package X;

import android.util.Base64;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* renamed from: X.08K, reason: invalid class name */
/* loaded from: classes2.dex */
public final class C08K extends SSLSocketFactory implements C08L {
    public SSLSocketFactory A00;
    public boolean A01;
    public C12170eV A02;

    private synchronized void A00() {
        ArrayList arrayList;
        try {
            if (this.A00 == null) {
                try {
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(null, null);
                    KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(C04X.A00().A00);
                    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    sSLContext.init(keyManagers, trustManagers, null);
                    SSLSessionContext clientSessionContext = sSLContext.getClientSessionContext();
                    AbstractC101723zu.A08(clientSessionContext);
                    clientSessionContext.setSessionCacheSize(0);
                    System.currentTimeMillis();
                    this.A00 = sSLContext.getSocketFactory();
                } catch (Exception e) {
                    throw new IllegalStateException("Failure initializing default SSL context", e);
                }
            }
            if (this.A02 == null) {
                boolean z = this.A01;
                System.currentTimeMillis();
                C04X A00 = C04X.A00();
                LinkedHashMap linkedHashMap = new LinkedHashMap();
                String[] strArr = AbstractC11530dT.A00;
                if (z) {
                    ArrayList arrayList2 = new ArrayList();
                    synchronized (C138065cV.class) {
                        try {
                            arrayList = new ArrayList();
                            try {
                                KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
                                keyStore.load(null, null);
                                Enumeration<String> aliases = keyStore.aliases();
                                while (aliases.hasMoreElements()) {
                                    String nextElement = aliases.nextElement();
                                    AbstractC101723zu.A08(nextElement);
                                    if (nextElement.startsWith("user:")) {
                                        try {
                                            Certificate certificate = keyStore.getCertificate(nextElement);
                                            if (certificate instanceof X509Certificate) {
                                                arrayList.add((X509Certificate) certificate);
                                            }
                                        } catch (KeyStoreException e2) {
                                            C16920mA.A05(C138065cV.class, "Failed to get user Root CA", e2);
                                        }
                                    }
                                }
                            } catch (Throwable th) {
                                C16920mA.A05(C138065cV.class, "Failed to load AndroidCAStore", th);
                            }
                        } catch (Throwable th2) {
                            throw th2;
                        }
                    }
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        byte[] encoded = ((X509Certificate) it.next()).getPublicKey().getEncoded();
                        if (encoded == null) {
                            throw new IllegalArgumentException("Public key doesn't support encoding");
                        }
                        String encodeToString = Base64.encodeToString(AbstractC43213KbN.A00(AbstractC36585GbR.A00(encoded)).A00, 2);
                        C09820ai.A06(encodeToString);
                        arrayList2.add(encodeToString);
                    }
                    ArrayList arrayList3 = new ArrayList(Arrays.asList(strArr));
                    arrayList3.addAll(arrayList2);
                    strArr = (String[]) arrayList3.toArray(strArr);
                }
                for (String str : strArr) {
                    String[] strArr2 = {AnonymousClass003.A0O("sha1/", str)};
                    LinkedHashSet linkedHashSet = new LinkedHashSet();
                    Set unmodifiableSet = Collections.unmodifiableSet(linkedHashSet);
                    C09820ai.A06(unmodifiableSet);
                    Set set = (Set) linkedHashMap.put("*.instagram.com", unmodifiableSet);
                    if (set != null) {
                        linkedHashSet.addAll(set);
                    }
                    String str2 = strArr2[0];
                    if (!AbstractC04250Gh.A0i(str2, "sha1/", false)) {
                        throw new IllegalArgumentException(AnonymousClass003.A0O("pins must start with 'sha1/': ", str2));
                    }
                    String substring = str2.substring(5);
                    C09820ai.A06(substring);
                    byte[] decode = Base64.decode(substring, 2);
                    if (decode == null) {
                        throw new IllegalArgumentException(AnonymousClass003.A0O("pins must be base64: ", str2));
                    }
                    linkedHashSet.add(new C51231Oob(decode));
                }
                C12170eV c12170eV = new C12170eV(linkedHashMap, A00);
                System.currentTimeMillis();
                this.A02 = c12170eV;
            }
        } finally {
            System.currentTimeMillis();
        }
    }

