package defpackage;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CertPathBuilder;
import java.security.cert.CertPathValidator;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;

/* renamed from: yTb, reason: case insensitive filesystem */
/* loaded from: classes.dex */
public class C6411yTb extends ZSb {
    public static final TrustManager[] e = {new C6244xTb()};
    public static final AbstractC3914jTb f = AbstractC4258lTb.a((Class<?>) C6411yTb.class);
    public static final String g;
    public static final String h;
    public boolean C;
    public boolean D;
    public String F;
    public String I;
    public KeyStore J;
    public KeyStore K;
    public SSLContext M;
    public String m;
    public String n;
    public InputStream p;
    public String q;
    public String r;
    public String s;
    public InputStream u;
    public String x;
    public String z;
    public final Set<String> i = new LinkedHashSet();
    public Set<String> j = new LinkedHashSet();
    public final Set<String> k = new LinkedHashSet();
    public Set<String> l = new LinkedHashSet();
    public String o = "JKS";
    public String t = "JKS";
    public boolean v = false;
    public boolean w = false;
    public String y = "TLS";
    public String A = g;
    public String B = h;
    public int E = -1;
    public boolean G = false;
    public boolean H = false;
    public boolean L = true;
    public boolean N = true;

    static {
        g = Security.getProperty("ssl.KeyManagerFactory.algorithm") == null ? "SunX509" : Security.getProperty("ssl.KeyManagerFactory.algorithm");
        h = Security.getProperty("ssl.TrustManagerFactory.algorithm") != null ? Security.getProperty("ssl.TrustManagerFactory.algorithm") : "SunX509";
        String str = System.getProperty("user.home") + File.separator + ".keystore";
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // defpackage.ZSb
    public void a() {
        InputStream inputStream;
        Collection<? extends CRL> generateCRLs;
        SecureRandom secureRandom;
        KeyManager[] keyManagerArr;
        TrustManager[] trustManagerArr;
        String str;
        String str2;
        Certificate[] certificateArr;
        TrustManager[] trustManagerArr2;
        if (this.M == null) {
            if (this.J == null && this.p == null && this.m == null && this.K == null && this.u == null && this.r == null) {
                if (this.N) {
                    f.mo3923void("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!", new Object[0]);
                    trustManagerArr2 = e;
                } else {
                    trustManagerArr2 = null;
                }
                String str3 = this.z;
                SecureRandom secureRandom2 = str3 == null ? null : SecureRandom.getInstance(str3);
                String str4 = this.x;
                this.M = str4 == null ? SSLContext.getInstance(this.y) : SSLContext.getInstance(this.y, str4);
                this.M.init(null, trustManagerArr2, secureRandom2);
                return;
            }
            if (this.M == null) {
                if (this.J == null && this.p == null && this.m == null) {
                    throw new IllegalStateException("SSL doesn't have a valid keystore");
                }
                if (this.K == null && this.u == null && this.r == null) {
                    this.K = this.J;
                    this.r = this.m;
                    this.u = this.p;
                    this.t = this.o;
                    this.s = this.n;
                    this.B = this.A;
                }
                InputStream inputStream2 = this.p;
                if (inputStream2 != null && inputStream2 == this.u) {
                    try {
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        InputStream inputStream3 = this.p;
                        byte[] bArr = new byte[CSb.b];
                        while (true) {
                            int read = inputStream3.read(bArr, 0, CSb.b);
                            if (read < 0) {
                                break;
                            } else {
                                byteArrayOutputStream.write(bArr, 0, read);
                            }
                        }
                        this.p.close();
                        this.p = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                        this.u = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                    } catch (Exception e2) {
                        throw new IllegalStateException(e2);
                    }
                }
            }
            KeyStore keyStore = this.J;
            if (keyStore == null) {
                keyStore = internal(this.p, this.m, this.o, this.n, null);
            }
            KeyStore keyStore2 = this.K;
            if (keyStore2 == null) {
                keyStore2 = internal(this.u, this.r, this.t, this.s, null);
            }
            String str5 = this.F;
            if (str5 != null) {
                try {
                    inputStream = AbstractC5426sTb.a(str5).c();
                    try {
                        generateCRLs = CertificateFactory.getInstance("X.509").generateCRLs(inputStream);
                        if (inputStream != null) {
                            inputStream.close();
                        }
                    } catch (Throwable th) {
                        th = th;
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        throw th;
                    }
                } catch (Throwable th2) {
                    th = th2;
                    inputStream = null;
                }
            } else {
                generateCRLs = null;
            }
            if (this.C && keyStore != null) {
                if (this.q == null) {
                    ArrayList list = Collections.list(keyStore.aliases());
                    this.q = list.size() == 1 ? (String) list.get(0) : null;
                }
                String str6 = this.q;
                Certificate certificate = str6 != null ? keyStore.getCertificate(str6) : null;
                str = "";
                if (certificate == null) {
                    StringBuilder a = AbstractC1713Ul.a("No certificate found in the keystore");
                    if (this.q != null) {
                        StringBuilder a2 = AbstractC1713Ul.a(" for alias ");
                        a2.append(this.q);
                        str = a2.toString();
                    }
                    a.append(str);
                    throw new Exception(a.toString());
                }
                C5918vTb c5918vTb = new C5918vTb(keyStore2, generateCRLs);
                c5918vTb.e = this.E;
                c5918vTb.f = this.G;
                c5918vTb.g = this.H;
                String str7 = this.I;
                if (certificate instanceof X509Certificate) {
                    ((X509Certificate) certificate).checkValidity();
                    try {
                        str2 = keyStore.getCertificateAlias((X509Certificate) certificate);
                        if (str2 == null) {
                            try {
