package com.blackberry.email.ssl;

import android.content.Context;
import android.os.Build;
import com.blackberry.common.utils.o;
import com.blackberry.email.provider.contract.HostAuth;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Collections;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;

/* compiled from: BBAutoSSLSocketFactory.java */
/* loaded from: classes.dex */
public abstract class b extends SSLSocketFactory {
    private SSLSocketFactory byD = null;
    private KeyManager[] byE;
    private String byF;

    /* compiled from: BBAutoSSLSocketFactory.java */
    /* loaded from: classes.dex */
    public static final class a extends b {
        private TrustManager[] byG;

        private a(Context context, HostAuth hostAuth, KeyManager[] keyManagerArr) {
            super(keyManagerArr, hostAuth.auk);
            this.byG = new TrustManager[]{new i(context, hostAuth)};
        }

        @Override // com.blackberry.email.ssl.b
        protected void a(SSLSocket sSLSocket) {
            String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
            for (String str : sSLSocket.getSupportedCipherSuites()) {
                if (str.equals("SSL_RSA_WITH_3DES_EDE_CBC_SHA")) {
                    o.b("Email.Ssl", "Add cipher %s", str);
                    String[] strArr = (String[]) Arrays.copyOf(enabledCipherSuites, enabledCipherSuites.length + 1);
                    strArr[strArr.length - 1] = str;
                    try {
                        sSLSocket.setEnabledCipherSuites(strArr);
                        return;
                    } catch (IllegalArgumentException e) {
                        o.e("Email.Ssl", e, "Unable to enable supported cipher suites", new Object[0]);
                        return;
                    }
                }
            }
        }

        @Override // com.blackberry.email.ssl.b
        protected TrustManager[] getTrustManagers() {
            return this.byG;
        }
    }

    protected b(KeyManager[] keyManagerArr, String str) {
        this.byE = keyManagerArr;
        this.byF = str;
    }

    private SSLSocketFactory GG() {
        SSLSocketFactory sSLSocketFactory = this.byD;
        if (sSLSocketFactory != null) {
            return sSLSocketFactory;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(this.byE, getTrustManagers(), null);
            this.byD = sSLContext.getSocketFactory();
            return this.byD;
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            o.d("Email.Ssl", e, "Couldn't set up an SSLContext", new Object[0]);
            throw new SSLException("Couldn't set up an SSLContext", e);
        }
    }

    public static synchronized b a(Context context, HostAuth hostAuth, KeyManager[] keyManagerArr) {
        a aVar;
        synchronized (b.class) {
            aVar = new a(context, hostAuth, keyManagerArr);
        }
        return aVar;
    }

    private static void a(SSLParameters sSLParameters) {
        o.a("Email.Ssl", "SSLParameters: protocols: %s", Arrays.toString(sSLParameters.getProtocols()));
        o.a("Email.Ssl", "SSLParameters: ciphers: %s", Arrays.toString(sSLParameters.getCipherSuites()));
        o.a("Email.Ssl", "SSLParameters: needClientAuth: %s wantClientAuth: %s", Boolean.valueOf(sSLParameters.getNeedClientAuth()), Boolean.valueOf(sSLParameters.getWantClientAuth()));
        if (Build.VERSION.SDK_INT >= 24) {
            o.a("Email.Ssl", "SSLParameters+: serverNames: %s", sSLParameters.getServerNames());
            o.a("Email.Ssl", "SSLParameters+: algConstraints: %s, idAlgorithm: %s useCipherSuitesOrder: %s", sSLParameters.getAlgorithmConstraints(), sSLParameters.getEndpointIdentificationAlgorithm(), Boolean.valueOf(sSLParameters.getUseCipherSuitesOrder()));
        }
    }

    private static void a(SSLSocket sSLSocket, String str) {
        if (str == null) {
            return;
        }
        if (Build.VERSION.SDK_INT >= 24) {
            SSLParameters sSLParameters = sSLSocket.getSSLParameters();
            try {
                sSLParameters.setServerNames(Collections.singletonList(new SNIHostName(str)));
                sSLSocket.setSSLParameters(sSLParameters);
                return;
            } catch (Exception e) {
                o.e("Email.Ssl", e, "Couldn't set SNI via params", new Object[0]);
                return;
            }
        }
        try {
            Method method = sSLSocket.getClass().getMethod("setHostname", String.class);
            method.setAccessible(true);
            method.invoke(sSLSocket, str);
        } catch (Exception e2) {
            o.e("Email.Ssl", "Couldn't set hostname on sock of type %s (%s)", sSLSocket.getClass(), e2.getMessage());
        }
    }

    private SSLSocket b(SSLSocket sSLSocket) {
        c(sSLSocket);
        a(sSLSocket, this.byF);
        a(sSLSocket);
        sSLSocket.startHandshake();
        if (o.isLoggable("Email.Ssl", 3)) {
            SSLSession session = sSLSocket.getSession();
            String protocol = session.getProtocol();
            String cipherSuite = session.getCipherSuite();
            a(sSLSocket.getSSLParameters());
            o.b("Email.Ssl", "Using protocol/cipher: %s/%s", protocol, cipherSuite);
        }
        return sSLSocket;
    }

    private static void c(SSLSocket sSLSocket) {
        try {
            Method method = sSLSocket.getClass().getMethod("setHandshakeTimeout", Integer.TYPE);
            method.setAccessible(true);
            method.invoke(sSLSocket, 60000);
        } catch (Exception e) {
            o.e("Email.Ssl", "Couldn't set timeout on sock of type %s (%s)", sSLSocket.getClass(), e.getMessage());
        }
    }

    public static synchronized b e(Context context, HostAuth hostAuth) {
        b a2;
        synchronized (b.class) {
            a2 = a(context, hostAuth, null);
        }
        return a2;
    }

    public Socket a(InetSocketAddress inetSocketAddress, int i) {
        o.a("Email.Ssl", "createSocket(%s, timeout=%s)", inetSocketAddress, 10000);
        SSLSocket sSLSocket = (SSLSocket) GG().createSocket();
        sSLSocket.connect(inetSocketAddress, 10000);
        return b(sSLSocket);
    }

    protected abstract void a(SSLSocket sSLSocket);

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) {
        o.a("Email.Ssl", "createSocket(%s, %s)", str, Integer.valueOf(i));
        return b((SSLSocket) GG().createSocket(str, i));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) {
        o.a("Email.Ssl", "createSocket(%s, %s, %s, %s)", str, Integer.valueOf(i), inetAddress, Integer.valueOf(i2));
        return b((SSLSocket) GG().createSocket(str, i, inetAddress, i2));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) {
        o.a("Email.Ssl", "createSocket(%s, %s)", inetAddress, Integer.valueOf(i));
        return b((SSLSocket) GG().createSocket(inetAddress, i));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) {
        o.a("Email.Ssl", "createSocket(%s, %s, %s, %s)", inetAddress, Integer.valueOf(i), inetAddress2, Integer.valueOf(i2));
        return b((SSLSocket) GG().createSocket(inetAddress, i, inetAddress2, i2));
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) {
        o.a("Email.Ssl", "createSocket(socket, %s, %s)", str, Integer.valueOf(i));
        return b((SSLSocket) GG().createSocket(socket, str, i, z));
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        try {
            return GG().getDefaultCipherSuites();
        } catch (SSLException unused) {
            return new String[0];
        }
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        try {
            return GG().getSupportedCipherSuites();
        } catch (SSLException unused) {
            return new String[0];
        }
    }

    protected abstract TrustManager[] getTrustManagers();
}
