package com.att.uinbox.metaswitch;

import android.content.Context;
import com.att.logger.Log;
import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.client.params.HttpClientParams;
import org.apache.http.conn.params.ConnPerRouteBean;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.HttpParams;

/* loaded from: classes.dex */
public class PlatformUtils {
    private static String TAG = "PlatformUtils";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class EncoreKeyStoresSSLSocketFactory extends SSLSocketFactory {
        private String[] m_ciphers;
        private String[] m_protocols;
        protected SSLContext sslContext;

        /* loaded from: classes.dex */
        private static class AdditionalKeyStoresTrustManager implements X509TrustManager {
            private static final String TAG = "AdditionalKeyStoresTrustManager";
            protected ArrayList<X509TrustManager> x509TrustManagers = new ArrayList<>();

            protected AdditionalKeyStoresTrustManager(KeyStore... keyStoreArr) {
                ArrayList arrayList = new ArrayList();
                try {
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init((KeyStore) null);
                    arrayList.add(trustManagerFactory);
                    for (KeyStore keyStore : keyStoreArr) {
                        TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                        trustManagerFactory2.init(keyStore);
                        arrayList.add(trustManagerFactory2);
                    }
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        for (TrustManager trustManager : ((TrustManagerFactory) it.next()).getTrustManagers()) {
                            if (trustManager instanceof X509TrustManager) {
                                this.x509TrustManagers.add((X509TrustManager) trustManager);
                            }
                            if (this.x509TrustManagers.size() == 0) {
                                throw new RuntimeException("Couldn't find any X509TrustManagers");
                            }
                        }
                    }
                } catch (Exception e) {
                    Log.e(TAG, "ctor", e);
                    throw new RuntimeException(e);
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                this.x509TrustManagers.get(0).checkClientTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                Iterator<X509TrustManager> it = this.x509TrustManagers.iterator();
                while (it.hasNext()) {
                    X509TrustManager next = it.next();
                    if (x509CertificateArr != null) {
                        X509Certificate[] x509CertificateArr2 = new X509Certificate[1];
                        for (X509Certificate x509Certificate : x509CertificateArr) {
                            x509CertificateArr2[0] = x509Certificate;
                            try {
                                next.checkServerTrusted(x509CertificateArr2, str);
                                return;
                            } catch (CertificateException e) {
                                Log.i(TAG, "couldn't validate server ... ");
                            }
                        }
                    }
                }
                throw new CertificateException();
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                ArrayList arrayList = new ArrayList();
                Iterator<X509TrustManager> it = this.x509TrustManagers.iterator();
                while (it.hasNext()) {
                    arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
                }
                return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
            }
        }

        public EncoreKeyStoresSSLSocketFactory(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
            super(null, null, null, null, null, null);
            this.sslContext = SSLContext.getInstance("TLSv1.2");
            setHostnameVerifier(SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
            this.sslContext.init(null, new TrustManager[]{new AdditionalKeyStoresTrustManager(keyStore)}, null);
            this.m_protocols = GetProtocolList();
            this.m_ciphers = GetCipherList();
        }

        private void enableProtocols(Socket socket) {
            SSLSocket sSLSocket = (SSLSocket) socket;
            sSLSocket.setEnabledProtocols(this.m_protocols);
            sSLSocket.setEnabledCipherSuites(this.m_ciphers);
        }

        protected String[] GetCipherList() {
            String[] strArr = {"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_ECDSA_WITH_CHACHA20_SHA", "TLS_ECDHE_RSA_WITH_CHACHA20_SHA", "TLS_DHE_RSA_WITH_CHACHA20_POLY1305", "TLS_RSA_WITH_CHACHA20_POLY1305", "TLS_DHE_RSA_WITH_CHACHA20_SHA", "TLS_RSA_WITH_CHACHA20_SHA", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA"};
            try {
                String[] supportedCipherSuites = this.sslContext.getSocketFactory().getSupportedCipherSuites();
                Arrays.sort(supportedCipherSuites);
                ArrayList arrayList = new ArrayList();
                for (int i = 0; i < strArr.length; i++) {
                    if (Arrays.binarySearch(supportedCipherSuites, strArr[i]) >= 0) {
                        arrayList.add(strArr[i]);
                    }
                }
                arrayList.add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV");
                return (String[]) arrayList.toArray(new String[0]);
            } catch (Exception e) {
                return new String[]{"TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"};
            }
        }