                                str2 = "JETTY" + String.format("%016X", Long.valueOf(C5918vTb.b.incrementAndGet()));
                                keyStore.setCertificateEntry(str2, certificate);
                            } catch (KeyStoreException e3) {
                                e = e3;
                                ((C4439mTb) C5918vTb.a).internal("", e);
                                StringBuilder a3 = AbstractC1713Ul.a("Unable to validate certificate");
                                a3.append(str2 != null ? AbstractC1713Ul.m1586new(" for alias [", str2, "]") : "");
                                a3.append(": ");
                                a3.append(e.getMessage());
                                throw new CertificateException(a3.toString(), e);
                            }
                        }
                        Certificate[] certificateChain = keyStore.getCertificateChain(str2);
                        if (certificateChain == null || certificateChain.length == 0) {
                            throw new IllegalStateException("Unable to retrieve certificate chain");
                        }
                        try {
                            ArrayList arrayList = new ArrayList();
                            int length = certificateChain.length;
                            int i = 0;
                            while (i < length) {
                                Certificate certificate2 = certificateChain[i];
                                if (certificate2 == null) {
                                    certificateArr = certificateChain;
                                } else {
                                    certificateArr = certificateChain;
                                    if (!(certificate2 instanceof X509Certificate)) {
                                        throw new IllegalStateException("Invalid certificate type in chain");
                                    }
                                    arrayList.add((X509Certificate) certificate2);
                                }
                                i++;
                                certificateChain = certificateArr;
                            }
                            if (arrayList.isEmpty()) {
                                throw new IllegalStateException("Invalid certificate chain");
                            }
                            X509CertSelector x509CertSelector = new X509CertSelector();
                            x509CertSelector.setCertificate((X509Certificate) arrayList.get(0));
                            PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(c5918vTb.c, x509CertSelector);
                            pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList)));
                            pKIXBuilderParameters.setMaxPathLength(c5918vTb.e);
                            pKIXBuilderParameters.setRevocationEnabled(true);
                            if (c5918vTb.d != null && !c5918vTb.d.isEmpty()) {
                                pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(c5918vTb.d)));
                            }
                            if (c5918vTb.g) {
                                Security.setProperty("ocsp.enable", "true");
                            }
                            if (c5918vTb.f) {
                                System.setProperty("com.sun.security.enableCRLDP", "true");
                            }
                            CertPathValidator.getInstance("PKIX").validate(CertPathBuilder.getInstance("PKIX").build(pKIXBuilderParameters).getCertPath(), pKIXBuilderParameters);
                        } catch (GeneralSecurityException e4) {
                            ((C4439mTb) C5918vTb.a).internal("", e4);
                            StringBuilder a4 = AbstractC1713Ul.a("Unable to validate certificate: ");
                            a4.append(e4.getMessage());
                            throw new CertificateException(a4.toString(), e4);
                        }
                    } catch (KeyStoreException e5) {
                        e = e5;
                        str2 = null;
                    }
                }
            }
            if (keyStore != null) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.A);
                secureRandom = null;
                keyManagerFactory.init(keyStore, null);
                keyManagerArr = keyManagerFactory.getKeyManagers();
                if (this.q != null) {
                    for (int i2 = 0; i2 < keyManagerArr.length; i2++) {
                        if (keyManagerArr[i2] instanceof X509KeyManager) {
                            keyManagerArr[i2] = new C6081wTb(this.q, (X509KeyManager) keyManagerArr[i2]);
                        }
                    }
                }
            } else {
                secureRandom = null;
                keyManagerArr = null;
            }
            if (keyStore2 == null) {
                trustManagerArr = secureRandom;
            } else if (this.D && this.B.equalsIgnoreCase("PKIX")) {
                PKIXBuilderParameters pKIXBuilderParameters2 = new PKIXBuilderParameters(keyStore2, new X509CertSelector());
                pKIXBuilderParameters2.setMaxPathLength(this.E);
                pKIXBuilderParameters2.setRevocationEnabled(true);
                if (generateCRLs != null && !generateCRLs.isEmpty()) {
                    pKIXBuilderParameters2.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(generateCRLs)));
                }
                if (this.G) {
                    System.setProperty("com.sun.security.enableCRLDP", "true");
                }
                if (this.H) {
                    Security.setProperty("ocsp.enable", "true");
                    String str8 = this.I;
                    if (str8 != null) {
                        Security.setProperty("ocsp.responderURL", str8);
                    }
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.B);
                trustManagerFactory.init(new CertPathTrustManagerParameters(pKIXBuilderParameters2));
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } else {
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(this.B);
                trustManagerFactory2.init(keyStore2);
                trustManagerArr = trustManagerFactory2.getTrustManagers();
            }
            String str9 = this.z;
            if (str9 != null) {
                secureRandom = SecureRandom.getInstance(str9);
            }
            String str10 = this.x;
            this.M = str10 == null ? SSLContext.getInstance(this.y) : SSLContext.getInstance(this.y, str10);
            this.M.init(keyManagerArr, trustManagerArr, secureRandom);
            SSLEngine createSSLEngine = this.M.createSSLEngine();
            internal(createSSLEngine);
            f.mo3919break("Enabled Protocols {} of {}", Arrays.asList(createSSLEngine.getEnabledProtocols()), Arrays.asList(createSSLEngine.getSupportedProtocols()));
            if (f.a()) {
                f.mo3923void("Enabled Ciphers   {} of {}", Arrays.asList(createSSLEngine.getEnabledCipherSuites()), Arrays.asList(createSSLEngine.getSupportedCipherSuites()));
            }
        }
    }

