package com.tencent.mtt.network.http;

import android.net.SSLSessionCache;
import com.squareup.okhttp.ConfigAwareConnectionPool;
import com.tencent.basesupport.FLogger;
import com.tencent.mtt.ContextHolder;
import com.tencent.mtt.network.e;
import java.io.File;
import java.lang.reflect.Field;
import java.net.Proxy;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import okhttp3.CertificatePinner;
import okhttp3.CipherSuite;
import okhttp3.ConnectionSpec;
import okhttp3.OkHttpClient;
import okhttp3.Protocol;
import okhttp3.internal.Util;
import okhttp3.internal.platform.Platform;

/* loaded from: classes3.dex */
public class QBHttpsHandler extends QBHttpHandler {
    public static final ConnectionSpec TLS_CONNECTION_SPEC;
    private static SSLSocketFactory qpK;
    private static X509TrustManager qpL;
    private final ConfigAwareConnectionPool qpB = ConfigAwareConnectionPool.getInstance();
    private static final CipherSuite[] qpM = {CipherSuite.TLS_AES_128_GCM_SHA256, CipherSuite.TLS_AES_256_GCM_SHA384, CipherSuite.TLS_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_AES_128_CCM_SHA256, CipherSuite.TLS_AES_256_CCM_8_SHA256, CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA};
    public static final List<Protocol> HTTP_1_1_ONLY = Collections.singletonList(Protocol.HTTP_1_1);
    public static final List<Protocol> HTTP_2 = new ArrayList();

    static {
        HTTP_2.add(Protocol.HTTP_1_1);
        HTTP_2.add(Protocol.HTTP_2);
        TLS_CONNECTION_SPEC = new ConnectionSpec.Builder(ConnectionSpec.COMPATIBLE_TLS).allEnabledCipherSuites().allEnabledTlsVersions().supportsTlsExtensions(true).build();
        try {
            SSLContext sSLContext = Platform.get().getSSLContext();
            qpL = Util.platformTrustManager();
            sSLContext.init(null, new TrustManager[]{qpL}, null);
            try {
                SSLSessionCache sSLSessionCache = new SSLSessionCache(new File(ContextHolder.getAppContext().getFilesDir(), "sslCache"));
                SSLSessionContext clientSessionContext = sSLContext.getClientSessionContext();
                Class<?> cls = Class.forName("com.android.org.conscrypt.ClientSessionContext");
                if (cls.isInstance(clientSessionContext)) {
                    Field declaredField = sSLSessionCache.getClass().getDeclaredField("mSessionCache");
                    declaredField.setAccessible(true);
                    cls.getMethod("setPersistentCache", Class.forName("com.android.org.conscrypt.SSLClientSessionCache")).invoke(clientSessionContext, declaredField.get(sSLSessionCache));
                }
            } catch (Throwable th) {
                FLogger.e("QBHttpsHandler", "set sslCache error:" + th);
            }
            qpK = sSLContext.getSocketFactory();
        } catch (Throwable unused) {
            FLogger.e("QBHttpsHandler", "No System TLS");
        }
    }

    public static QBUrlFactory createHttpsOkUrlFactory(Proxy proxy, e eVar) {
        X509TrustManager x509TrustManager;
        QBUrlFactory createHttpOkUrlFactory = createHttpOkUrlFactory(proxy, eVar);
        createHttpOkUrlFactory.setUrlFilter(null);
        OkHttpClient.Builder newBuilder = createHttpOkUrlFactory.client().newBuilder();
        if (eVar.isHttp2Enable()) {
            newBuilder.protocols(HTTP_2);
        } else {
            newBuilder.protocols(HTTP_1_1_ONLY);
        }
        newBuilder.connectionSpecs(Collections.singletonList(TLS_CONNECTION_SPEC));
        newBuilder.certificatePinner(CertificatePinner.DEFAULT);
        newBuilder.hostnameVerifier(HttpsURLConnection.getDefaultHostnameVerifier());
        SSLSocketFactory sSLSocketFactory = qpK;
        if (sSLSocketFactory != null && (x509TrustManager = qpL) != null) {
            newBuilder.sslSocketFactory(sSLSocketFactory, x509TrustManager);
        }
        createHttpOkUrlFactory.setClient(newBuilder.build());
        return createHttpOkUrlFactory;
    }

    @Override // com.tencent.mtt.network.http.QBHttpHandler, java.net.URLStreamHandler
    protected int getDefaultPort() {
        return 443;
    }

    @Override // com.tencent.mtt.network.http.QBHttpHandler
    protected QBUrlFactory newOkUrlFactory(e eVar, Proxy proxy) {
        QBUrlFactory createHttpsOkUrlFactory = createHttpsOkUrlFactory(proxy, eVar);
        createHttpsOkUrlFactory.setClient(createHttpsOkUrlFactory.client().newBuilder().connectionPool(this.qpB.get(eVar.getTag())).build());
        return createHttpsOkUrlFactory;
    }
}
