package w8.a.d.f;

import java.nio.charset.Charset;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateRevokedException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.tomcat.jni.CertificateVerifier;
import org.apache.tomcat.jni.Pool;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.jni.SSLContext;
import w8.a.d.f.b;
import w8.a.f.l0.y0;

/* loaded from: classes2.dex */
public abstract class b0 extends p0 {
    private static final byte[] n;
    private static final byte[] o;
    private static final byte[] p;
    private static final byte[] q;
    private static final w8.a.f.l0.h1.f r;
    private static final boolean s;
    private static final List<String> t;
    public static final int u = 10;
    public static final y v;
    public volatile long b;
    public long c;
    private volatile int d;
    private volatile boolean e;
    private final List<String> f;
    private final long g;
    private final long h;
    private final e0 i;
    private final y j;
    private final int k;
    private final Certificate[] l;
    private final i m;

    /* loaded from: classes2.dex */
    public static class a implements y {
        @Override // w8.a.d.f.y
        public b.a a() {
            return b.a.NONE;
        }

        @Override // w8.a.d.f.y
        public b.c b() {
            return b.c.CHOOSE_MY_LAST_PROTOCOL;
        }

        @Override // w8.a.d.f.e
        public List<String> c() {
            return Collections.emptyList();
        }

        @Override // w8.a.d.f.y
        public b.EnumC0521b h() {
            return b.EnumC0521b.ACCEPT;
        }
    }

    /* loaded from: classes2.dex */
    public static /* synthetic */ class b {
        public static final /* synthetic */ int[] a;
        public static final /* synthetic */ int[] b;
        public static final /* synthetic */ int[] c;

        static {
            int[] iArr = new int[b.EnumC0521b.values().length];
            c = iArr;
            try {
                iArr[b.EnumC0521b.CHOOSE_MY_LAST_PROTOCOL.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                c[b.EnumC0521b.ACCEPT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            int[] iArr2 = new int[b.c.values().length];
            b = iArr2;
            try {
                iArr2[b.c.NO_ADVERTISE.ordinal()] = 1;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                b[b.c.CHOOSE_MY_LAST_PROTOCOL.ordinal()] = 2;
            } catch (NoSuchFieldError unused4) {
            }
            int[] iArr3 = new int[b.a.values().length];
            a = iArr3;
            try {
                iArr3[b.a.NPN.ordinal()] = 1;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                a[b.a.ALPN.ordinal()] = 2;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                a[b.a.NPN_AND_ALPN.ordinal()] = 3;
            } catch (NoSuchFieldError unused7) {
            }
            try {
                a[b.a.NONE.ordinal()] = 4;
            } catch (NoSuchFieldError unused8) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public abstract class c implements CertificateVerifier {
        public c() {
        }

        public final int a(long j, byte[][] bArr, String str) {
            X509Certificate[] n0 = b0.n0(bArr);
            d0 J = b0.this.i.J(j);
            try {
                b(J, n0, str);
                return 0;
            } catch (Throwable th) {
                b0.r.h("verification of certificate failed", th);
                SSLHandshakeException sSLHandshakeException = new SSLHandshakeException("General OpenSslEngine problem");
                sSLHandshakeException.initCause(th);
                J.u = sSLHandshakeException;
                if (th instanceof z) {
                    return th.a();
                }
                if (th instanceof CertificateExpiredException) {
                    return 10;
                }
                if (th instanceof CertificateNotYetValidException) {
                    return 9;
                }
                return (w8.a.f.l0.o0.F0() < 7 || !(th instanceof CertificateRevokedException)) ? 1 : 23;
            }
        }

        public abstract void b(d0 d0Var, X509Certificate[] x509CertificateArr, String str) throws Exception;
    }

    /* loaded from: classes2.dex */
    public static final class d implements e0 {
        private final Map<Long, d0> b;

        private d() {
            this.b = w8.a.f.l0.o0.K0();
        }

        public /* synthetic */ d(a aVar) {
            this();
        }

        @Override // w8.a.d.f.e0
        public d0 J(long j) {
            return this.b.remove(Long.valueOf(j));
        }

        @Override // w8.a.d.f.e0
        public void a(d0 d0Var) {
            this.b.put(Long.valueOf(d0Var.N()), d0Var);
        }
    }

    static {
        Charset charset = w8.a.f.j.f;
        n = "-----BEGIN CERTIFICATE-----\n".getBytes(charset);
        o = "\n-----END CERTIFICATE-----\n".getBytes(charset);
        p = "-----BEGIN PRIVATE KEY-----\n".getBytes(charset);
        q = "\n-----END PRIVATE KEY-----\n".getBytes(charset);
        w8.a.f.l0.h1.f a2 = w8.a.f.l0.h1.g.a(b0.class);
        r = a2;
        s = y0.f("jdk.tls.rejectClientInitiatedRenegotiation", false);
        v = new a();
        ArrayList arrayList = new ArrayList();
        Collections.addAll(arrayList, "ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-RSA-AES128-SHA", "ECDHE-RSA-AES256-SHA", "AES128-GCM-SHA256", "AES128-SHA", "AES256-SHA", "DES-CBC3-SHA");
        t = Collections.unmodifiableList(arrayList);
        if (a2.b()) {
            a2.I("Default cipher suite (OpenSSL): " + arrayList);
        }
    }

