package com.amazon.identity.auth.device.framework.security;

import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLSocket;
import org.apache.http.conn.scheme.LayeredSocketFactory;
import org.apache.http.conn.scheme.SocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.params.HttpParams;

/* loaded from: classes.dex */
public final class EnhancedApacheSSLSocketFactory implements LayeredSocketFactory, SocketFactory {
    static final /* synthetic */ boolean $assertionsDisabled;
    private static final String TAG;
    private static SocketFactory sTheOnlyInstance;
    private final SSLSocketFactory mInnerSSLSocketFactory;

    static {
        $assertionsDisabled = !EnhancedApacheSSLSocketFactory.class.desiredAssertionStatus();
        TAG = EnhancedApacheSSLSocketFactory.class.getName();
    }

    private EnhancedApacheSSLSocketFactory(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this.mInnerSSLSocketFactory = new SSLSocketFactory(keyStore);
        this.mInnerSSLSocketFactory.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
    }

    private void enforceStrongCipher(Socket socket) {
        if (!$assertionsDisabled && !(socket instanceof SSLSocket)) {
            throw new AssertionError();
        }
        AmazonApprovedCiphers.setEnabledProtocols((SSLSocket) socket);
    }

    public static synchronized SocketFactory getInstance() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException {
        SocketFactory socketFactory;
        synchronized (EnhancedApacheSSLSocketFactory.class) {
            if (sTheOnlyInstance == null) {
                sTheOnlyInstance = new EnhancedApacheSSLSocketFactory(CertificatePinnedKeyStore.getInstance());
            }
            socketFactory = sTheOnlyInstance;
        }
        return socketFactory;
    }

    @Override // org.apache.http.conn.scheme.SocketFactory
    public Socket connectSocket(Socket socket, String str, int i, InetAddress inetAddress, int i2, HttpParams httpParams) throws IOException {
        Socket connectSocket = this.mInnerSSLSocketFactory.connectSocket(socket, str, i, inetAddress, i2, httpParams);
        enforceStrongCipher(connectSocket);
        return connectSocket;
    }

    @Override // org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        Socket createSocket = this.mInnerSSLSocketFactory.createSocket();
        enforceStrongCipher(createSocket);
        return createSocket;
    }

    @Override // org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException, UnknownHostException {
        Socket createSocket = this.mInnerSSLSocketFactory.createSocket(socket, str, i, z);
        enforceStrongCipher(createSocket);
        return createSocket;
    }

    public boolean equals(Object obj) {
        if (obj instanceof EnhancedApacheSSLSocketFactory) {
            return this.mInnerSSLSocketFactory.equals(((EnhancedApacheSSLSocketFactory) obj).mInnerSSLSocketFactory);
        }
        return false;
    }

    public int hashCode() {
        return this.mInnerSSLSocketFactory.hashCode();
    }

    @Override // org.apache.http.conn.scheme.SocketFactory
    public boolean isSecure(Socket socket) throws IllegalArgumentException {
        return true;
    }
}
