package com.dropbox.core.http;

import com.dropbox.core.util.IOUtil;
import com.dropbox.core.util.LangUtil;
import com.dropbox.core.util.StringUtil;
import com.google.android.gms.gcm.Task;
import com.unity3d.ads.core.data.datasource.AndroidStaticDeviceInfoDataSource;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes4.dex */
public abstract class SSLConfig {

    /* renamed from: ʻ, reason: contains not printable characters */
    private static CipherSuiteFilterationResults f45368;

    /* renamed from: ˊ, reason: contains not printable characters */
    private static final X509TrustManager f45370 = m54610();

    /* renamed from: ˋ, reason: contains not printable characters */
    private static final SSLSocketFactory f45371 = m54608();

    /* renamed from: ˎ, reason: contains not printable characters */
    private static final String[] f45372 = {"TLSv1.2"};

    /* renamed from: ˏ, reason: contains not printable characters */
    private static final String[] f45373 = {"TLSv1.1"};

    /* renamed from: ᐝ, reason: contains not printable characters */
    private static final String[] f45374 = {"TLSv1"};

    /* renamed from: ʼ, reason: contains not printable characters */
    private static final HashSet f45369 = new HashSet(Arrays.asList("SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA", "SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA", "SSL_ECDHE_RSA_WITH_RC4_128_SHA", "SSL_DHE_RSA_WITH_AES_256_GCM_SHA384", "SSL_DHE_RSA_WITH_AES_256_CBC_SHA256", "SSL_DHE_RSA_WITH_AES_256_CBC_SHA", "SSL_DHE_RSA_WITH_AES_128_GCM_SHA256", "SSL_DHE_RSA_WITH_AES_128_CBC_SHA256", "SSL_DHE_RSA_WITH_AES_128_CBC_SHA", "SSL_RSA_WITH_AES_256_GCM_SHA384", "SSL_RSA_WITH_AES_256_CBC_SHA256", "SSL_RSA_WITH_AES_256_CBC_SHA", "SSL_RSA_WITH_AES_128_GCM_SHA256", "SSL_RSA_WITH_AES_128_CBC_SHA256", "SSL_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA", "ECDHE-RSA-AES256-GCM-SHA384", "ECDHE-RSA-AES256-SHA384", "ECDHE-RSA-AES256-SHA", "ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-RSA-AES128-SHA256", "ECDHE-RSA-AES128-SHA", "ECDHE-RSA-RC4-SHA", "DHE-RSA-AES256-GCM-SHA384", "DHE-RSA-AES256-SHA256", "DHE-RSA-AES256-SHA", "DHE-RSA-AES128-GCM-SHA256", "DHE-RSA-AES128-SHA256", "DHE-RSA-AES128-SHA", "AES256-GCM-SHA384", "AES256-SHA256", "AES256-SHA", "AES128-GCM-SHA256", "AES128-SHA256", "AES128-SHA"));

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes4.dex */
    public static final class CipherSuiteFilterationResults {

        /* renamed from: ˊ, reason: contains not printable characters */
        private final String[] f45375;

        /* renamed from: ˋ, reason: contains not printable characters */
        private final String[] f45376;

        public CipherSuiteFilterationResults(String[] strArr, String[] strArr2) {
            this.f45375 = strArr;
            this.f45376 = strArr2;
        }
    }

    /* loaded from: classes4.dex */
    public static final class LoadException extends Exception {
        private static final long serialVersionUID = 0;

        public LoadException(String str, Throwable th) {
            super(str, th);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes4.dex */
    public static final class SSLSocketFactoryWrapper extends SSLSocketFactory {

