package com.sap.mobile.lib.request;

import android.net.SSLCertificateSocketFactory;
import android.os.Build;
import android.util.AndroidRuntimeException;
import android.util.Log;
import java.io.IOException;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Arrays;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.scheme.LayeredSocketFactory;
import org.apache.http.params.HttpParams;

@Deprecated
/* loaded from: classes5.dex */
final class InternalTlsSocketFactory implements LayeredSocketFactory {
    private static final String TAG = "InternalTlsSocketFactory";
    private static final int buildApi = Build.VERSION.SDK_INT;
    private static final String className = "InternalTlsSocketFactory";
    private static final int minApi = 14;
    private String[] enabledTLSProtocols;
    private final SSLCertificateSocketFactory factory;
    private final SSLSocketFactory factoryWithReflection;
    private final boolean forceTLS;
    private final int handshakeTimeoutMillis;
    private boolean sslSocketSetHandshakeTimeoutDisabled;
    private Method sslSocketSetHandshakeTimeoutMethod;
    private boolean sslSocketSetHostnameDisabled;
    private Method sslSocketSetHostnameMethod;
    private final boolean strictSNI;

    public InternalTlsSocketFactory(IRequestManager iRequestManager) throws AndroidRuntimeException, GeneralSecurityException {
        this(iRequestManager, 0, true, true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public InternalTlsSocketFactory(IRequestManager iRequestManager, int i, boolean z, boolean z2) throws AndroidRuntimeException, GeneralSecurityException {
        SSLSocketFactory sSLSocketFactory;
        int i2 = buildApi;
        if (i2 < 14) {
            throw new AndroidRuntimeException(className + "is not supported with API Level " + i2);
        }
        this.handshakeTimeoutMillis = i;
        this.strictSNI = z;
        this.forceTLS = z2;
        SSLSocketFactory sSLSocketFactory2 = null;
        SSLSocketFactory sSLSocketFactory3 = null;
        SSLCertificateSocketFactory sSLCertificateSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(i, null);
        this.factory = sSLCertificateSocketFactory;
        Object httpsTrustManager = new HttpsTrustManager(iRequestManager.getConnectivityParameters().getTrustManagers());
        sSLCertificateSocketFactory.setTrustManagers(new X509TrustManager[]{httpsTrustManager});
        sSLCertificateSocketFactory.setKeyManagers(new X509KeyManager[]{httpsTrustManager});
        try {
            try {
                Method declaredMethod = sSLCertificateSocketFactory.getClass().getDeclaredMethod("getDelegate", new Class[0]);
                declaredMethod.setAccessible(true);
                sSLSocketFactory = (SSLSocketFactory) declaredMethod.invoke(sSLCertificateSocketFactory, new Object[0]);
            } catch (Throwable th) {
                th = th;
            }
        } catch (Exception e) {
            e = e;
        }
        try {
            Field declaredField = sSLSocketFactory.getClass().getDeclaredField("sslParameters");
            declaredField.setAccessible(true);
            Object obj = declaredField.get(sSLSocketFactory);
            Field declaredField2 = obj.getClass().getDeclaredField("keyManager");
            declaredField2.setAccessible(true);
            declaredField2.set(obj, httpsTrustManager);
            this.factoryWithReflection = sSLSocketFactory;
            sSLSocketFactory2 = obj;
        } catch (Exception e2) {
            e = e2;
            sSLSocketFactory3 = sSLSocketFactory;
            Log.w(TAG, e);
            this.factoryWithReflection = sSLSocketFactory3;
            sSLSocketFactory2 = sSLSocketFactory3;
        } catch (Throwable th2) {
            th = th2;
            sSLSocketFactory2 = sSLSocketFactory;
            this.factoryWithReflection = sSLSocketFactory2;
            throw th;
        }
    }

    private SSLSocket createDirectSocket(String str, int i) throws SSLException {
        try {
            return (SSLSocket) this.factory.createSocket(InetAddress.getByName(str), i);
        } catch (SSLException e) {
            throw e;
        } catch (Exception e2) {
            throw new SSLException("Unable to create direct TLS socket to " + str + ":" + i, e2);
        }
    }