    public b0(Iterable<String> iterable, h hVar, w8.a.d.f.b bVar, long j, long j2, int i, Certificate[] certificateArr, i iVar) throws SSLException {
        this(iterable, hVar, g0(bVar), j, j2, i, certificateArr, iVar);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public b0(Iterable<String> iterable, h hVar, y yVar, long j, long j2, int i, Certificate[] certificateArr, i iVar) throws SSLException {
        long j3;
        String next;
        ArrayList arrayList = null;
        this.i = new d(0 == true ? 1 : 0);
        x.f();
        if (i != 1 && i != 0) {
            throw new IllegalArgumentException("mode most be either SSL.SSL_MODE_SERVER or SSL.SSL_MODE_CLIENT");
        }
        this.k = i;
        this.m = W() ? (i) w8.a.f.l0.k0.e(iVar, "clientAuth") : i.NONE;
        if (i == 1) {
            this.e = s;
        }
        this.l = certificateArr == null ? null : (Certificate[]) certificateArr.clone();
        if (iterable != null) {
            arrayList = new ArrayList();
            Iterator<String> it = iterable.iterator();
            while (it.hasNext() && (next = it.next()) != null) {
                String l = g.l(next);
                if (l != null) {
                    next = l;
                }
                arrayList.add(next);
            }
        }
        List<String> asList = Arrays.asList(((h) w8.a.f.l0.k0.e(hVar, "cipherFilter")).a(arrayList, t, x.b()));
        this.f = asList;
        this.j = (y) w8.a.f.l0.k0.e(yVar, "apn");
        this.c = Pool.create(0L);
        try {
            synchronized (b0.class) {
                try {
                    try {
                        this.b = SSLContext.make(this.c, 31, i);
                        SSLContext.setOptions(this.b, 4095);
                        SSLContext.setOptions(this.b, 16777216);
                        SSLContext.setOptions(this.b, w8.a.d.a.q0.z.i);
                        SSLContext.setOptions(this.b, 4194304);
                        SSLContext.setOptions(this.b, 524288);
                        SSLContext.setOptions(this.b, 1048576);
                        SSLContext.setOptions(this.b, 65536);
                        SSLContext.setMode(this.b, SSLContext.getMode(this.b) | 2);
                        try {
                            try {
                                SSLContext.setCipherSuite(this.b, g.a(asList));
                                List<String> c2 = yVar.c();
                                if (!c2.isEmpty()) {
                                    String[] strArr = (String[]) c2.toArray(new String[c2.size()]);
                                    int c0 = c0(yVar.b());
                                    int i2 = b.a[yVar.a().ordinal()];
                                    if (i2 != 1) {
                                        if (i2 == 2) {
                                            j3 = this.b;
                                        } else {
                                            if (i2 != 3) {
                                                throw new Error();
                                            }
                                            SSLContext.setNpnProtos(this.b, strArr, c0);
                                            j3 = this.b;
                                        }
                                        SSLContext.setAlpnProtos(j3, strArr, c0);
                                    } else {
                                        SSLContext.setNpnProtos(this.b, strArr, c0);
                                    }
                                }
                                if (j > 0) {
                                    this.g = j;
                                    SSLContext.setSessionCacheSize(this.b, j);
                                } else {
                                    long sessionCacheSize = SSLContext.setSessionCacheSize(this.b, 20480L);
                                    this.g = sessionCacheSize;
                                    SSLContext.setSessionCacheSize(this.b, sessionCacheSize);
                                }
                                if (j2 > 0) {
                                    this.h = j2;
                                    SSLContext.setSessionCacheTimeout(this.b, j2);
                                } else {
                                    long sessionCacheTimeout = SSLContext.setSessionCacheTimeout(this.b, 300L);
                                    this.h = sessionCacheTimeout;
                                    SSLContext.setSessionCacheTimeout(this.b, sessionCacheTimeout);
                                }
                            } catch (Exception e) {
                                throw new SSLException("failed to set cipher suite: " + this.f, e);
                            }
                        } catch (SSLException e2) {
                            throw e2;
                        }
                    } catch (Exception e3) {
                        throw new SSLException("failed to create an SSL_CTX", e3);
                    }
                } catch (Throwable th) {
                    throw th;
                }
            }
        } catch (Throwable th2) {
            r0();
            throw th2;
        }
    }

    private static int c0(b.c cVar) {
        int i = b.b[cVar.ordinal()];
        if (i == 1) {
            return 0;
        }
        if (i == 2) {
            return 1;
        }
        throw new Error();
    }

