package cz.msebera.android.httpclient.conn.ssl;

import cz.msebera.android.httpclient.HttpHost;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: classes2.dex */
public final class e implements rd.b {

    /* renamed from: f, reason: collision with root package name */
    public static final List<Pattern> f19473f;

    /* renamed from: a, reason: collision with root package name */
    public final u7.a f19474a = new u7.a(e.class);

    /* renamed from: b, reason: collision with root package name */
    public final SSLSocketFactory f19475b;

    /* renamed from: c, reason: collision with root package name */
    public final HostnameVerifier f19476c;

    /* renamed from: d, reason: collision with root package name */
    public final String[] f19477d;

    /* renamed from: e, reason: collision with root package name */
    public final String[] f19478e;

    static {
        int i10 = b.f19464c;
        int i11 = c.f19465c;
        int i12 = f.f19479c;
        f19473f = Collections.unmodifiableList(Arrays.asList(Pattern.compile("^(TLS|SSL)_(NULL|ECDH_anon|DH_anon|DH_anon_EXPORT|DHE_RSA_EXPORT|DHE_DSS_EXPORT|DSS_EXPORT|DH_DSS_EXPORT|DH_RSA_EXPORT|RSA_EXPORT|KRB5_EXPORT)_(.*)", 2), Pattern.compile("^(TLS|SSL)_(.*)_WITH_(NULL|DES_CBC|DES40_CBC|DES_CBC_40|3DES_EDE_CBC|RC4_128|RC4_40|RC2_CBC_40)_(.*)", 2)));
    }

    public e(SSLSocketFactory sSLSocketFactory, DefaultHostnameVerifier defaultHostnameVerifier) {
        a0.c.U(sSLSocketFactory, "SSL socket factory");
        this.f19475b = sSLSocketFactory;
        this.f19477d = null;
        this.f19478e = null;
        this.f19476c = defaultHostnameVerifier;
    }

    @Override // rd.a
    public final Socket a(int i10, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, he.c cVar) throws IOException {
        u7.a aVar = this.f19474a;
        a0.c.U(httpHost, "HTTP host");
        if (inetSocketAddress2 != null) {
            socket.bind(inetSocketAddress2);
        }
        if (i10 > 0) {
            try {
                if (socket.getSoTimeout() == 0) {
                    socket.setSoTimeout(i10);
                }
            } catch (IOException e10) {
                try {
                    socket.close();
                } catch (IOException unused) {
                }
                throw e10;
            }
        }
        aVar.getClass();
        socket.connect(inetSocketAddress, i10);
        if (!(socket instanceof SSLSocket)) {
            return c(socket, httpHost.c(), inetSocketAddress.getPort());
        }
        SSLSocket sSLSocket = (SSLSocket) socket;
        sSLSocket.startHandshake();
        d(sSLSocket, httpHost.c());
        return socket;
    }

    @Override // rd.a
    public final Socket b() throws IOException {
        return SocketFactory.getDefault().createSocket();
    }

    @Override // rd.b
    public final SSLSocket c(Socket socket, String str, int i10) throws IOException {
        boolean z10;
        SSLSocket sSLSocket = (SSLSocket) this.f19475b.createSocket(socket, str, i10, true);
        String[] strArr = this.f19477d;
        if (strArr != null) {
            sSLSocket.setEnabledProtocols(strArr);
        } else {
            String[] enabledProtocols = sSLSocket.getEnabledProtocols();
            ArrayList arrayList = new ArrayList(enabledProtocols.length);
            for (String str2 : enabledProtocols) {
                if (!str2.startsWith("SSL")) {
                    arrayList.add(str2);
                }
            }
            if (!arrayList.isEmpty()) {
                sSLSocket.setEnabledProtocols((String[]) arrayList.toArray(new String[arrayList.size()]));
            }
        }
        String[] strArr2 = this.f19478e;
        if (strArr2 != null) {
            sSLSocket.setEnabledCipherSuites(strArr2);
        } else {
            String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
            ArrayList arrayList2 = new ArrayList(enabledCipherSuites.length);
            for (String str3 : enabledCipherSuites) {
                Iterator<Pattern> it = f19473f.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        z10 = false;
                        break;
                    }
                    if (it.next().matcher(str3).matches()) {
                        z10 = true;
                        break;
                    }
                }
                if (!z10) {
                    arrayList2.add(str3);
                }
            }
            if (!arrayList2.isEmpty()) {
                sSLSocket.setEnabledCipherSuites((String[]) arrayList2.toArray(new String[arrayList2.size()]));
            }
        }
        this.f19474a.getClass();
        try {
            sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str);
        } catch (Exception unused) {
        }
        sSLSocket.startHandshake();
        d(sSLSocket, str);
        return sSLSocket;
    }

    public final void d(SSLSocket sSLSocket, String str) throws IOException {
        try {
            SSLSession session = sSLSocket.getSession();
            if (session == null) {
                sSLSocket.getInputStream().available();
                session = sSLSocket.getSession();
                if (session == null) {
                    sSLSocket.startHandshake();
                    session = sSLSocket.getSession();
                }
            }
            if (session == null) {
                throw new SSLHandshakeException("SSL session not available");
            }
            this.f19474a.getClass();
            if (this.f19476c.verify(str, session)) {
                return;
            }
            throw new SSLPeerUnverifiedException("Certificate for <" + str + "> doesn't match any of the subject alternative names: " + DefaultHostnameVerifier.b((X509Certificate) session.getPeerCertificates()[0]));
        } catch (IOException e10) {
            try {
                sSLSocket.close();
            } catch (Exception unused) {
            }
            throw e10;
        }
    }
}
