package b.b.a.f.e;

import android.annotation.SuppressLint;
import b.b.a.f.b.c;
import b.b.a.f.d.e;
import b.b.a.f.s;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Set;
import java.util.concurrent.CopyOnWriteArraySet;
import java.util.regex.Pattern;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

@SuppressLint({"TrustAllX509TrustManager"})
/* loaded from: classes.dex */
public class b extends b.b.a.f.a.a {

    /* renamed from: a, reason: collision with root package name */
    public static final TrustManager[] f1189a = {new X509TrustManager() { // from class: b.b.a.f.e.b.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }};

    /* renamed from: b, reason: collision with root package name */
    static final c f1190b = b.b.a.f.b.b.a((Class<?>) b.class);
    public static final String c;
    public static final String d;
    private String A;
    private boolean B;
    private boolean C;
    private int D;
    private String E;
    private boolean F;
    private boolean G;
    private String H;
    private KeyStore I;
    private KeyStore J;
    private boolean K;
    private SSLContext L;
    private String M;
    private boolean N;
    private boolean O;
    private final Set<String> e;
    private final Set<String> f;
    private final Set<String> g;
    private final Set<String> h;
    private String i;
    private String j;
    private String k;
    private InputStream l;
    private String m;
    private String n;
    private String o;
    private String p;
    private InputStream q;
    private boolean r;
    private boolean s;
    private transient e t;
    private transient e u;
    private transient e v;
    private String w;
    private String x;
    private String y;
    private String z;

    static {
        c = Security.getProperty("ssl.KeyManagerFactory.algorithm") == null ? KeyManagerFactory.getDefaultAlgorithm() : Security.getProperty("ssl.KeyManagerFactory.algorithm");
        d = Security.getProperty("ssl.TrustManagerFactory.algorithm") == null ? TrustManagerFactory.getDefaultAlgorithm() : Security.getProperty("ssl.TrustManagerFactory.algorithm");
    }

    public b() {
        this(false);
    }

    public b(boolean z) {
        this.e = new LinkedHashSet();
        this.f = new LinkedHashSet();
        this.g = new LinkedHashSet();
        this.h = new LinkedHashSet();
        this.k = "JKS";
        this.p = "JKS";
        this.r = false;
        this.s = false;
        this.x = "TLS";
        this.z = c;
        this.A = d;
        this.D = -1;
        this.F = false;
        this.G = false;
        this.K = true;
        this.M = null;
        this.O = true;
        a(z);
        a("SSL", "SSLv2", "SSLv2Hello", "SSLv3");
    }

    public static X509Certificate[] a(SSLSession sSLSession) {
        try {
            Certificate[] peerCertificates = sSLSession.getPeerCertificates();
            if (peerCertificates == null || peerCertificates.length == 0) {
                return null;
            }
            int length = peerCertificates.length;
            X509Certificate[] x509CertificateArr = new X509Certificate[length];
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (int i = 0; i < length; i++) {
                x509CertificateArr[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(peerCertificates[i].getEncoded()));
            }
            return x509CertificateArr;
        } catch (SSLPeerUnverifiedException e) {
            return null;
        } catch (Exception e2) {
            f1190b.a("EXCEPTION ", e2);
            return null;
        }
    }

    public static int d(String str) {
        if (str == null) {
            return 0;
        }
        if (str.contains("WITH_AES_256_")) {
            return 256;
        }
        if (!str.contains("WITH_RC4_128_") && !str.contains("WITH_AES_128_")) {
            if (str.contains("WITH_RC4_40_")) {
                return 40;
            }
            if (str.contains("WITH_3DES_EDE_CBC_")) {
                return 168;
            }
            if (str.contains("WITH_IDEA_CBC_")) {
                return 128;
            }
            if (!str.contains("WITH_RC2_CBC_40_") && !str.contains("WITH_DES40_CBC_")) {
                return str.contains("WITH_DES_CBC_") ? 56 : 0;
            }
            return 40;
        }
        return 128;
    }

    public SSLEngine a(String str, int i) {
        if (!E()) {
            throw new IllegalStateException("!STARTED");
        }
        SSLEngine createSSLEngine = j() ? this.L.createSSLEngine(str, i) : this.L.createSSLEngine();
        a(createSSLEngine);
        return createSSLEngine;
    }

