package defpackage;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class km3 extends ol3 {
    public static final TrustManager[] B0 = {new a()};
    public static final wl3 C0 = vl3.a((Class<?>) km3.class);
    public static final String D0;
    public static final String E0;
    public String i;
    public String j;
    public transient im3 j0;
    public String k0;
    public InputStream l;
    public String m;
    public String m0;
    public String n;
    public String o;
    public boolean p0;
    public InputStream q;
    public boolean q0;
    public String s0;
    public transient im3 t;
    public transient im3 u;
    public String v0;
    public KeyStore w0;
    public KeyStore x0;
    public SSLContext z0;
    public final Set<String> e = new LinkedHashSet();
    public Set<String> f = new LinkedHashSet();
    public final Set<String> g = new LinkedHashSet();
    public Set<String> h = new LinkedHashSet();
    public String k = "JKS";
    public String p = "JKS";
    public boolean r = false;
    public boolean s = false;
    public String l0 = "TLS";
    public String n0 = D0;
    public String o0 = E0;
    public int r0 = -1;
    public boolean t0 = false;
    public boolean u0 = false;
    public boolean y0 = true;
    public boolean A0 = true;

    /* loaded from: classes.dex */
    public static class a implements X509TrustManager {
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static {
        D0 = Security.getProperty("ssl.KeyManagerFactory.algorithm") == null ? "SunX509" : Security.getProperty("ssl.KeyManagerFactory.algorithm");
        E0 = Security.getProperty("ssl.TrustManagerFactory.algorithm") != null ? Security.getProperty("ssl.TrustManagerFactory.algorithm") : "SunX509";
        String str = System.getProperty("user.home") + File.separator + ".keystore";
    }

    public void a(SSLEngine sSLEngine) {
        boolean z = this.s;
        if (z) {
            sSLEngine.setWantClientAuth(z);
        }
        boolean z2 = this.r;
        if (z2) {
            sSLEngine.setNeedClientAuth(z2);
        }
        sSLEngine.setEnabledCipherSuites(a(sSLEngine.getEnabledCipherSuites(), sSLEngine.getSupportedCipherSuites()));
        sSLEngine.setEnabledProtocols(b(sSLEngine.getEnabledProtocols(), sSLEngine.getSupportedProtocols()));
    }

