager(inputStream, str);
        setX509TrustManager(hiCloudX509TrustManager);
        this.f26950a.init(null, new X509TrustManager[]{hiCloudX509TrustManager}, null);
        AppMethodBeat.o(3283);
    }

    public SecureApacheSSLSocketFactory(KeyStore keyStore, X509TrustManager x509TrustManager) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException, IllegalArgumentException {
        super(keyStore);
        AppMethodBeat.i(3285);
        this.f26951b = null;
        this.f26950a = SSLUtil.setSSLContext();
        setX509TrustManager(x509TrustManager);
        this.f26950a.init(null, new X509TrustManager[]{x509TrustManager}, null);
        AppMethodBeat.o(3285);
    }

    private void a(Socket socket) {
        boolean z11;
        AppMethodBeat.i(3293);
        boolean z12 = true;
        if (com.huawei.secure.android.common.ssl.util.a.a(this.f26957h)) {
            z11 = false;
        } else {
            g.c(f26948i, "set protocols");
            SSLUtil.setEnabledProtocols((SSLSocket) socket, this.f26957h);
            z11 = true;
        }
        if (com.huawei.secure.android.common.ssl.util.a.a(this.f26956g) && com.huawei.secure.android.common.ssl.util.a.a(this.f26955f)) {
            z12 = false;
        } else {
            g.c(f26948i, "set white cipher or black cipher");
            SSLSocket sSLSocket = (SSLSocket) socket;
            SSLUtil.setEnabledProtocols(sSLSocket);
            if (com.huawei.secure.android.common.ssl.util.a.a(this.f26956g)) {
                SSLUtil.setBlackListCipherSuites(sSLSocket, this.f26955f);
            } else {
                SSLUtil.setWhiteListCipherSuites(sSLSocket, this.f26956g);
            }
        }
        if (!z11) {
            g.c(f26948i, "set default protocols");
            SSLUtil.setEnabledProtocols((SSLSocket) socket);
        }
        if (!z12) {
            g.c(f26948i, "set default cipher suites");
            SSLUtil.setEnableSafeCipherSuites((SSLSocket) socket);
        }
        AppMethodBeat.o(3293);
    }

    public static void a(X509TrustManager x509TrustManager) {
        AppMethodBeat.i(3290);
        g.c(f26948i, "sasf update socket factory trust manager");
        try {
            f26949j = new SecureApacheSSLSocketFactory((KeyStore) null, x509TrustManager);
        } catch (IOException unused) {
            g.b(f26948i, "IOException");
        } catch (KeyManagementException unused2) {
            g.b(f26948i, "KeyManagementException");
        } catch (KeyStoreException unused3) {
            g.b(f26948i, "KeyStoreException");
        } catch (NoSuchAlgorithmException unused4) {
            g.b(f26948i, "NoSuchAlgorithmException");
        } catch (UnrecoverableKeyException unused5) {
            g.b(f26948i, "UnrecoverableKeyException");
        } catch (CertificateException unused6) {
            g.b(f26948i, "CertificateException");
        }
        AppMethodBeat.o(3290);
    }

    public static SecureApacheSSLSocketFactory getInstance(KeyStore keyStore, Context context) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException, IllegalArgumentException {
        AppMethodBeat.i(3287);
        com.huawei.secure.android.common.ssl.util.c.a(context);
        if (f26949j == null) {
            synchronized (SecureApacheSSLSocketFactory.class) {
                try {
                    if (f26949j == null) {
                        f26949j = new SecureApacheSSLSocketFactory(keyStore, context);
                    }
                } catch (Throwable th2) {
                    AppMethodBeat.o(3287);
                    throw th2;
                }
            }
        }
        SecureApacheSSLSocketFactory secureApacheSSLSocketFactory = f26949j;
        AppMethodBeat.o(3287);
        return secureApacheSSLSocketFactory;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        AppMethodBeat.i(3308);
        g.c(f26948i, "createSocket: ");
        Socket createSocket = this.f26950a.getSocketFactory().createSocket();
        if (createSocket instanceof SSLSocket) {
            a(createSocket);
            SSLSocket sSLSocket = (SSLSocket) createSocket;
            this.f26951b = sSLSocket;
            this.f26953d = (String[]) sSLSocket.getEnabledCipherSuites().clone();
        }
        AppMethodBeat.o(3308);
        return createSocket;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i11, boolean z11) throws IOException {
        AppMethodBeat.i(3305);
        g.c(f26948i, "createSocket: socket host port autoClose");
        Socket createSocket = this.f26950a.getSocketFactory().createSocket(socket, str, i11, z11);
        if (createSocket instanceof SSLSocket) {
            a(createSocket);
            SSLSocket sSLSocket = (SSLSocket) createSocket;
            this.f26951b = sSLSocket;
            this.f26953d = (String[]) sSLSocket.getEnabledCipherSuites().clone();
        }
        AppMethodBeat.o(3305);
        return createSocket;
    }

    public String[] getBlackCiphers() {
        return this.f26955f;
    }

    public X509Certificate[] getChain() {
        AppMethodBeat.i(3310);
        X509TrustManager x509TrustManager = this.f26954e;
        if (x509TrustManager instanceof SecureX509TrustManager) {
            X509Certificate[] chain = ((SecureX509TrustManager) x509TrustManager).getChain();
            AppMethodBeat.o(3310);
            return chain;
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[0];
        AppMethodBeat.o(3310);
        return x509CertificateArr;
    }

    public Context getContext() {
        return this.f26952c;
    }

    public String[] getProtocols() {
        return this.f26957h;
    }

    public SSLContext getSslContext() {
        return this.f26950a;
    }

    public SSLSocket getSslSocket() {
        return this.f26951b;
    }

    public String[] getSupportedCipherSuites() {
        String[] strArr = this.f26953d;
        return strArr != null ? strArr : new String[0];
    }

    public String[] getWhiteCiphers() {
        return this.f26956g;
    }

    public X509TrustManager getX509TrustManager() {
        return this.f26954e;
    }

    public void setBlackCiphers(String[] strArr) {
        this.f26955f = strArr;
    }

    public void setContext(Context context) {
        AppMethodBeat.i(3300);
        this.f26952c = context.getApplicationContext();
        AppMethodBeat.o(3300);
    }

    public void setProtocols(String[] strArr) {
        this.f26957h = strArr;
    }

    public void setSslContext(SSLContext sSLContext) {
        this.f26950a = sSLContext;
    }

    public void setSslSocket(SSLSocket sSLSocket) {
        this.f26951b = sSLSocket;
    }

    public void setWhiteCiphers(String[] strArr) {
        this.f26956g = strArr;
    }

    public void setX509TrustManager(X509TrustManager x509TrustManager) {
        this.f26954e = x509TrustManager;
    }
}
