package io.netty.handler.ssl;

import io.netty.handler.ssl.OpenSslContext;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.File;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Set;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import org.apache.tomcat.jni.CertificateRequestedCallback;
import org.apache.tomcat.jni.SSLContext;

/* loaded from: classes5.dex */
public final class OpenSslClientContext extends OpenSslContext {
    public static final InternalLogger u = InternalLoggerFactory.b(OpenSslClientContext.class);
    public final OpenSslSessionContext t;

    /* loaded from: classes5.dex */
    public static final class ExtendedTrustManagerVerifyCallback extends OpenSslContext.AbstractCertificateVerifier {
        public final X509ExtendedTrustManager b;

        public ExtendedTrustManagerVerifyCallback(OpenSslEngineMap openSslEngineMap, X509ExtendedTrustManager x509ExtendedTrustManager) {
            super(openSslEngineMap);
            this.b = x509ExtendedTrustManager;
        }

        @Override // io.netty.handler.ssl.OpenSslContext.AbstractCertificateVerifier
        public void b(OpenSslEngine openSslEngine, X509Certificate[] x509CertificateArr, String str) throws Exception {
            this.b.checkServerTrusted(x509CertificateArr, str, openSslEngine);
        }
    }

    /* loaded from: classes5.dex */
    public static final class OpenSslCertificateRequestedCallback implements CertificateRequestedCallback {

        /* renamed from: a, reason: collision with root package name */
        public final OpenSslEngineMap f8694a;
        public final OpenSslKeyMaterialManager b;

        public OpenSslCertificateRequestedCallback(OpenSslEngineMap openSslEngineMap, OpenSslKeyMaterialManager openSslKeyMaterialManager) {
            this.f8694a = openSslEngineMap;
            this.b = openSslKeyMaterialManager;
        }

        public static String a(byte b) {
            if (b == 1) {
                return "RSA";
            }
            if (b == 3) {
                return OpenSslKeyMaterialManager.d;
            }
            switch (b) {
                case 64:
                    return OpenSslKeyMaterialManager.e;
                case 65:
                    return OpenSslKeyMaterialManager.g;
                case 66:
                    return OpenSslKeyMaterialManager.f;
                default:
                    return null;
            }
        }

        public static Set<String> c(byte[] bArr) {
            HashSet hashSet = new HashSet(bArr.length);
            for (byte b : bArr) {
                String a2 = a(b);
                if (a2 != null) {
                    hashSet.add(a2);
                }
            }
            return hashSet;
        }

        public void b(long j, byte[] bArr, byte[][] bArr2) {
            X500Principal[] x500PrincipalArr;
            OpenSslEngine o = this.f8694a.o(j);
            try {
                Set<String> c = c(bArr);
                String[] strArr = (String[]) c.toArray(new String[c.size()]);
                if (bArr2 == null) {
                    x500PrincipalArr = null;
                } else {
                    x500PrincipalArr = new X500Principal[bArr2.length];
                    for (int i = 0; i < bArr2.length; i++) {
                        x500PrincipalArr[i] = new X500Principal(bArr2[i]);
                    }
                }
                this.b.e(o, strArr, x500PrincipalArr);
            } catch (Throwable th) {
                OpenSslClientContext.u.debug("request of key failed", th);
                SSLHandshakeException sSLHandshakeException = new SSLHandshakeException("General OpenSslEngine problem");
                sSLHandshakeException.initCause(th);
                o.y = sSLHandshakeException;
            }
        }
    }

    /* loaded from: classes5.dex */
    public static final class OpenSslClientSessionContext extends OpenSslSessionContext {
        public OpenSslClientSessionContext(OpenSslContext openSslContext) {
            super(openSslContext);
        }

        @Override // io.netty.handler.ssl.OpenSslSessionContext
        public boolean a() {
            return false;
        }

        @Override // io.netty.handler.ssl.OpenSslSessionContext
        public void b(boolean z) {
        }

        @Override // javax.net.ssl.SSLSessionContext
        public int getSessionCacheSize() {
            return 0;
        }

        @Override // javax.net.ssl.SSLSessionContext
        public int getSessionTimeout() {
            return 0;
        }

        @Override // javax.net.ssl.SSLSessionContext
        public void setSessionCacheSize(int i) {
            if (i < 0) {
                throw new IllegalArgumentException();
            }
        }

        @Override // javax.net.ssl.SSLSessionContext
        public void setSessionTimeout(int i) {
            if (i < 0) {
                throw new IllegalArgumentException();
            }
        }
    }

    /* loaded from: classes5.dex */
    public static final class TrustManagerVerifyCallback extends OpenSslContext.AbstractCertificateVerifier {
        public final X509TrustManager b;

        public TrustManagerVerifyCallback(OpenSslEngineMap openSslEngineMap, X509TrustManager x509TrustManager) {
            super(openSslEngineMap);
            this.b = x509TrustManager;
        }

        @Override // io.netty.handler.ssl.OpenSslContext.AbstractCertificateVerifier
        public void b(OpenSslEngine openSslEngine, X509Certificate[] x509CertificateArr, String str) throws Exception {
            this.b.checkServerTrusted(x509CertificateArr, str);
        }
    }

    @Deprecated
    public OpenSslClientContext() throws SSLException {
        this((File) null, (TrustManagerFactory) null, (File) null, (File) null, (String) null, (KeyManagerFactory) null, (Iterable<String>) null, IdentityCipherSuiteFilter.f8681a, (ApplicationProtocolConfig) null, 0L, 0L);
    }

