package d.b.a.h.b0;

import d.b.a.h.h;
import d.b.a.h.y.c;
import d.b.a.h.y.d;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.fourthline.cling.model.message.header.EXTHeader;

/* loaded from: classes.dex */
public class b extends d.b.a.h.x.a {
    public static final TrustManager[] O = {new a()};
    private static final c P = d.b.a.h.y.b.a((Class<?>) b.class);
    public static final String Q;
    public static final String R;
    private boolean C;
    private boolean D;
    private String F;
    private String I;
    private KeyStore J;
    private KeyStore K;
    private SSLContext M;
    private String j;
    private String k;
    private InputStream m;
    private String n;
    private String o;
    private String p;
    private InputStream r;
    private transient d.b.a.h.a0.c u;
    private transient d.b.a.h.a0.c v;
    private transient d.b.a.h.a0.c w;
    private String x;
    private String z;

    /* renamed from: b, reason: collision with root package name */
    private final Set<String> f5795b = new LinkedHashSet();
    private Set<String> g = null;
    private final Set<String> h = new LinkedHashSet();
    private Set<String> i = null;
    private String l = "JKS";
    private String q = "JKS";
    private boolean s = false;
    private boolean t = false;
    private String y = "TLS";
    private String A = Q;
    private String B = R;
    private int E = -1;
    private boolean G = false;
    private boolean H = false;
    private boolean L = true;
    private boolean N = true;

    /* loaded from: classes.dex */
    static class a implements X509TrustManager {
        a() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static {
        Q = Security.getProperty("ssl.KeyManagerFactory.algorithm") == null ? "SunX509" : Security.getProperty("ssl.KeyManagerFactory.algorithm");
        R = Security.getProperty("ssl.TrustManagerFactory.algorithm") != null ? Security.getProperty("ssl.TrustManagerFactory.algorithm") : "SunX509";
        String str = System.getProperty("user.home") + File.separator + ".keystore";
    }

    @Deprecated
    protected KeyStore a(InputStream inputStream, String str, String str2, String str3, String str4) {
        return android.support.design.a.b.a(inputStream, str, str2, str3, str4);
    }

    public SSLEngine a(String str, int i) {
        SSLEngine createSSLEngine = this.L ? this.M.createSSLEngine(str, i) : this.M.createSSLEngine();
        a(createSSLEngine);
        return createSSLEngine;
    }

    public void a(SSLEngine sSLEngine) {
        boolean z = this.t;
        if (z) {
            sSLEngine.setWantClientAuth(z);
        }
        boolean z2 = this.s;
        if (z2) {
            sSLEngine.setNeedClientAuth(z2);
        }
        sSLEngine.setEnabledCipherSuites(a(sSLEngine.getEnabledCipherSuites(), sSLEngine.getSupportedCipherSuites()));
        sSLEngine.setEnabledProtocols(b(sSLEngine.getEnabledProtocols(), sSLEngine.getSupportedProtocols()));
    }

