package com.loftechs.sdk.setting;

import android.annotation.SuppressLint;
import android.net.SSLCertificateSocketFactory;
import android.os.Build;
import androidx.annotation.RequiresApi;
import com.airbnb.paris.R2;
import com.loftechs.sdk.http.manager.LTCAManager;
import com.loftechs.sdk.init.LTCredentialManager;
import com.loftechs.sdk.utils.LTLog;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import org.jivesoftware.smack.util.TLSUtils;

/* loaded from: classes7.dex */
public class LTSocketFactory {
    public static final String ZIP_ENCODE_PASSWORD = "fyQwREis4jFLUuoVjMcbNJbyj95eK790VAVaH4/zYos=";
    private SSLContext mSSLContext;
    private LTSSLSocketFactory mSSLSocketFactory;
    private final String TAG = LTSocketFactory.class.getSimpleName();
    private X509TrustManager x509TrustManager = null;

    /* JADX INFO: Access modifiers changed from: private */
    @RequiresApi(api = 24)
    @SuppressLint({"CustomX509TrustManager"})
    /* loaded from: classes7.dex */
    public class LTExtendedTrustManager extends X509ExtendedTrustManager {
        private String mHost;

        private LTExtendedTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            throw new UnsupportedOperationException("checkClientTrusted: Not supported yet.");
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) {
            throw new UnsupportedOperationException("checkClientTrusted: Not supported yet.");
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) {
            throw new UnsupportedOperationException("checkClientTrusted: Not supported yet.");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            LTSocketFactory.this.verifyCertificate(this.mHost, x509CertificateArr);
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
            checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
            this.mHost = sSLEngine.getPeerHost();
            checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        public void setHost(String str) {
            this.mHost = str;
        }
    }

    /* loaded from: classes7.dex */
    public class LTSSLSocketFactory extends SSLSocketFactory {
        SSLContext mSSLContext;

        private LTSSLSocketFactory(SSLContext sSLContext) {
            this.mSSLContext = sSLContext;
        }

        @SuppressLint({"SSLCertificateSocketFactoryCreateSocket"})
        private Socket enableTLSOnSocket(Socket socket, String str, int i3) throws IOException {
            LTSocketFactory.this.setHost(str);
            SSLSocket sSLSocket = LTCAManager.INSTANCE.needPinningDomain(str) ? (SSLSocket) this.mSSLContext.getSocketFactory().createSocket(socket, str, i3, true) : (SSLSocket) ((SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0)).createSocket(InetAddress.getByName(str), i3);
            sSLSocket.setEnabledProtocols(new String[]{TLSUtils.PROTO_TLSV1_2});
            LTLog.d(LTSocketFactory.this.TAG, "Setting SNI hostname = " + str);
            return sSLSocket;
        }

        @Override // javax.net.SocketFactory
        @SuppressLint({"NewApi", "SSLCertificateSocketFactoryCreateSocket"})
        public Socket createSocket() throws IOException {
            String baseEndpoint = LTCredentialManager.INSTANCE.getCredentials().getBaseEndpoint();
            return enableTLSOnSocket((SSLSocket) ((SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0)).createSocket(InetAddress.getByName(baseEndpoint), R2.dimen.abc_dialog_min_width_minor), baseEndpoint, R2.dimen.abc_dialog_min_width_minor);
        }

        @Override // javax.net.SocketFactory
        @SuppressLint({"SSLCertificateSocketFactoryCreateSocket"})
        public Socket createSocket(String str, int i3) throws IOException {
            return enableTLSOnSocket((SSLSocket) ((SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0)).createSocket(InetAddress.getByName(str), i3), str, i3);
        }

        @Override // javax.net.SocketFactory
        @SuppressLint({"SSLCertificateSocketFactoryCreateSocket"})
        public Socket createSocket(String str, int i3, InetAddress inetAddress, int i4) throws IOException {
            return enableTLSOnSocket((SSLSocket) ((SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0)).createSocket(InetAddress.getByName(str), i3), str, i3);
        }