    private SSLSocket createSocketThroughTunnel(Socket socket, String str, int i, boolean z) throws SSLException {
        try {
            return (SSLSocket) this.factoryWithReflection.createSocket(socket, str, i, z);
        } catch (Exception e) {
            throw new SSLException("Unable to create tunneled TLS socket to " + str + ":" + i, e);
        }
    }

    private void sslSocketForceTls(SSLSocket sSLSocket) {
        if (this.enabledTLSProtocols == null) {
            String[] supportedProtocols = sSLSocket.getSupportedProtocols();
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i < supportedProtocols.length; i++) {
                String upperCase = supportedProtocols[i].toUpperCase();
                if (upperCase.startsWith("TLS")) {
                    arrayList.add(supportedProtocols[i]);
                } else {
                    Log.i(TAG, upperCase + " was disabled for secure sockets.");
                }
            }
            this.enabledTLSProtocols = (String[]) arrayList.toArray(new String[arrayList.size()]);
            Log.i(TAG, "Enforced protocol set: " + Arrays.toString(this.enabledTLSProtocols));
        }
        sSLSocket.setEnabledProtocols(this.enabledTLSProtocols);
    }

    private void sslSocketSetHandshakeTimeout(SSLSocket sSLSocket, int i) throws SSLException {
        try {
            if (this.sslSocketSetHandshakeTimeoutDisabled || this.sslSocketSetHandshakeTimeoutMethod != null) {
                this.sslSocketSetHandshakeTimeoutMethod.invoke(sSLSocket, Integer.valueOf(i));
            } else {
                this.sslSocketSetHandshakeTimeoutMethod = sSLSocket.getClass().getMethod("setHandshakeTimeout", Integer.TYPE);
            }
        } catch (Exception e) {
            Log.w(TAG, "sslSocketSetHandshakeTimeoutMethod is disabled", e);
            this.sslSocketSetHandshakeTimeoutDisabled = true;
            throw new SSLException("Unable to set handshake timeout on socket", e);
        }
    }

    private void sslSocketSetHostname(SSLSocket sSLSocket, String str) throws SSLException {
        String str2 = TAG;
        Log.i(str2, "Hostname: " + str);
        if (Build.VERSION.SDK_INT >= 17) {
            Log.i(str2, "Setting hostname on sslSocket for SNI");
            this.factory.setHostname(sSLSocket, str);
            return;
        }
        try {
            boolean z = this.sslSocketSetHostnameDisabled;
            if (z && this.strictSNI) {
                throw new SSLException("Unable to set hostname on socket");
            }
            if (!z && this.sslSocketSetHostnameMethod == null) {
                this.sslSocketSetHostnameMethod = sSLSocket.getClass().getMethod("setHostname", String.class);
            }
            if (this.sslSocketSetHostnameMethod != null) {
                Log.i(str2, "Trying to set hostname for SNI through reflection.");
                this.sslSocketSetHostnameMethod.invoke(sSLSocket, str);
            }
        } catch (Exception e) {
            Log.w(TAG, "sslSocketSetHostnameMethod disabled", e);
            this.sslSocketSetHostnameDisabled = true;
            if (this.strictSNI) {
                throw new SSLException("Unable to set hostname on socket", e);
            }
        }
    }

    @Override // org.apache.http.conn.scheme.SocketFactory
    public Socket connectSocket(Socket socket, String str, int i, InetAddress inetAddress, int i2, HttpParams httpParams) {
        throw new UnsupportedOperationException();
    }

    @Override // org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() {
        throw new UnsupportedOperationException();
    }

    @Override // org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws SSLException {
        SSLSocket createDirectSocket = (socket == null || !socket.isConnected()) ? createDirectSocket(str, i) : createSocketThroughTunnel(socket, str, i, z);
        if (this.forceTLS) {
            sslSocketForceTls(createDirectSocket);
        }
        sslSocketSetHostname(createDirectSocket, str);
        sslSocketSetHandshakeTimeout(createDirectSocket, this.handshakeTimeoutMillis);
        try {
            createDirectSocket.startHandshake();
            return createDirectSocket;
        } catch (SSLException e) {
            throw e;
        } catch (IOException e2) {
            throw new SSLException("Unable to start handshake ", e2);
        }
    }

    @Override // org.apache.http.conn.scheme.SocketFactory
    public boolean isSecure(Socket socket) {
        if (socket == null || !(socket instanceof SSLSocket)) {
            return false;
        }
        return socket.isConnected();
    }
}