    private static long d0(w8.a.b.i iVar) throws Exception {
        long newMemBIO = SSL.newMemBIO();
        int Y8 = iVar.Y8();
        if (SSL.writeToBIO(newMemBIO, x.a(iVar), Y8) == Y8) {
            return newMemBIO;
        }
        SSL.freeBIO(newMemBIO);
        throw new IllegalStateException("Could not write data to memory BIO");
    }

    public static long e0(PrivateKey privateKey) throws Exception {
        if (privateKey == null) {
            return 0L;
        }
        w8.a.b.i N = w8.a.b.v0.N();
        try {
            N.W7(p);
            w8.a.b.i F = w8.a.b.v0.F(privateKey.getEncoded());
            try {
                w8.a.b.i j = w8.a.d.a.o0.a.j(F, true);
                try {
                    N.q8(j);
                    o0(F);
                    N.W7(q);
                    return d0(N);
                } finally {
                    o0(j);
                }
            } catch (Throwable th) {
                o0(F);
                throw th;
            }
        } finally {
            o0(N);
        }
    }

    public static long f0(X509Certificate[] x509CertificateArr) throws Exception {
        if (x509CertificateArr == null) {
            return 0L;
        }
        w8.a.b.i N = w8.a.b.v0.N();
        try {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                N.W7(n);
                w8.a.b.i F = w8.a.b.v0.F(x509Certificate.getEncoded());
                try {
                    try {
                        N.q8(w8.a.d.a.o0.a.j(F, true));
                        F.s();
                        N.W7(o);
                    } finally {
                    }
                } catch (Throwable th) {
                    F.s();
                    throw th;
                }
            }
            return d0(N);
        } finally {
            N.s();
        }
    }

    public static y g0(w8.a.d.f.b bVar) {
        if (bVar == null) {
            return v;
        }
        int i = b.a[bVar.a().ordinal()];
        if (i != 1 && i != 2 && i != 3) {
            if (i == 4) {
                return v;
            }
            throw new Error();
        }
        int i2 = b.c[bVar.b().ordinal()];
        if (i2 != 1 && i2 != 2) {
            throw new UnsupportedOperationException("OpenSSL provider does not support " + bVar.b() + " behavior");
        }
        int i3 = b.b[bVar.c().ordinal()];
        if (i3 == 1 || i3 == 2) {
            return new c0(bVar);
        }
        throw new UnsupportedOperationException("OpenSSL provider does not support " + bVar.c() + " behavior");
    }

    public static X509TrustManager i0(TrustManager[] trustManagerArr) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        throw new IllegalStateException("no X509TrustManager found");
    }

    public static void j0(KeyManagerFactory keyManagerFactory) {
        if (keyManagerFactory != null) {
            throw new IllegalArgumentException("KeyManagerFactory is currently not supported with OpenSslContext");
        }
    }

    public static boolean m0(X509TrustManager x509TrustManager) {
        return w8.a.f.l0.o0.F0() >= 7 && (x509TrustManager instanceof X509ExtendedTrustManager);
    }

    public static X509Certificate[] n0(byte[][] bArr) {
        int length = bArr.length;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        for (int i = 0; i < length; i++) {
            x509CertificateArr[i] = new m0(bArr[i]);
        }
        return x509CertificateArr;
    }

    private static void o0(w8.a.b.i iVar) {
        iVar.N8(0, iVar.c6());
        iVar.s();
    }

    @Override // w8.a.d.f.p0
    public final SSLEngine E(w8.a.b.j jVar) {
        return F(jVar, null, -1);
    }

    @Override // w8.a.d.f.p0
    public final SSLEngine F(w8.a.b.j jVar, String str, int i) {
        return new d0(this.b, jVar, V(), a0(), this.j, this.i, this.e, str, i, this.l, this.m);
    }

    @Override // w8.a.d.f.p0
    public final List<String> P() {
        return this.f;
    }

    @Override // w8.a.d.f.p0
    public final boolean V() {
        return this.k == 0;
    }

    @Override // w8.a.d.f.p0
    public final long Z() {
        return this.g;
    }

    @Override // w8.a.d.f.p0
    public e b() {
        return this.j;
    }

    @Override // w8.a.d.f.p0
    public final long b0() {
        return this.h;
    }

    public final void finalize() throws Throwable {
        super.finalize();
        r0();
    }

    public void k0(boolean z) {
        this.e = z;
    }

    @Deprecated
    public final void l0(byte[] bArr) {
        a0().b(bArr);
    }

    @Deprecated
    public final long q0() {
        return this.b;
    }

    public final void r0() {
        synchronized (b0.class) {
            if (this.b != 0) {
                SSLContext.free(this.b);
                this.b = 0L;
            }
            long j = this.c;
            if (j != 0) {
                Pool.destroy(j);
                this.c = 0L;
            }
        }
    }

    @Override // w8.a.d.f.p0
    /* renamed from: s0 */
    public abstract j0 a0();

    public final long t0() {
        return this.b;
    }

    @Deprecated
    public final k0 u0() {
        return a0().e();
    }
}
