package defpackage;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.SocketAddress;
import java.nio.channels.SocketChannel;
import java.security.KeyStore;
import java.security.cert.CertPath;
import java.security.cert.CertPathChecker;
import java.security.cert.CertPathValidator;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.PKIXRevocationChecker;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;

/* compiled from: PG */
/* loaded from: classes.dex */
public final class cld extends SSLSocket {
    private static final jgl a = jgl.k("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket");
    private static final Set b = lvy.u("TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "TLS_AES_128_GCM_SHA256");
    private final SSLSocket c;
    private final mdi d;
    private boolean e;

    public /* synthetic */ cld(SSLSocket sSLSocket) {
        int i;
        CertPathChecker revocationChecker;
        String str;
        String obj;
        PKIXRevocationChecker.Option option;
        clc clcVar = clc.a;
        this.c = sSLSocket;
        this.d = clcVar;
        String[] supportedCipherSuites = getSupportedCipherSuites();
        Set set = b;
        set.getClass();
        LinkedHashSet linkedHashSet = new LinkedHashSet(lvy.y(supportedCipherSuites.length));
        lvy.aD(supportedCipherSuites, linkedHashSet);
        lvy.af(linkedHashSet, set);
        setEnabledCipherSuites((String[]) linkedHashSet.toArray(new String[0]));
        if (getEnabledCipherSuites().length == 0) {
            throw new clf("No secure cipher supported");
        }
        jgl jglVar = a;
        ((jgj) jglVar.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "<init>", 43, "NiapSSLSocket.kt")).s("Verifying NiapSSLSocket");
        startHandshake();
        if (kuq.a.a().c()) {
            InetAddress inetAddress = sSLSocket.getInetAddress();
            if (inetAddress != null) {
                String hostName = inetAddress.getHostName();
                hostName.getClass();
                ((jgj) jglVar.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "verifyHostname", 133, "NiapSSLSocket.kt")).v("Verifying hostname: %s", hostName);
                if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(hostName, sSLSocket.getSession())) {
                    throw new clf(a.aP(hostName, "Failed to validate presented identifier. Host: ", ". App: com.google.android.apps.work.clouddpc"));
                }
                ((jgj) jglVar.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "verifyHostname", 141, "NiapSSLSocket.kt")).s("Hostname verified");
            } else {
                ((jgj) jglVar.f().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "verify", 59, "NiapSSLSocket.kt")).s("Socket is not connected");
            }
        }
        Certificate[] peerCertificates = getSession().getPeerCertificates();
        peerCertificates.getClass();
        ((jgj) jglVar.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "verifyCertificates", 76, "NiapSSLSocket.kt")).s("Validating NiapSSLSocket certs");
        ArrayList arrayList = new ArrayList();
        while (i < peerCertificates.length) {
            Certificate certificate = peerCertificates[i];
            if (certificate instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) certificate;
                i = a.S(x509Certificate.getSubjectDN().getName(), x509Certificate.getIssuerDN().getName()) ? i + 1 : 0;
            }
            arrayList.add(certificate);
        }
        if (arrayList.isEmpty()) {
            throw new clf("Empty leafCerts: Self-signed certificate");
        }
        arrayList.toString();
        CertPath generateCertPath = CertificateFactory.getInstance("X.509").generateCertPath(arrayList);
        KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
        try {
            keyStore.load(null, null);
            Object a2 = this.d.a();
            PKIXParameters pKIXParameters = new PKIXParameters(keyStore);
            CertPathValidator certPathValidator = (CertPathValidator) a2;
            revocationChecker = certPathValidator.getRevocationChecker();
            revocationChecker.getClass();
            PKIXRevocationChecker m60m = ab$$ExternalSyntheticApiModelOutline2.m60m((Object) revocationChecker);
            if (kuq.a.a().a()) {
                option = PKIXRevocationChecker.Option.NO_FALLBACK;
                m60m.setOptions(lvy.t(option));
            }
            pKIXParameters.addCertPathChecker(m60m);
            certPathValidator.validate(generateCertPath, pKIXParameters);
            jgl jglVar2 = a;
            ((jgj) jglVar2.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "verifyCertificates", 102, "NiapSSLSocket.kt")).s("NiapSSLSocket certs validated");
            Certificate[] peerCertificates2 = getSession().getPeerCertificates();
            peerCertificates2.getClass();
            ((jgj) jglVar2.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "verifyTldWildcards", 106, "NiapSSLSocket.kt")).s("Verifying Tld Wildcards");
            for (Certificate certificate2 : peerCertificates2) {
                if (certificate2 instanceof X509Certificate) {
                    Collection<List<?>> subjectAlternativeNames = ((X509Certificate) certificate2).getSubjectAlternativeNames();
                    subjectAlternativeNames = subjectAlternativeNames == null ? mbl.a : subjectAlternativeNames;
                    ArrayList<List> arrayList2 = new ArrayList();
                    for (Object obj2 : subjectAlternativeNames) {
                        List list = (List) obj2;
                        list.getClass();
                        if (a.S(lvy.N(list, 0), 2)) {
                            arrayList2.add(obj2);
                        }
                    }
                    ArrayList<String> arrayList3 = new ArrayList();
                    for (List list2 : arrayList2) {
                        list2.getClass();
                        Object N = lvy.N(list2, 1);
                        if (N == null || (obj = N.toString()) == null) {
                            str = null;
                        } else {
                            str = obj.toUpperCase(Locale.ROOT);
                            str.getClass();
                        }
                        if (str != null) {
                            arrayList3.add(str);
                        }
                    }
                    for (String str2 : arrayList3) {
                        if (clg.a.contains(str2)) {
                            throw new clf("Failed TLD wildcard check for ".concat(String.valueOf(str2)));
                        }
                    }
                }
            }
            jgl jglVar3 = a;
            ((jgj) jglVar3.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "verifyTldWildcards", 125, "NiapSSLSocket.kt")).s("Tld Wildcards verified");
            ((jgj) jglVar3.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "<init>", 45, "NiapSSLSocket.kt")).s("NiapSSLSocket verified");
        } catch (IOException e) {
            e.printStackTrace();
            throw new AssertionError(e);
        }
    }