    public SSLEngine a(InetSocketAddress inetSocketAddress) {
        if (inetSocketAddress == null) {
            return k();
        }
        return a(a() ? inetSocketAddress.getHostName() : inetSocketAddress.getAddress().getHostAddress(), inetSocketAddress.getPort());
    }

    public void a(String str) {
        i();
        this.u = e.a("org.eclipse.jetty.ssl.keypassword", str, null);
    }

    protected void a(Set<String> set) {
        Iterator<String> it = this.g.iterator();
        while (it.hasNext()) {
            Pattern compile = Pattern.compile(it.next());
            for (String str : set) {
                if (compile.matcher(str).matches()) {
                    set.remove(str);
                }
            }
        }
    }

    public void a(SSLEngine sSLEngine) {
        sSLEngine.setSSLParameters(sSLEngine.getSSLParameters());
        if (d()) {
            sSLEngine.setWantClientAuth(d());
        }
        if (a()) {
            sSLEngine.setNeedClientAuth(a());
        }
        sSLEngine.setEnabledCipherSuites(b(sSLEngine.getEnabledCipherSuites(), sSLEngine.getSupportedCipherSuites()));
        sSLEngine.setEnabledProtocols(a(sSLEngine.getEnabledProtocols(), sSLEngine.getSupportedProtocols()));
    }

    public void a(boolean z) {
        this.N = z;
        if (z) {
            b((String) null);
        }
    }

    public void a(String... strArr) {
        i();
        this.e.addAll(Arrays.asList(strArr));
    }

    protected void a(String[] strArr, Set<String> set) {
        Iterator<String> it = this.h.iterator();
        while (it.hasNext()) {
            Pattern compile = Pattern.compile(it.next());
            for (String str : strArr) {
                if (compile.matcher(str).matches()) {
                    set.add(str);
                }
            }
        }
    }

    public boolean a() {
        return this.r;
    }

    public String[] a(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.f.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.f) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        linkedHashSet.removeAll(this.e);
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    protected KeyManager[] a(KeyStore keyStore) {
        char[] cArr = null;
        if (keyStore == null) {
            return null;
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.z);
        if (this.u != null) {
            cArr = this.u.toString().toCharArray();
        } else if (this.t != null) {
            cArr = this.t.toString().toCharArray();
        }
        keyManagerFactory.init(keyStore, cArr);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (this.m != null) {
            int i = 0;
            while (true) {
                int i2 = i;
                if (i2 >= keyManagers.length) {
                    break;
                }
                if (keyManagers[i2] instanceof X509KeyManager) {
                    keyManagers[i2] = new a(this.m, (X509KeyManager) keyManagers[i2]);
                }
                i = i2 + 1;
            }
        }
        return keyManagers;
    }

    protected TrustManager[] a(KeyStore keyStore, Collection<? extends CRL> collection) {
        if (keyStore == null) {
            return null;
        }
        if (!this.C || !this.A.equalsIgnoreCase("PKIX")) {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.A);
            trustManagerFactory.init(keyStore);
            return trustManagerFactory.getTrustManagers();
        }
        PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore, new X509CertSelector());
        pKIXBuilderParameters.setMaxPathLength(this.D);
        pKIXBuilderParameters.setRevocationEnabled(true);
        if (collection != null && !collection.isEmpty()) {
            pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(collection)));
        }
        if (this.F) {
            System.setProperty("com.sun.security.enableCRLDP", "true");
        }
        if (this.G) {
            Security.setProperty("ocsp.enable", "true");
            if (this.H != null) {
                Security.setProperty("ocsp.responderURL", this.H);
            }
        }
        TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(this.A);
        trustManagerFactory2.init(new CertPathTrustManagerParameters(pKIXBuilderParameters));
        return trustManagerFactory2.getTrustManagers();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // b.b.a.f.a.a
    public void b() {
        TrustManager[] trustManagerArr;
        if (this.L == null) {
            if (this.I == null && this.l == null && this.i == null && this.J == null && this.q == null && this.n == null) {
                if (this.N) {
                    if (f1190b.b()) {
                        f1190b.c("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!", new Object[0]);
                    }
                    trustManagerArr = f1189a;
                } else {
                    trustManagerArr = null;
                }
                SecureRandom secureRandom = this.y == null ? null : SecureRandom.getInstance(this.y);
                SSLContext sSLContext = this.w == null ? SSLContext.getInstance(this.x) : SSLContext.getInstance(this.x, this.w);
                sSLContext.init(null, trustManagerArr, secureRandom);
                this.L = sSLContext;
            } else {
                h();
                KeyStore f = f();
                KeyStore g = g();
                Collection<? extends CRL> c2 = c(this.E);
                if (this.B && f != null) {
                    if (this.m == null) {
                        ArrayList list = Collections.list(f.aliases());
                        this.m = list.size() == 1 ? (String) list.get(0) : null;
                    }
                    Certificate certificate = this.m == null ? null : f.getCertificate(this.m);
                    if (certificate == null) {
                        throw new Exception("No certificate found in the keystore" + (this.m == null ? "" : " for alias " + this.m));
                    }
                    b.b.a.f.d.b bVar = new b.b.a.f.d.b(g, c2);
                    bVar.a(this.D);
                    bVar.a(this.F);
                    bVar.b(this.G);
                    bVar.a(this.H);
                    bVar.a(f, certificate);
                }
                KeyManager[] a2 = a(f);
                TrustManager[] a3 = a(g, c2);
                SecureRandom secureRandom2 = this.y != null ? SecureRandom.getInstance(this.y) : null;
                SSLContext sSLContext2 = this.w == null ? SSLContext.getInstance(this.x) : SSLContext.getInstance(this.x, this.w);
                sSLContext2.init(a2, a3, secureRandom2);
                this.L = sSLContext2;
            }
            SSLEngine k = k();
            if (f1190b.b()) {
                f1190b.c("Enabled Protocols {} of {}", Arrays.asList(k.getEnabledProtocols()), Arrays.asList(k.getSupportedProtocols()));
                f1190b.c("Enabled Ciphers   {} of {}", Arrays.asList(k.getEnabledCipherSuites()), Arrays.asList(k.getSupportedCipherSuites()));
            }
        }
    }