    @Deprecated
    public OpenSslClientContext(File file) throws SSLException {
        this(file, null);
    }

    @Deprecated
    public OpenSslClientContext(File file, TrustManagerFactory trustManagerFactory) throws SSLException {
        this(file, trustManagerFactory, (File) null, (File) null, (String) null, (KeyManagerFactory) null, (Iterable<String>) null, IdentityCipherSuiteFilter.f8681a, (ApplicationProtocolConfig) null, 0L, 0L);
    }

    @Deprecated
    public OpenSslClientContext(File file, TrustManagerFactory trustManagerFactory, File file2, File file3, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, CipherSuiteFilter cipherSuiteFilter, ApplicationProtocolConfig applicationProtocolConfig, long j, long j2) throws SSLException {
        this(SslContext.e0(file), trustManagerFactory, SslContext.e0(file2), SslContext.b0(file3, str), str, keyManagerFactory, iterable, cipherSuiteFilter, applicationProtocolConfig, j, j2);
    }

    @Deprecated
    public OpenSslClientContext(File file, TrustManagerFactory trustManagerFactory, Iterable<String> iterable, ApplicationProtocolConfig applicationProtocolConfig, long j, long j2) throws SSLException {
        this(file, trustManagerFactory, (File) null, (File) null, (String) null, (KeyManagerFactory) null, iterable, IdentityCipherSuiteFilter.f8681a, applicationProtocolConfig, j, j2);
    }

    @Deprecated
    public OpenSslClientContext(File file, TrustManagerFactory trustManagerFactory, Iterable<String> iterable, CipherSuiteFilter cipherSuiteFilter, ApplicationProtocolConfig applicationProtocolConfig, long j, long j2) throws SSLException {
        this(file, trustManagerFactory, (File) null, (File) null, (String) null, (KeyManagerFactory) null, iterable, cipherSuiteFilter, applicationProtocolConfig, j, j2);
    }

    @Deprecated
    public OpenSslClientContext(TrustManagerFactory trustManagerFactory) throws SSLException {
        this(null, trustManagerFactory);
    }

    public OpenSslClientContext(X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, CipherSuiteFilter cipherSuiteFilter, ApplicationProtocolConfig applicationProtocolConfig, long j, long j2) throws SSLException {
        super(iterable, cipherSuiteFilter, applicationProtocolConfig, j, j2, 0, x509CertificateArr2, ClientAuth.NONE);
        TrustManagerFactory trustManagerFactory2;
        try {
            if ((privateKey == null && x509CertificateArr2 != null) || (privateKey != null && x509CertificateArr2 == null)) {
                throw new IllegalArgumentException("Either both keyCertChain and key needs to be null or none of them");
            }
            synchronized (OpenSslContext.class) {
                try {
                    try {
                        if (OpenSsl.o()) {
                            KeyManagerFactory d = x509CertificateArr2 != null ? SslContext.d(x509CertificateArr2, privateKey, str, keyManagerFactory) : keyManagerFactory;
                            if (d != null) {
                                X509KeyManager i0 = OpenSslContext.i0(d.getKeyManagers());
                                SSLContext.setCertRequestedCallback(this.b, new OpenSslCertificateRequestedCallback(this.l, OpenSslContext.y0(i0) ? new OpenSslExtendedKeyMaterialManager((X509ExtendedKeyManager) i0, str) : new OpenSslKeyMaterialManager(i0, str)));
                            }
                        } else {
                            if (keyManagerFactory != null) {
                                throw new IllegalArgumentException("KeyManagerFactory not supported");
                            }
                            if (x509CertificateArr2 != null && privateKey != null) {
                                OpenSslContext.p0(this.b, x509CertificateArr2, privateKey, str);
                            }
                        }
                        SSLContext.setVerify(this.b, 0, 10);
                        try {
                            if (x509CertificateArr != null) {
                                trustManagerFactory2 = SslContext.g(x509CertificateArr, trustManagerFactory);
                            } else if (trustManagerFactory == null) {
                                trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                                trustManagerFactory2.init((KeyStore) null);
                            } else {
                                trustManagerFactory2 = trustManagerFactory;
                            }
                            X509TrustManager h0 = OpenSslContext.h0(trustManagerFactory2.getTrustManagers());
                            if (OpenSslContext.z0(h0)) {
                                SSLContext.setCertVerifyCallback(this.b, new ExtendedTrustManagerVerifyCallback(this.l, (X509ExtendedTrustManager) h0));
                            } else {
                                SSLContext.setCertVerifyCallback(this.b, new TrustManagerVerifyCallback(this.l, h0));
                            }
                        } catch (Exception e) {
                            throw new SSLException("unable to setup trustmanager", e);
                        }
                    } catch (Exception e2) {
                        throw new SSLException("failed to set certificate and key", e2);
                    }
                } catch (Throwable th) {
                    throw th;
                }
            }
            this.t = new OpenSslClientSessionContext(this);
        } catch (Throwable th2) {
            k0();
            throw th2;
        }
    }

    @Override // io.netty.handler.ssl.OpenSslContext
    public OpenSslKeyMaterialManager l0() {
        return null;
    }

    @Override // io.netty.handler.ssl.OpenSslContext, io.netty.handler.ssl.SslContext
    /* renamed from: o0, reason: merged with bridge method [inline-methods] */
    public OpenSslSessionContext W() {
        return this.t;
    }
}
