package eu.cec.digit.ecas.util.httpclient.protocol;

import eu.cec.digit.ecas.util.JavaVersion;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketException;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: input_file:eu/cec/digit/ecas/util/httpclient/protocol/SSLSocketFactoryWrapper.class */
public final class SSLSocketFactoryWrapper extends SSLSocketFactory {
    private static final Set<String> FALLBACK_SECURE_PROTOCOLS = Collections.singleton("TLSv1");
    private final String[] enabledCipherSuites;
    private final Set<String> allowedSecureProtocols;
    private final AbstractSSLSocketFactoryStrategy sslSocketFactoryStrategy;
    private final SSLSocketFactoryWrapper fallbackSSLSocketFactory;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:eu/cec/digit/ecas/util/httpclient/protocol/SSLSocketFactoryWrapper$AbstractSSLSocketFactoryStrategy.class */
    public static abstract class AbstractSSLSocketFactoryStrategy {
        final SSLSocketFactory wrappedSocketFactory;

        AbstractSSLSocketFactoryStrategy(SSLSocketFactory sSLSocketFactory) {
            this.wrappedSocketFactory = sSLSocketFactory;
        }

        abstract Socket createSocket() throws IOException;

        abstract Socket createSocket(InetAddress inetAddress, int i) throws IOException;

        abstract Socket createSocket(String str, int i) throws IOException;

        abstract Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException;

        abstract Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException;

        abstract Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException;

        String[] getSupportedCipherSuites() {
            return this.wrappedSocketFactory.getSupportedCipherSuites();
        }
    }

    /* loaded from: input_file:eu/cec/digit/ecas/util/httpclient/protocol/SSLSocketFactoryWrapper$ForcedLocalAddressSSLSocketFactoryStrategy.class */
    static final class ForcedLocalAddressSSLSocketFactoryStrategy extends AbstractSSLSocketFactoryStrategy {
        private final InetAddress forcedLocalAddress;

        ForcedLocalAddressSSLSocketFactoryStrategy(SSLSocketFactory sSLSocketFactory, InetAddress inetAddress) {
            super(sSLSocketFactory);
            this.forcedLocalAddress = inetAddress;
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket() throws IOException {
            Socket createSocket = this.wrappedSocketFactory.createSocket();
            createSocket.bind(new InetSocketAddress(this.forcedLocalAddress, 0));
            return createSocket;
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(InetAddress inetAddress, int i) throws IOException {
            return createSocket(inetAddress, i, this.forcedLocalAddress, 0);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(String str, int i) throws IOException {
            return createSocket(str, i, this.forcedLocalAddress, 0);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
            if (this.forcedLocalAddress.equals(socket.getLocalAddress())) {
                Socket createSocket = this.wrappedSocketFactory.createSocket(socket, str, i, z);
                if (this.forcedLocalAddress.equals(createSocket.getLocalAddress())) {
                    return createSocket;
                }
            }
            return createSocket(str, i);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
            return this.wrappedSocketFactory.createSocket(inetAddress, i, this.forcedLocalAddress, i2);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
            return this.wrappedSocketFactory.createSocket(str, i, this.forcedLocalAddress, i2);
        }
    }

    /* loaded from: input_file:eu/cec/digit/ecas/util/httpclient/protocol/SSLSocketFactoryWrapper$PassThroughSSLSocketFactoryStrategy.class */
    static final class PassThroughSSLSocketFactoryStrategy extends AbstractSSLSocketFactoryStrategy {
        PassThroughSSLSocketFactoryStrategy(SSLSocketFactory sSLSocketFactory) {
            super(sSLSocketFactory);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket() throws IOException {
            return this.wrappedSocketFactory.createSocket();
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(InetAddress inetAddress, int i) throws IOException {
            return this.wrappedSocketFactory.createSocket(inetAddress, i);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(String str, int i) throws IOException {
            return this.wrappedSocketFactory.createSocket(str, i);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
            return this.wrappedSocketFactory.createSocket(socket, str, i, z);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
            return this.wrappedSocketFactory.createSocket(inetAddress, i, inetAddress2, i2);
        }

        @Override // eu.cec.digit.ecas.util.httpclient.protocol.SSLSocketFactoryWrapper.AbstractSSLSocketFactoryStrategy
        Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
            return this.wrappedSocketFactory.createSocket(str, i, inetAddress, i2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSocketFactoryWrapper(SSLSocketFactory sSLSocketFactory, InetAddress inetAddress) {
        this(sSLSocketFactory, inetAddress, TlsStrengthener.getAllowedProtocols(), FALLBACK_SECURE_PROTOCOLS);
    }

    private SSLSocketFactoryWrapper(SSLSocketFactory sSLSocketFactory, InetAddress inetAddress, Set<String> set, Set<String> set2) {
        if (null == inetAddress) {
            this.sslSocketFactoryStrategy = new PassThroughSSLSocketFactoryStrategy(sSLSocketFactory);
        } else {
            this.sslSocketFactoryStrategy = new ForcedLocalAddressSSLSocketFactoryStrategy(sSLSocketFactory, inetAddress);
        }
        Set<String> commonEnabledCipherSuites = TlsStrengthener.getCommonEnabledCipherSuites(sSLSocketFactory.getDefaultCipherSuites());
        this.enabledCipherSuites = (String[]) commonEnabledCipherSuites.toArray(new String[commonEnabledCipherSuites.size()]);
        this.allowedSecureProtocols = set;
        this.fallbackSSLSocketFactory = new SSLSocketFactoryWrapper(this, set2);
    }

