package si.microgramm.android.commons;

import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: classes.dex */
public class MySslSocketFactory extends SSLSocketFactory {
    private final Protocol requestedProtocol;
    SSLContext sslContext;

    /* loaded from: classes.dex */
    public enum Protocol {
        TLS_DEFAULT("TLS"),
        TLS_1("TLSv1"),
        TLS_1_1("TLSv1.1"),
        TLS_1_2("TLSv1.2");

        private String name;

        Protocol(String str) {
            this.name = str;
        }

        public String getName() {
            return this.name;
        }
    }

    public MySslSocketFactory(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this(keyStore, null, Protocol.TLS_DEFAULT);
    }

    public MySslSocketFactory(KeyStore keyStore, KeyManagerFactory keyManagerFactory, Protocol protocol) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore);
        this.requestedProtocol = protocol;
        this.sslContext = SSLContext.getInstance(this.requestedProtocol.getName());
        this.sslContext.init(keyManagerFactory == null ? null : keyManagerFactory.getKeyManagers(), new TrustManager[]{new X509TrustManager() { // from class: si.microgramm.android.commons.MySslSocketFactory.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                try {
                    for (X509Certificate x509Certificate : x509CertificateArr) {
                        x509Certificate.checkValidity();
                    }
                } catch (Exception unused) {
                    throw new CertificateException("Certificate not valid or trusted.");
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        }}, new SecureRandom());
    }

    private Socket enableTLSOnSocket(Socket socket) {
        if (socket != null && (socket instanceof SSLSocket)) {
            if (this.requestedProtocol.equals(Protocol.TLS_1)) {
                ((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1"});
            } else {
                ((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1", "TLSv1.1", "TLSv1.2"});
            }
        }
        return socket;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        return enableTLSOnSocket(this.sslContext.getSocketFactory().createSocket());
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        return enableTLSOnSocket(this.sslContext.getSocketFactory().createSocket(socket, str, i, z));
    }
}