    public String[] a(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.h.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.h) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        Set<String> set = this.g;
        if (set != null) {
            linkedHashSet.removeAll(set);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public String[] b(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.f.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.f) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        Set<String> set = this.e;
        if (set != null) {
            linkedHashSet.removeAll(set);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    @Override // defpackage.ol3
    public void f() throws Exception {
        KeyManager[] keyManagerArr;
        TrustManager[] trustManagerArr;
        String str;
        TrustManager[] trustManagerArr2;
        if (this.z0 == null) {
            String str2 = null;
            if (this.w0 == null && this.l == null && this.i == null && this.x0 == null && this.q == null && this.n == null) {
                if (this.A0) {
                    ((xl3) C0).a("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!", new Object[0]);
                    trustManagerArr2 = B0;
                } else {
                    trustManagerArr2 = null;
                }
                String str3 = this.m0;
                SecureRandom secureRandom = str3 == null ? null : SecureRandom.getInstance(str3);
                String str4 = this.k0;
                this.z0 = str4 == null ? SSLContext.getInstance(this.l0) : SSLContext.getInstance(this.l0, str4);
                this.z0.init(null, trustManagerArr2, secureRandom);
                return;
            }
            if (this.z0 == null) {
                if (this.w0 == null && this.l == null && this.i == null) {
                    throw new IllegalStateException("SSL doesn't have a valid keystore");
                }
                if (this.x0 == null && this.q == null && this.n == null) {
                    this.x0 = this.w0;
                    this.n = this.i;
                    this.q = this.l;
                    this.p = this.k;
                    this.o = this.j;
                    this.j0 = this.t;
                    this.o0 = this.n0;
                }
                InputStream inputStream = this.l;
                if (inputStream != null && inputStream == this.q) {
                    try {
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        InputStream inputStream2 = this.l;
                        byte[] bArr = new byte[xk3.b];
                        while (true) {
                            int read = inputStream2.read(bArr, 0, xk3.b);
                            if (read < 0) {
                                break;
                            } else {
                                byteArrayOutputStream.write(bArr, 0, read);
                            }
                        }
                        this.l.close();
                        this.l = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                        this.q = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                    } catch (Exception e) {
                        throw new IllegalStateException(e);
                    }
                }
            }
            KeyStore keyStore = this.w0;
            if (keyStore == null) {
                InputStream inputStream3 = this.l;
                String str5 = this.i;
                String str6 = this.k;
                String str7 = this.j;
                im3 im3Var = this.t;
                keyStore = au2.a(inputStream3, str5, str6, str7, im3Var == null ? null : im3Var.toString());
            }
            KeyStore keyStore2 = this.x0;
            if (keyStore2 == null) {
                InputStream inputStream4 = this.q;
                String str8 = this.n;
                String str9 = this.p;
                String str10 = this.o;
                im3 im3Var2 = this.j0;
                keyStore2 = au2.a(inputStream4, str8, str9, str10, im3Var2 == null ? null : im3Var2.toString());
            }
            Collection<? extends CRL> d = au2.d(this.s0);
            if (this.p0 && keyStore != null) {
                if (this.m == null) {
                    ArrayList list = Collections.list(keyStore.aliases());
                    this.m = list.size() == 1 ? (String) list.get(0) : null;
                }
                String str11 = this.m;
                Certificate certificate = str11 == null ? null : keyStore.getCertificate(str11);
                str = "";
                if (certificate == null) {
                    StringBuilder a2 = cj.a("No certificate found in the keystore");
                    if (this.m != null) {
                        StringBuilder a3 = cj.a(" for alias ");
                        a3.append(this.m);
                        str = a3.toString();
                    }
                    a2.append(str);
                    throw new Exception(a2.toString());
                }
                fm3 fm3Var = new fm3(keyStore2, d);
                fm3Var.c = this.r0;
                fm3Var.d = this.t0;
                fm3Var.e = this.u0;
                if (certificate instanceof X509Certificate) {
                    ((X509Certificate) certificate).checkValidity();
                    try {
                        String certificateAlias = keyStore.getCertificateAlias((X509Certificate) certificate);
                        if (certificateAlias == null) {
                            try {
                                certificateAlias = "JETTY" + String.format("%016X", Long.valueOf(fm3.g.incrementAndGet()));
                                keyStore.setCertificateEntry(certificateAlias, certificate);
                            } catch (KeyStoreException e2) {
                                e = e2;
                                str2 = certificateAlias;
                                ((xl3) fm3.f).a("", e);
                                StringBuilder a4 = cj.a("Unable to validate certificate");
                                a4.append(str2 != null ? cj.a(" for alias [", str2, "]") : "");
                                a4.append(": ");
                                a4.append(e.getMessage());
                                throw new CertificateException(a4.toString(), e);
                            }
                        }
                        Certificate[] certificateChain = keyStore.getCertificateChain(certificateAlias);
                        if (certificateChain == null || certificateChain.length == 0) {
                            throw new IllegalStateException("Unable to retrieve certificate chain");
                        }
                        fm3Var.a(certificateChain);
                    } catch (KeyStoreException e3) {
                        e = e3;
                    }
                }
            }
            if (keyStore != null) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.n0);
                im3 im3Var3 = this.u;
                keyManagerFactory.init(keyStore, (im3Var3 == null && (im3Var3 = this.t) == null) ? null : im3Var3.toString().toCharArray());
                keyManagerArr = keyManagerFactory.getKeyManagers();
                if (this.m != null) {
                    for (int i = 0; i < keyManagerArr.length; i++) {
                        if (keyManagerArr[i] instanceof X509KeyManager) {
                            keyManagerArr[i] = new jm3(this.m, (X509KeyManager) keyManagerArr[i]);
                        }
                    }
                }
            } else {
                keyManagerArr = null;
            }
            if (keyStore2 == null) {
                trustManagerArr = null;
            } else if (this.q0 && this.o0.equalsIgnoreCase("PKIX")) {
                PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore2, new X509CertSelector());
                pKIXBuilderParameters.setMaxPathLength(this.r0);
                pKIXBuilderParameters.setRevocationEnabled(true);
                if (d != null && !d.isEmpty()) {
                    pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(d)));
                }
                if (this.t0) {
                    System.setProperty("com.sun.security.enableCRLDP", "true");
                }
                if (this.u0) {
                    Security.setProperty("ocsp.enable", "true");
                    String str12 = this.v0;
                    if (str12 != null) {
                        Security.setProperty("ocsp.responderURL", str12);
                    }
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.o0);
                trustManagerFactory.init(new CertPathTrustManagerParameters(pKIXBuilderParameters));
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } else {
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(this.o0);
                trustManagerFactory2.init(keyStore2);
                trustManagerArr = trustManagerFactory2.getTrustManagers();
            }
            String str13 = this.m0;
            SecureRandom secureRandom2 = str13 != null ? SecureRandom.getInstance(str13) : null;
            String str14 = this.k0;
            this.z0 = str14 == null ? SSLContext.getInstance(this.l0) : SSLContext.getInstance(this.l0, str14);
            this.z0.init(keyManagerArr, trustManagerArr, secureRandom2);
            SSLEngine createSSLEngine = this.z0.createSSLEngine();
            a(createSSLEngine);
            ((xl3) C0).b("Enabled Protocols {} of {}", Arrays.asList(createSSLEngine.getEnabledProtocols()), Arrays.asList(createSSLEngine.getSupportedProtocols()));
            if (((xl3) C0).a()) {
                ((xl3) C0).a("Enabled Ciphers   {} of {}", Arrays.asList(createSSLEngine.getEnabledCipherSuites()), Arrays.asList(createSSLEngine.getSupportedCipherSuites()));
            }
        }
    }

    public String toString() {
        return String.format("%s@%x(%s,%s)", km3.class.getSimpleName(), Integer.valueOf(hashCode()), this.i, this.n);
    }
}
