package io.netty.handler.ssl;

import io.netty.handler.ssl.ReferenceCountedOpenSslContext;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.tomcat.jni.CertificateRequestedCallback;
import org.apache.tomcat.jni.SSLContext;

/* loaded from: classes4.dex */
public final class ReferenceCountedOpenSslClientContext extends ReferenceCountedOpenSslContext {

    /* renamed from: w, reason: collision with root package name */
    public static final InternalLogger f37333w = InternalLoggerFactory.b(ReferenceCountedOpenSslClientContext.class);

    /* renamed from: v, reason: collision with root package name */
    public final OpenSslSessionContext f37334v;

    /* loaded from: classes4.dex */
    public static final class ExtendedTrustManagerVerifyCallback extends ReferenceCountedOpenSslContext.AbstractCertificateVerifier {

        /* renamed from: b, reason: collision with root package name */
        public final X509ExtendedTrustManager f37335b;

        public ExtendedTrustManagerVerifyCallback(OpenSslEngineMap openSslEngineMap, X509ExtendedTrustManager x509ExtendedTrustManager) {
            super(openSslEngineMap);
            this.f37335b = x509ExtendedTrustManager;
        }
    }

    /* loaded from: classes4.dex */
    public static final class OpenSslCertificateRequestedCallback implements CertificateRequestedCallback {

        /* renamed from: a, reason: collision with root package name */
        public final OpenSslEngineMap f37336a;

        /* renamed from: b, reason: collision with root package name */
        public final OpenSslKeyMaterialManager f37337b;

        public OpenSslCertificateRequestedCallback(OpenSslEngineMap openSslEngineMap, OpenSslKeyMaterialManager openSslKeyMaterialManager) {
            this.f37336a = openSslEngineMap;
            this.f37337b = openSslKeyMaterialManager;
        }
    }

    /* loaded from: classes4.dex */
    public static final class OpenSslClientSessionContext extends OpenSslSessionContext {
        public OpenSslClientSessionContext(ReferenceCountedOpenSslContext referenceCountedOpenSslContext) {
            super(referenceCountedOpenSslContext);
        }

        @Override // javax.net.ssl.SSLSessionContext
        public int getSessionCacheSize() {
            return 0;
        }

        @Override // javax.net.ssl.SSLSessionContext
        public int getSessionTimeout() {
            return 0;
        }

        @Override // javax.net.ssl.SSLSessionContext
        public void setSessionCacheSize(int i2) {
            if (i2 < 0) {
                throw new IllegalArgumentException();
            }
        }

        @Override // javax.net.ssl.SSLSessionContext
        public void setSessionTimeout(int i2) {
            if (i2 < 0) {
                throw new IllegalArgumentException();
            }
        }
    }

    /* loaded from: classes4.dex */
    public static final class TrustManagerVerifyCallback extends ReferenceCountedOpenSslContext.AbstractCertificateVerifier {

        /* renamed from: b, reason: collision with root package name */
        public final X509TrustManager f37338b;

        public TrustManagerVerifyCallback(OpenSslEngineMap openSslEngineMap, X509TrustManager x509TrustManager) {
            super(openSslEngineMap);
            this.f37338b = x509TrustManager;
        }
    }

    public ReferenceCountedOpenSslClientContext(X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, CipherSuiteFilter cipherSuiteFilter, ApplicationProtocolConfig applicationProtocolConfig, long j2, long j3) throws SSLException {
        super(iterable, cipherSuiteFilter, applicationProtocolConfig, j2, j3, 0, (Certificate[]) x509CertificateArr2, ClientAuth.NONE, false, true);
        try {
            this.f37334v = v0(this, this.f37345c, this.f37356n, x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory);
        } catch (Throwable th) {
            release();
            throw th;
        }
    }

    public static OpenSslSessionContext v0(ReferenceCountedOpenSslContext referenceCountedOpenSslContext, long j2, OpenSslEngineMap openSslEngineMap, X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory) throws SSLException {
        if ((privateKey == null && x509CertificateArr2 != null) || (privateKey != null && x509CertificateArr2 == null)) {
            throw new IllegalArgumentException("Either both keyCertChain and key needs to be null or none of them");
        }
        synchronized (ReferenceCountedOpenSslContext.class) {
            try {
                try {
                    if (OpenSsl.o()) {
                        if (keyManagerFactory == null && x509CertificateArr2 != null) {
                            keyManagerFactory = SslContext.f(x509CertificateArr2, privateKey, str, keyManagerFactory);
                        }
                        if (keyManagerFactory != null) {
                            X509KeyManager V = ReferenceCountedOpenSslContext.V(keyManagerFactory.getKeyManagers());
                            SSLContext.setCertRequestedCallback(j2, new OpenSslCertificateRequestedCallback(openSslEngineMap, ReferenceCountedOpenSslContext.r0(V) ? new OpenSslExtendedKeyMaterialManager((X509ExtendedKeyManager) V, str) : new OpenSslKeyMaterialManager(V, str)));
                        }
                    } else {
                        if (keyManagerFactory != null) {
                            throw new IllegalArgumentException("KeyManagerFactory not supported");
                        }
                        if (x509CertificateArr2 != null) {
                            ReferenceCountedOpenSslContext.f0(j2, x509CertificateArr2, privateKey, str);
                        }
                    }
                    SSLContext.setVerify(j2, 0, 10);
                    try {
                        if (x509CertificateArr != null) {
                            trustManagerFactory = SslContext.h(x509CertificateArr, trustManagerFactory);
                        } else if (trustManagerFactory == null) {
                            trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                            trustManagerFactory.init((KeyStore) null);
                        }
                        X509TrustManager U = ReferenceCountedOpenSslContext.U(trustManagerFactory.getTrustManagers());
                        if (ReferenceCountedOpenSslContext.s0(U)) {
                            SSLContext.setCertVerifyCallback(j2, new ExtendedTrustManagerVerifyCallback(openSslEngineMap, b.a(U)));
                        } else {
                            SSLContext.setCertVerifyCallback(j2, new TrustManagerVerifyCallback(openSslEngineMap, U));
                        }
                    } catch (Exception e2) {
                        throw new SSLException("unable to setup trustmanager", e2);
                    }
                } catch (Exception e3) {
                    throw new SSLException("failed to set certificate and key", e3);
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return new OpenSslClientSessionContext(referenceCountedOpenSslContext);
    }

    @Override // io.netty.handler.ssl.ReferenceCountedOpenSslContext
    public OpenSslKeyMaterialManager Y() {
        return null;
    }

    @Override // io.netty.handler.ssl.ReferenceCountedOpenSslContext
    public OpenSslSessionContext e0() {
        return this.f37334v;
    }
}
