package org.jboss.netty.handler.ssl;

import java.io.File;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManagerFactory;
import org.jboss.netty.buffer.ChannelBuffer;
import org.jboss.netty.buffer.ChannelBufferInputStream;

/* loaded from: classes3.dex */
public final class JdkSslClientContext extends JdkSslContext {
    private final SSLContext ctx;
    private final List<String> nextProtocols;

    public JdkSslClientContext() throws SSLException {
        this(null, null, null, null, null, 0L, 0L);
    }

    public JdkSslClientContext(File file) throws SSLException {
        this(file, null);
    }

    public JdkSslClientContext(File file, TrustManagerFactory trustManagerFactory) throws SSLException {
        this(null, file, trustManagerFactory, null, null, 0L, 0L);
    }

    public JdkSslClientContext(TrustManagerFactory trustManagerFactory) throws SSLException {
        this(null, trustManagerFactory);
    }

    public JdkSslClientContext(SslBufferPool sslBufferPool, File file, TrustManagerFactory trustManagerFactory, Iterable<String> iterable, Iterable<String> iterable2, long j, long j2) throws SSLException {
        super(sslBufferPool, iterable);
        String next;
        if (iterable2 == null || !iterable2.iterator().hasNext()) {
            this.nextProtocols = Collections.emptyList();
        } else {
            if (!JettyNpnSslEngine.isAvailable()) {
                throw new SSLException("NPN/ALPN unsupported: " + iterable2);
            }
            ArrayList arrayList = new ArrayList();
            Iterator<String> it = iterable2.iterator();
            while (it.hasNext() && (next = it.next()) != null) {
                arrayList.add(next);
            }
            this.nextProtocols = Collections.unmodifiableList(arrayList);
        }
        try {
            if (file == null) {
                SSLContext sSLContext = SSLContext.getInstance(JdkSslContext.PROTOCOL);
                this.ctx = sSLContext;
                if (trustManagerFactory == null) {
                    sSLContext.init(null, null, null);
                } else {
                    trustManagerFactory.init((KeyStore) null);
                    sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                }
            } else {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null, null);
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                for (ChannelBuffer channelBuffer : PemReader.readCertificates(file)) {
                    X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ChannelBufferInputStream(channelBuffer));
                    keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName("RFC2253"), x509Certificate);
                }
                trustManagerFactory = trustManagerFactory == null ? TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()) : trustManagerFactory;
                trustManagerFactory.init(keyStore);
                SSLContext sSLContext2 = SSLContext.getInstance(JdkSslContext.PROTOCOL);
                this.ctx = sSLContext2;
                sSLContext2.init(null, trustManagerFactory.getTrustManagers(), null);
            }
            SSLSessionContext clientSessionContext = this.ctx.getClientSessionContext();
            if (j > 0) {
                clientSessionContext.setSessionCacheSize((int) Math.min(j, 2147483647L));
            }
            if (j2 > 0) {
                clientSessionContext.setSessionTimeout((int) Math.min(j2, 2147483647L));
            }
        } catch (Exception e) {
            throw new SSLException("failed to initialize the server-side SSL context", e);
        }
    }

    @Override // org.jboss.netty.handler.ssl.JdkSslContext
    public SSLContext context() {
        return this.ctx;
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public boolean isClient() {
        return true;
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public List<String> nextProtocols() {
        return this.nextProtocols;
    }
}
