package g.b.a.h.e;

import c.b.a.z;
import g.b.a.h.b.d;
import g.b.a.h.b.e;
import g.b.a.h.i;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;

/* loaded from: classes.dex */
public class c extends g.b.a.h.a.a {

    /* renamed from: b, reason: collision with root package name */
    public static final String f6206b;

    /* renamed from: c, reason: collision with root package name */
    public static final String f6207c;
    public boolean A;
    public boolean B;
    public String D;
    public String G;
    public KeyStore H;
    public KeyStore I;
    public SSLContext K;
    public String h;
    public String i;
    public InputStream k;
    public String l;
    public String m;
    public String n;
    public InputStream p;
    public transient g.b.a.h.d.c s;
    public transient g.b.a.h.d.c t;
    public transient g.b.a.h.d.c u;
    public String v;
    public String x;

    /* renamed from: a, reason: collision with root package name */
    public static final TrustManager[] f6205a = {new b()};
    public static final d LOG = g.b.a.h.b.c.a((Class<?>) c.class);

    /* renamed from: d, reason: collision with root package name */
    public final Set<String> f6208d = new LinkedHashSet();

    /* renamed from: e, reason: collision with root package name */
    public Set<String> f6209e = null;

    /* renamed from: f, reason: collision with root package name */
    public final Set<String> f6210f = new LinkedHashSet();

    /* renamed from: g, reason: collision with root package name */
    public Set<String> f6211g = null;
    public String j = "JKS";
    public String o = "JKS";
    public boolean q = false;
    public boolean r = false;
    public String w = "TLS";
    public String y = f6206b;
    public String z = f6207c;
    public int C = -1;
    public boolean E = false;
    public boolean F = false;
    public boolean J = true;
    public boolean L = true;

    static {
        f6206b = Security.getProperty("ssl.KeyManagerFactory.algorithm") == null ? "SunX509" : Security.getProperty("ssl.KeyManagerFactory.algorithm");
        f6207c = Security.getProperty("ssl.TrustManagerFactory.algorithm") != null ? Security.getProperty("ssl.TrustManagerFactory.algorithm") : "SunX509";
        String str = System.getProperty("user.home") + File.separator + ".keystore";
    }

    public void a(SSLEngine sSLEngine) {
        boolean z = this.r;
        if (z) {
            sSLEngine.setWantClientAuth(z);
        }
        boolean z2 = this.q;
        if (z2) {
            sSLEngine.setNeedClientAuth(z2);
        }
        sSLEngine.setEnabledCipherSuites(a(sSLEngine.getEnabledCipherSuites(), sSLEngine.getSupportedCipherSuites()));
        sSLEngine.setEnabledProtocols(b(sSLEngine.getEnabledProtocols(), sSLEngine.getSupportedProtocols()));
    }