        @Override // javax.net.SocketFactory
        @SuppressLint({"SSLCertificateSocketFactoryCreateSocket"})
        public Socket createSocket(InetAddress inetAddress, int i3) throws IOException {
            return enableTLSOnSocket((SSLSocket) ((SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0)).createSocket(InetAddress.getByName(inetAddress.getHostName()), i3), inetAddress.getHostName(), i3);
        }

        @Override // javax.net.SocketFactory
        @SuppressLint({"SSLCertificateSocketFactoryCreateSocket"})
        public Socket createSocket(InetAddress inetAddress, int i3, InetAddress inetAddress2, int i4) throws IOException {
            return enableTLSOnSocket((SSLSocket) ((SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0)).createSocket(InetAddress.getByName(inetAddress.getHostName()), i3), inetAddress.getHostName(), i3);
        }

        @Override // javax.net.ssl.SSLSocketFactory
        @SuppressLint({"NewApi"})
        public Socket createSocket(Socket socket, String str, int i3, boolean z2) throws IOException {
            return enableTLSOnSocket(socket, str, i3);
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getDefaultCipherSuites() {
            return this.mSSLContext.getSocketFactory().getDefaultCipherSuites();
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getSupportedCipherSuites() {
            return this.mSSLContext.getSocketFactory().getSupportedCipherSuites();
        }
    }

    @SuppressLint({"CustomX509TrustManager"})
    /* loaded from: classes7.dex */
    public class LTTrustManager implements X509TrustManager {
        private String mHost;

        private LTTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            throw new UnsupportedOperationException("checkClientTrusted: Not supported yet.");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            LTSocketFactory.this.verifyCertificate(this.mHost, x509CertificateArr);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        public void setHost(String str) {
            this.mHost = str;
        }
    }

    public LTSocketFactory(String str) {
        this.mSSLContext = null;
        this.mSSLSocketFactory = null;
        try {
            setHost(str);
            SSLContext sSLContext = SSLContext.getInstance(TLSUtils.PROTO_TLSV1_2);
            this.mSSLContext = sSLContext;
            sSLContext.init(null, new X509TrustManager[]{getLTX509TrustManager()}, null);
            this.mSSLSocketFactory = new LTSSLSocketFactory(this.mSSLContext);
        } catch (Exception e3) {
            LTLog.i(this.TAG, e3.getMessage());
            e3.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void verifyCertificate(String str, X509Certificate[] x509CertificateArr) throws CertificateException {
        LTCAManager lTCAManager = LTCAManager.INSTANCE;
        boolean needPinningDomain = lTCAManager.needPinningDomain(str);
        LTLog.d(this.TAG, "checkServerTrusted host : " + str + " isPinning : " + needPinningDomain);
        if (!needPinningDomain || lTCAManager.verify(str, x509CertificateArr)) {
            return;
        }
        throw new CertificateException("Cannot verify hostname: " + str);
    }

    public X509TrustManager getLTX509TrustManager() {
        if (this.x509TrustManager == null) {
            if (Build.VERSION.SDK_INT >= 24) {
                this.x509TrustManager = new LTExtendedTrustManager();
            } else {
                this.x509TrustManager = new LTTrustManager();
            }
        }
        return this.x509TrustManager;
    }

    public SSLContext getSSLContext() {
        return this.mSSLContext;
    }

    public LTSSLSocketFactory getSSLSocketFactory() {
        return this.mSSLSocketFactory;
    }

    public void setHost(String str) {
        X509TrustManager lTX509TrustManager = getLTX509TrustManager();
        if (Build.VERSION.SDK_INT >= 24) {
            ((LTExtendedTrustManager) lTX509TrustManager).setHost(str);
        } else {
            ((LTTrustManager) lTX509TrustManager).setHost(str);
        }
    }
}
