package com.gargoylesoftware.htmlunit;

import java.io.IOException;
import java.lang.reflect.Field;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import org.apache.http.HttpHost;
import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.protocol.HttpContext;

/* loaded from: input_file:lib/net.sourceforge.htmlunit.jar:com/gargoylesoftware/htmlunit/HtmlUnitSSLConnectionSocketFactory.class */
final class HtmlUnitSSLConnectionSocketFactory extends SSLConnectionSocketFactory {
    private static final String SSL3ONLY = "htmlunit.SSL3Only";

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setUseSSL3Only(HttpContext httpContext, boolean z) {
        httpContext.setAttribute(SSL3ONLY, Boolean.valueOf(z));
    }

    static boolean isUseSSL3Only(HttpContext httpContext) {
        return "TRUE".equalsIgnoreCase((String) httpContext.getAttribute(SSL3ONLY));
    }

    public static SSLConnectionSocketFactory buildSSLSocketFactory(WebClientOptions webClientOptions) {
        try {
            String[] sSLClientProtocols = webClientOptions.getSSLClientProtocols();
            String[] sSLClientCipherSuites = webClientOptions.getSSLClientCipherSuites();
            if (!webClientOptions.isUseInsecureSSL()) {
                return webClientOptions.getSSLClientCertificateUrl() == null ? new HtmlUnitSSLConnectionSocketFactory((KeyStore) null, (String) null, sSLClientProtocols, sSLClientCipherSuites) : new HtmlUnitSSLConnectionSocketFactory(getKeyStore(webClientOptions), webClientOptions.getSSLClientCertificatePassword(), sSLClientProtocols, sSLClientCipherSuites);
            }
            String sSLInsecureProtocol = webClientOptions.getSSLInsecureProtocol();
            if (sSLInsecureProtocol == null) {
                sSLInsecureProtocol = "SSL";
            }
            SSLContext sSLContext = SSLContext.getInstance(sSLInsecureProtocol);
            sSLContext.init(getKeyManagers(webClientOptions), new TrustManager[]{new InsecureTrustManager2()}, null);
            return new HtmlUnitSSLConnectionSocketFactory(sSLContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER, sSLClientProtocols, sSLClientCipherSuites);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    private HtmlUnitSSLConnectionSocketFactory(SSLContext sSLContext, X509HostnameVerifier x509HostnameVerifier, String[] strArr, String[] strArr2) {
        super(sSLContext, strArr, strArr2, x509HostnameVerifier);
    }

    private HtmlUnitSSLConnectionSocketFactory(KeyStore keyStore, String str, String[] strArr, String[] strArr2) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(SSLContexts.custom().loadKeyMaterial(keyStore, str != null ? str.toCharArray() : null).build(), strArr, strArr2, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
    }

    private void configureSocket(SSLSocket sSLSocket, HttpContext httpContext) {
        if (isUseSSL3Only(httpContext)) {
            sSLSocket.setEnabledProtocols(new String[]{"SSLv3"});
        }
    }

    @Override // org.apache.http.conn.ssl.SSLConnectionSocketFactory, org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket connectSocket(int i, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
        HttpHost socksProxy = SocksConnectionSocketFactory.getSocksProxy(httpContext);
        if (socksProxy == null) {
            return super.connectSocket(i, socket, httpHost, inetSocketAddress, inetSocketAddress2, httpContext);
        }
        Socket createSocketWithSocksProxy = SocksConnectionSocketFactory.createSocketWithSocksProxy(socksProxy);
        createSocketWithSocksProxy.setReuseAddress(true);
        InetSocketAddress inetSocketAddress3 = new InetSocketAddress(socksProxy.getHostName(), socksProxy.getPort());
        try {
            createSocketWithSocksProxy.connect(inetSocketAddress, i);
            Socket createSocket = getSSLSocketFactory().createSocket(createSocketWithSocksProxy, socksProxy.getHostName(), socksProxy.getPort(), true);
            configureSocket((SSLSocket) createSocket, httpContext);
            return createSocket;
        } catch (SocketTimeoutException e) {
            throw new ConnectTimeoutException("Connect to " + inetSocketAddress3 + " timed out");
        }
    }

    private SSLSocketFactory getSSLSocketFactory() {
        try {
            Field declaredField = SSLConnectionSocketFactory.class.getDeclaredField("socketfactory");
            declaredField.setAccessible(true);
            return (SSLSocketFactory) declaredField.get(this);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static KeyManager[] getKeyManagers(WebClientOptions webClientOptions) {
        if (webClientOptions.getSSLClientCertificateUrl() == null) {
            return null;
        }
        try {
            String sSLClientCertificatePassword = webClientOptions.getSSLClientCertificatePassword();
            char[] charArray = sSLClientCertificatePassword != null ? sSLClientCertificatePassword.toCharArray() : null;
            KeyStore keyStore = getKeyStore(webClientOptions);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, charArray);
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static KeyStore getKeyStore(WebClientOptions webClientOptions) {
        try {
            KeyStore keyStore = KeyStore.getInstance(webClientOptions.getSSLClientCertificateType());
            String sSLClientCertificatePassword = webClientOptions.getSSLClientCertificatePassword();
            keyStore.load(webClientOptions.getSSLClientCertificateUrl().openStream(), sSLClientCertificatePassword != null ? sSLClientCertificatePassword.toCharArray() : null);
            return keyStore;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
