package k4;

import b4.c;
import c4.f;
import com.cloudflare.app.vpnservice.CloudflareVpnService;
import com.cloudflare.app.vpnservice.exceptions.SecurityException;
import com.cloudflare.app.vpnservice.resolvers.overtls.EmptySocketResponseException;
import i4.g;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.nio.ByteBuffer;
import java.security.cert.CertificateException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import kotlin.jvm.internal.h;

/* compiled from: TlsSocketCallHandler.kt */
/* loaded from: classes.dex */
public final class b extends g<Socket> {
    public final f e;

    /* renamed from: f, reason: collision with root package name */
    public final c f7568f;

    /* renamed from: g, reason: collision with root package name */
    public final String f7569g;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public b(f fVar, c cVar) {
        super(fVar);
        h.f("dnsIpProvider", fVar);
        h.f("vpnServiceMediator", cVar);
        this.e = fVar;
        this.f7568f = cVar;
        this.f7569g = "tls";
    }

    @Override // i4.g
    public final void a(Socket socket, e5.a aVar) {
        Socket socket2 = socket;
        h.f("socket", socket2);
        byte[] bArr = aVar.f5469a;
        h.f("udpPacketData", bArr);
        OutputStream outputStream = socket2.getOutputStream();
        h.e("outputStream", outputStream);
        int length = bArr.length;
        outputStream.write((length >>> 8) & 255);
        outputStream.write((length >>> 0) & 255);
        outputStream.write(bArr);
        outputStream.flush();
    }

    @Override // i4.g
    public final String b() {
        return this.f7569g;
    }

    @Override // i4.g
    public final Socket d() {
        InetAddress a7 = this.e.a();
        Socket createSocket = SSLSocketFactory.getDefault().createSocket();
        if (createSocket == null) {
            throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.SSLSocket");
        }
        SSLSocket sSLSocket = (SSLSocket) createSocket;
        sSLSocket.bind(new InetSocketAddress(0));
        CloudflareVpnService cloudflareVpnService = this.f7568f.f2082g;
        if (cloudflareVpnService != null) {
            cloudflareVpnService.protect(sSLSocket);
        }
        xd.a.a("resolver address " + a7, new Object[0]);
        sSLSocket.connect(new InetSocketAddress(a7, 853), 4800);
        try {
            sSLSocket.startHandshake();
            if (HttpsURLConnection.getDefaultHostnameVerifier().verify("cloudflare-dns.com", sSLSocket.getSession())) {
                return sSLSocket;
            }
            throw new SecurityException("Hostname is unverified", null);
        } catch (Exception e) {
            if (e instanceof SSLHandshakeException ? true : e instanceof CertificateException) {
                throw new SecurityException("Untrusted certificate", e);
            }
            throw e;
        }
    }

    @Override // i4.g
    public final byte[] e(Socket socket) {
        Socket socket2 = socket;
        byte[] bArr = new byte[2];
        socket2.getInputStream().read(bArr);
        int i10 = ByteBuffer.wrap(bArr).getShort() & 65535;
        byte[] bArr2 = new byte[i10];
        socket2.getInputStream().read(bArr2);
        if (i10 == 0) {
            throw new EmptySocketResponseException();
        }
        return bArr2;
    }

    @Override // i4.g
    public final boolean f(Throwable th) {
        h.f("throwable", th);
        return (th instanceof SSLException) || (th instanceof EmptySocketResponseException);
    }
}