    public void b(String str) {
        this.M = str;
    }

    public void b(KeyStore keyStore) {
        i();
        this.I = keyStore;
    }

    public void b(String... strArr) {
        i();
        this.g.clear();
        this.g.addAll(Arrays.asList(strArr));
    }

    public String[] b(String[] strArr, String[] strArr2) {
        CopyOnWriteArraySet copyOnWriteArraySet = new CopyOnWriteArraySet();
        if (this.h.isEmpty()) {
            copyOnWriteArraySet.addAll(Arrays.asList(strArr));
        } else {
            a(strArr2, copyOnWriteArraySet);
        }
        a(copyOnWriteArraySet);
        return (String[]) copyOnWriteArraySet.toArray(new String[copyOnWriteArraySet.size()]);
    }

    protected Collection<? extends CRL> c(String str) {
        return b.b.a.f.d.a.a(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // b.b.a.f.a.a
    public void c() {
        this.L = null;
        super.c();
    }

    public boolean d() {
        return this.s;
    }

    public boolean e() {
        return this.O;
    }

    protected KeyStore f() {
        if (this.I != null) {
            return this.I;
        }
        return b.b.a.f.d.a.a(this.l, this.i, this.k, this.j, this.t == null ? null : this.t.toString());
    }

    protected KeyStore g() {
        if (this.J != null) {
            return this.J;
        }
        return b.b.a.f.d.a.a(this.q, this.n, this.p, this.o, this.v == null ? null : this.v.toString());
    }

    public void h() {
        if (this.L != null) {
            return;
        }
        if (this.I == null && this.l == null && this.i == null) {
            throw new IllegalStateException("SSL doesn't have a valid keystore");
        }
        if (this.J == null && this.q == null && this.n == null) {
            this.J = this.I;
            this.n = this.i;
            this.q = this.l;
            this.p = this.k;
            this.o = this.j;
            this.v = this.t;
            this.A = this.z;
        }
        if (this.l == null || this.l != this.q) {
            return;
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            s.a(this.l, byteArrayOutputStream);
            this.l.close();
            this.l = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            this.q = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    protected void i() {
        if (F()) {
            throw new IllegalStateException("Cannot modify configuration when " + J());
        }
    }

    public boolean j() {
        return this.K;
    }

    public SSLEngine k() {
        if (!E()) {
            throw new IllegalStateException("!STARTED");
        }
        SSLEngine createSSLEngine = this.L.createSSLEngine();
        a(createSSLEngine);
        return createSSLEngine;
    }

    public String toString() {
        return String.format("%s@%x(%s,%s)", getClass().getSimpleName(), Integer.valueOf(hashCode()), this.i, this.n);
    }
}