    @Override // javax.net.ssl.SSLSocket
    public final void addHandshakeCompletedListener(HandshakeCompletedListener handshakeCompletedListener) {
        this.c.addHandshakeCompletedListener(handshakeCompletedListener);
    }

    @Override // java.net.Socket
    public final void bind(SocketAddress socketAddress) {
        this.c.bind(socketAddress);
    }

    @Override // java.net.Socket, java.io.Closeable, java.lang.AutoCloseable
    public final void close() {
        jgj jgjVar = (jgj) a.d().i("com/google/android/apps/work/clouddpc/base/integ/devicepolicyserver/niapsslsocket/NiapSSLSocket", "close", 211, "NiapSSLSocket.kt");
        InetAddress inetAddress = this.c.getInetAddress();
        jgjVar.v("Closing socket, terminating connection to %s", inetAddress != null ? inetAddress.getHostName() : null);
        this.c.close();
    }

    @Override // java.net.Socket
    public final void connect(SocketAddress socketAddress) {
        socketAddress.getClass();
        this.c.connect(socketAddress);
    }

    @Override // java.net.Socket
    public final void connect(SocketAddress socketAddress, int i) {
        socketAddress.getClass();
        this.c.connect(socketAddress, i);
    }

    @Override // java.net.Socket
    public final SocketChannel getChannel() {
        return this.c.getChannel();
    }

    @Override // javax.net.ssl.SSLSocket
    public final boolean getEnableSessionCreation() {
        return this.c.getEnableSessionCreation();
    }

    @Override // javax.net.ssl.SSLSocket
    public final String[] getEnabledCipherSuites() {
        String[] enabledCipherSuites = this.c.getEnabledCipherSuites();
        enabledCipherSuites.getClass();
        return enabledCipherSuites;
    }