        protected String[] GetProtocolList() {
            String[] strArr;
            String[] strArr2 = {"TLSv1.2"};
            SSLSocket sSLSocket = null;
            try {
                try {
                    sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket();
                    String[] supportedProtocols = sSLSocket.getSupportedProtocols();
                    Arrays.sort(supportedProtocols);
                    if (sSLSocket != null) {
                        try {
                            sSLSocket.close();
                        } catch (IOException e) {
                            e.printStackTrace();
                        }
                    }
                    ArrayList arrayList = new ArrayList();
                    for (int i = 0; i < strArr2.length; i++) {
                        if (Arrays.binarySearch(supportedProtocols, strArr2[i]) >= 0) {
                            arrayList.add(strArr2[i]);
                        }
                    }
                    strArr = (String[]) arrayList.toArray(new String[0]);
                } catch (Throwable th) {
                    if (sSLSocket != null) {
                        try {
                            sSLSocket.close();
                        } catch (IOException e2) {
                            e2.printStackTrace();
                        }
                    }
                    throw th;
                }
            } catch (Exception e3) {
                strArr = new String[]{"TLSv1"};
                if (sSLSocket != null) {
                    try {
                        sSLSocket.close();
                    } catch (IOException e4) {
                        e4.printStackTrace();
                    }
                }
            }
            return strArr;
        }

        @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
        public Socket createSocket() throws IOException {
            Socket createSocket = this.sslContext.getSocketFactory().createSocket();
            enableProtocols(createSocket);
            return createSocket;
        }

        @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
        public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
            Socket createSocket = this.sslContext.getSocketFactory().createSocket(socket, str, i, z);
            enableProtocols(createSocket);
            return createSocket;
        }
    }

    /* loaded from: classes.dex */
    private static class EncoreSSLSocketFactory {
        private static EncoreSSLSocketFactory instance;
        private SSLSocketFactory sslSocketFactory = PlatformUtils.access$000();

        private EncoreSSLSocketFactory() {
        }

        public static EncoreSSLSocketFactory getInstance() {
            if (instance == null) {
                instance = new EncoreSSLSocketFactory();
            }
            return instance;
        }

        public SSLSocketFactory getSslSocketFactory() {
            Log.i(PlatformUtils.TAG, "Using SSLSocketFactory.");
            return this.sslSocketFactory;
        }
    }

    static /* synthetic */ SSLSocketFactory access$000() {
        return newSslSocketFactory();
    }

    public static DefaultHttpClient getEncoreHttpsClient(Context context) {
        HttpParams params = new DefaultHttpClient().getParams();
        params.setParameter("http.conn-manager.max-total", 30);
        params.setParameter("http.conn-manager.max-per-route", new ConnPerRouteBean(30));
        params.setParameter("http.protocol.expect-continue", false);
        HttpClientParams.setCookiePolicy(params, "compatibility");
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme("http", new PlainSocketFactory(), 80));
        schemeRegistry.register(new Scheme("https", EncoreSSLSocketFactory.getInstance().getSslSocketFactory(), 443));
        return new DefaultHttpClient(new ThreadSafeClientConnManager(params, schemeRegistry), params);
    }

    private static SSLSocketFactory newSslSocketFactory() {
        try {
            Log.d(TAG, "newSslSocketFactory() supporting TLSv1.2");
            return new EncoreKeyStoresSSLSocketFactory(null);
        } catch (Exception e) {
            throw new AssertionError(e);
        }
    }
}