    public String[] a(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        Set<String> set = this.i;
        if (set != null) {
            for (String str : set) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        } else {
            linkedHashSet.addAll(Arrays.asList(strArr));
        }
        Set<String> set2 = this.h;
        if (set2 != null) {
            linkedHashSet.removeAll(set2);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public String[] b(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        Set<String> set = this.g;
        if (set != null) {
            for (String str : set) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        } else {
            linkedHashSet.addAll(Arrays.asList(strArr));
        }
        Set<String> set2 = this.f5795b;
        if (set2 != null) {
            linkedHashSet.removeAll(set2);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // d.b.a.h.x.a
    public void doStart() {
        KeyManager[] keyManagerArr;
        TrustManager[] trustManagerArr;
        String sb;
        TrustManager[] trustManagerArr2;
        if (this.M == null) {
            if (this.J == null && this.m == null && this.j == null && this.K == null && this.r == null && this.o == null) {
                if (this.N) {
                    ((d) P).a("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!", new Object[0]);
                    trustManagerArr2 = O;
                } else {
                    trustManagerArr2 = null;
                }
                String str = this.z;
                SecureRandom secureRandom = str == null ? null : SecureRandom.getInstance(str);
                this.M = SSLContext.getInstance(this.y);
                this.M.init(null, trustManagerArr2, secureRandom);
                return;
            }
            if (this.M == null) {
                if (this.J == null && this.m == null && this.j == null) {
                    throw new IllegalStateException("SSL doesn't have a valid keystore");
                }
                if (this.K == null && this.r == null && this.o == null) {
                    this.K = this.J;
                    this.o = this.j;
                    this.r = this.m;
                    this.q = this.l;
                    this.p = this.k;
                    this.w = this.u;
                    this.B = this.A;
                }
                InputStream inputStream = this.m;
                if (inputStream != null && inputStream == this.r) {
                    try {
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        h.a(this.m, byteArrayOutputStream);
                        this.m.close();
                        this.m = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                        this.r = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                    } catch (Exception e) {
                        throw new IllegalStateException(e);
                    }
                }
            }
            KeyStore keyStore = this.J;
            if (keyStore == null) {
                InputStream inputStream2 = this.m;
                String str2 = this.j;
                String str3 = this.l;
                String str4 = this.k;
                d.b.a.h.a0.c cVar = this.u;
                keyStore = a(inputStream2, str2, str3, str4, cVar == null ? null : cVar.toString());
            }
            KeyStore keyStore2 = this.K;
            if (keyStore2 == null) {
                InputStream inputStream3 = this.r;
                String str5 = this.o;
                String str6 = this.q;
                String str7 = this.p;
                d.b.a.h.a0.c cVar2 = this.w;
                keyStore2 = a(inputStream3, str5, str6, str7, cVar2 == null ? null : cVar2.toString());
            }
            Collection<? extends CRL> e2 = android.support.design.a.b.e(this.F);
            if (this.C && keyStore != null) {
                if (this.n == null) {
                    ArrayList list = Collections.list(keyStore.aliases());
                    this.n = list.size() == 1 ? (String) list.get(0) : null;
                }
                String str8 = this.n;
                Certificate certificate = str8 == null ? null : keyStore.getCertificate(str8);
                if (certificate == null) {
                    StringBuilder b2 = b.a.a.a.a.b("No certificate found in the keystore");
                    if (this.n == null) {
                        sb = EXTHeader.DEFAULT_VALUE;
                    } else {
                        StringBuilder b3 = b.a.a.a.a.b(" for alias ");
                        b3.append(this.n);
                        sb = b3.toString();
                    }
                    b2.append(sb);
                    throw new Exception(b2.toString());
                }
                d.b.a.h.a0.a aVar = new d.b.a.h.a0.a(keyStore2, e2);
                aVar.a(this.E);
                aVar.a(this.G);
                aVar.b(this.H);
                aVar.a(keyStore, certificate);
            }
            if (keyStore != null) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.A);
                d.b.a.h.a0.c cVar3 = this.v;
                keyManagerFactory.init(keyStore, (cVar3 == null && (cVar3 = this.u) == null) ? null : cVar3.toString().toCharArray());
                keyManagerArr = keyManagerFactory.getKeyManagers();
                if (this.n != null) {
                    for (int i = 0; i < keyManagerArr.length; i++) {
                        if (keyManagerArr[i] instanceof X509KeyManager) {
                            keyManagerArr[i] = new d.b.a.h.b0.a(this.n, (X509KeyManager) keyManagerArr[i]);
                        }
                    }
                }
            } else {
                keyManagerArr = null;
            }
            if (keyStore2 == null) {
                trustManagerArr = null;
            } else if (this.D && this.B.equalsIgnoreCase("PKIX")) {
                PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore2, new X509CertSelector());
                pKIXBuilderParameters.setMaxPathLength(this.E);
                pKIXBuilderParameters.setRevocationEnabled(true);
                if (e2 != null && !e2.isEmpty()) {
                    pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(e2)));
                }
                if (this.G) {
                    System.setProperty("com.sun.security.enableCRLDP", "true");
                }
                if (this.H) {
                    Security.setProperty("ocsp.enable", "true");
                    String str9 = this.I;
                    if (str9 != null) {
                        Security.setProperty("ocsp.responderURL", str9);
                    }
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.B);
                trustManagerFactory.init(new CertPathTrustManagerParameters(pKIXBuilderParameters));
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } else {
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(this.B);
                trustManagerFactory2.init(keyStore2);
                trustManagerArr = trustManagerFactory2.getTrustManagers();
            }
            String str10 = this.z;
            SecureRandom secureRandom2 = str10 != null ? SecureRandom.getInstance(str10) : null;
            String str11 = this.x;
            this.M = str11 == null ? SSLContext.getInstance(this.y) : SSLContext.getInstance(this.y, str11);
            this.M.init(keyManagerArr, trustManagerArr, secureRandom2);
            SSLEngine e3 = e();
            ((d) P).b("Enabled Protocols {} of {}", Arrays.asList(e3.getEnabledProtocols()), Arrays.asList(e3.getSupportedProtocols()));
            if (((d) P).b()) {
                ((d) P).a("Enabled Ciphers   {} of {}", Arrays.asList(e3.getEnabledCipherSuites()), Arrays.asList(e3.getSupportedCipherSuites()));
            }
        }
    }

    public SSLEngine e() {
        SSLEngine createSSLEngine = this.M.createSSLEngine();
        a(createSSLEngine);
        return createSSLEngine;
    }

    public SSLSocket f() {
        SSLSocket sSLSocket = (SSLSocket) this.M.getSocketFactory().createSocket();
        boolean z = this.t;
        if (z) {
            sSLSocket.setWantClientAuth(z);
        }
        boolean z2 = this.s;
        if (z2) {
            sSLSocket.setNeedClientAuth(z2);
        }
        sSLSocket.setEnabledCipherSuites(a(sSLSocket.getEnabledCipherSuites(), sSLSocket.getSupportedCipherSuites()));
        sSLSocket.setEnabledProtocols(b(sSLSocket.getEnabledProtocols(), sSLSocket.getSupportedProtocols()));
        return sSLSocket;
    }

    public String toString() {
        return String.format("%s@%x(%s,%s)", b.class.getSimpleName(), Integer.valueOf(hashCode()), this.j, this.o);
    }
}