        /* renamed from: ˊ, reason: contains not printable characters */
        private final SSLSocketFactory f45377;

        public SSLSocketFactoryWrapper(SSLSocketFactory sSLSocketFactory) {
            this.f45377 = sSLSocketFactory;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i) {
            Socket createSocket = this.f45377.createSocket(str, i);
            SSLConfig.m54602((SSLSocket) createSocket);
            return createSocket;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) {
            Socket createSocket = this.f45377.createSocket(str, i, inetAddress, i2);
            SSLConfig.m54602((SSLSocket) createSocket);
            return createSocket;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i) {
            Socket createSocket = this.f45377.createSocket(inetAddress, i);
            SSLConfig.m54602((SSLSocket) createSocket);
            return createSocket;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) {
            Socket createSocket = this.f45377.createSocket(inetAddress, i, inetAddress2, i2);
            SSLConfig.m54602((SSLSocket) createSocket);
            return createSocket;
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public Socket createSocket(Socket socket, String str, int i, boolean z) {
            Socket createSocket = this.f45377.createSocket(socket, str, i, z);
            SSLConfig.m54602((SSLSocket) createSocket);
            return createSocket;
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getDefaultCipherSuites() {
            return this.f45377.getDefaultCipherSuites();
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getSupportedCipherSuites() {
            return this.f45377.getSupportedCipherSuites();
        }
    }

    /* renamed from: ʻ, reason: contains not printable characters */
    private static X509TrustManager m54598(KeyStore keyStore) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            try {
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                if (trustManagers.length != 1) {
                    throw new AssertionError("More than 1 TrustManager created.");
                }
                TrustManager trustManager = trustManagers[0];
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
                throw new AssertionError("TrustManager not of type X509: " + trustManagers[0].getClass());
            } catch (KeyStoreException e) {
                throw LangUtil.m54738("Unable to initialize TrustManagerFactory with key store", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw LangUtil.m54738("Unable to create TrustManagerFactory", e2);
        }
    }

    /* renamed from: ʼ, reason: contains not printable characters */
    private static List m54599(CertificateFactory certificateFactory, InputStream inputStream) {
        ArrayList arrayList = new ArrayList();
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        byte[] bArr = new byte[Task.EXTRAS_LIMIT_BYTES];
        while (true) {
            int readUnsignedShort = dataInputStream.readUnsignedShort();
            if (readUnsignedShort == 0) {
                if (dataInputStream.read() < 0) {
                    return arrayList;
                }
                throw new LoadException("Found data after after zero-length header.", null);
            }
            if (readUnsignedShort > 10240) {
                throw new LoadException("Invalid length for certificate entry: " + readUnsignedShort, null);
            }
            dataInputStream.readFully(bArr, 0, readUnsignedShort);
            arrayList.add((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(bArr, 0, readUnsignedShort)));
        }
    }

    /* renamed from: ʽ, reason: contains not printable characters */
    private static String[] m54600(String[] strArr) {
        CipherSuiteFilterationResults cipherSuiteFilterationResults = f45368;
        if (cipherSuiteFilterationResults != null && Arrays.equals(cipherSuiteFilterationResults.f45375, strArr)) {
            return cipherSuiteFilterationResults.f45376;
        }
        ArrayList arrayList = new ArrayList(f45369.size());
        for (String str : strArr) {
            if (f45369.contains(str)) {
                arrayList.add(str);
            }
        }
        String[] strArr2 = (String[]) arrayList.toArray(new String[arrayList.size()]);
        f45368 = new CipherSuiteFilterationResults(strArr, strArr2);
        return strArr2;
    }

    /* renamed from: ʾ, reason: contains not printable characters */
    public static X509TrustManager m54601() {
        return f45370;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: ʿ, reason: contains not printable characters */
    public static void m54602(SSLSocket sSLSocket) {
        sSLSocket.setEnabledProtocols(m54609(sSLSocket.getEnabledProtocols()));
        sSLSocket.setEnabledCipherSuites(m54600(sSLSocket.getEnabledCipherSuites()));
    }