    @Override // X.C08L
    public final void AFl(String str, Certificate[] certificateArr) {
        A00();
        AbstractC101723zu.A08(this.A02);
        try {
            C12170eV c12170eV = this.A02;
            C09820ai.A0A(str, 0);
            C09820ai.A0A(certificateArr, 1);
            java.util.Map map = c12170eV.A00;
            Set set = (Set) map.get(str);
            Set<C51231Oob> set2 = null;
            int A05 = AbstractC04220Ge.A05(str, '.', 0);
            if (A05 != AbstractC04220Ge.A06(str, '.', str.length() - 1)) {
                String substring = str.substring(A05 + 1);
                C09820ai.A06(substring);
                set2 = (Set) map.get(AnonymousClass003.A0O("*.", substring));
            }
            if (set == null) {
                if (set2 == null) {
                    return;
                }
            } else if (set2 != null) {
                LinkedHashSet linkedHashSet = new LinkedHashSet();
                linkedHashSet.addAll(set);
                linkedHashSet.addAll(set2);
                set2 = linkedHashSet;
            } else {
                set2 = set;
            }
            try {
                X509Certificate[] A00 = AbstractC11470dN.A00(c12170eV.A01, certificateArr);
                for (X509Certificate x509Certificate : A00) {
                    C09820ai.A0C(x509Certificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
                    if (set2.contains(AbstractC43213KbN.A01(x509Certificate))) {
                        return;
                    }
                }
                StringBuilder sb = new StringBuilder();
                sb.append("Certificate pinning failure!");
                sb.append("\n  Peer certificate chain:");
                for (X509Certificate x509Certificate2 : A00) {
                    C09820ai.A0C(x509Certificate2, "null cannot be cast to non-null type java.security.cert.X509Certificate");
                    sb.append("\n    ");
                    if (x509Certificate2 == null) {
                        throw new IllegalArgumentException("Certificate pinning requires X509 certificates");
                    }
                    String encodeToString = Base64.encodeToString(AbstractC43213KbN.A01(x509Certificate2).A00, 2);
                    C09820ai.A06(encodeToString);
                    sb.append(AnonymousClass003.A0O("sha1/", encodeToString));
                    sb.append(": ");
                    sb.append(x509Certificate2.getSubjectDN().getName());
                }
                sb.append("\n  Pinned certificates for ");
                sb.append(str);
                sb.append(":");
                for (C51231Oob c51231Oob : set2) {
                    sb.append("\n    sha1/");
                    String encodeToString2 = Base64.encodeToString(c51231Oob.A00, 2);
                    C09820ai.A06(encodeToString2);
                    sb.append(encodeToString2);
                }
                throw new SSLPeerUnverifiedException(sb.toString());
            } catch (CertificateException e) {
            }
        } catch (SSLPeerUnverifiedException e2) {
            C75712yw.A07("ssl_pin_error", e2);
            throw e2;
        }
    }

    @Override // javax.net.SocketFactory
    public final Socket createSocket(String str, int i) {
        throw new UnsupportedOperationException("Shouldn't be called for SSLSocketFactory");
    }

    @Override // javax.net.SocketFactory
    public final Socket createSocket(String str, int i, InetAddress inetAddress, int i2) {
        throw new UnsupportedOperationException("Shouldn't be called for SSLSocketFactory");
    }

    @Override // javax.net.SocketFactory
    public final Socket createSocket(InetAddress inetAddress, int i) {
        throw new UnsupportedOperationException("Shouldn't be called for SSLSocketFactory");
    }

    @Override // javax.net.SocketFactory
    public final Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) {
        throw new UnsupportedOperationException("Shouldn't be called for SSLSocketFactory");
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public final Socket createSocket(Socket socket, String str, int i, boolean z) {
        KyN kyN;
        A00();
        AbstractC101723zu.A08(this.A00);
        Socket createSocket = this.A00.createSocket(socket, str, i, z);
        synchronized (KyN.class) {
            synchronized (KyN.A04) {
                kyN = (KyN) KyN.A05.getValue();
            }
        }
        kyN.A00(str, createSocket);
        return createSocket;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public final String[] getDefaultCipherSuites() {
        A00();
        AbstractC101723zu.A08(this.A00);
        return this.A00.getDefaultCipherSuites();
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public final String[] getSupportedCipherSuites() {
        A00();
        AbstractC101723zu.A08(this.A00);
        return this.A00.getSupportedCipherSuites();
    }
}
