package io.netty.handler.ssl;

import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.internal.tcnative.SSL;
import io.netty.internal.tcnative.SSLContext;
import io.netty.util.internal.SystemPropertyUtil;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.cert.Certificate;
import java.util.List;
import javax.net.ssl.SSLException;

/* loaded from: classes8.dex */
public abstract class ReferenceCountedGmtlsContext extends ReferenceCountedOpenSslContext {
    private static final Integer DH_KEY_LENGTH;
    private static final InternalLogger logger = InternalLoggerFactory.getInstance((Class<?>) ReferenceCountedGmtlsContext.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.netty.handler.ssl.ReferenceCountedGmtlsContext$2, reason: invalid class name */
    /* loaded from: classes8.dex */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol;
        static final /* synthetic */ int[] $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$SelectorFailureBehavior;

        static {
            int[] iArr = new int[ApplicationProtocolConfig.Protocol.values().length];
            $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol = iArr;
            try {
                iArr[ApplicationProtocolConfig.Protocol.NPN.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol[ApplicationProtocolConfig.Protocol.ALPN.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol[ApplicationProtocolConfig.Protocol.NPN_AND_ALPN.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            int[] iArr2 = new int[ApplicationProtocolConfig.SelectorFailureBehavior.values().length];
            $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$SelectorFailureBehavior = iArr2;
            try {
                iArr2[ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE.ordinal()] = 1;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$SelectorFailureBehavior[ApplicationProtocolConfig.SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL.ordinal()] = 2;
            } catch (NoSuchFieldError unused5) {
            }
        }
    }

    static {
        Integer num = null;
        try {
            String str = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: io.netty.handler.ssl.ReferenceCountedGmtlsContext.1
                @Override // java.security.PrivilegedAction
                public String run() {
                    return SystemPropertyUtil.get("jdk.tls.ephemeralDHKeySize");
                }
            });
            if (str != null) {
                try {
                    num = Integer.valueOf(str);
                } catch (NumberFormatException unused) {
                    logger.debug("ReferenceCountedOpenSslContext supports -Djdk.tls.ephemeralDHKeySize={int}, but got: " + str);
                }
            }
        } catch (Throwable unused2) {
        }
        DH_KEY_LENGTH = num;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ReferenceCountedGmtlsContext(Iterable<String> iterable, CipherSuiteFilter cipherSuiteFilter, OpenSslApplicationProtocolNegotiator openSslApplicationProtocolNegotiator, long j, long j2, int i, Certificate[] certificateArr, ClientAuth clientAuth, String[] strArr, boolean z, boolean z2, boolean z3) throws SSLException {
        super(iterable, cipherSuiteFilter, openSslApplicationProtocolNegotiator, j, j2, i, certificateArr, clientAuth, strArr, z, z2, z3);
        long j3 = this.ctx;
        if (j3 != 0) {
            if (z2) {
                SSLContext.disableOcsp(j3);
            }
            SSLContext.free(this.ctx);
            this.ctx = 0L;
        }
        rebuildGmtlsCtx(j, j2, i, openSslApplicationProtocolNegotiator);
    }

    private static int opensslSelectorFailureBehavior(ApplicationProtocolConfig.SelectorFailureBehavior selectorFailureBehavior) {
        int i = AnonymousClass2.$SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$SelectorFailureBehavior[selectorFailureBehavior.ordinal()];
        if (i == 1) {
            return 0;
        }
        if (i == 2) {
            return 1;
        }
        throw new Error();
    }

    private void rebuildGmtlsCtx(long j, long j2, int i, OpenSslApplicationProtocolNegotiator openSslApplicationProtocolNegotiator) throws SSLException {
        try {
            try {
                long make = SSLContext.make(128, i);
                this.ctx = make;
                SSLContext.setOptions(make, SSLContext.getOptions(make) | SSL.SSL_OP_NO_SSLv2 | SSL.SSL_OP_NO_SSLv3 | SSL.SSL_OP_CIPHER_SERVER_PREFERENCE | SSL.SSL_OP_NO_COMPRESSION | SSL.SSL_OP_NO_TICKET);
                long j3 = this.ctx;
                SSLContext.setMode(j3, SSLContext.getMode(j3) | SSL.SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
                Integer num = DH_KEY_LENGTH;
                if (num != null) {
                    SSLContext.setTmpDHLength(this.ctx, num.intValue());
                }
                try {
                    try {
                        SSLContext.setCipherSuite(this.ctx, CipherSuiteConverter.toOpenSsl(cipherSuites()));
                        List<String> protocols = openSslApplicationProtocolNegotiator.protocols();
                        if (!protocols.isEmpty()) {
                            String[] strArr = (String[]) protocols.toArray(new String[0]);
                            int opensslSelectorFailureBehavior = opensslSelectorFailureBehavior(openSslApplicationProtocolNegotiator.selectorFailureBehavior());
                            int i2 = AnonymousClass2.$SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol[openSslApplicationProtocolNegotiator.protocol().ordinal()];
                            if (i2 == 1) {
                                SSLContext.setNpnProtos(this.ctx, strArr, opensslSelectorFailureBehavior);
                            } else if (i2 == 2) {
                                SSLContext.setAlpnProtos(this.ctx, strArr, opensslSelectorFailureBehavior);
                            } else {
                                if (i2 != 3) {
                                    throw new Error();
                                }
                                SSLContext.setNpnProtos(this.ctx, strArr, opensslSelectorFailureBehavior);
                                SSLContext.setAlpnProtos(this.ctx, strArr, opensslSelectorFailureBehavior);
                            }
                        }
                        if (j <= 0) {
                            j = SSLContext.setSessionCacheSize(this.ctx, 20480L);
                        }
                        SSLContext.setSessionCacheSize(this.ctx, j);
                        if (j2 <= 0) {
                            j2 = SSLContext.setSessionCacheTimeout(this.ctx, 300L);
                        }
                        SSLContext.setSessionCacheTimeout(this.ctx, j2);
                        if (this.enableOcsp) {
                            SSLContext.enableOcsp(this.ctx, isClient());
                        }
                    } catch (SSLException e2) {
                        throw e2;
                    }
                } catch (Exception e3) {
                    throw new SSLException("failed to set cipher suite: " + cipherSuites(), e3);
                }
            } catch (Exception e4) {
                throw new SSLException("failed to create an SSL_CTX", e4);
            }
        } catch (Throwable th) {
            release();
            throw th;
        }
    }
}
