package com.huawei.acceptance.libcommon.util.httpclient;

import java.math.BigInteger;
import java.net.Socket;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* compiled from: SSLSocketFactoryEx.java */
/* loaded from: classes2.dex */
public class l extends SSLSocketFactory {
    private static final com.huawei.acceptance.libcommon.i.j0.a b = com.huawei.acceptance.libcommon.i.j0.a.c();
    private final SSLContext a;

    /* compiled from: SSLSocketFactoryEx.java */
    /* loaded from: classes2.dex */
    private static class b implements X509TrustManager {
        private b() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            if (x509CertificateArr == null) {
                l.b.a("error", "chain is null ");
                return;
            }
            if (x509CertificateArr.length <= 0) {
                l.b.a("error", "chain is empty ");
            }
            if (!"ECDHE_RSA".equalsIgnoreCase(str)) {
                l.b.a("error", "authType is not RSA ");
            }
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                trustManagerFactory.init((KeyStore) null);
                int length = trustManagerFactory.getTrustManagers().length;
                for (int i = 0; i < length; i++) {
                    ((X509TrustManager) trustManagerFactory.getTrustManagers()[i]).checkServerTrusted(x509CertificateArr, str);
                }
            } catch (Exception unused) {
                l.b.a("error", "check Server Trusted error ");
            }
            if (x509CertificateArr[0] == null || "3082010a02820101009c20e58024b6a1afc79339499e28626269ba6450052082a48f5307590e3aef7d46d526fcc558bfd8ca4bc04db059b5c2bb04454a9b90849c587f414303f57543cf7e96606d1ac2d9e061d85ecbc7923640aea0ea1c2810a993d475ff086882bafa9b49224deb2157db4cb20d0db2aba61dfbda384292a8430445eff5501ad1bc06c6c7474bfa631eef726a6e8349a8b7e4de2a3cfcfbd32d0949f8d07a962f7856512689a5265fe5a60ab20d86c07c47f15ed8ec818434cf77c1ecb77ff9511ad1e0b9c1d0875cf4d010531f461690d6fd55ce8d91d29f47aff74262f4888ec5bfb92e46e1737e672675c8ffadcd6d5331a4f2b362d6a2168ddd4ead1b2160810203010001".equalsIgnoreCase(new BigInteger(1, ((RSAPublicKey) x509CertificateArr[0].getPublicKey()).getEncoded()).toString(16))) {
                return;
            }
            l.b.a("error", "diverse key");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public l(KeyStore keyStore) {
        super(keyStore);
        this.a = SSLContext.getInstance("TLS");
        this.a.init(null, new TrustManager[]{new b()}, null);
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) {
        Socket createSocket = this.a.getSocketFactory().createSocket(socket, str, i, z);
        if (!(createSocket instanceof SSLSocket)) {
            return null;
        }
        SSLSocket sSLSocket = (SSLSocket) createSocket;
        sSLSocket.setEnabledProtocols(new String[]{"TLSv1.2"});
        return sSLSocket;
    }
}
