package io.netty.handler.ssl;

import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.util.internal.ObjectUtil;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.File;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.crypto.NoSuchPaddingException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSessionContext;

/* loaded from: classes4.dex */
public class i extends SslContext {

    /* renamed from: j, reason: collision with root package name */
    private static final io.netty.util.internal.logging.c f34179j = InternalLoggerFactory.b(i.class);

    /* renamed from: k, reason: collision with root package name */
    static final String f34180k = "TLS";

    /* renamed from: l, reason: collision with root package name */
    static final String[] f34181l;

    /* renamed from: m, reason: collision with root package name */
    static final List<String> f34182m;

    /* renamed from: n, reason: collision with root package name */
    static final Set<String> f34183n;

    /* renamed from: c, reason: collision with root package name */
    private final String[] f34184c;

    /* renamed from: d, reason: collision with root package name */
    private final String[] f34185d;

    /* renamed from: e, reason: collision with root package name */
    private final List<String> f34186e;

    /* renamed from: f, reason: collision with root package name */
    private final g f34187f;

    /* renamed from: g, reason: collision with root package name */
    private final ClientAuth f34188g;

    /* renamed from: h, reason: collision with root package name */
    private final SSLContext f34189h;

    /* renamed from: i, reason: collision with root package name */
    private final boolean f34190i;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes4.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f34191a;

        /* renamed from: b, reason: collision with root package name */
        static final /* synthetic */ int[] f34192b;

        /* renamed from: c, reason: collision with root package name */
        static final /* synthetic */ int[] f34193c;

        /* renamed from: d, reason: collision with root package name */
        static final /* synthetic */ int[] f34194d;

        static {
            int[] iArr = new int[ApplicationProtocolConfig.Protocol.values().length];
            f34194d = iArr;
            try {
                iArr[ApplicationProtocolConfig.Protocol.NONE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f34194d[ApplicationProtocolConfig.Protocol.ALPN.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f34194d[ApplicationProtocolConfig.Protocol.NPN.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            int[] iArr2 = new int[ApplicationProtocolConfig.SelectedListenerFailureBehavior.values().length];
            f34193c = iArr2;
            try {
                iArr2[ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT.ordinal()] = 1;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                f34193c[ApplicationProtocolConfig.SelectedListenerFailureBehavior.FATAL_ALERT.ordinal()] = 2;
            } catch (NoSuchFieldError unused5) {
            }
            int[] iArr3 = new int[ApplicationProtocolConfig.SelectorFailureBehavior.values().length];
            f34192b = iArr3;
            try {
                iArr3[ApplicationProtocolConfig.SelectorFailureBehavior.FATAL_ALERT.ordinal()] = 1;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                f34192b[ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE.ordinal()] = 2;
            } catch (NoSuchFieldError unused7) {
            }
            int[] iArr4 = new int[ClientAuth.values().length];
            f34191a = iArr4;
            try {
                iArr4[ClientAuth.OPTIONAL.ordinal()] = 1;
            } catch (NoSuchFieldError unused8) {
            }
            try {
                f34191a[ClientAuth.REQUIRE.ordinal()] = 2;
            } catch (NoSuchFieldError unused9) {
            }
        }
    }

    static {
        try {
            SSLContext sSLContext = SSLContext.getInstance(f34180k);
            sSLContext.init(null, null, null);
            SSLEngine createSSLEngine = sSLContext.createSSLEngine();
            String[] supportedProtocols = createSSLEngine.getSupportedProtocols();
            HashSet hashSet = new HashSet(supportedProtocols.length);
            for (String str : supportedProtocols) {
                hashSet.add(str);
            }
            ArrayList arrayList = new ArrayList();
            F0(hashSet, arrayList, "TLSv1.2", "TLSv1.1", "TLSv1");
            if (arrayList.isEmpty()) {
                f34181l = createSSLEngine.getEnabledProtocols();
            } else {
                f34181l = (String[]) arrayList.toArray(new String[arrayList.size()]);
            }
            String[] supportedCipherSuites = createSSLEngine.getSupportedCipherSuites();
            f34183n = new HashSet(supportedCipherSuites.length);
            for (String str2 : supportedCipherSuites) {
                f34183n.add(str2);
            }
            ArrayList arrayList2 = new ArrayList();
            F0(f34183n, arrayList2, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA");
            if (arrayList2.isEmpty()) {
                for (String str3 : createSSLEngine.getEnabledCipherSuites()) {
                    if (!str3.contains("_RC4_")) {
                        arrayList2.add(str3);
                    }
                }
            }
            List<String> unmodifiableList = Collections.unmodifiableList(arrayList2);
            f34182m = unmodifiableList;
            io.netty.util.internal.logging.c cVar = f34179j;
            if (cVar.isDebugEnabled()) {
                cVar.debug("Default protocols (JDK): {} ", Arrays.asList(f34181l));
                cVar.debug("Default cipher suites (JDK): {}", unmodifiableList);
            }
        } catch (Exception e2) {
            throw new Error("failed to initialize the default SSL context", e2);
        }
    }

    public i(SSLContext sSLContext, boolean z2, ClientAuth clientAuth) {
        this(sSLContext, z2, null, IdentityCipherSuiteFilter.f33938a, JdkDefaultApplicationProtocolNegotiator.f33952a, clientAuth, null, false);
    }

    public i(SSLContext sSLContext, boolean z2, Iterable<String> iterable, d dVar, ApplicationProtocolConfig applicationProtocolConfig, ClientAuth clientAuth) {
        this(sSLContext, z2, iterable, dVar, M0(applicationProtocolConfig, !z2), clientAuth, null, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public i(SSLContext sSLContext, boolean z2, Iterable<String> iterable, d dVar, g gVar, ClientAuth clientAuth, String[] strArr, boolean z3) {
        super(z3);
        this.f34187f = (g) ObjectUtil.b(gVar, "apn");
        this.f34188g = (ClientAuth) ObjectUtil.b(clientAuth, "clientAuth");
        String[] a2 = ((d) ObjectUtil.b(dVar, "cipherFilter")).a(iterable, f34182m, f34183n);
        this.f34185d = a2;
        this.f34184c = strArr == null ? f34181l : strArr;
        this.f34186e = Collections.unmodifiableList(Arrays.asList(a2));
        this.f34189h = (SSLContext) ObjectUtil.b(sSLContext, "sslContext");
        this.f34190i = z2;
    }

    private static void F0(Set<String> set, List<String> list, String... strArr) {
        for (String str : strArr) {
            if (set.contains(str)) {
                list.add(str);
            }
        }
    }

