package com.sun.net.ssl.internal.www.protocol.https;

import com.sun.net.ssl.HostnameVerifier;
import com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl;
import com.sun.net.ssl.internal.ssl.X500Name;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.security.cert.X509Certificate;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: DashoA6275 */
/* loaded from: input_file:com/sun/net/ssl/internal/www/protocol/https/HttpsClient.class */
public final class HttpsClient extends HttpClient implements HandshakeCompletedListener {
    private static final int a = 443;
    private SSLSocketFactory b;
    private String c;
    private int d;
    private SSLSession e;

    /* JADX INFO: Access modifiers changed from: package-private */
    public HttpsClient(URL url, String str, int i) throws IOException {
        super(url, str, i);
    }

    private HttpsClient(SSLSocketFactory sSLSocketFactory, URL url) throws IOException {
        super(sSLSocketFactory, url, true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static HttpClient a(SSLSocketFactory sSLSocketFactory, URL url, HostnameVerifier hostnameVerifier) throws IOException {
        return a(sSLSocketFactory, url, hostnameVerifier, true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static HttpClient a(SSLSocketFactory sSLSocketFactory, URL url, HostnameVerifier hostnameVerifier, boolean z) throws IOException {
        HttpsClient httpsClient = null;
        if (z) {
            httpsClient = (HttpsClient) HttpClient.kac.a(sSLSocketFactory, url);
        }
        if (httpsClient == null) {
            httpsClient = new HttpsClient(sSLSocketFactory, url);
        } else {
            SecurityManager securityManager = System.getSecurityManager();
            if (securityManager != null) {
                securityManager.checkConnect(url.getHost(), url.getPort());
            }
            httpsClient.url = url;
        }
        httpsClient.a(hostnameVerifier);
        return httpsClient;
    }

    private void a(HostnameVerifier hostnameVerifier) throws IOException {
        String str = null;
        try {
            str = new X500Name(this.e.getPeerCertificateChain()[0].getSubjectDN().getName()).getCommonName();
        } catch (SSLPeerUnverifiedException unused) {
        }
        if (str == null || !str.equalsIgnoreCase(this.url.getHost())) {
            if (hostnameVerifier == null || !hostnameVerifier.verify(this.url.getHost(), str)) {
                this.serverSocket.close();
                this.e.invalidate();
                throw new IOException(new StringBuffer("HTTPS hostname wrong:  should be <").append(this.url.getHost()).append(">, but cert says <").append(str).append(">").toString());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.net.ssl.internal.www.protocol.https.NetworkClient
    public Socket doConnect(String str, int i) throws IOException, UnknownHostException {
        SSLSocket sSLSocket;
        this.c = this.c != null ? this.c : n();
        this.d = this.d != 0 ? this.d : o();
        SSLSocketFactory sSLSocketFactory = this.b;
        if (this.c == null || isNonProxyHost()) {
            sSLSocket = (SSLSocket) sSLSocketFactory.createSocket(str, i);
        } else {
            try {
                Socket socket = new Socket(this.c, this.d);
                a(socket, str, i);
                sSLSocket = (SSLSocket) sSLSocketFactory.createSocket(socket, str, i, true);
            } catch (IOException e) {
                try {
                    sSLSocket = (SSLSocket) sSLSocketFactory.createSocket(str, i);
                } catch (IOException unused) {
                    throw e;
                }
            }
        }
        SSLSocketFactoryImpl.checkCreate(sSLSocket);
        String[] l = l();
        if (l != null) {
            sSLSocket.setEnabledCipherSuites(l);
        }
        sSLSocket.addHandshakeCompletedListener(this);
        sSLSocket.startHandshake();
        this.e = sSLSocket.getSession();
        return sSLSocket;
    }