    public String[] fun(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.j.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.j) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        Set<String> set = this.i;
        if (set != null) {
            linkedHashSet.removeAll(set);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    @Deprecated
    public KeyStore internal(InputStream inputStream, String str, String str2, String str3, String str4) {
        char[] cArr = null;
        if (inputStream == null && str == null) {
            return null;
        }
        if (inputStream == null) {
            try {
                inputStream = AbstractC5426sTb.a(str).c();
            } catch (Throwable th) {
                if (inputStream != null) {
                    inputStream.close();
                }
                throw th;
            }
        }
        KeyStore keyStore = str3 != null ? KeyStore.getInstance(str2, str3) : KeyStore.getInstance(str2);
        if (str4 != null) {
            cArr = str4.toCharArray();
        }
        keyStore.load(inputStream, cArr);
        if (inputStream == null) {
            return keyStore;
        }
        inputStream.close();
        return keyStore;
    }

    public void internal(SSLEngine sSLEngine) {
        boolean z = this.w;
        if (z) {
            sSLEngine.setWantClientAuth(z);
        }
        boolean z2 = this.v;
        if (z2) {
            sSLEngine.setNeedClientAuth(z2);
        }
        sSLEngine.setEnabledCipherSuites(internal(sSLEngine.getEnabledCipherSuites(), sSLEngine.getSupportedCipherSuites()));
        sSLEngine.setEnabledProtocols(fun(sSLEngine.getEnabledProtocols(), sSLEngine.getSupportedProtocols()));
    }

    public String[] internal(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.l.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.l) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        Set<String> set = this.k;
        if (set != null) {
            linkedHashSet.removeAll(set);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public String toString() {
        return String.format("%s@%x(%s,%s)", C6411yTb.class.getSimpleName(), Integer.valueOf(hashCode()), this.m, this.r);
    }
}