    @Override // javax.net.ssl.SSLSocket
    public final String[] getEnabledProtocols() {
        String[] enabledProtocols = this.c.getEnabledProtocols();
        enabledProtocols.getClass();
        return enabledProtocols;
    }

    @Override // javax.net.ssl.SSLSocket
    public final SSLSession getHandshakeSession() {
        SSLSession handshakeSession;
        handshakeSession = this.c.getHandshakeSession();
        return handshakeSession;
    }

    @Override // java.net.Socket
    public final InetAddress getInetAddress() {
        return this.c.getInetAddress();
    }

    @Override // java.net.Socket
    public final InputStream getInputStream() {
        InputStream inputStream = this.c.getInputStream();
        inputStream.getClass();
        return inputStream;
    }

    @Override // java.net.Socket
    public final boolean getKeepAlive() {
        return this.c.getKeepAlive();
    }

    @Override // java.net.Socket
    public final InetAddress getLocalAddress() {
        InetAddress localAddress = this.c.getLocalAddress();
        localAddress.getClass();
        return localAddress;
    }

    @Override // java.net.Socket
    public final int getLocalPort() {
        return this.c.getLocalPort();
    }

    @Override // java.net.Socket
    public final SocketAddress getLocalSocketAddress() {
        return this.c.getLocalSocketAddress();
    }

    @Override // javax.net.ssl.SSLSocket
    public final boolean getNeedClientAuth() {
        return this.c.getNeedClientAuth();
    }

    @Override // java.net.Socket
    public final boolean getOOBInline() {
        return this.c.getOOBInline();
    }

    @Override // java.net.Socket
    public final OutputStream getOutputStream() {
        OutputStream outputStream = this.c.getOutputStream();
        outputStream.getClass();
        return outputStream;
    }

    @Override // java.net.Socket
    public final int getPort() {
        return this.c.getPort();
    }

    @Override // java.net.Socket
    public final int getReceiveBufferSize() {
        return this.c.getReceiveBufferSize();
    }

    @Override // java.net.Socket
    public final SocketAddress getRemoteSocketAddress() {
        return this.c.getRemoteSocketAddress();
    }

    @Override // java.net.Socket
    public final boolean getReuseAddress() {
        return this.c.getReuseAddress();
    }

    @Override // javax.net.ssl.SSLSocket
    public final SSLParameters getSSLParameters() {
        return this.c.getSSLParameters();
    }

    @Override // java.net.Socket
    public final int getSendBufferSize() {
        return this.c.getSendBufferSize();
    }

    @Override // javax.net.ssl.SSLSocket
    public final SSLSession getSession() {
        SSLSession session = this.c.getSession();
        session.getClass();
        return session;
    }

    @Override // java.net.Socket
    public final int getSoLinger() {
        return this.c.getSoLinger();
    }

    @Override // java.net.Socket
    public final int getSoTimeout() {
        return this.c.getSoTimeout();
    }

    @Override // javax.net.ssl.SSLSocket
    public final String[] getSupportedCipherSuites() {
        String[] supportedCipherSuites = this.c.getSupportedCipherSuites();
        supportedCipherSuites.getClass();
        return supportedCipherSuites;
    }

    @Override // javax.net.ssl.SSLSocket
    public final String[] getSupportedProtocols() {
        String[] supportedProtocols = this.c.getSupportedProtocols();
        supportedProtocols.getClass();
        return supportedProtocols;
    }

    @Override // java.net.Socket
    public final boolean getTcpNoDelay() {
        return this.c.getTcpNoDelay();
    }

    @Override // java.net.Socket
    public final int getTrafficClass() {
        return this.c.getTrafficClass();
    }

    @Override // javax.net.ssl.SSLSocket
    public final boolean getUseClientMode() {
        return this.c.getUseClientMode();
    }

    @Override // javax.net.ssl.SSLSocket
    public final boolean getWantClientAuth() {
        return this.c.getWantClientAuth();
    }

