package com.mbridge.msdk.thrid.okhttp; import com.ironsource.mediationsdk.logger.IronSourceError; import com.mbridge.msdk.thrid.okhttp.internal.Util; import java.util.Arrays; import java.util.List; import javax.net.ssl.SSLSocket; /* loaded from: classes4.dex */ public final class ConnectionSpec { private static final CipherSuite[] APPROVED_CIPHER_SUITES; public static final ConnectionSpec CLEARTEXT; public static final ConnectionSpec COMPATIBLE_TLS; public static final ConnectionSpec MODERN_TLS; private static final CipherSuite[] RESTRICTED_CIPHER_SUITES; public static final ConnectionSpec RESTRICTED_TLS; final String[] cipherSuites; final boolean supportsTlsExtensions; final boolean tls; final String[] tlsVersions; public boolean isTls() { return this.tls; } public boolean supportsTlsExtensions() { return this.supportsTlsExtensions; } static { CipherSuite cipherSuite = CipherSuite.TLS_AES_128_GCM_SHA256; CipherSuite cipherSuite2 = CipherSuite.TLS_AES_256_GCM_SHA384; CipherSuite cipherSuite3 = CipherSuite.TLS_CHACHA20_POLY1305_SHA256; CipherSuite cipherSuite4 = CipherSuite.TLS_AES_128_CCM_SHA256; CipherSuite cipherSuite5 = CipherSuite.TLS_AES_256_CCM_8_SHA256; CipherSuite cipherSuite6 = CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256; CipherSuite cipherSuite7 = CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256; CipherSuite cipherSuite8 = CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384; CipherSuite cipherSuite9 = CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384; CipherSuite cipherSuite10 = CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256; CipherSuite cipherSuite11 = CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256; CipherSuite[] cipherSuiteArr = {cipherSuite, cipherSuite2, cipherSuite3, cipherSuite4, cipherSuite5, cipherSuite6, cipherSuite7, cipherSuite8, cipherSuite9, cipherSuite10, cipherSuite11}; RESTRICTED_CIPHER_SUITES = cipherSuiteArr; CipherSuite[] cipherSuiteArr2 = {cipherSuite, cipherSuite2, cipherSuite3, cipherSuite4, cipherSuite5, cipherSuite6, cipherSuite7, cipherSuite8, cipherSuite9, cipherSuite10, cipherSuite11, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA}; APPROVED_CIPHER_SUITES = cipherSuiteArr2; Builder cipherSuites = new Builder(true).cipherSuites(cipherSuiteArr); TlsVersion tlsVersion = TlsVersion.TLS_1_3; TlsVersion tlsVersion2 = TlsVersion.TLS_1_2; RESTRICTED_TLS = cipherSuites.tlsVersions(tlsVersion, tlsVersion2).supportsTlsExtensions(true).build(); Builder cipherSuites2 = new Builder(true).cipherSuites(cipherSuiteArr2); TlsVersion tlsVersion3 = TlsVersion.TLS_1_1; TlsVersion tlsVersion4 = TlsVersion.TLS_1_0; MODERN_TLS = cipherSuites2.tlsVersions(tlsVersion, tlsVersion2, tlsVersion3, tlsVersion4).supportsTlsExtensions(true).build(); COMPATIBLE_TLS = new Builder(true).cipherSuites(cipherSuiteArr2).tlsVersions(tlsVersion4).supportsTlsExtensions(true).build(); CLEARTEXT = new Builder(false).build(); } public ConnectionSpec(Builder builder) { this.tls = builder.tls; this.cipherSuites = builder.cipherSuites; this.tlsVersions = builder.tlsVersions; this.supportsTlsExtensions = builder.supportsTlsExtensions; } public List cipherSuites() { String[] strArr = this.cipherSuites; if (strArr != null) { return CipherSuite.forJavaNames(strArr); } return null; } public List tlsVersions() { String[] strArr = this.tlsVersions; if (strArr != null) { return TlsVersion.forJavaNames(strArr); } return null; } public void apply(SSLSocket sSLSocket, boolean z) { ConnectionSpec supportedSpec = supportedSpec(sSLSocket, z); String[] strArr = supportedSpec.tlsVersions; if (strArr != null) { sSLSocket.setEnabledProtocols(strArr); } String[] strArr2 = supportedSpec.cipherSuites; if (strArr2 != null) { sSLSocket.setEnabledCipherSuites(strArr2); } } private ConnectionSpec supportedSpec(SSLSocket sSLSocket, boolean z) { String[] enabledCipherSuites; String[] enabledProtocols; if (this.cipherSuites != null) { enabledCipherSuites = Util.intersect(CipherSuite.ORDER_BY_NAME, sSLSocket.getEnabledCipherSuites(), this.cipherSuites); } else { enabledCipherSuites = sSLSocket.getEnabledCipherSuites(); } if (this.tlsVersions != null) { enabledProtocols = Util.intersect(Util.NATURAL_ORDER, sSLSocket.getEnabledProtocols(), this.tlsVersions); } else { enabledProtocols = sSLSocket.getEnabledProtocols(); } String[] supportedCipherSuites = sSLSocket.getSupportedCipherSuites(); int indexOf = Util.indexOf(CipherSuite.ORDER_BY_NAME, supportedCipherSuites, "TLS_FALLBACK_SCSV"); if (z && indexOf != -1) { enabledCipherSuites = Util.concat(enabledCipherSuites, supportedCipherSuites[indexOf]); } return new Builder(this).cipherSuites(enabledCipherSuites).tlsVersions(enabledProtocols).build(); } public boolean isCompatible(SSLSocket sSLSocket) { if (!this.tls) { return false; } String[] strArr = this.tlsVersions; if (strArr != null && !Util.nonEmptyIntersection(Util.NATURAL_ORDER, strArr, sSLSocket.getEnabledProtocols())) { return false; } String[] strArr2 = this.cipherSuites; return strArr2 == null || Util.nonEmptyIntersection(CipherSuite.ORDER_BY_NAME, strArr2, sSLSocket.getEnabledCipherSuites()); } public boolean equals(Object obj) { if (!(obj instanceof ConnectionSpec)) { return false; } if (obj == this) { return true; } ConnectionSpec connectionSpec = (ConnectionSpec) obj; boolean z = this.tls; if (z != connectionSpec.tls) { return false; } return !z || (Arrays.equals(this.cipherSuites, connectionSpec.cipherSuites) && Arrays.equals(this.tlsVersions, connectionSpec.tlsVersions) && this.supportsTlsExtensions == connectionSpec.supportsTlsExtensions); } public int hashCode() { if (this.tls) { return ((((IronSourceError.ERROR_NON_EXISTENT_INSTANCE + Arrays.hashCode(this.cipherSuites)) * 31) + Arrays.hashCode(this.tlsVersions)) * 31) + (!this.supportsTlsExtensions ? 1 : 0); } return 17; } public String toString() { if (!this.tls) { return "ConnectionSpec()"; } return "ConnectionSpec(cipherSuites=" + (this.cipherSuites != null ? cipherSuites().toString() : "[all enabled]") + ", tlsVersions=" + (this.tlsVersions != null ? tlsVersions().toString() : "[all enabled]") + ", supportsTlsExtensions=" + this.supportsTlsExtensions + ")"; } public static final class Builder { String[] cipherSuites; boolean supportsTlsExtensions; boolean tls; String[] tlsVersions; public Builder(boolean z) { this.tls = z; } public Builder(ConnectionSpec connectionSpec) { this.tls = connectionSpec.tls; this.cipherSuites = connectionSpec.cipherSuites; this.tlsVersions = connectionSpec.tlsVersions; this.supportsTlsExtensions = connectionSpec.supportsTlsExtensions; } public Builder allEnabledCipherSuites() { if (!this.tls) { throw new IllegalStateException("no cipher suites for cleartext connections"); } this.cipherSuites = null; return this; } public Builder cipherSuites(CipherSuite... cipherSuiteArr) { if (!this.tls) { throw new IllegalStateException("no cipher suites for cleartext connections"); } String[] strArr = new String[cipherSuiteArr.length]; for (int i = 0; i < cipherSuiteArr.length; i++) { strArr[i] = cipherSuiteArr[i].javaName; } return cipherSuites(strArr); } public Builder cipherSuites(String... strArr) { if (!this.tls) { throw new IllegalStateException("no cipher suites for cleartext connections"); } if (strArr.length == 0) { throw new IllegalArgumentException("At least one cipher suite is required"); } this.cipherSuites = (String[]) strArr.clone(); return this; } public Builder allEnabledTlsVersions() { if (!this.tls) { throw new IllegalStateException("no TLS versions for cleartext connections"); } this.tlsVersions = null; return this; } public Builder tlsVersions(TlsVersion... tlsVersionArr) { if (!this.tls) { throw new IllegalStateException("no TLS versions for cleartext connections"); } String[] strArr = new String[tlsVersionArr.length]; for (int i = 0; i < tlsVersionArr.length; i++) { strArr[i] = tlsVersionArr[i].javaName; } return tlsVersions(strArr); } public Builder tlsVersions(String... strArr) { if (!this.tls) { throw new IllegalStateException("no TLS versions for cleartext connections"); } if (strArr.length == 0) { throw new IllegalArgumentException("At least one TLS version is required"); } this.tlsVersions = (String[]) strArr.clone(); return this; } public Builder supportsTlsExtensions(boolean z) { if (!this.tls) { throw new IllegalStateException("no TLS extensions for cleartext connections"); } this.supportsTlsExtensions = z; return this; } public ConnectionSpec build() { return new ConnectionSpec(this); } } }