    private void a(Socket socket, String str, int i) throws IOException {
        byte[] bytes;
        String str2;
        OutputStream outputStream = socket.getOutputStream();
        String stringBuffer = new StringBuffer("CONNECT ").append(str).append(":").append(i).append(" HTTP/1.0\n").append("User-Agent: ").append(p()).append("\r\n\r\n").toString();
        try {
            bytes = stringBuffer.getBytes("ASCII7");
        } catch (UnsupportedEncodingException unused) {
            bytes = stringBuffer.getBytes();
        }
        outputStream.write(bytes);
        outputStream.flush();
        byte[] bArr = new byte[200];
        int i2 = 0;
        int i3 = 0;
        boolean z = false;
        InputStream inputStream = socket.getInputStream();
        while (i3 < 2) {
            int read = inputStream.read();
            if (read < 0) {
                throw new IOException("Unexpected EOF from proxy");
            }
            if (read == 10) {
                z = true;
                i3++;
            } else if (read != 13) {
                i3 = 0;
                if (!z && i2 < bArr.length) {
                    int i4 = i2;
                    i2++;
                    bArr[i4] = (byte) read;
                }
            }
        }
        try {
            str2 = new String(bArr, 0, i2, "ASCII7");
        } catch (UnsupportedEncodingException unused2) {
            str2 = new String(bArr, 0, i2);
        }
        if (!str2.startsWith("HTTP/1.0 200")) {
            throw new IOException(new StringBuffer("Unable to tunnel through ").append(this.c).append(":").append(this.d).append(".  Proxy returns \"").append(str2).append("\"").toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String a() {
        return this.e.getCipherSuite();
    }

    private String[] l() {
        String[] strArr;
        String a2 = a("https.cipherSuites");
        if (a2 == null || "".equals(a2)) {
            strArr = null;
        } else {
            Vector vector = new Vector();
            StringTokenizer stringTokenizer = new StringTokenizer(a2, ",");
            while (stringTokenizer.hasMoreElements()) {
                vector.addElement(stringTokenizer.nextElement());
            }
            strArr = new String[vector.size()];
            for (int i = 0; i < strArr.length; i++) {
                strArr[i] = (String) vector.elementAt(i);
            }
        }
        return strArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.net.ssl.internal.www.protocol.https.HttpClient
    public int getDefaultPort() {
        return a;
    }

    private RegexpPool m() {
        RegexpPool regexpPool = new RegexpPool();
        String a2 = a("http.nonProxyHosts");
        if (a2 != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(a2, "|", false);
            while (stringTokenizer.hasMoreTokens()) {
                try {
                    regexpPool.add(stringTokenizer.nextToken().toLowerCase(), new Boolean(true));
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        }
        return regexpPool;
    }

    private String n() {
        String a2 = a("https.proxyHost");
        if (a2 != null && a2.length() == 0) {
            a2 = null;
        }
        return a2;
    }

    private int o() {
        int[] iArr = new int[1];
        AccessController.doPrivileged(new PrivilegedAction(iArr) { // from class: com.sun.net.ssl.internal.www.protocol.https.HttpsClient.2
            private final int[] a;

            {
                this.a = iArr;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                if (System.getProperty("https.proxyHost") == null) {
                    return null;
                }
                this.a[0] = Integer.getInteger("https.proxyPort", 80).intValue();
                return null;
            }
        });
        return iArr[0] < 0 ? super.getDefaultPort() : iArr[0];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSocketFactory b() {
        return this.b;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public X509Certificate[] c() {
        try {
            return this.e.getPeerCertificateChain();
        } catch (SSLPeerUnverifiedException unused) {
            return null;
        }
    }

    private String a(String str) {
        return (String) AccessController.doPrivileged(new PrivilegedAction(str) { // from class: com.sun.net.ssl.internal.www.protocol.https.HttpsClient.1
            private final String a;

            {
                this.a = str;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return System.getProperty(this.a);
            }
        });
    }

    private String p() {
        String a2 = a("https.agent");
        if (a2 == null || a2.length() == 0) {
            a2 = "JSSE";
        }
        return a2;
    }

    @Override // javax.net.ssl.HandshakeCompletedListener
    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
        this.e = handshakeCompletedEvent.getSession();
    }

    protected boolean isNonProxyHost() {
        RegexpPool m = m();
        if (m.match(this.url.getHost().toLowerCase()) != null) {
            return true;
        }
        try {
            return m.match(InetAddress.getByName(this.url.getHost()).getHostAddress()) != null;
        } catch (UnknownHostException unused) {
            return false;
        }
    }

    @Override // com.sun.net.ssl.internal.www.protocol.https.HttpClient
    void a(SSLSocketFactory sSLSocketFactory) {
        this.b = sSLSocketFactory;
    }
}
