package c.b.b.q;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xsocket.connection.IoProvider;

/* compiled from: SslContextFactory.java */
/* loaded from: classes.dex */
public class d {

    /* renamed from: e, reason: collision with root package name */
    private static final Logger f1461e = LoggerFactory.getLogger(d.class);

    /* renamed from: a, reason: collision with root package name */
    private SSLContext f1462a;

    /* renamed from: b, reason: collision with root package name */
    private InputStream f1463b;

    /* renamed from: c, reason: collision with root package name */
    private InputStream f1464c;

    /* renamed from: d, reason: collision with root package name */
    private final c f1465d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SslContextFactory.java */
    /* loaded from: classes.dex */
    public class a implements X509TrustManager {
        a(d dVar) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public d() throws Exception {
        this(new c());
    }

    public d(c cVar) throws Exception {
        this.f1465d = cVar;
        e();
    }

    private static void a(InputStream inputStream, OutputStream outputStream, byte[] bArr, boolean z) throws IOException {
        if (bArr == null) {
            bArr = new byte[4096];
        }
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                break;
            } else {
                outputStream.write(bArr, 0, read);
            }
        }
        outputStream.flush();
        if (z) {
            inputStream.close();
        }
    }

    private void a(SSLEngine sSLEngine) {
        if (this.f1465d.x()) {
            sSLEngine.setWantClientAuth(this.f1465d.x());
        }
        if (this.f1465d.n()) {
            sSLEngine.setNeedClientAuth(this.f1465d.n());
        }
        sSLEngine.setEnabledCipherSuites(a(sSLEngine.getEnabledCipherSuites(), sSLEngine.getSupportedCipherSuites()));
        sSLEngine.setEnabledProtocols(b(sSLEngine.getEnabledProtocols(), sSLEngine.getSupportedProtocols()));
    }

    private static boolean a(Object[] objArr, Object obj) {
        for (Object obj2 : objArr) {
            if (obj2.equals(obj)) {
                return true;
            }
        }
        return false;
    }

    private void e() throws Exception {
        String str;
        TrustManager[] trustManagerArr;
        if (this.f1462a == null) {
            if (this.f1463b == null && this.f1465d.j() == null && this.f1464c == null && this.f1465d.u() == null) {
                if (this.f1465d.A()) {
                    f1461e.debug("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!");
                    trustManagerArr = new TrustManager[]{new a(this)};
                } else {
                    trustManagerArr = null;
                }
                SecureRandom secureRandom = this.f1465d.r() == null ? null : SecureRandom.getInstance(this.f1465d.r());
                this.f1462a = SSLContext.getInstance(this.f1465d.p());
                this.f1462a.init(null, trustManagerArr, secureRandom);
                return;
            }
            a();
            KeyStore b2 = b();
            KeyStore c2 = c();
            Collection<? extends CRL> a2 = a(this.f1465d.b());
            if (this.f1465d.B() && b2 != null) {
                if (this.f1465d.a() == null) {
                    ArrayList list = Collections.list(b2.aliases());
                    this.f1465d.a(list.size() == 1 ? (String) list.get(0) : null);
                }
                Certificate certificate = this.f1465d.a() == null ? null : b2.getCertificate(this.f1465d.a());
                if (certificate == null) {
                    StringBuilder sb = new StringBuilder();
                    sb.append("No certificate found in the keystore");
                    if (this.f1465d.a() == null) {
                        str = "";
                    } else {
                        str = " for alias " + this.f1465d.a();
                    }
                    sb.append(str);
                    throw new Exception(sb.toString());
                }
                b bVar = new b(c2, a2);
                bVar.a(this.f1465d.m());
                bVar.a(this.f1465d.y());
                bVar.b(this.f1465d.z());
                bVar.a(this.f1465d.o());
                bVar.a(b2, certificate);
            }
            KeyManager[] a3 = a(b2);
            TrustManager[] a4 = a(c2, a2);
            SecureRandom secureRandom2 = this.f1465d.r() != null ? SecureRandom.getInstance(this.f1465d.r()) : null;
            this.f1462a = this.f1465d.q() == null ? SSLContext.getInstance(this.f1465d.p()) : SSLContext.getInstance(this.f1465d.p(), this.f1465d.q());
            this.f1462a.init(a3, a4, secureRandom2);
            SSLEngine d2 = d();
            f1461e.info("Enabled Protocols {} of {}", Arrays.asList(d2.getEnabledProtocols()), Arrays.asList(d2.getSupportedProtocols()));
            f1461e.debug("Enabled Ciphers {} of {}", Arrays.asList(d2.getEnabledCipherSuites()), Arrays.asList(d2.getSupportedCipherSuites()));
        }
    }

    protected KeyStore a(InputStream inputStream, String str, String str2, String str3, String str4) throws Exception {
        char[] cArr = null;
        if (inputStream == null && str == null) {
            return null;
        }
        if (inputStream == null) {
            try {
                inputStream = new FileInputStream(str);
            } catch (Throwable th) {
                if (inputStream != null) {
                    inputStream.close();
                }
                throw th;
            }
        }
        KeyStore keyStore = str3 != null ? KeyStore.getInstance(str2, str3) : KeyStore.getInstance(str2);
        if (str4 != null) {
            cArr = str4.toCharArray();
        }
        keyStore.load(inputStream, cArr);
        if (inputStream == null) {
            return keyStore;
        }
        inputStream.close();
        return keyStore;
    }