    @Deprecated
    protected static KeyManagerFactory I0(File file, File file2, String str, KeyManagerFactory keyManagerFactory) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidAlgorithmParameterException, CertificateException, KeyException, IOException {
        String property = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        if (property == null) {
            property = "SunX509";
        }
        return J0(file, property, file2, str, keyManagerFactory);
    }

    @Deprecated
    protected static KeyManagerFactory J0(File file, String str, File file2, String str2, KeyManagerFactory keyManagerFactory) throws KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidAlgorithmParameterException, IOException, CertificateException, KeyException, UnrecoverableKeyException {
        return SslContext.b(SslContext.C0(file), str, SslContext.z0(file2, str2), str2, keyManagerFactory);
    }

    private SSLEngine K0(SSLEngine sSLEngine) {
        sSLEngine.setEnabledCipherSuites(this.f34185d);
        sSLEngine.setEnabledProtocols(this.f34184c);
        sSLEngine.setUseClientMode(B());
        if (C()) {
            int i2 = a.f34191a[this.f34188g.ordinal()];
            if (i2 == 1) {
                sSLEngine.setWantClientAuth(true);
            } else if (i2 == 2) {
                sSLEngine.setNeedClientAuth(true);
            }
        }
        return this.f34187f.f().a(sSLEngine, this.f34187f, C());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static g M0(ApplicationProtocolConfig applicationProtocolConfig, boolean z2) {
        int i2;
        if (applicationProtocolConfig != null && (i2 = a.f34194d[applicationProtocolConfig.a().ordinal()]) != 1) {
            if (i2 == 2) {
                if (z2) {
                    int i3 = a.f34192b[applicationProtocolConfig.c().ordinal()];
                    if (i3 == 1) {
                        return new JdkAlpnApplicationProtocolNegotiator(true, (Iterable<String>) applicationProtocolConfig.d());
                    }
                    if (i3 == 2) {
                        return new JdkAlpnApplicationProtocolNegotiator(false, (Iterable<String>) applicationProtocolConfig.d());
                    }
                    throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.c() + " failure behavior");
                }
                int i4 = a.f34193c[applicationProtocolConfig.b().ordinal()];
                if (i4 == 1) {
                    return new JdkAlpnApplicationProtocolNegotiator(false, (Iterable<String>) applicationProtocolConfig.d());
                }
                if (i4 == 2) {
                    return new JdkAlpnApplicationProtocolNegotiator(true, (Iterable<String>) applicationProtocolConfig.d());
                }
                throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.b() + " failure behavior");
            }
            if (i2 != 3) {
                throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.a() + " protocol");
            }
            if (z2) {
                int i5 = a.f34193c[applicationProtocolConfig.b().ordinal()];
                if (i5 == 1) {
                    return new JdkNpnApplicationProtocolNegotiator(false, (Iterable<String>) applicationProtocolConfig.d());
                }
                if (i5 == 2) {
                    return new JdkNpnApplicationProtocolNegotiator(true, (Iterable<String>) applicationProtocolConfig.d());
                }
                throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.b() + " failure behavior");
            }
            int i6 = a.f34192b[applicationProtocolConfig.c().ordinal()];
            if (i6 == 1) {
                return new JdkNpnApplicationProtocolNegotiator(true, (Iterable<String>) applicationProtocolConfig.d());
            }
            if (i6 == 2) {
                return new JdkNpnApplicationProtocolNegotiator(false, (Iterable<String>) applicationProtocolConfig.d());
            }
            throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.c() + " failure behavior");
        }
        return JdkDefaultApplicationProtocolNegotiator.f33952a;
    }

    @Override // io.netty.handler.ssl.SslContext
    public final boolean B() {
        return this.f34190i;
    }

    @Override // io.netty.handler.ssl.SslContext
    /* renamed from: G0, reason: merged with bridge method [inline-methods] */
    public final g a() {
        return this.f34187f;
    }

    public final SSLContext L0() {
        return this.f34189h;
    }

    @Override // io.netty.handler.ssl.SslContext
    public final SSLEngine Y(io.netty.buffer.i iVar) {
        return K0(L0().createSSLEngine());
    }

    @Override // io.netty.handler.ssl.SslContext
    public final SSLEngine Z(io.netty.buffer.i iVar, String str, int i2) {
        return K0(L0().createSSLEngine(str, i2));
    }

    @Override // io.netty.handler.ssl.SslContext
    public final List<String> t() {
        return this.f34186e;
    }

    @Override // io.netty.handler.ssl.SslContext
    public final long u0() {
        return v0().getSessionCacheSize();
    }

    @Override // io.netty.handler.ssl.SslContext
    public final SSLSessionContext v0() {
        return C() ? L0().getServerSessionContext() : L0().getClientSessionContext();
    }

    @Override // io.netty.handler.ssl.SslContext
    public final long w0() {
        return v0().getSessionTimeout();
    }
}
