package com.lotus.android.common.f;

import android.content.Context;
import android.net.SSLCertificateSocketFactory;
import android.support.v4.media.TransportMediator;
import com.lotus.android.common.CommonUtil;
import com.lotus.android.common.logging.AppLogger;
import com.lotus.sync.client.EmailStore;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* compiled from: CommonSSLSocketFactory.java */
/* loaded from: classes.dex */
public class g extends SSLSocketFactory {

    /* renamed from: a, reason: collision with root package name */
    private c f570a;

    /* renamed from: b, reason: collision with root package name */
    private javax.net.ssl.SSLSocketFactory f571b;
    private SSLCertificateSocketFactory c;

    /* compiled from: CommonSSLSocketFactory.java */
    /* loaded from: classes.dex */
    public interface a {
        Context a();

        String a(String[] strArr, Principal[] principalArr, Socket socket);

        void a(Exception exc);

        void a(boolean z);

        boolean a(v vVar);
    }

    public g(c cVar, a aVar) throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        super(null);
        this.f570a = cVar;
        try {
            j a2 = j.a(aVar);
            m mVar = new m(aVar);
            if (com.lotus.android.common.d.c.a(cVar.c())) {
                SSLContext sSLContext = SSLContext.getInstance(a());
                sSLContext.init(new X509KeyManager[]{a2}, new X509TrustManager[]{mVar}, new SecureRandom());
                this.f571b = sSLContext.getSocketFactory();
            } else {
                this.c = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0);
                this.c.setKeyManagers(new X509KeyManager[]{a2});
                this.c.setTrustManagers(new X509TrustManager[]{mVar});
            }
            setHostnameVerifier(new s(this.f570a.c()));
        } catch (Exception e) {
            AppLogger.debug(e);
        }
    }

    private String a() {
        return CommonUtil.isJellyBean() ? "TLSv1.2" : "TLS";
    }

    private void a(SSLSocket sSLSocket) {
        try {
            sSLSocket.setEnabledProtocols(sSLSocket.getSupportedProtocols());
        } catch (IllegalArgumentException e) {
            if (AppLogger.isLoggable(AppLogger.TRACE)) {
                AppLogger.zIMPLtrace("com.lotus.android.common.http", "CommonSSLSocketFactory", "enableSSLProtocols", EmailStore.ITEM_MOVED_EMAIL, e, "Unable to enable the supported SSL protocols: ", Arrays.toString(sSLSocket.getSupportedProtocols()));
            }
        }
        if (AppLogger.isLoggable(AppLogger.TRACE)) {
            AppLogger.zIMPLtrace("com.lotus.android.common.http", "CommonSSLSocketFactory", "enableSSLProtocols", EmailStore.ITEM_READ_STATUS_CHANGED, "Enabled SSL protocols: %s", Arrays.toString(sSLSocket.getEnabledProtocols()));
        }
    }

    private void a(SSLSocket sSLSocket, String str) {
        try {
            sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str);
        } catch (Exception e) {
            if (AppLogger.isLoggable(AppLogger.TRACE)) {
                AppLogger.zIMPLtrace("com.lotus.android.common.http", "CommonSSLSocketFactory", "enableSNI", TransportMediator.KEYCODE_MEDIA_PLAY, e, "Unable to enable Server Name Indication (SNI)", new Object[0]);
            }
        }
    }

    private void b(SSLSocket sSLSocket, String str) throws IOException {
        sSLSocket.startHandshake();
        if (getHostnameVerifier().verify(str, sSLSocket.getSession())) {
            return;
        }
        SSLPeerUnverifiedException sSLPeerUnverifiedException = new SSLPeerUnverifiedException("Unable to verify the server's identity. Host: " + str);
        if (!AppLogger.isLoggable(AppLogger.TRACE)) {
            throw sSLPeerUnverifiedException;
        }
        AppLogger.zIMPLtrace("com.lotus.android.common.http", "CommonSSLSocketFactory", "validateServerIdentity", 136, sSLPeerUnverifiedException);
        throw sSLPeerUnverifiedException;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        SSLSocket sSLSocket = (SSLSocket) (this.f571b != null ? this.f571b.createSocket() : this.c.createSocket());
        sSLSocket.setSoTimeout(this.f570a.g());
        a(sSLSocket);
        return sSLSocket;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        if (z) {
            socket.close();
        }
        SSLSocket sSLSocket = (SSLSocket) (this.f571b != null ? this.f571b.createSocket(InetAddress.getByName(str), i) : this.c.createSocket(InetAddress.getByName(str), i));
        sSLSocket.setSoTimeout(this.f570a.g());
        a(sSLSocket);
        a(sSLSocket, str);
        b(sSLSocket, str);
        return sSLSocket;
    }
}
