package com.google.android.libraries.appstreaming.a;

import com.google.android.gms.common.internal.bx;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Arrays;
import java.util.HashSet;
import java.util.concurrent.Executor;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes.dex */
public final class b extends c {
    private final String o;

    public b(Executor executor, String str, int i2, String str2, f fVar) {
        super(executor, str, i2, fVar);
        bx.b(str2.startsWith("-----BEGIN CERTIFICATE-----\n") && str2.endsWith("\n-----END CERTIFICATE-----\n"), "certificate not in PEM format");
        this.o = str2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.google.android.libraries.appstreaming.a.c
    public final Socket a() {
        Socket a2 = super.a();
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.o.getBytes());
            try {
                Certificate generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
                byteArrayInputStream.close();
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
                keyStore.setCertificateEntry("ca", generateCertificate);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(a2, this.f48481d, this.f48482e, true);
                if (!new HashSet(Arrays.asList(sSLSocket.getSupportedProtocols())).contains("TLSv1.2")) {
                    throw new IOException("Protocol TLSv1.2 not supported by client");
                }
                sSLSocket.setEnabledProtocols(new String[]{"TLSv1.2"});
                return sSLSocket;
            } catch (Throwable th) {
                byteArrayInputStream.close();
                throw th;
            }
        } catch (GeneralSecurityException e2) {
            throw new IOException("Could not open secure socket", e2);
        }
    }
}
