package oc;

import android.net.http.X509TrustManagerExtensions;
import android.os.Build;
import android.support.v4.media.f;
import cz.msebera.android.httpclient.conn.ssl.SSLSocketFactory;
import java.io.IOException;
import java.math.BigInteger;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.Set;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import qc.i;

/* loaded from: classes2.dex */
public final class a extends SSLSocketFactory {

    /* renamed from: a, reason: collision with root package name */
    public SSLContext f15725a;

    /* renamed from: oc.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public class C0272a implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        public Set f15726a;

        public C0272a(Set set) {
            this.f15726a = set;
        }

        @Override // javax.net.ssl.X509TrustManager
        public final void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public final void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (x509CertificateArr == null) {
                throw new IllegalArgumentException("checkServerTrusted: X509Certificate array is null");
            }
            if (x509CertificateArr.length <= 0) {
                throw new IllegalArgumentException("checkServerTrusted: X509Certificate is empty");
            }
            if (str == null || !(str.equalsIgnoreCase("RSA") || str.equalsIgnoreCase("ECDHE_RSA"))) {
                throw new CertificateException("checkServerTrusted: AuthType is not RSA");
            }
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                trustManagerFactory.init((KeyStore) null);
                for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                    if (Build.VERSION.SDK_INT >= 24) {
                        new X509TrustManagerExtensions((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, str, "");
                    } else {
                        ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, str);
                    }
                }
                String bigInteger = new BigInteger(1, ((RSAPublicKey) x509CertificateArr[0].getPublicKey()).getEncoded()).toString(16);
                Set set = this.f15726a;
                if (set != null) {
                    if (set.contains(bigInteger.toUpperCase())) {
                        return;
                    }
                    StringBuilder k8 = f.k("checkServerTrusted: Expected public key: ");
                    k8.append(this.f15726a);
                    k8.append(", got public key:");
                    k8.append(bigInteger);
                    throw new CertificateException(k8.toString());
                }
                i.b(a.class.getSimpleName(), "Public key set as null, so public key checking is disabled!");
            } catch (Exception e10) {
                throw new CertificateException(e10);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public final X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public a(KeyStore keyStore, Set set) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        this.f15725a = sSLContext;
        sSLContext.init(null, new TrustManager[]{new C0272a(set)}, null);
    }

    @Override // cz.msebera.android.httpclient.conn.ssl.SSLSocketFactory, cz.msebera.android.httpclient.conn.scheme.SocketFactory
    public final Socket createSocket() throws IOException {
        return this.f15725a.getSocketFactory().createSocket();
    }

    @Override // cz.msebera.android.httpclient.conn.ssl.SSLSocketFactory, cz.msebera.android.httpclient.conn.scheme.LayeredSocketFactory
    public final Socket createSocket(Socket socket, String str, int i3, boolean z10) throws IOException {
        return this.f15725a.getSocketFactory().createSocket(socket, str, i3, z10);
    }
}
