package com.dw.btime.engine.net;

import android.net.SSLCertificateSocketFactory;
import android.os.Build;
import android.text.TextUtils;
import com.dw.btime.engine.CloudCommand;
import com.dw.core.utils.GzipUtils;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: classes.dex */
public class BTSNISocketFactory extends SSLSocketFactory {
    private boolean mIsSslException;
    private X509TrustManager mTm;
    SSLContext sslContext;

    public BTSNISocketFactory(KeyStore keyStore, boolean z) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore);
        this.sslContext = SSLContext.getInstance("TLS");
        this.mIsSslException = z;
        X509TrustManager x509TrustManager = new X509TrustManager() { // from class: com.dw.btime.engine.net.BTSNISocketFactory.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        this.mTm = x509TrustManager;
        this.sslContext.init(null, new TrustManager[]{x509TrustManager}, null);
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        return Build.VERSION.SDK_INT < 23 ? super.createSocket() : SSLSocketFactory.getSocketFactory().createSocket();
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        String str2;
        String str3;
        if (this.mIsSslException) {
            return this.sslContext.getSocketFactory().createSocket(socket, str, i, z);
        }
        if (!TextUtils.isEmpty(str) && str.contains("qbb6.com")) {
            return Build.VERSION.SDK_INT < 23 ? this.sslContext.getSocketFactory().createSocket(socket, str, i, z) : SSLSocketFactory.getSocketFactory().createSocket(socket, str, i, z);
        }
        InetAddress inetAddress = socket.getInetAddress();
        if (z) {
            socket.close();
        }
        SSLCertificateSocketFactory sSLCertificateSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0);
        SSLSocket sSLSocket = (SSLSocket) sSLCertificateSocketFactory.createSocket(inetAddress, i);
        sSLSocket.setEnabledProtocols(sSLSocket.getSupportedProtocols());
        if (getHostnameVerifier() != null && CloudCommand.httpDnsHostCache != null && (str3 = CloudCommand.httpDnsHostCache.get(str)) != null) {
            str = str3;
        }
        if (Build.VERSION.SDK_INT >= 17) {
            sSLCertificateSocketFactory.setHostname(sSLSocket, str);
        } else {
            try {
                sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str);
            } catch (Exception unused) {
            }
        }
        SSLSession session = sSLSocket.getSession();
        if (getHostnameVerifier() == null || getHostnameVerifier().verify(str, session)) {
            return sSLSocket;
        }
        Certificate[] peerCertificates = session.getPeerCertificates();
        if (peerCertificates == null || peerCertificates.length <= 0) {
            throw new SSLPeerUnverifiedException("Cannot verify hostname: " + str);
        }
        try {
            str2 = GzipUtils.compressGzip(peerCertificates[0].toString());
        } catch (Exception unused2) {
            str2 = "";
        }
        throw new SSLPeerUnverifiedException("Cannot verify hostname: " + str + "\n certificate:" + str2);
    }

    public X509TrustManager getTrustManager() {
        return this.mTm;
    }
}
