package com.lotus.android.common.z;

import android.content.Context;
import android.net.SSLCertificateSocketFactory;
import com.lotus.android.common.CommonUtil;
import com.lotus.android.common.logging.AppLogger;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* compiled from: CommonSSLSocketFactory.java */
/* loaded from: classes.dex */
public class g extends SSLSocketFactory {
    private static String a = d();

    /* renamed from: b, reason: collision with root package name */
    private c f3203b;

    /* renamed from: c, reason: collision with root package name */
    private javax.net.ssl.SSLSocketFactory f3204c;

    /* renamed from: d, reason: collision with root package name */
    private SSLCertificateSocketFactory f3205d;

    /* compiled from: CommonSSLSocketFactory.java */
    /* loaded from: classes.dex */
    public interface a {
        void a(Exception exc);

        boolean b(t tVar);

        void c(boolean z);

        String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket);

        Context getContext();
    }

    public g(c cVar, a aVar) throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        super("TLSv1.2", null, a, null, null, null);
        this.f3203b = cVar;
        try {
            j a2 = j.a(aVar);
            l lVar = new l(aVar);
            if (com.lotus.android.common.auth.c.b(cVar.w())) {
                SSLContext sSLContext = SSLContext.getInstance(e());
                sSLContext.init(new X509KeyManager[]{a2}, new X509TrustManager[]{lVar}, new SecureRandom());
                this.f3204c = sSLContext.getSocketFactory();
            } else {
                SSLCertificateSocketFactory sSLCertificateSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0);
                this.f3205d = sSLCertificateSocketFactory;
                sSLCertificateSocketFactory.setKeyManagers(new X509KeyManager[]{a2});
                this.f3205d.setTrustManagers(new X509TrustManager[]{lVar});
            }
            setHostnameVerifier(new q(this.f3203b.w()));
        } catch (Exception e2) {
            AppLogger.debug(e2);
        }
    }

    private static void a(byte b2, StringBuffer stringBuffer) {
        stringBuffer.append(CommonUtil.HEX.charAt((b2 >> 4) & 15));
        stringBuffer.append(CommonUtil.HEX.charAt(b2 & 15));
    }

    private void b(SSLSocket sSLSocket, String str) {
        try {
            sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str);
        } catch (Exception e2) {
            AppLogger.trace(e2, "Unable to enable Server Name Indication (SNI)", new Object[0]);
        }
    }

    private void c(SSLSocket sSLSocket) {
        try {
            sSLSocket.setEnabledProtocols(sSLSocket.getSupportedProtocols());
        } catch (IllegalArgumentException e2) {
            AppLogger.trace(e2, "Unable to enable the supported SSL protocols: ", Arrays.toString(sSLSocket.getSupportedProtocols()));
        }
        AppLogger.trace("Enabled SSL protocols: %s", Arrays.toString(sSLSocket.getEnabledProtocols()));
    }

    private static String d() {
        try {
            byte[] bArr = new byte[24];
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
            StringBuffer stringBuffer = new StringBuffer();
            for (int i2 = 0; i2 < 24; i2++) {
                a(bArr[i2], stringBuffer);
            }
            return stringBuffer.toString();
        } catch (NoSuchAlgorithmException unused) {
            return null;
        }
    }

    private String e() {
        return "TLSv1.2";
    }

    private void f(SSLSocket sSLSocket, String str) throws IOException {
        sSLSocket.startHandshake();
        SSLSession session = sSLSocket.getSession();
        AppLogger.trace("Negotiated SSL Protocol: %s", session.getProtocol());
        if (getHostnameVerifier().verify(str, session)) {
            return;
        }
        SSLPeerUnverifiedException sSLPeerUnverifiedException = new SSLPeerUnverifiedException("Unable to verify the server's identity. Host: " + str);
        AppLogger.trace(sSLPeerUnverifiedException);
        throw sSLPeerUnverifiedException;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        javax.net.ssl.SSLSocketFactory sSLSocketFactory = this.f3204c;
        SSLSocket sSLSocket = (SSLSocket) (sSLSocketFactory != null ? sSLSocketFactory.createSocket() : this.f3205d.createSocket());
        sSLSocket.setSoTimeout(this.f3203b.z());
        c(sSLSocket);
        return sSLSocket;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i2, boolean z) throws IOException {
        if (z) {
            socket.close();
        }
        javax.net.ssl.SSLSocketFactory sSLSocketFactory = this.f3204c;
        SSLSocket sSLSocket = (SSLSocket) (sSLSocketFactory != null ? sSLSocketFactory.createSocket(InetAddress.getByName(str), i2) : this.f3205d.createSocket(InetAddress.getByName(str), i2));
        sSLSocket.setSoTimeout(this.f3203b.z());
        c(sSLSocket);
        b(sSLSocket, str);
        f(sSLSocket, str);
        return sSLSocket;
    }
}
