package io.netty.handler.ssl;

import io.netty.handler.ssl.n;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Set;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import org.apache.tomcat.jni.CertificateRequestedCallback;
import org.apache.tomcat.jni.SSLContext;
import rm.r;
import rm.s;
import rm.u;
import rm.w;

/* loaded from: classes10.dex */
public final class m extends n {

    /* renamed from: z, reason: collision with root package name */
    public static final cn.b f41517z = cn.c.b(m.class);

    /* renamed from: y, reason: collision with root package name */
    public final w f41518y;

    /* loaded from: classes10.dex */
    public static final class a extends n.f {

        /* renamed from: b, reason: collision with root package name */
        public final X509ExtendedTrustManager f41519b;

        public a(r rVar, X509ExtendedTrustManager x509ExtendedTrustManager) {
            super(rVar);
            this.f41519b = x509ExtendedTrustManager;
        }

        @Override // io.netty.handler.ssl.n.f
        public void b(ReferenceCountedOpenSslEngine referenceCountedOpenSslEngine, X509Certificate[] x509CertificateArr, String str) throws Exception {
            this.f41519b.checkServerTrusted(x509CertificateArr, str, referenceCountedOpenSslEngine);
        }
    }

    /* loaded from: classes10.dex */
    public static final class b implements CertificateRequestedCallback {

        /* renamed from: a, reason: collision with root package name */
        public final r f41520a;

        /* renamed from: b, reason: collision with root package name */
        public final u f41521b;

        public b(r rVar, u uVar) {
            this.f41520a = rVar;
            this.f41521b = uVar;
        }

        public static String a(byte b10) {
            if (b10 == 1) {
                return "RSA";
            }
            if (b10 == 3) {
                return u.f52195d;
            }
            switch (b10) {
                case 64:
                    return u.f52196e;
                case 65:
                    return u.f52198g;
                case 66:
                    return u.f52197f;
                default:
                    return null;
            }
        }

        public static Set<String> c(byte[] bArr) {
            HashSet hashSet = new HashSet(bArr.length);
            for (byte b10 : bArr) {
                String a10 = a(b10);
                if (a10 != null) {
                    hashSet.add(a10);
                }
            }
            return hashSet;
        }

        public CertificateRequestedCallback.KeyMaterial b(long j10, byte[] bArr, byte[][] bArr2) {
            X500Principal[] x500PrincipalArr;
            ReferenceCountedOpenSslEngine j11 = this.f41520a.j(j10);
            try {
                Set<String> c10 = c(bArr);
                String[] strArr = (String[]) c10.toArray(new String[c10.size()]);
                if (bArr2 == null) {
                    x500PrincipalArr = null;
                } else {
                    x500PrincipalArr = new X500Principal[bArr2.length];
                    for (int i10 = 0; i10 < bArr2.length; i10++) {
                        x500PrincipalArr[i10] = new X500Principal(bArr2[i10]);
                    }
                }
                return this.f41521b.c(j11, strArr, x500PrincipalArr);
            } catch (Throwable th2) {
                m.f41517z.debug("request of key failed", th2);
                SSLHandshakeException sSLHandshakeException = new SSLHandshakeException("General OpenSslEngine problem");
                sSLHandshakeException.initCause(th2);
                j11.B = sSLHandshakeException;
                return null;
            }
        }
    }

    /* loaded from: classes10.dex */
    public static final class c extends w {
        public c(n nVar) {
            super(nVar);
        }

        @Override // rm.w
        public boolean a() {
            return false;
        }

        @Override // rm.w
        public void b(boolean z10) {
        }

        @Override // javax.net.ssl.SSLSessionContext
        public int getSessionCacheSize() {
            return 0;
        }

        @Override // javax.net.ssl.SSLSessionContext
        public int getSessionTimeout() {
            return 0;
        }

        @Override // javax.net.ssl.SSLSessionContext
        public void setSessionCacheSize(int i10) {
            if (i10 < 0) {
                throw new IllegalArgumentException();
            }
        }

        @Override // javax.net.ssl.SSLSessionContext
        public void setSessionTimeout(int i10) {
            if (i10 < 0) {
                throw new IllegalArgumentException();
            }
        }
    }

    /* loaded from: classes10.dex */
    public static final class d extends n.f {

        /* renamed from: b, reason: collision with root package name */
        public final X509TrustManager f41522b;

        public d(r rVar, X509TrustManager x509TrustManager) {
            super(rVar);
            this.f41522b = x509TrustManager;
        }

        @Override // io.netty.handler.ssl.n.f
        public void b(ReferenceCountedOpenSslEngine referenceCountedOpenSslEngine, X509Certificate[] x509CertificateArr, String str) throws Exception {
            this.f41522b.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public m(X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, rm.g gVar, ApplicationProtocolConfig applicationProtocolConfig, long j10, long j11) throws SSLException {
        super(iterable, gVar, applicationProtocolConfig, j10, j11, 0, (Certificate[]) x509CertificateArr2, ClientAuth.NONE, false, true);
        try {
            this.f41518y = f1(this, this.f41530c, this.f41542p, x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory);
        } catch (Throwable th2) {
            release();
            throw th2;
        }
    }

    public static w f1(n nVar, long j10, r rVar, X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory) throws SSLException {
        if ((privateKey == null && x509CertificateArr2 != null) || (privateKey != null && x509CertificateArr2 == null)) {
            throw new IllegalArgumentException("Either both keyCertChain and key needs to be null or none of them");
        }
        synchronized (n.class) {
            try {
                try {
                    if (rm.n.s()) {
                        if (keyManagerFactory == null && x509CertificateArr2 != null) {
                            keyManagerFactory = p.l(x509CertificateArr2, privateKey, str, keyManagerFactory);
                        }
                        if (keyManagerFactory != null) {
                            X509KeyManager J0 = n.J0(keyManagerFactory.getKeyManagers());
                            SSLContext.setCertRequestedCallback(j10, new b(rVar, n.c1(J0) ? new s((X509ExtendedKeyManager) J0, str) : new u(J0, str)));
                        }
                    } else {
                        if (keyManagerFactory != null) {
                            throw new IllegalArgumentException("KeyManagerFactory not supported");
                        }
                        if (x509CertificateArr2 != null) {
                            n.S0(j10, x509CertificateArr2, privateKey, str);
                        }
                    }
                    SSLContext.setVerify(j10, 0, 10);
                    try {
                        if (x509CertificateArr != null) {
                            trustManagerFactory = p.o(x509CertificateArr, trustManagerFactory);
                        } else if (trustManagerFactory == null) {
                            trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                            trustManagerFactory.init((KeyStore) null);
                        }
                        X509TrustManager I0 = n.I0(trustManagerFactory.getTrustManagers());
                        if (n.d1(I0)) {
                            SSLContext.setCertVerifyCallback(j10, new a(rVar, (X509ExtendedTrustManager) I0));
                        } else {
                            SSLContext.setCertVerifyCallback(j10, new d(rVar, I0));
                        }
                    } catch (Exception e10) {
                        throw new SSLException("unable to setup trustmanager", e10);
                    }
                } catch (Exception e11) {
                    throw new SSLException("failed to set certificate and key", e11);
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
        return new c(nVar);
    }

    @Override // io.netty.handler.ssl.n
    public u N0() {
        return null;
    }

    @Override // io.netty.handler.ssl.n, io.netty.handler.ssl.p
    /* renamed from: R0 */
    public w s0() {
        return this.f41518y;
    }
}
