package com.huawei.operation.util.httpclient;

import com.huawei.operation.util.logutil.OperationLogger;
import java.io.IOException;
import java.math.BigInteger;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.net.imap.IMAPSClient;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: classes2.dex */
public class SSLDeviceSocketFactoryEx extends SSLSocketFactory {
    private static final OperationLogger LOGGER = OperationLogger.getInstence();
    private final SSLContext sslContext;

    /* loaded from: classes2.dex */
    private static class InnerX509Trust implements X509TrustManager {
        private static final String PUB_KEY = "30820122300d06092a864886f70d01010105000382010f003082010a0282010100a4b2f6d1466ef9bc296c10134fc65172d6257aad0a4c751bdd268d3aa230b230a14d59885f45153a78baebe08a0bda1e03ccda1c88d132f76009b48e26495f83b703283f01b896861621e4ba2a517b120258a5d4032d568ce8cb3ae2cfc89e0f32163485e68682d1b832a515108154a9e96b00fae7ccf348de85b39f5c45536ca5e9c40bcdb21482ded23546f48fc9beafc7f8c343a154e9fc1e072bbd0c2b16173b542fc74ff7200d529ed6d0ede90f70abda93c6596b0ef04bba239b54ac506931db90f105577a234701bba0f2da94a4de9bb11ff493b77125218ec3a8f75d9a2d779b341518b0862f5e3a97d8c259140fbcde0985b2181476ae3dd01bf1550203010001";

        private InnerX509Trust() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (x509CertificateArr == null) {
                SSLDeviceSocketFactoryEx.LOGGER.log("error", SSLSocketFactory.class.getName(), "chain is null");
            }
            if (x509CertificateArr != null && x509CertificateArr.length <= 0) {
                SSLDeviceSocketFactoryEx.LOGGER.log("error", SSLSocketFactory.class.getName(), "chain is empty");
            }
            if (str == null || !"ECDHE_RSA".equalsIgnoreCase(str)) {
                SSLDeviceSocketFactoryEx.LOGGER.log("error", SSLSocketFactory.class.getName(), "authType is not RSA");
            }
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                trustManagerFactory.init((KeyStore) null);
                int length = trustManagerFactory.getTrustManagers().length;
                for (int i = 0; i < length; i++) {
                    ((X509TrustManager) trustManagerFactory.getTrustManagers()[i]).checkServerTrusted(x509CertificateArr, str);
                }
            } catch (Exception e) {
                SSLDeviceSocketFactoryEx.LOGGER.log("error", SSLSocketFactory.class.getName(), "check Server Trusted error");
            }
            if (PUB_KEY.equalsIgnoreCase(new BigInteger(1, (x509CertificateArr != null ? (RSAPublicKey) x509CertificateArr[0].getPublicKey() : null).getEncoded()).toString(16))) {
                return;
            }
            SSLDeviceSocketFactoryEx.LOGGER.log("error", SSLSocketFactory.class.getName(), "diverse key");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public SSLDeviceSocketFactoryEx(KeyStore keyStore) throws GeneralSecurityException {
        super(keyStore);
        this.sslContext = SSLContext.getInstance(IMAPSClient.DEFAULT_PROTOCOL);
        this.sslContext.init(null, new TrustManager[]{new InnerX509Trust()}, null);
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        Socket createSocket = this.sslContext.getSocketFactory().createSocket(socket, str, i, z);
        if (!(createSocket instanceof SSLSocket)) {
            return null;
        }
        SSLSocket sSLSocket = (SSLSocket) createSocket;
        sSLSocket.setEnabledProtocols(new String[]{"TLSv1.2"});
        return sSLSocket;
    }
}
