package at.bitfire.davdroid;

import android.os.Build;
import at.bitfire.davdroid.log.Logger;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.TypeCastException;
import kotlin.Unit;
import kotlin.collections.ArraysKt;
import kotlin.collections.CollectionsKt;
import kotlin.io.CloseableKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;

/* compiled from: CustomTlsSocketFactory.kt */
/* loaded from: classes.dex */
public final class CustomTlsSocketFactory extends SSLSocketFactory {
    public static final Companion Companion = new Companion(null);
    private static String[] cipherSuites;
    private static String[] protocols;
    private SSLSocketFactory delegate;

    /* compiled from: CustomTlsSocketFactory.kt */
    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final String[] getCipherSuites() {
            return CustomTlsSocketFactory.cipherSuites;
        }

        public final String[] getProtocols() {
            return CustomTlsSocketFactory.protocols;
        }

        public final void setCipherSuites(String[] strArr) {
            CustomTlsSocketFactory.cipherSuites = strArr;
        }

        public final void setProtocols(String[] strArr) {
            CustomTlsSocketFactory.protocols = strArr;
        }
    }

    static {
        String joinToString;
        Companion companion;
        Object[] array;
        String joinToString2;
        String joinToString3;
        String joinToString4;
        if (Build.VERSION.SDK_INT >= 23) {
            Companion.setProtocols((String[]) null);
            Companion.setCipherSuites((String[]) null);
            Logger.INSTANCE.getLog().fine("Using device default TLS protocols/ciphers");
            return;
        }
        Socket createSocket = SSLSocketFactory.getDefault().createSocket();
        if (!(createSocket instanceof SSLSocket)) {
            createSocket = null;
        }
        SSLSocket sSLSocket = (SSLSocket) createSocket;
        if (sSLSocket != null) {
            SSLSocket sSLSocket2 = sSLSocket;
            Throwable th = (Throwable) null;
            try {
                SSLSocket sSLSocket3 = sSLSocket2;
                try {
                    LinkedList linkedList = new LinkedList();
                    String[] supportedProtocols = sSLSocket3.getSupportedProtocols();
                    Intrinsics.checkExpressionValueIsNotNull(supportedProtocols, "socket.supportedProtocols");
                    ArrayList arrayList = new ArrayList();
                    for (String str : supportedProtocols) {
                        String it = str;
                        Intrinsics.checkExpressionValueIsNotNull(it, "it");
                        if (!StringsKt.contains(it, "SSL", true)) {
                            arrayList.add(str);
                        }
                    }
                    Iterator it2 = arrayList.iterator();
                    while (it2.hasNext()) {
                        linkedList.add((String) it2.next());
                    }
                    java.util.logging.Logger log = Logger.INSTANCE.getLog();
                    StringBuilder append = new StringBuilder().append("Enabling (only) these TLS protocols: ");
                    joinToString = CollectionsKt.joinToString(linkedList, (r14 & 1) != 0 ? ", " : ", ", (r14 & 2) != 0 ? "" : null, (r14 & 4) != 0 ? "" : null, (r14 & 8) != 0 ? -1 : 0, (r14 & 16) != 0 ? "..." : null, (r14 & 32) != 0 ? (Function1) null : null);
                    log.info(append.append(joinToString).toString());
                    companion = Companion;
                    array = linkedList.toArray(new String[0]);
                } catch (IOException e) {
                    Logger.INSTANCE.getLog().severe("Couldn't determine default TLS settings");
                }
                if (array == null) {
                    throw new TypeCastException("null cannot be cast to non-null type kotlin.Array<T>");
                }
                companion.setProtocols((String[]) array);
                String[] availableCiphers = sSLSocket3.getSupportedCipherSuites();
                java.util.logging.Logger log2 = Logger.INSTANCE.getLog();
                StringBuilder append2 = new StringBuilder().append("Available cipher suites: ");
                Intrinsics.checkExpressionValueIsNotNull(availableCiphers, "availableCiphers");
                joinToString2 = ArraysKt.joinToString(availableCiphers, (r14 & 1) != 0 ? ", " : ", ", (r14 & 2) != 0 ? "" : null, (r14 & 4) != 0 ? "" : null, (r14 & 8) != 0 ? -1 : 0, (r14 & 16) != 0 ? "..." : null, (r14 & 32) != 0 ? (Function1) null : null);
                log2.info(append2.append(joinToString2).toString());
                LinkedList linkedList2 = new LinkedList();
                String[] enabledCipherSuites = sSLSocket3.getEnabledCipherSuites();
                Intrinsics.checkExpressionValueIsNotNull(enabledCipherSuites, "socket.enabledCipherSuites");
                CollectionsKt.addAll(linkedList2, enabledCipherSuites);
                java.util.logging.Logger log3 = Logger.INSTANCE.getLog();
                StringBuilder append3 = new StringBuilder().append("Cipher suites enabled by default: ");
                joinToString3 = CollectionsKt.joinToString(linkedList2, (r14 & 1) != 0 ? ", " : ", ", (r14 & 2) != 0 ? "" : null, (r14 & 4) != 0 ? "" : null, (r14 & 8) != 0 ? -1 : 0, (r14 & 16) != 0 ? "..." : null, (r14 & 32) != 0 ? (Function1) null : null);
                log3.fine(append3.append(joinToString3).toString());
                CollectionsKt.addAll(linkedList2, new String[]{"TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"});
                CollectionsKt.retainAll(linkedList2, availableCiphers);
                java.util.logging.Logger log4 = Logger.INSTANCE.getLog();
                StringBuilder append4 = new StringBuilder().append("Enabling (only) these TLS ciphers: ");
                joinToString4 = CollectionsKt.joinToString(linkedList2, (r14 & 1) != 0 ? ", " : ", ", (r14 & 2) != 0 ? "" : null, (r14 & 4) != 0 ? "" : null, (r14 & 8) != 0 ? -1 : 0, (r14 & 16) != 0 ? "..." : null, (r14 & 32) != 0 ? (Function1) null : null);
                log4.info(append4.append(joinToString4).toString());
                Companion companion2 = Companion;
                Object[] array2 = linkedList2.toArray(new String[0]);
                if (array2 == null) {
                    throw new TypeCastException("null cannot be cast to non-null type kotlin.Array<T>");
                }
                companion2.setCipherSuites((String[]) array2);
                Unit unit = Unit.INSTANCE;
                CloseableKt.closeFinally(sSLSocket2, th);
            } catch (Throwable th2) {
                th = th2;
                CloseableKt.closeFinally(sSLSocket2, th);
                throw th;
            }
        }
    }

