package e.a.b;

import android.util.Log;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class m {

    /* renamed from: d, reason: collision with root package name */
    public static final HostnameVerifier f3003d = HttpsURLConnection.getDefaultHostnameVerifier();

    /* renamed from: a, reason: collision with root package name */
    public SSLSocketFactory f3004a;

    /* renamed from: b, reason: collision with root package name */
    public X509TrustManager f3005b;

    /* renamed from: c, reason: collision with root package name */
    public SSLSocket f3006c = null;

    public m() {
        X509TrustManager x509TrustManager;
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    x509TrustManager = null;
                    break;
                }
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    x509TrustManager = (X509TrustManager) trustManager;
                    break;
                }
                i++;
            }
            this.f3005b = x509TrustManager;
        } catch (KeyStoreException e2) {
            StringBuilder h = c.a.f.a.a.h("");
            h.append(e2.getMessage());
            Log.e("SSLAuthCert", h.toString());
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            StringBuilder h2 = c.a.f.a.a.h("");
            h2.append(e3.getMessage());
            Log.e("SSLAuthCert", h2.toString());
            e3.printStackTrace();
        }
        TrustManager[] trustManagerArr = {new l(this)};
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, null);
            this.f3004a = sSLContext.getSocketFactory();
        } catch (KeyManagementException e4) {
            StringBuilder h3 = c.a.f.a.a.h("");
            h3.append(e4.getMessage());
            Log.e("SSLAuthCert", h3.toString());
            e4.printStackTrace();
        } catch (NoSuchAlgorithmException e5) {
            StringBuilder h4 = c.a.f.a.a.h("");
            h4.append(e5.getMessage());
            Log.e("SSLAuthCert", h4.toString());
            e5.printStackTrace();
        }
    }

    public int a(SSLSocket sSLSocket, String str) {
        Log.i("SSLAuthCert", "get sslSession");
        sSLSocket.startHandshake();
        SSLSession session = sSLSocket.getSession();
        if (!session.isValid()) {
            Log.i("SSLAuthCert", "validation error: failed to perform SSL handshake");
            SSLSession session2 = sSLSocket.getSession();
            if (session2 != null) {
                session2.invalidate();
            }
            sSLSocket.close();
            throw new SSLHandshakeException("failed to perform SSL handshake");
        }
        StringBuilder h = c.a.f.a.a.h("sslSession PeerPrincipal: ");
        h.append(session.getPeerPrincipal().getName());
        Log.i("SSLAuthCert", h.toString());
        Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
        if (peerCertificates == null || peerCertificates.length == 0) {
            Log.e("SSLAuthCert", "failed to retrieve peer certificates");
            SSLSession session3 = sSLSocket.getSession();
            if (session3 != null) {
                session3.invalidate();
            }
            sSLSocket.close();
            return 73;
        }
        X509Certificate[] x509CertificateArr = (X509Certificate[]) peerCertificates;
        X509Certificate x509Certificate = x509CertificateArr[0];
        if (x509Certificate == null) {
            throw new IllegalArgumentException("certificate for this site is null");
        }
        X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        StringBuilder h2 = c.a.f.a.a.h("subject ");
        h2.append(subjectX500Principal.getName());
        Log.d("SSLAuthCert", h2.toString());
        Log.d("SSLAuthCert", "issuer " + issuerX500Principal.getName());
        if (f3003d.verify(str, session)) {
            Log.d("SSLAuthCert", "Domain trusted");
            try {
                this.f3005b.checkServerTrusted(x509CertificateArr, "RSA");
                Log.d("SSLAuthCert", "Server Trusted");
                return 0;
            } catch (CertificateException e2) {
                StringBuilder h3 = c.a.f.a.a.h("");
                h3.append(e2.getClass().getName());
                Log.e("SSLAuthCert", h3.toString());
                Log.e("SSLAuthCert", "failed to validate the certificate chain, error: " + e2.getMessage());
                if (e2 instanceof CertificateExpiredException) {
                    return 70;
                }
            }
        } else {
            Log.e("SSLAuthCert", "certificate not for this host: " + str);
        }
        return 75;
    }
}