    private SSLSocketFactoryWrapper(SSLSocketFactoryWrapper sSLSocketFactoryWrapper, Set<String> set) {
        this.sslSocketFactoryStrategy = sSLSocketFactoryWrapper.sslSocketFactoryStrategy;
        this.enabledCipherSuites = sSLSocketFactoryWrapper.enabledCipherSuites;
        this.allowedSecureProtocols = set;
        this.fallbackSSLSocketFactory = this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSocketFactoryWrapper(SSLSocketFactory sSLSocketFactory, InetAddress inetAddress, String[] strArr, Set<String> set, SSLSocketFactoryWrapper sSLSocketFactoryWrapper) {
        if (null == inetAddress) {
            this.sslSocketFactoryStrategy = new PassThroughSSLSocketFactoryStrategy(sSLSocketFactory);
        } else {
            this.sslSocketFactoryStrategy = new ForcedLocalAddressSSLSocketFactoryStrategy(sSLSocketFactory, inetAddress);
        }
        this.enabledCipherSuites = strArr;
        this.allowedSecureProtocols = set;
        this.fallbackSSLSocketFactory = sSLSocketFactoryWrapper;
    }

    public SSLSocketFactory getFallbackSSLSocketFactory() {
        return this.fallbackSSLSocketFactory;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket() throws IOException {
        Socket createSocket = this.sslSocketFactoryStrategy.createSocket();
        configureSocket(createSocket);
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        Socket createSocket = this.sslSocketFactoryStrategy.createSocket(inetAddress, i);
        configureSocket(createSocket);
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) throws IOException {
        Socket createSocket = this.sslSocketFactoryStrategy.createSocket(str, i);
        configureSocket(createSocket);
        return createSocket;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        Socket createSocket = this.sslSocketFactoryStrategy.createSocket(socket, str, i, z);
        configureSocket(createSocket);
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        Socket createSocket = this.sslSocketFactoryStrategy.createSocket(inetAddress, i, inetAddress2, i2);
        configureSocket(createSocket);
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
        Socket createSocket = this.sslSocketFactoryStrategy.createSocket(str, i, inetAddress, i2);
        configureSocket(createSocket);
        return createSocket;
    }

    private Set<String> getCommonEnabledProtocols(String[] strArr) {
        LinkedHashSet linkedHashSet = new LinkedHashSet(this.allowedSecureProtocols);
        linkedHashSet.retainAll(Arrays.asList(strArr));
        return Collections.unmodifiableSet(linkedHashSet);
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return (String[]) this.enabledCipherSuites.clone();
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return this.sslSocketFactoryStrategy.getSupportedCipherSuites();
    }

    private void configureSocket(Socket socket) throws SocketException {
        configureNetworkProperties(socket);
        if (socket instanceof SSLSocket) {
            SSLSocket sSLSocket = (SSLSocket) socket;
            configureCipherSuites(sSLSocket);
            configureSecureProtocols(sSLSocket);
        }
    }

    private void configureCipherSuites(SSLSocket sSLSocket) {
        sSLSocket.setEnabledCipherSuites(getDefaultCipherSuites());
    }

    private void configureNetworkProperties(Socket socket) throws SocketException {
    }

    private void configureSecureProtocols(SSLSocket sSLSocket) {
        Set<String> commonEnabledProtocols = getCommonEnabledProtocols(sSLSocket.getSupportedProtocols());
        sSLSocket.setEnabledProtocols((String[]) commonEnabledProtocols.toArray(new String[commonEnabledProtocols.size()]));
        if (JavaVersion.isJava8OrBetter()) {
            try {
                Class<?> cls = Class.forName("javax.net.ssl.SSLParameters", true, SSLSocket.class.getClassLoader());
                Object invoke = SSLSocket.class.getMethod("getSSLParameters", new Class[0]).invoke(sSLSocket, new Object[0]);
                cls.getMethod("setUseCipherSuitesOrder", Boolean.TYPE).invoke(invoke, Boolean.TRUE);
                SSLSocket.class.getMethod("setSSLParameters", cls).invoke(sSLSocket, invoke);
            } catch (ClassNotFoundException e) {
                throw new IllegalStateException("javax.net.ssl.SSLParameters could not be found in a Java8 JVM: \"" + JavaVersion.JAVA_VERSION_STRING + "\": " + e, e);
            } catch (IllegalAccessException e2) {
                throw new IllegalStateException("javax.net.ssl.SSLSocket#setUseCipherSuitesOrder(boolean) cannot be accessed in a Java8 JVM: \"" + JavaVersion.JAVA_VERSION_STRING + "\": " + e2, e2);
            } catch (NoSuchMethodException e3) {
                throw new IllegalStateException("javax.net.ssl.SSLSocket#setUseCipherSuitesOrder(boolean) could not be found in a Java8 JVM: \"" + JavaVersion.JAVA_VERSION_STRING + "\": " + e3, e3);
            } catch (InvocationTargetException e4) {
                throw new IllegalStateException(e4.getTargetException());
            }
        }
    }
}
