package com.amazonaws.http.conn.ssl.privileged;

import com.amazonaws.http.conn.ssl.MasterSecretValidators;
import java.lang.reflect.Method;
import java.net.Socket;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/aws-java-sdk-core-1.12.345.jar:com/amazonaws/http/conn/ssl/privileged/PrivilegedMasterSecretValidator.class */
public class PrivilegedMasterSecretValidator implements MasterSecretValidators.MasterSecretValidator {
    private static final Log LOG = LogFactory.getLog(PrivilegedMasterSecretValidator.class);

    @Override // com.amazonaws.http.conn.ssl.MasterSecretValidators.MasterSecretValidator
    public boolean isMasterSecretValid(final Socket socket) {
        return ((Boolean) AccessController.doPrivileged(new PrivilegedAction<Boolean>() { // from class: com.amazonaws.http.conn.ssl.privileged.PrivilegedMasterSecretValidator.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Boolean run() {
                return Boolean.valueOf(PrivilegedMasterSecretValidator.this.privilegedIsMasterSecretValid(socket));
            }
        })).booleanValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean privilegedIsMasterSecretValid(Socket socket) {
        SSLSession sslSession;
        if (!(socket instanceof SSLSocket) || (sslSession = getSslSession(socket)) == null) {
            return true;
        }
        String name = sslSession.getClass().getName();
        if (!"sun.security.ssl.SSLSessionImpl".equals(name)) {
            return true;
        }
        try {
            if (getMasterSecret(sslSession, name) != null) {
                return true;
            }
            sslSession.invalidate();
            if (!LOG.isDebugEnabled()) {
                return false;
            }
            LOG.debug("Invalidated session " + sslSession);
            return false;
        } catch (Exception e) {
            failedToVerifyMasterSecret(e);
            return true;
        }
    }

    private SSLSession getSslSession(Socket socket) {
        return ((SSLSocket) socket).getSession();
    }

    private Object getMasterSecret(SSLSession sSLSession, String str) throws Exception {
        Method declaredMethod = Class.forName(str).getDeclaredMethod("getMasterSecret", new Class[0]);
        declaredMethod.setAccessible(true);
        return declaredMethod.invoke(sSLSession, new Object[0]);
    }

    private void failedToVerifyMasterSecret(Throwable th) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Failed to verify the SSL master secret", th);
        }
    }
}
