package be.fedict.eid.applet.io;

import be.fedict.eid.applet.View;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.cert.CertificateEncodingException;
import java.util.Arrays;
import javax.net.SocketFactory;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: input_file:be/fedict/eid/applet/io/AppletSSLSocketFactory.class */
public class AppletSSLSocketFactory extends SSLSocketFactory implements HandshakeCompletedListener {
    private View view;
    private final SSLSocketFactory originalSslSocketFactory;
    private byte[] sslSessionId;
    private byte[] encodedPeerCertificate;

    public AppletSSLSocketFactory(View view, SSLSocketFactory sSLSocketFactory) {
        this.view = view;
        this.originalSslSocketFactory = sSLSocketFactory;
    }

    private void setView(View view) {
        this.view = view;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        Socket createSocket = this.originalSslSocketFactory.createSocket(socket, str, i, z);
        installHandshakeCompletedListener(createSocket);
        return createSocket;
    }

    private void installHandshakeCompletedListener(Socket socket) throws IOException {
        ((SSLSocket) socket).addHandshakeCompletedListener(this);
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return this.originalSslSocketFactory.getDefaultCipherSuites();
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return this.originalSslSocketFactory.getSupportedCipherSuites();
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        Socket createSocket = this.originalSslSocketFactory.createSocket(str, i);
        installHandshakeCompletedListener(createSocket);
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        Socket createSocket = this.originalSslSocketFactory.createSocket(inetAddress, i);
        installHandshakeCompletedListener(createSocket);
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        Socket createSocket = this.originalSslSocketFactory.createSocket(str, i, inetAddress, i2);
        installHandshakeCompletedListener(createSocket);
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        Socket createSocket = this.originalSslSocketFactory.createSocket(inetAddress, i, inetAddress2, i2);
        installHandshakeCompletedListener(createSocket);
        return createSocket;
    }

    public byte[] getSessionId() {
        if (null == this.sslSessionId) {
            throw new IllegalStateException("SSL session identifier unknown");
        }
        return this.sslSessionId;
    }

    public byte[] getEncodedPeerCertificate() {
        if (null == this.encodedPeerCertificate) {
            throw new IllegalStateException("SSL peer certificate unknown");
        }
        return this.encodedPeerCertificate;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket() throws IOException {
        Socket createSocket = this.originalSslSocketFactory.createSocket();
        installHandshakeCompletedListener(createSocket);
        return createSocket;
    }

    @Override // javax.net.ssl.HandshakeCompletedListener
    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
        this.view.addDetailMessage("SSL handshake finish cipher suite: " + handshakeCompletedEvent.getCipherSuite());
        SSLSession session = handshakeCompletedEvent.getSession();
        byte[] id = session.getId();
        if (null != this.sslSessionId && false == Arrays.equals(this.sslSessionId, id)) {
            this.view.addDetailMessage("SSL session Id mismatch");
        }
        this.sslSessionId = id;
        try {
            this.encodedPeerCertificate = session.getPeerCertificates()[0].getEncoded();
        } catch (CertificateEncodingException e) {
            this.view.addDetailMessage("certificate encoding error: " + e.getMessage());
        } catch (SSLPeerUnverifiedException e2) {
            this.view.addDetailMessage("SSL peer unverified");
        }
    }

    public static SocketFactory getDefault() {
        return HttpsURLConnection.getDefaultSSLSocketFactory();
    }

    public static void installSocketFactory(View view) {
        SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
        if (false == (defaultSSLSocketFactory instanceof AppletSSLSocketFactory)) {
            HttpsURLConnection.setDefaultSSLSocketFactory(new AppletSSLSocketFactory(view, defaultSSLSocketFactory));
        } else {
            ((AppletSSLSocketFactory) defaultSSLSocketFactory).setView(view);
        }
    }

    public static byte[] getActualSessionId() {
        return getAppletSSLSocketFactory().getSessionId();
    }

    private static AppletSSLSocketFactory getAppletSSLSocketFactory() {
        SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
        if (false == (defaultSSLSocketFactory instanceof AppletSSLSocketFactory)) {
            throw new SecurityException("wrong SSL socket factory");
        }
        return (AppletSSLSocketFactory) defaultSSLSocketFactory;
    }

    public static byte[] getActualEncodedServerCertificate() {
        return getAppletSSLSocketFactory().getEncodedPeerCertificate();
    }
}