    @Override // java.net.Socket
    public final boolean isBound() {
        return this.c.isBound();
    }

    @Override // java.net.Socket
    public final boolean isClosed() {
        return this.c.isClosed();
    }

    @Override // java.net.Socket
    public final boolean isConnected() {
        return this.c.isConnected();
    }

    @Override // java.net.Socket
    public final boolean isInputShutdown() {
        return this.c.isInputShutdown();
    }

    @Override // java.net.Socket
    public final boolean isOutputShutdown() {
        return this.c.isOutputShutdown();
    }

    @Override // javax.net.ssl.SSLSocket
    public final void removeHandshakeCompletedListener(HandshakeCompletedListener handshakeCompletedListener) {
        this.c.removeHandshakeCompletedListener(handshakeCompletedListener);
    }

    @Override // java.net.Socket
    public final void sendUrgentData(int i) {
        this.c.sendUrgentData(i);
    }

    @Override // javax.net.ssl.SSLSocket
    public final void setEnableSessionCreation(boolean z) {
        this.c.setEnableSessionCreation(z);
    }

    @Override // javax.net.ssl.SSLSocket
    public final void setEnabledCipherSuites(String[] strArr) {
        this.c.setEnabledCipherSuites(strArr);
    }

    @Override // javax.net.ssl.SSLSocket
    public final void setEnabledProtocols(String[] strArr) {
        this.c.setEnabledProtocols(strArr);
    }

    @Override // java.net.Socket
    public final void setKeepAlive(boolean z) {
        this.c.setKeepAlive(z);
    }

    @Override // javax.net.ssl.SSLSocket
    public final void setNeedClientAuth(boolean z) {
        this.c.setNeedClientAuth(z);
    }

    @Override // java.net.Socket
    public final void setOOBInline(boolean z) {
        this.c.setOOBInline(z);
    }

    @Override // java.net.Socket
    public final void setPerformancePreferences(int i, int i2, int i3) {
        this.c.setPerformancePreferences(i, i2, i3);
    }

    @Override // java.net.Socket
    public final void setReceiveBufferSize(int i) {
        this.c.setReceiveBufferSize(i);
    }

    @Override // java.net.Socket
    public final void setReuseAddress(boolean z) {
        this.c.setReuseAddress(z);
    }

    @Override // javax.net.ssl.SSLSocket
    public final void setSSLParameters(SSLParameters sSLParameters) {
        this.c.setSSLParameters(sSLParameters);
    }

    @Override // java.net.Socket
    public final void setSendBufferSize(int i) {
        this.c.setSendBufferSize(i);
    }

    @Override // java.net.Socket
    public final void setSoLinger(boolean z, int i) {
        this.c.setSoLinger(z, i);
    }

    @Override // java.net.Socket
    public final void setSoTimeout(int i) {
        this.c.setSoTimeout(i);
    }

    @Override // java.net.Socket
    public final void setTcpNoDelay(boolean z) {
        this.c.setTcpNoDelay(z);
    }

    @Override // java.net.Socket
    public final void setTrafficClass(int i) {
        this.c.setTrafficClass(i);
    }

    @Override // javax.net.ssl.SSLSocket
    public final void setUseClientMode(boolean z) {
        this.c.setUseClientMode(z);
    }

    @Override // javax.net.ssl.SSLSocket
    public final void setWantClientAuth(boolean z) {
        this.c.setWantClientAuth(z);
    }

    @Override // java.net.Socket
    public final void shutdownInput() {
        this.c.shutdownInput();
    }

    @Override // java.net.Socket
    public final void shutdownOutput() {
        this.c.shutdownOutput();
    }

    @Override // javax.net.ssl.SSLSocket
    public final void startHandshake() {
        if (this.e) {
            return;
        }
        this.e = true;
        this.c.startHandshake();
    }

    @Override // javax.net.ssl.SSLSocket, java.net.Socket
    public final String toString() {
        String sSLSocket = this.c.toString();
        sSLSocket.getClass();
        return sSLSocket;
    }
}