    public CustomTlsSocketFactory(KeyManager keyManager, X509TrustManager trustManager) {
        Intrinsics.checkParameterIsNotNull(trustManager, "trustManager");
        try {
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(keyManager != null ? new KeyManager[]{keyManager} : null, new X509TrustManager[]{trustManager}, null);
            Intrinsics.checkExpressionValueIsNotNull(sslContext, "sslContext");
            SSLSocketFactory socketFactory = sslContext.getSocketFactory();
            Intrinsics.checkExpressionValueIsNotNull(socketFactory, "sslContext.socketFactory");
            this.delegate = socketFactory;
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException();
        }
    }

    private final void upgradeTLS(SSLSocket sSLSocket) {
        String[] protocols2 = Companion.getProtocols();
        if (protocols2 != null) {
            sSLSocket.setEnabledProtocols(protocols2);
        }
        String[] cipherSuites2 = Companion.getCipherSuites();
        if (cipherSuites2 != null) {
            sSLSocket.setEnabledCipherSuites(cipherSuites2);
        }
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String host, int i) {
        Intrinsics.checkParameterIsNotNull(host, "host");
        Socket ssl = this.delegate.createSocket(host, i);
        if (ssl instanceof SSLSocket) {
            upgradeTLS((SSLSocket) ssl);
        }
        Intrinsics.checkExpressionValueIsNotNull(ssl, "ssl");
        return ssl;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String host, int i, InetAddress localHost, int i2) {
        Intrinsics.checkParameterIsNotNull(host, "host");
        Intrinsics.checkParameterIsNotNull(localHost, "localHost");
        Socket ssl = this.delegate.createSocket(host, i, localHost, i2);
        if (ssl instanceof SSLSocket) {
            upgradeTLS((SSLSocket) ssl);
        }
        Intrinsics.checkExpressionValueIsNotNull(ssl, "ssl");
        return ssl;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress host, int i) {
        Intrinsics.checkParameterIsNotNull(host, "host");
        Socket ssl = this.delegate.createSocket(host, i);
        if (ssl instanceof SSLSocket) {
            upgradeTLS((SSLSocket) ssl);
        }
        Intrinsics.checkExpressionValueIsNotNull(ssl, "ssl");
        return ssl;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress address, int i, InetAddress localAddress, int i2) {
        Intrinsics.checkParameterIsNotNull(address, "address");
        Intrinsics.checkParameterIsNotNull(localAddress, "localAddress");
        Socket ssl = this.delegate.createSocket(address, i, localAddress, i2);
        if (ssl instanceof SSLSocket) {
            upgradeTLS((SSLSocket) ssl);
        }
        Intrinsics.checkExpressionValueIsNotNull(ssl, "ssl");
        return ssl;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket s, String host, int i, boolean z) {
        Intrinsics.checkParameterIsNotNull(s, "s");
        Intrinsics.checkParameterIsNotNull(host, "host");
        Socket ssl = this.delegate.createSocket(s, host, i, z);
        if (ssl instanceof SSLSocket) {
            upgradeTLS((SSLSocket) ssl);
        }
        Intrinsics.checkExpressionValueIsNotNull(ssl, "ssl");
        return ssl;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        String[] cipherSuites2 = Companion.getCipherSuites();
        return cipherSuites2 != null ? cipherSuites2 : this.delegate.getDefaultCipherSuites();
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        String[] cipherSuites2 = Companion.getCipherSuites();
        return cipherSuites2 != null ? cipherSuites2 : this.delegate.getSupportedCipherSuites();
    }
}