    /* renamed from: ˈ, reason: contains not printable characters */
    private static KeyStore m54603(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, new char[0]);
            InputStream resourceAsStream = SSLConfig.class.getResourceAsStream(str);
            try {
                if (resourceAsStream == null) {
                    throw new AssertionError("Couldn't find resource \"" + str + "\"");
                }
                try {
                    try {
                        m54604(keyStore, resourceAsStream);
                        IOUtil.m54732(resourceAsStream);
                        return keyStore;
                    } catch (KeyStoreException e) {
                        throw LangUtil.m54738("Error loading from \"" + str + "\"", e);
                    }
                } catch (LoadException e2) {
                    throw LangUtil.m54738("Error loading from \"" + str + "\"", e2);
                } catch (IOException e3) {
                    throw LangUtil.m54738("Error loading from \"" + str + "\"", e3);
                }
            } catch (Throwable th) {
                IOUtil.m54732(resourceAsStream);
                throw th;
            }
        } catch (IOException e4) {
            throw LangUtil.m54738("Couldn't initialize KeyStore", e4);
        } catch (KeyStoreException e5) {
            throw LangUtil.m54738("Couldn't initialize KeyStore", e5);
        } catch (NoSuchAlgorithmException e6) {
            throw LangUtil.m54738("Couldn't initialize KeyStore", e6);
        } catch (CertificateException e7) {
            throw LangUtil.m54738("Couldn't initialize KeyStore", e7);
        }
    }

    /* renamed from: ˉ, reason: contains not printable characters */
    private static void m54604(KeyStore keyStore, InputStream inputStream) {
        try {
            try {
                for (X509Certificate x509Certificate : m54599(CertificateFactory.getInstance(AndroidStaticDeviceInfoDataSource.CERTIFICATE_TYPE_X509), inputStream)) {
                    try {
                        keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
                    } catch (KeyStoreException e) {
                        throw new LoadException("Error loading certificate: " + e.getMessage(), e);
                    }
                }
            } catch (CertificateException e2) {
                throw new LoadException("Error loading certificate: " + e2.getMessage(), e2);
            }
        } catch (CertificateException e3) {
            throw LangUtil.m54738("Couldn't initialize X.509 CertificateFactory", e3);
        }
    }

    /* renamed from: ˋ, reason: contains not printable characters */
    public static void m54606(HttpsURLConnection httpsURLConnection) {
        httpsURLConnection.setSSLSocketFactory(f45371);
    }

    /* renamed from: ˎ, reason: contains not printable characters */
    private static SSLContext m54607(TrustManager[] trustManagerArr) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            try {
                sSLContext.init(null, trustManagerArr, null);
                return sSLContext;
            } catch (KeyManagementException e) {
                throw LangUtil.m54738("Couldn't initialize SSLContext", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw LangUtil.m54738("Couldn't create SSLContext", e2);
        }
    }

    /* renamed from: ˏ, reason: contains not printable characters */
    private static SSLSocketFactory m54608() {
        return new SSLSocketFactoryWrapper(m54607(new TrustManager[]{f45370}).getSocketFactory());
    }

    /* renamed from: ͺ, reason: contains not printable characters */
    private static String[] m54609(String[] strArr) {
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        for (String str : strArr) {
            if (str.equals("TLSv1.2")) {
                z = true;
            } else if (str.equals("TLSv1.1")) {
                z2 = true;
            } else if (str.equals("TLSv1")) {
                z3 = true;
            }
        }
        if (z) {
            return f45372;
        }
        if (z2) {
            return f45373;
        }
        if (z3) {
            return f45374;
        }
        throw new SSLException("Socket's available protocols doesn't overlap with our allowed protocols: " + StringUtil.m54752(strArr) + ".");
    }

    /* renamed from: ᐝ, reason: contains not printable characters */
    private static X509TrustManager m54610() {
        return m54598(m54603("/com/dropbox/core/trusted-certs.raw"));
    }

    /* renamed from: ι, reason: contains not printable characters */
    public static SSLSocketFactory m54611() {
        return f45371;
    }
}
