package com.huawei.vmall.network;

import android.content.Context;
import android.os.Build;
import cafebabe.cmp;
import com.huawei.secure.android.common.ssl.SecureX509TrustManager;
import com.huawei.vmall.network.core.Logger;
import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.security.cert.CertificateException;
import org.eclipse.californium.elements.util.SslContextUtil;

/* loaded from: classes6.dex */
public class VmallSecureSSLSocketFactory {
    private static cmp secureSSLSocketFactory;
    public static final String[] blacklistHigh = {"CBC", "TLS_RSA", "TEA", "SHA0", "MD2", "MD4", "RIPEMD", "NULL", "RC4", "DES", "DESX", "DES40", "RC2", "MD5", "ANON", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"};
    public static final String[] whitelistHigh = {"TLS_EMPTY_RENEGOTIATION_INFO_SCSV", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", "TLS_PSK_WITH_AES_128_GCM_SHA256", "TLS_PSK_WITH_AES_256_GCM_SHA384", "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_CCM", "TLS_DHE_RSA_WITH_AES_256_CCM", "TLS_DHE_RSA_WITH_AES_128_CCM_8", "TLS_DHE_RSA_WITH_AES_256_CCM_8", "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_PSK_WITH_AES_128_CCM", "TLS_PSK_WITH_AES_256_CCM", "TLS_DHE_PSK_WITH_AES_128_CCM", "TLS_DHE_PSK_WITH_AES_256_CCM", "TLS_PSK_WITH_AES_128_CCM_8", "TLS_PSK_WITH_AES_256_CCM_8", "TLS_PSK_DHE_WITH_AES_128_CCM_8", "TLS_PSK_DHE_WITH_AES_256_CCM_8", "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"};
    private static final String[] PROTOCOL_ARRAY = {SslContextUtil.DEFAULT_SSL_PROTOCOL};
    private static final String[] NEW_PROTOCOL_ARRAY = {SslContextUtil.DEFAULT_SSL_PROTOCOL, "TLSv1.3"};

    private VmallSecureSSLSocketFactory() {
    }

    public static cmp getInstance(Context context) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, KeyManagementException {
        if (secureSSLSocketFactory == null) {
            synchronized (VmallSecureSSLSocketFactory.class) {
                if (secureSSLSocketFactory == null) {
                    SecureX509TrustManager secureX509TrustManager = null;
                    try {
                        secureX509TrustManager = new SecureX509TrustManager(context.getAssets().open("hmsrootcas.bks"), "");
                    } catch (Exception e) {
                        Logger.e("VmallSecureSSLSocketFactory", e);
                    }
                    cmp cmpVar = new cmp(secureX509TrustManager) { // from class: com.huawei.vmall.network.VmallSecureSSLSocketFactory.1
                        @Override // cafebabe.cmp, javax.net.SocketFactory
                        public final Socket createSocket(String str, int i) throws IOException {
                            Socket createSocket = super.createSocket(str, i);
                            if (Build.VERSION.SDK_INT >= 29) {
                                getSslSocket().setEnabledProtocols(VmallSecureSSLSocketFactory.NEW_PROTOCOL_ARRAY);
                            } else if (Build.VERSION.SDK_INT >= 16) {
                                getSslSocket().setEnabledProtocols(VmallSecureSSLSocketFactory.PROTOCOL_ARRAY);
                            }
                            return createSocket;
                        }

                        @Override // cafebabe.cmp, javax.net.ssl.SSLSocketFactory
                        public final Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
                            Socket createSocket = super.createSocket(socket, str, i, z);
                            if (Build.VERSION.SDK_INT >= 29) {
                                getSslSocket().setEnabledProtocols(VmallSecureSSLSocketFactory.NEW_PROTOCOL_ARRAY);
                            } else if (Build.VERSION.SDK_INT >= 16) {
                                getSslSocket().setEnabledProtocols(VmallSecureSSLSocketFactory.PROTOCOL_ARRAY);
                            }
                            return createSocket;
                        }
                    };
                    secureSSLSocketFactory = cmpVar;
                    cmpVar.setWhiteCiphers(whitelistHigh);
                }
            }
        }
        return secureSSLSocketFactory;
    }
}
