package hx;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.security.auth.x500.X500Principal;
import tw.k;

/* compiled from: SSLConnectionSocketFactory.java */
/* loaded from: classes3.dex */
public class d implements gx.b {

    /* renamed from: a, reason: collision with root package name */
    public final sw.a f18373a = sw.e.f(d.class);

    /* renamed from: b, reason: collision with root package name */
    public final SSLSocketFactory f18374b;

    /* renamed from: c, reason: collision with root package name */
    public final HostnameVerifier f18375c;

    /* renamed from: d, reason: collision with root package name */
    public final String[] f18376d;

    /* renamed from: e, reason: collision with root package name */
    public final String[] f18377e;

    static {
        b bVar = b.f18371c;
        c cVar = c.f18372c;
        e eVar = e.f18378c;
    }

    public d(SSLSocketFactory sSLSocketFactory, String[] strArr, String[] strArr2, HostnameVerifier hostnameVerifier) {
        gt.b.n(sSLSocketFactory, "SSL socket factory");
        this.f18374b = sSLSocketFactory;
        this.f18376d = strArr;
        this.f18377e = strArr2;
        this.f18375c = hostnameVerifier == null ? new org.apache.http.conn.ssl.a(ix.c.b()) : hostnameVerifier;
    }

    @Override // gx.b
    public Socket a(Socket socket, String str, int i11, zx.c cVar) {
        SSLSocket sSLSocket = (SSLSocket) this.f18374b.createSocket(socket, str, i11, true);
        String[] strArr = this.f18376d;
        if (strArr != null) {
            sSLSocket.setEnabledProtocols(strArr);
        } else {
            String[] enabledProtocols = sSLSocket.getEnabledProtocols();
            ArrayList arrayList = new ArrayList(enabledProtocols.length);
            for (String str2 : enabledProtocols) {
                if (!str2.startsWith("SSL")) {
                    arrayList.add(str2);
                }
            }
            if (!arrayList.isEmpty()) {
                sSLSocket.setEnabledProtocols((String[]) arrayList.toArray(new String[arrayList.size()]));
            }
        }
        String[] strArr2 = this.f18377e;
        if (strArr2 != null) {
            sSLSocket.setEnabledCipherSuites(strArr2);
        }
        if (this.f18373a.a()) {
            sw.a aVar = this.f18373a;
            StringBuilder a11 = android.support.v4.media.d.a("Enabled protocols: ");
            a11.append(Arrays.asList(sSLSocket.getEnabledProtocols()));
            aVar.b(a11.toString());
            sw.a aVar2 = this.f18373a;
            StringBuilder a12 = android.support.v4.media.d.a("Enabled cipher suites:");
            a12.append(Arrays.asList(sSLSocket.getEnabledCipherSuites()));
            aVar2.b(a12.toString());
        }
        this.f18373a.b("Starting handshake");
        sSLSocket.startHandshake();
        d(sSLSocket, str);
        return sSLSocket;
    }

    @Override // gx.a
    public Socket b(zx.c cVar) {
        return SocketFactory.getDefault().createSocket();
    }

    @Override // gx.a
    public Socket c(int i11, Socket socket, k kVar, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, zx.c cVar) {
        if (inetSocketAddress2 != null) {
            socket.bind(inetSocketAddress2);
        }
        if (i11 > 0) {
            try {
                if (socket.getSoTimeout() == 0) {
                    socket.setSoTimeout(i11);
                }
            } catch (IOException e11) {
                try {
                    socket.close();
                } catch (IOException unused) {
                }
                throw e11;
            }
        }
        if (this.f18373a.a()) {
            this.f18373a.b("Connecting socket to " + inetSocketAddress + " with timeout " + i11);
        }
        socket.connect(inetSocketAddress, i11);
        if (!(socket instanceof SSLSocket)) {
            return a(socket, kVar.f32717a, inetSocketAddress.getPort(), cVar);
        }
        SSLSocket sSLSocket = (SSLSocket) socket;
        this.f18373a.b("Starting handshake");
        sSLSocket.startHandshake();
        d(sSLSocket, kVar.f32717a);
        return socket;
    }

    public final void d(SSLSocket sSLSocket, String str) {
        try {
            SSLSession session = sSLSocket.getSession();
            if (session == null) {
                sSLSocket.getInputStream().available();
                session = sSLSocket.getSession();
                if (session == null) {
                    sSLSocket.startHandshake();
                    session = sSLSocket.getSession();
                }
            }
            if (session == null) {
                throw new SSLHandshakeException("SSL session not available");
            }
            if (this.f18373a.a()) {
                this.f18373a.b("Secure session established");
                this.f18373a.b(" negotiated protocol: " + session.getProtocol());
                this.f18373a.b(" negotiated cipher suite: " + session.getCipherSuite());
                try {
                    X509Certificate x509Certificate = (X509Certificate) session.getPeerCertificates()[0];
                    X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
                    this.f18373a.b(" peer principal: " + subjectX500Principal.toString());
                    Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                    if (subjectAlternativeNames != null) {
                        ArrayList arrayList = new ArrayList();
                        for (List<?> list : subjectAlternativeNames) {
                            if (!list.isEmpty()) {
                                arrayList.add((String) list.get(1));
                            }
                        }
                        this.f18373a.b(" peer alternative names: " + arrayList);
                    }
                    X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
                    this.f18373a.b(" issuer principal: " + issuerX500Principal.toString());
                    Collection<List<?>> issuerAlternativeNames = x509Certificate.getIssuerAlternativeNames();
                    if (issuerAlternativeNames != null) {
                        ArrayList arrayList2 = new ArrayList();
                        for (List<?> list2 : issuerAlternativeNames) {
                            if (!list2.isEmpty()) {
                                arrayList2.add((String) list2.get(1));
                            }
                        }
                        this.f18373a.b(" issuer alternative names: " + arrayList2);
                    }
                } catch (Exception unused) {
                }
            }
            if (this.f18375c.verify(str, session)) {
                return;
            }
            throw new SSLPeerUnverifiedException("Host name '" + str + "' does not match the certificate subject provided by the peer (" + ((X509Certificate) session.getPeerCertificates()[0]).getSubjectX500Principal().toString() + ")");
        } catch (IOException e11) {
            try {
                sSLSocket.close();
            } catch (Exception unused2) {
            }
            throw e11;
        }
    }
}
