package o;

import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: freedome */
/* renamed from: o.kh, reason: case insensitive filesystem */
/* loaded from: classes.dex */
public class C0281kh extends SSLSocketFactory implements HandshakeCompletedListener {
    private static Logger a = Logger.getLogger(C0281kh.class.getName());
    private static final String[] b = {"TLSv1.2"};
    private static final String[] c = {"SSL", "MD5", "NULL", "EXP", "ADH", "AECDH", "DES", "PSK", "SRP", "RC4", "CBC"};
    private static volatile List<C0281kh> f;
    private String[] d = b;
    public String[] e = c;
    private final boolean h = false;
    private X509Certificate[] i = null;
    private final SSLSocketFactory j;

    /* compiled from: freedome */
    /* renamed from: o.kh$c */
    /* loaded from: classes.dex */
    public static class c implements X509TrustManager {
        private TrustManager[] c;
        private X509Certificate[] e = null;
        private ArrayList<X509Certificate> d = new ArrayList<>(5);

        public c(TrustManager[] trustManagerArr, X509Certificate[] x509CertificateArr) {
            this.c = trustManagerArr;
        }

        private static boolean e(X509Certificate x509Certificate, X509Certificate[] x509CertificateArr) {
            byte[] encoded = x509Certificate.getPublicKey().getEncoded();
            for (X509Certificate x509Certificate2 : x509CertificateArr) {
                if (Arrays.equals(x509Certificate2.getPublicKey().getEncoded(), encoded)) {
                    return true;
                }
            }
            return false;
        }

        @Override // javax.net.ssl.X509TrustManager
        public final void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            throw new UnsupportedOperationException("Server mode not supported.");
        }

        @Override // javax.net.ssl.X509TrustManager
        public final void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            X509Certificate[] x509CertificateArr2;
            boolean z;
            X509Certificate[] acceptedIssuers;
            for (TrustManager trustManager : this.c) {
                if (trustManager instanceof X509TrustManager) {
                    ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, str);
                }
            }
            int length = x509CertificateArr.length;
            boolean z2 = true;
            for (int i = 1; i < length; i++) {
                if (!x509CertificateArr[i - 1].getIssuerDN().equals(x509CertificateArr[i].getSubjectDN())) {
                    throw new CertificateException("Certificate chain concurrency problem.");
                }
            }
            int i2 = length - 1;
            if (!x509CertificateArr[i2].getIssuerDN().equals(x509CertificateArr[i2].getSubjectDN())) {
                Iterator<X509Certificate> it = this.d.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        x509CertificateArr2 = x509CertificateArr;
                        z = false;
                        break;
                    }
                    X509Certificate next = it.next();
                    if (next.getSubjectDN().equals(x509CertificateArr[i2].getIssuerDN())) {
                        X509Certificate[] x509CertificateArr3 = (X509Certificate[]) Arrays.copyOf(x509CertificateArr, length + 1);
                        x509CertificateArr3[length] = next;
                        x509CertificateArr2 = x509CertificateArr3;
                        z = true;
                        break;
                    }
                }
                if (!z && (acceptedIssuers = getAcceptedIssuers()) != null) {
                    for (X509Certificate x509Certificate : acceptedIssuers) {
                        if (x509Certificate.getSubjectDN().equals(x509CertificateArr2[i2].getIssuerDN())) {
                            x509CertificateArr = (X509Certificate[]) Arrays.copyOf(x509CertificateArr2, length + 1);
                            x509CertificateArr[length] = x509Certificate;
                            if (this.d.size() >= 5) {
                                this.d.remove(0);
                            }
                            this.d.add(x509Certificate);
                        }
                    }
                }
                x509CertificateArr = x509CertificateArr2;
            }
            if (this.e != null) {
                X509Certificate[] x509CertificateArr4 = this.e;
                int length2 = x509CertificateArr4.length;
                int i3 = 0;
                while (true) {
                    if (i3 >= length2) {
                        z2 = false;
                        break;
                    } else if (e(x509CertificateArr4[i3], x509CertificateArr)) {
                        break;
                    } else {
                        i3++;
                    }
                }
                if (!z2) {
                    throw new CertificateException("Certificate not found from pinning list.");
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public final X509Certificate[] getAcceptedIssuers() {
            for (TrustManager trustManager : this.c) {
                if (trustManager instanceof X509TrustManager) {
                    return ((X509TrustManager) trustManager).getAcceptedIssuers();
                }
            }
            return null;
        }
    }

    private C0281kh(boolean z) {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagerArr = {new c(trustManagerFactory.getTrustManagers(), null)};
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, trustManagerArr, null);
        this.j = sSLContext.getSocketFactory();
    }