    public String[] a(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        Set<String> set = this.f6211g;
        if (set != null) {
            for (String str : set) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        } else {
            linkedHashSet.addAll(Arrays.asList(strArr));
        }
        Set<String> set2 = this.f6210f;
        if (set2 != null) {
            linkedHashSet.removeAll(set2);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public String[] b(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        Set<String> set = this.f6209e;
        if (set != null) {
            for (String str : set) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        } else {
            linkedHashSet.addAll(Arrays.asList(strArr));
        }
        Set<String> set2 = this.f6208d;
        if (set2 != null) {
            linkedHashSet.removeAll(set2);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    @Override // g.b.a.h.a.a
    public void doStart() {
        KeyManager[] keyManagerArr;
        TrustManager[] trustManagerArr;
        String str;
        TrustManager[] trustManagerArr2;
        if (this.K == null) {
            String str2 = null;
            if (this.H == null && this.k == null && this.h == null && this.I == null && this.p == null && this.m == null) {
                if (this.L) {
                    ((e) LOG).a("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!", new Object[0]);
                    trustManagerArr2 = f6205a;
                } else {
                    trustManagerArr2 = null;
                }
                String str3 = this.x;
                SecureRandom secureRandom = str3 == null ? null : SecureRandom.getInstance(str3);
                this.K = SSLContext.getInstance(this.w);
                this.K.init(null, trustManagerArr2, secureRandom);
                return;
            }
            if (this.K == null) {
                if (this.H == null && this.k == null && this.h == null) {
                    throw new IllegalStateException("SSL doesn't have a valid keystore");
                }
                if (this.I == null && this.p == null && this.m == null) {
                    this.I = this.H;
                    this.m = this.h;
                    this.p = this.k;
                    this.o = this.j;
                    this.n = this.i;
                    this.u = this.s;
                    this.z = this.y;
                }
                InputStream inputStream = this.k;
                if (inputStream != null && inputStream == this.p) {
                    try {
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        InputStream inputStream2 = this.k;
                        byte[] bArr = new byte[i.f6251b];
                        while (true) {
                            int read = inputStream2.read(bArr, 0, i.f6251b);
                            if (read < 0) {
                                break;
                            } else {
                                byteArrayOutputStream.write(bArr, 0, read);
                            }
                        }
                        this.k.close();
                        this.k = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                        this.p = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                    } catch (Exception e2) {
                        throw new IllegalStateException(e2);
                    }
                }
            }
            KeyStore keyStore = this.H;
            if (keyStore == null) {
                InputStream inputStream3 = this.k;
                String str4 = this.h;
                String str5 = this.j;
                String str6 = this.i;
                g.b.a.h.d.c cVar = this.s;
                keyStore = z.a(inputStream3, str4, str5, str6, cVar == null ? null : cVar.f6197a);
            }
            KeyStore keyStore2 = this.I;
            if (keyStore2 == null) {
                InputStream inputStream4 = this.p;
                String str7 = this.m;
                String str8 = this.o;
                String str9 = this.n;
                g.b.a.h.d.c cVar2 = this.u;
                keyStore2 = z.a(inputStream4, str7, str8, str9, cVar2 == null ? null : cVar2.f6197a);
            }
            Collection<? extends CRL> b2 = z.b(this.D);
            if (this.A && keyStore != null) {
                if (this.l == null) {
                    ArrayList list = Collections.list(keyStore.aliases());
                    this.l = list.size() == 1 ? (String) list.get(0) : null;
                }
                String str10 = this.l;
                Certificate certificate = str10 == null ? null : keyStore.getCertificate(str10);
                str = "";
                if (certificate == null) {
                    StringBuilder a2 = d.a.a.a.a.a("No certificate found in the keystore");
                    if (this.l != null) {
                        StringBuilder a3 = d.a.a.a.a.a(" for alias ");
                        a3.append(this.l);
                        str = a3.toString();
                    }
                    a2.append(str);
                    throw new Exception(a2.toString());
                }
                g.b.a.h.d.a aVar = new g.b.a.h.d.a(keyStore2, b2);
                aVar.f6194e = this.C;
                aVar.f6195f = this.E;
                aVar.f6196g = this.F;
                String str11 = this.G;
                if (certificate instanceof X509Certificate) {
                    ((X509Certificate) certificate).checkValidity();
                    try {
                        String certificateAlias = keyStore.getCertificateAlias((X509Certificate) certificate);
                        if (certificateAlias == null) {
                            try {
                                certificateAlias = "JETTY" + String.format("%016X", Long.valueOf(g.b.a.h.d.a.f6191b.incrementAndGet()));
                                keyStore.setCertificateEntry(certificateAlias, certificate);
                            } catch (KeyStoreException e3) {
                                e = e3;
                                str2 = certificateAlias;
                                ((e) g.b.a.h.d.a.f6190a).a("", e);
                                StringBuilder a4 = d.a.a.a.a.a("Unable to validate certificate");
                                a4.append(str2 != null ? d.a.a.a.a.a(" for alias [", str2, "]") : "");
                                a4.append(": ");
                                a4.append(e.getMessage());
                                throw new CertificateException(a4.toString(), e);
                            }
                        }
                        Certificate[] certificateChain = keyStore.getCertificateChain(certificateAlias);
                        if (certificateChain == null || certificateChain.length == 0) {
                            throw new IllegalStateException("Unable to retrieve certificate chain");
                        }
                        aVar.a(certificateChain);
                    } catch (KeyStoreException e4) {
                        e = e4;
                    }
                }
            }
            if (keyStore != null) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.y);
                g.b.a.h.d.c cVar3 = this.t;
                keyManagerFactory.init(keyStore, (cVar3 == null && (cVar3 = this.s) == null) ? null : cVar3.f6197a.toCharArray());
                keyManagerArr = keyManagerFactory.getKeyManagers();
                if (this.l != null) {
                    for (int i = 0; i < keyManagerArr.length; i++) {
                        if (keyManagerArr[i] instanceof X509KeyManager) {
                            keyManagerArr[i] = new a(this.l, (X509KeyManager) keyManagerArr[i]);
                        }
                    }
                }
            } else {
                keyManagerArr = null;
            }
            if (keyStore2 == null) {
                trustManagerArr = null;
            } else if (this.B && this.z.equalsIgnoreCase("PKIX")) {
                PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore2, new X509CertSelector());
                pKIXBuilderParameters.setMaxPathLength(this.C);
                pKIXBuilderParameters.setRevocationEnabled(true);
                if (b2 != null && !b2.isEmpty()) {
                    pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(b2)));
                }
                if (this.E) {
                    System.setProperty("com.sun.security.enableCRLDP", "true");
                }
                if (this.F) {
                    Security.setProperty("ocsp.enable", "true");
                    String str12 = this.G;
                    if (str12 != null) {
                        Security.setProperty("ocsp.responderURL", str12);
                    }
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.z);
                trustManagerFactory.init(new CertPathTrustManagerParameters(pKIXBuilderParameters));
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } else {
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(this.z);
                trustManagerFactory2.init(keyStore2);
                trustManagerArr = trustManagerFactory2.getTrustManagers();
            }
            String str13 = this.x;
            SecureRandom secureRandom2 = str13 != null ? SecureRandom.getInstance(str13) : null;
            String str14 = this.v;
            this.K = str14 == null ? SSLContext.getInstance(this.w) : SSLContext.getInstance(this.w, str14);
            this.K.init(keyManagerArr, trustManagerArr, secureRandom2);
            SSLEngine createSSLEngine = this.K.createSSLEngine();
            a(createSSLEngine);
            ((e) LOG).b("Enabled Protocols {} of {}", Arrays.asList(createSSLEngine.getEnabledProtocols()), Arrays.asList(createSSLEngine.getSupportedProtocols()));
            if (((e) LOG).a()) {
                ((e) LOG).a("Enabled Ciphers   {} of {}", Arrays.asList(createSSLEngine.getEnabledCipherSuites()), Arrays.asList(createSSLEngine.getSupportedCipherSuites()));
            }
        }
    }

    public String toString() {
        return String.format("%s@%x(%s,%s)", c.class.getSimpleName(), Integer.valueOf(hashCode()), this.h, this.m);
    }
}