    protected Collection<? extends CRL> a(String str) throws Exception {
        FileInputStream fileInputStream;
        Collection<? extends CRL> collection = null;
        if (str != null) {
            try {
                fileInputStream = new FileInputStream(str);
                try {
                    collection = CertificateFactory.getInstance("X.509").generateCRLs(fileInputStream);
                    fileInputStream.close();
                } catch (Throwable th) {
                    th = th;
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    throw th;
                }
            } catch (Throwable th2) {
                th = th2;
                fileInputStream = null;
            }
        }
        return collection;
    }

    public void a() {
        if (this.f1462a != null) {
            return;
        }
        if (this.f1463b == null && this.f1465d.j() == null) {
            throw new IllegalStateException("SSL doesn't have a valid keystore");
        }
        if (this.f1464c == null && this.f1465d.u() == null) {
            this.f1464c = this.f1463b;
            c cVar = this.f1465d;
            cVar.d(cVar.j());
            c cVar2 = this.f1465d;
            cVar2.f(cVar2.l());
            c cVar3 = this.f1465d;
            cVar3.e(cVar3.k());
            c cVar4 = this.f1465d;
            cVar4.c(cVar4.i());
            c cVar5 = this.f1465d;
            cVar5.b(cVar5.g());
        }
        InputStream inputStream = this.f1463b;
        if (inputStream == null || inputStream != this.f1464c) {
            return;
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            a(this.f1463b, byteArrayOutputStream, null, false);
            this.f1463b.close();
            this.f1463b = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            this.f1464c = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
        } catch (Exception e2) {
            throw new IllegalStateException(e2);
        }
    }

    public String[] a(String[] strArr, String[] strArr2) {
        HashSet hashSet = new HashSet();
        if (this.f1465d.e() != null) {
            for (String str : strArr2) {
                if (a(this.f1465d.e(), str)) {
                    hashSet.add(str);
                }
            }
        } else {
            hashSet.addAll(Arrays.asList(strArr));
        }
        if (this.f1465d.c() != null) {
            hashSet.removeAll(Arrays.asList(this.f1465d.c()));
        }
        return (String[]) hashSet.toArray(new String[hashSet.size()]);
    }

    protected KeyManager[] a(KeyStore keyStore) throws Exception {
        KeyManager[] keyManagerArr = null;
        char[] charArray = null;
        if (keyStore != null) {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.f1465d.g());
            if (this.f1465d.h() != null) {
                charArray = this.f1465d.h().toCharArray();
            } else if (this.f1465d.i() != null) {
                charArray = this.f1465d.i().toCharArray();
            }
            keyManagerFactory.init(keyStore, charArray);
            keyManagerArr = keyManagerFactory.getKeyManagers();
            if (this.f1465d.a() != null) {
                for (int i2 = 0; i2 < keyManagerArr.length; i2++) {
                    if (keyManagerArr[i2] instanceof X509KeyManager) {
                        keyManagerArr[i2] = new c.b.b.q.a(this.f1465d.a(), (X509KeyManager) keyManagerArr[i2]);
                    }
                }
            }
        }
        return keyManagerArr;
    }

    protected TrustManager[] a(KeyStore keyStore, Collection<? extends CRL> collection) throws Exception {
        if (keyStore == null) {
            return null;
        }
        if (!this.f1465d.C() || !this.f1465d.s().equalsIgnoreCase("PKIX")) {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.f1465d.s());
            trustManagerFactory.init(keyStore);
            return trustManagerFactory.getTrustManagers();
        }
        PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore, new X509CertSelector());
        pKIXBuilderParameters.setMaxPathLength(this.f1465d.m());
        pKIXBuilderParameters.setRevocationEnabled(true);
        if (collection != null && !collection.isEmpty()) {
            pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(collection)));
        }
        if (this.f1465d.y()) {
            System.setProperty("com.sun.security.enableCRLDP", IoProvider.DEFAULT_READ_BUFFER_PREALLOCATION_ON);
        }
        if (this.f1465d.z()) {
            Security.setProperty("ocsp.enable", IoProvider.DEFAULT_READ_BUFFER_PREALLOCATION_ON);
            if (this.f1465d.o() != null) {
                Security.setProperty("ocsp.responderURL", this.f1465d.o());
            }
        }
        TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(this.f1465d.s());
        trustManagerFactory2.init(new CertPathTrustManagerParameters(pKIXBuilderParameters));
        return trustManagerFactory2.getTrustManagers();
    }

    protected KeyStore b() throws Exception {
        return a(this.f1463b, this.f1465d.j(), this.f1465d.l(), this.f1465d.k(), this.f1465d.i());
    }

    public String[] b(String[] strArr, String[] strArr2) {
        HashSet hashSet = new HashSet();
        if (this.f1465d.f() != null) {
            for (String str : strArr2) {
                if (a(this.f1465d.f(), str)) {
                    hashSet.add(str);
                }
            }
        } else {
            hashSet.addAll(Arrays.asList(strArr));
        }
        if (this.f1465d.d() != null) {
            hashSet.removeAll(Arrays.asList(this.f1465d.d()));
        }
        return (String[]) hashSet.toArray(new String[hashSet.size()]);
    }

    protected KeyStore c() throws Exception {
        return a(this.f1464c, this.f1465d.u(), this.f1465d.w(), this.f1465d.v(), this.f1465d.t());
    }

    public SSLEngine d() {
        SSLEngine createSSLEngine = this.f1462a.createSSLEngine();
        a(createSSLEngine);
        return createSSLEngine;
    }
}