    private static Set<String> a(SSLSocket sSLSocket) {
        String[] supportedProtocols = sSLSocket.getSupportedProtocols();
        HashSet hashSet = new HashSet(supportedProtocols.length);
        for (String str : supportedProtocols) {
            hashSet.add(str);
        }
        return hashSet;
    }

    public static synchronized C0281kh a() {
        synchronized (C0281kh.class) {
            if (f != null) {
                for (C0281kh c0281kh : f) {
                    if (!c0281kh.h && Arrays.equals((Object[]) null, (Object[]) null)) {
                        return c0281kh;
                    }
                }
            }
            if (f == null) {
                f = new ArrayList();
            }
            C0281kh c0281kh2 = new C0281kh(false);
            f.add(c0281kh2);
            Logger logger = a;
            Level level = Level.FINEST;
            StringBuilder sb = new StringBuilder("Created new SocketFactory, current count: ");
            sb.append(f.size());
            logger.log(level, sb.toString());
            a.log(Level.FINEST, c0281kh2.toString());
            Logger logger2 = a;
            Level level2 = Level.FINEST;
            StringBuilder sb2 = new StringBuilder("Bypass: ");
            sb2.append(c0281kh2.h);
            logger2.log(level2, sb2.toString());
            a.log(Level.FINEST, "null");
            return c0281kh2;
        }
    }

    private void a(SSLSocket sSLSocket, String str) {
        if (!sSLSocket.getClass().getName().equals("com.android.org.conscrypt.OpenSSLSocketImpl")) {
            try {
                sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str);
            } catch (Exception e) {
                Logger logger = a;
                Level level = Level.WARNING;
                StringBuilder sb = new StringBuilder("setHostname() was not found. Got ");
                sb.append(e.getMessage());
                logger.log(level, sb.toString());
            }
        }
        e(sSLSocket);
    }

    private String[] a(Set<String> set) {
        ArrayList arrayList = new ArrayList();
        int length = this.d.length;
        for (int i = 0; i < length; i++) {
            if (set.contains(this.d[i])) {
                arrayList.add(this.d[i]);
            }
        }
        if (arrayList.size() > 0) {
            return (String[]) arrayList.toArray(new String[arrayList.size()]);
        }
        throw new SSLException("Device doesn't support any accepted protocols.");
    }

    private String[] c(String[] strArr) {
        if (this.e == null || this.e.length == 0) {
            a.log(Level.WARNING, "No cipher suites were disallowed. Maybe you should define some or use default values instead of allowing all?");
            return strArr;
        }
        StringBuilder sb = new StringBuilder();
        sb.append(".*(");
        sb.append(this.e[0]);
        int length = this.e.length;
        for (int i = 1; i < length; i++) {
            sb.append('|');
            sb.append(this.e[i]);
        }
        sb.append(").*");
        String obj = sb.toString();
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            if (!str.matches(obj)) {
                arrayList.add(str);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    private void e(SSLSocket sSLSocket) {
        sSLSocket.setEnabledProtocols(a(a(sSLSocket)));
        sSLSocket.setEnabledCipherSuites(c(sSLSocket.getSupportedCipherSuites()));
        sSLSocket.addHandshakeCompletedListener(this);
    }

    public static String[] e() {
        return c;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket() {
        SSLSocket sSLSocket = (SSLSocket) this.j.createSocket();
        e(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) {
        SSLSocket sSLSocket = (SSLSocket) this.j.createSocket(str, i);
        a(sSLSocket, str);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) {
        SSLSocket sSLSocket = (SSLSocket) this.j.createSocket(str, i, inetAddress, i2);
        a(sSLSocket, str);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) {
        SSLSocket sSLSocket = (SSLSocket) this.j.createSocket(inetAddress, i);
        e(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) {
        SSLSocket sSLSocket = (SSLSocket) this.j.createSocket(inetAddress, i, inetAddress2, i2);
        e(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) {
        SSLSocket sSLSocket = (SSLSocket) this.j.createSocket(socket, str, i, z);
        a(sSLSocket, str);
        return sSLSocket;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return this.j.getDefaultCipherSuites();
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return this.j.getSupportedCipherSuites();
    }

    @Override // javax.net.ssl.HandshakeCompletedListener
    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
        a.log(Level.FINEST, String.format("SSL connection done using %s, %s", handshakeCompletedEvent.getSession().getProtocol(), handshakeCompletedEvent.getCipherSuite()));
        try {
            if (handshakeCompletedEvent.getSession().getProtocol().startsWith("SSL")) {
                a.log(Level.SEVERE, "Handshake chose SSL. Closing socket.");
                handshakeCompletedEvent.getSocket().close();
            }
        } catch (Exception e) {
            a.log(Level.SEVERE, e.getMessage());
        }
    }
}
