package com.boxcryptor.java.network;

import com.boxcryptor.java.common.parse.ParserException;
import cz.msebera.android.httpclient.conn.ssl.DefaultHostnameVerifier;
import cz.msebera.android.httpclient.conn.ssl.SSLConnectionSocketFactory;
import cz.msebera.android.httpclient.conn.ssl.TrustStrategy;
import cz.msebera.android.httpclient.ssl.SSLContextBuilder;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;

/* compiled from: DefaultSecureSSLSocketFactory.java */
/* loaded from: classes.dex */
public class f extends SSLConnectionSocketFactory {
    private static final List<String> a = Arrays.asList("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", "TLS_DH_RSA_WITH_AES_256_CBC_SHA", "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", "TLS_DH_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA");
    private static final List<String> b = Arrays.asList("TLSv1.2", "TLSv1.1", "TLSv1");
    private static String[] c;
    private static String[] d;

    private f(SSLContext sSLContext, HostnameVerifier hostnameVerifier) {
        super(sSLContext.getSocketFactory(), d, c, hostnameVerifier);
    }

    public static f a(final e eVar, final b bVar) {
        SSLContext sSLContext;
        if (eVar != null) {
            TrustStrategy trustStrategy = new TrustStrategy() { // from class: com.boxcryptor.java.network.f.1
                @Override // cz.msebera.android.httpclient.ssl.TrustStrategy
                public boolean isTrusted(X509Certificate[] x509CertificateArr, String str) {
                    try {
                        if (b.this != null) {
                            b.this.a(x509CertificateArr);
                        }
                        return eVar.a(x509CertificateArr);
                    } catch (CertificateException e) {
                        com.boxcryptor.java.common.b.a.g().b("default-secure-ssl-socket-factory create | ssl-verifier certificate check", e, new Object[0]);
                        return false;
                    }
                }
            };
            try {
                return new f(SSLContextBuilder.create().loadTrustMaterial(trustStrategy).build(), new HostnameVerifier() { // from class: com.boxcryptor.java.network.f.2
                    @Override // javax.net.ssl.HostnameVerifier
                    public boolean verify(String str, SSLSession sSLSession) {
                        return e.this.a(str);
                    }
                });
            } catch (Exception e) {
                com.boxcryptor.java.common.b.a.g().b("default-secure-ssl-socket-factory create | ssl-verifier ssl-context", e, new Object[0]);
            }
        }
        try {
            try {
                sSLContext = SSLContext.getInstance("Default");
            } catch (NoSuchAlgorithmException e2) {
                sSLContext = SSLContext.getInstance("TLS");
            }
            return new f(sSLContext, new DefaultHostnameVerifier());
        } catch (NoSuchAlgorithmException e3) {
            com.boxcryptor.java.common.b.a.g().b("default-secure-ssl-socket-factory create | tls ssl-context", e3, new Object[0]);
            throw new IllegalStateException(e3);
        }
    }

    private static String[] a(String[] strArr) {
        if (d == null) {
            if (strArr != null) {
                ArrayList arrayList = new ArrayList();
                for (String str : strArr) {
                    if (b.contains(str)) {
                        arrayList.add(str);
                    }
                }
                if (arrayList.isEmpty()) {
                    for (String str2 : strArr) {
                        if (!str2.startsWith("SSL")) {
                            arrayList.add(str2);
                        }
                    }
                }
                d = new String[arrayList.size()];
                arrayList.toArray(d);
            }
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("system", strArr);
                hashMap.put("available", d);
                com.boxcryptor.java.common.b.a.g().a("default-secure-ssl-socket-factory get-available-protocols", com.boxcryptor.java.common.parse.c.a.a(hashMap), new Object[0]);
            } catch (ParserException e) {
                com.boxcryptor.java.common.b.a.g().a("default-secure-ssl-socket-factory get-available-protocols", "------- SYSTEM -------\n" + Arrays.toString(strArr) + "\n------- AVAILABLE -------\n" + Arrays.toString(d), new Object[0]);
            }
        }
        return d;
    }

    private static String[] b(String[] strArr) {
        if (c == null) {
            if (strArr != null) {
                ArrayList arrayList = new ArrayList();
                for (String str : strArr) {
                    if (a.contains(str)) {
                        arrayList.add(str);
                    }
                }
                if (arrayList.isEmpty()) {
                    for (String str2 : strArr) {
                        if (str2.contains("AES") && !str2.contains("SSL")) {
                            arrayList.add(str2);
                        }
                    }
                    for (String str3 : strArr) {
                        if (!arrayList.contains(str3)) {
                            arrayList.add(str3);
                        }
                    }
                }
                c = new String[arrayList.size()];
                arrayList.toArray(c);
            }
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("system", strArr);
                hashMap.put("available", c);
                com.boxcryptor.java.common.b.a.g().a("default-secure-ssl-socket-factory get-available-cipher-suites", com.boxcryptor.java.common.parse.c.a.a(hashMap), new Object[0]);
            } catch (ParserException e) {
                com.boxcryptor.java.common.b.a.g().a("default-secure-ssl-socket-factory get-available-cipher-suites", "------- SYSTEM -------\n" + Arrays.toString(strArr) + "\n------- AVAILABLE -------\n" + Arrays.toString(c), new Object[0]);
            }
        }
        return c;
    }

    @Override // cz.msebera.android.httpclient.conn.ssl.SSLConnectionSocketFactory
    protected void prepareSocket(SSLSocket sSLSocket) {
        sSLSocket.setEnabledCipherSuites(b(sSLSocket.getEnabledCipherSuites()));
        sSLSocket.setEnabledProtocols(a(sSLSocket.getEnabledProtocols()));
    }
}
