package com.nttdocomo.android.ocsplib;

import com.nttdocomo.android.ocsplib.exception.OcspLibraryException;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class OcspURLConnection {
    private static SSLSocketFactory a = null;
    private static final int c = 0;
    private static SSLSocketFactory g = null;
    private static SSLSocketFactory h = null;
    private static SSLSocketFactory j = null;
    private static final Object l = new Object();
    public static final int r = 1;
    public static final int t = 2;
    private boolean _ = true;
    private final HttpURLConnection s;

    /* loaded from: classes.dex */
    public class ParseException extends RuntimeException {
    }

    public OcspURLConnection(HttpURLConnection httpURLConnection) {
        this.s = httpURLConnection;
    }

    private final SSLSocketFactory d(boolean z, int i) throws GeneralSecurityException {
        synchronized (l) {
            try {
                if (z) {
                    if (i == 2) {
                        if (h == null) {
                            h = h(z, i);
                        }
                        return h;
                    }
                    if (g == null) {
                        g = h(z, i);
                    }
                    return g;
                }
                if (i == 2) {
                    if (a == null) {
                        a = h(z, i);
                    }
                    return a;
                }
                if (j == null) {
                    j = h(z, i);
                }
                return j;
            } catch (Throwable th) {
                throw th;
            }
        }
    }

    private final SSLSocketFactory h(final boolean z, final int i) throws GeneralSecurityException {
        final X509TrustManager t2 = t();
        X509TrustManager x509TrustManager = new X509TrustManager() { // from class: com.nttdocomo.android.ocsplib.OcspURLConnection.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                t2.checkClientTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                int i2;
                t2.checkServerTrusted(x509CertificateArr, str);
                if (x509CertificateArr.length < 2) {
                    LogUtil.r("Root certificate can not be found.");
                    throw new CertificateException("Root certificate can not be found.");
                }
                try {
                    i2 = OcspUtil.u(x509CertificateArr[0], x509CertificateArr[1], z);
                } catch (OcspLibraryException e) {
                    LogUtil.r("Failed to verify server certificate. " + e.getMessage());
                    if (i != 2) {
                        throw new CertificateException("Failed to verify server certificate. (" + e.getMessage() + ")", e);
                    }
                    LogUtil.r("FLAG_IGNORE_OCSP_ERROR is set. Ignore error.");
                    i2 = 0;
                }
                if (i2 != 0) {
                    LogUtil.r("Certificate is not valid.");
                    throw new CertificateException("Certificate is not valid.");
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return t2.getAcceptedIssuers();
            }
        };
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{x509TrustManager}, new SecureRandom());
        return sSLContext.getSocketFactory();
    }

    private final X509TrustManager t() throws GeneralSecurityException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (TrustManager trustManager : trustManagers) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        throw new GeneralSecurityException("X509TrustManager is not found in " + Arrays.toString(trustManagers));
    }

    public void e(boolean z) {
        LogUtil.r("setUseCache() start");
        LogUtil.r("useCache : " + z);
        this._ = z;
        LogUtil.r("setUseCache() end");
    }

    public void f(int i) throws IOException {
        String str;
        LogUtil.r("connect() start");
        LogUtil.r("flag : " + i);
        if (!OcspUtil.o()) {
            LogUtil.r("OcspUtil has not been initialized.");
            throw new SSLPeerUnverifiedException("OcspUtil has not been initialized.");
        }
        if (i == 1) {
            str = "FLAG_NO_OCSP_CHECK found. Skip OCSP check.";
        } else {
            if (this.s instanceof HttpsURLConnection) {
                try {
                    ((HttpsURLConnection) this.s).setSSLSocketFactory(d(this._, i));
                } catch (GeneralSecurityException e) {
                    LogUtil.r("Failed to create socket factory. " + e.getMessage());
                    if (i != 2) {
                        throw new SSLPeerUnverifiedException("Failed to create socket factory. " + e.getMessage());
                    }
                    str = "FLAG_IGNORE_OCSP_ERROR is set. Ignore error.";
                }
                LogUtil.r("Connect to server...");
                this.s.connect();
                LogUtil.r("connect() end");
            }
            str = "Connection is HTTP.";
        }
        LogUtil.r(str);
        LogUtil.r("Connect to server...");
        this.s.connect();
        LogUtil.r("connect() end");
    }

    public void u() throws IOException {
        f(0);
    }
}
