package o;

import android.content.Context;
import com.huawei.secure.android.common.ssl.SecureX509TrustManager;
import com.huawei.wallet.commonbase.log.LogC;
import com.huawei.wallet.commonbase.properties.WalletSystemProperties;
import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: classes9.dex */
public class drb extends SSLSocketFactory {
    private static final String e = drb.class.getSimpleName();
    SSLContext d;

    /* loaded from: classes9.dex */
    public static class b implements X509TrustManager {
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public drb(KeyStore keyStore, Context context) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore);
        TrustManager trustManager;
        this.d = SSLContext.getInstance("TLS");
        if (WalletSystemProperties.e().a("SSL_SOCKET_CLIENT_SERVER_TRUSTED", false)) {
            trustManager = new b();
            setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        } else if (context != null) {
            try {
                trustManager = new SecureX509TrustManager(context);
            } catch (IOException unused) {
                LogC.d(e, "TLSSocketFactory IOException", false);
                trustManager = null;
                setHostnameVerifier(eho.d);
                this.d.init(null, new TrustManager[]{trustManager}, null);
            } catch (CertificateException unused2) {
                LogC.d(e, "TLSSocketFactory CertificateException", false);
                trustManager = null;
                setHostnameVerifier(eho.d);
                this.d.init(null, new TrustManager[]{trustManager}, null);
            }
            setHostnameVerifier(eho.d);
        } else {
            LogC.a("MySSLSocketFactory mContext is null", false);
            trustManager = null;
        }
        this.d.init(null, new TrustManager[]{trustManager}, null);
    }

    private SSLSocket e(Socket socket) {
        if (socket instanceof SSLSocket) {
            SSLSocket sSLSocket = (SSLSocket) socket;
            sSLSocket.setEnabledProtocols(new String[]{"TLSv1.2"});
            dul.a(sSLSocket);
            return sSLSocket;
        }
        try {
            if (socket != null) {
                socket.close();
            } else {
                LogC.d("tmpSocket is null", false);
            }
        } catch (IOException unused) {
            LogC.d("tmpSocket close fail", false);
        }
        return null;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        return e(this.d.getSocketFactory().createSocket());
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        return e(this.d.getSocketFactory().createSocket(socket, str, i, z));
    }
}
