package com.amazonaws.http.conn.ssl;

import com.amazonaws.b.h;
import com.amazonaws.http.conn.ssl.a;
import com.amazonaws.internal.ac;
import com.amazonaws.internal.ad;
import com.amazonaws.internal.ae;
import com.amazonaws.internal.z;
import com.amazonaws.metrics.AwsSdkMetrics;
import com.amazonaws.util.JavaVersionParser;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.Socket;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.SSLSocket;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpHost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.protocol.HttpContext;

/* compiled from: SdkTLSSocketFactory.java */
@h
/* loaded from: classes.dex */
public class b extends SSLConnectionSocketFactory {

    /* renamed from: a, reason: collision with root package name */
    private static final Log f1772a = LogFactory.getLog(b.class);
    private final SSLContext b;
    private final a.InterfaceC0111a c;
    private final c d;

    public b(SSLContext sSLContext, HostnameVerifier hostnameVerifier) {
        super(sSLContext, hostnameVerifier);
        if (sSLContext == null) {
            throw new IllegalArgumentException("sslContext must not be null. Use SSLContext.getDefault() if you are unsure.");
        }
        this.b = sSLContext;
        this.c = a.a();
        this.d = new c(JavaVersionParser.a());
    }

    private <T extends Throwable> T a(T t) {
        if (f1772a.isDebugEnabled()) {
            f1772a.debug("", t);
        }
        return t;
    }

    private void a(SSLSessionContext sSLSessionContext, InetSocketAddress inetSocketAddress) {
        String hostName = inetSocketAddress.getHostName();
        int port = inetSocketAddress.getPort();
        Enumeration<byte[]> ids = sSLSessionContext.getIds();
        if (ids == null) {
            return;
        }
        while (ids.hasMoreElements()) {
            SSLSession session = sSLSessionContext.getSession(ids.nextElement());
            if (session != null && session.getPeerHost() != null && session.getPeerHost().equalsIgnoreCase(hostName) && session.getPeerPort() == port) {
                session.invalidate();
                if (f1772a.isDebugEnabled()) {
                    f1772a.debug("Invalidated session " + session);
                }
            }
        }
    }

    private boolean a(String str, String[] strArr) {
        for (String str2 : strArr) {
            if (str.equals(str2)) {
                return true;
            }
        }
        return false;
    }

    @Override // org.apache.http.conn.ssl.SSLConnectionSocketFactory, org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket connectSocket(int i, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
        if (f1772a.isDebugEnabled()) {
            f1772a.debug("connecting to " + inetSocketAddress.getAddress() + ":" + inetSocketAddress.getPort());
        }
        try {
            Socket connectSocket = super.connectSocket(i, socket, httpHost, inetSocketAddress, inetSocketAddress2, httpContext);
            if (!this.c.a(connectSocket)) {
                throw ((IllegalStateException) a(new IllegalStateException("Invalid SSL master secret")));
            }
            if (connectSocket instanceof SSLSocket) {
                ad adVar = new ad((SSLSocket) connectSocket);
                return AwsSdkMetrics.isHttpSocketReadMetricEnabled() ? new ac(adVar) : adVar;
            }
            ae aeVar = new ae(connectSocket);
            return AwsSdkMetrics.isHttpSocketReadMetricEnabled() ? new z(aeVar) : aeVar;
        } catch (SSLException e) {
            if (this.d.a(e)) {
                if (f1772a.isDebugEnabled()) {
                    f1772a.debug("connection failed due to SSL error, clearing TLS session cache", e);
                }
                a(this.b.getClientSessionContext(), inetSocketAddress);
            }
            throw e;
        }
    }

    @Override // org.apache.http.conn.ssl.SSLConnectionSocketFactory, org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket createSocket(HttpContext httpContext) throws IOException {
        return com.amazonaws.http.a.c.b.a(httpContext) ? new Socket(Proxy.NO_PROXY) : super.createSocket(httpContext);
    }

    @Override // org.apache.http.conn.ssl.SSLConnectionSocketFactory
    protected final void prepareSocket(SSLSocket sSLSocket) {
        String[] supportedProtocols = sSLSocket.getSupportedProtocols();
        String[] enabledProtocols = sSLSocket.getEnabledProtocols();
        if (f1772a.isDebugEnabled()) {
            f1772a.debug("socket.getSupportedProtocols(): " + Arrays.toString(supportedProtocols) + ", socket.getEnabledProtocols(): " + Arrays.toString(enabledProtocols));
        }
        ArrayList arrayList = new ArrayList();
        if (supportedProtocols != null) {
            for (TLSProtocol tLSProtocol : TLSProtocol.values()) {
                String protocolName = tLSProtocol.getProtocolName();
                if (a(protocolName, supportedProtocols)) {
                    arrayList.add(protocolName);
                }
            }
        }
        if (enabledProtocols != null) {
            for (String str : enabledProtocols) {
                if (!arrayList.contains(str)) {
                    arrayList.add(str);
                }
            }
        }
        if (arrayList.size() > 0) {
            String[] strArr = (String[]) arrayList.toArray(new String[arrayList.size()]);
            sSLSocket.setEnabledProtocols(strArr);
            if (f1772a.isDebugEnabled()) {
                f1772a.debug("TLS protocol enabled for SSL handshake: " + Arrays.toString(strArr));
            }
        }
    }
}
