package io.netty.handler.ssl;

import java.io.File;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes.dex */
public abstract class an {
    static final CertificateFactory h;

    /* renamed from: a, reason: collision with root package name */
    private final boolean f1198a;

    static {
        try {
            h = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e) {
            throw new IllegalStateException("unable to instance X.509 CertificateFactory", e);
        }
    }

    protected an() {
        this(false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public an(boolean z) {
        this.f1198a = z;
    }

    private static SslProvider a() {
        return r.a() ? SslProvider.OPENSSL : SslProvider.JDK;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static an a(SslProvider sslProvider, X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, d dVar, ApplicationProtocolConfig applicationProtocolConfig, long j, long j2) {
        SslProvider h2 = sslProvider == null ? h() : sslProvider;
        switch (h2) {
            case JDK:
                return new m(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, dVar, applicationProtocolConfig, j, j2);
            case OPENSSL:
                return new t(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, dVar, applicationProtocolConfig, j, j2);
            case OPENSSL_REFCNT:
                return new ai(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, dVar, applicationProtocolConfig, j, j2);
            default:
                throw new Error(h2.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static an a(SslProvider sslProvider, X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, d dVar, ApplicationProtocolConfig applicationProtocolConfig, long j, long j2, ClientAuth clientAuth, boolean z) {
        SslProvider g = sslProvider == null ? g() : sslProvider;
        switch (g) {
            case JDK:
                return new p(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, dVar, applicationProtocolConfig, j, j2, clientAuth, z);
            case OPENSSL:
                return new ab(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, dVar, applicationProtocolConfig, j, j2, clientAuth, z);
            case OPENSSL_REFCNT:
                return new ak(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, dVar, applicationProtocolConfig, j, j2, clientAuth, z);
            default:
                throw new Error(g.toString());
        }
    }

    static KeyStore a(X509Certificate[] x509CertificateArr, PrivateKey privateKey, char[] cArr) {
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(null, null);
        keyStore.setKeyEntry("key", privateKey, cArr, x509CertificateArr);
        return keyStore;
    }

    private static PrivateKey a(io.netty.buffer.h hVar, String str) {
        byte[] bArr = new byte[hVar.f()];
        hVar.a(bArr).B();
        PKCS8EncodedKeySpec a2 = a(str == null ? null : str.toCharArray(), bArr);
        try {
            try {
                try {
                    return KeyFactory.getInstance("RSA").generatePrivate(a2);
                } catch (InvalidKeySpecException unused) {
                    return KeyFactory.getInstance("DSA").generatePrivate(a2);
                }
            } catch (InvalidKeySpecException e) {
                throw new InvalidKeySpecException("Neither RSA, DSA nor EC worked", e);
            }
        } catch (InvalidKeySpecException unused2) {
            return KeyFactory.getInstance("EC").generatePrivate(a2);
        }
    }

    static PrivateKey a(File file, String str) {
        if (file == null) {
            return null;
        }
        return a(ag.b(file), str);
    }

    protected static PKCS8EncodedKeySpec a(char[] cArr, byte[] bArr) {
        if (cArr == null) {
            return new PKCS8EncodedKeySpec(bArr);
        }
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(bArr);
        SecretKey generateSecret = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(cArr));
        Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
        cipher.init(2, generateSecret, encryptedPrivateKeyInfo.getAlgParameters());
        return encryptedPrivateKeyInfo.getKeySpec(cipher);
    }

    static KeyManagerFactory a(X509Certificate[] x509CertificateArr, String str, PrivateKey privateKey, String str2, KeyManagerFactory keyManagerFactory) {
        char[] charArray = str2 == null ? io.netty.util.internal.c.b : str2.toCharArray();
        KeyStore a2 = a(x509CertificateArr, privateKey, charArray);
        if (keyManagerFactory == null) {
            keyManagerFactory = KeyManagerFactory.getInstance(str);
        }
        keyManagerFactory.init(a2, charArray);
        return keyManagerFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyManagerFactory a(X509Certificate[] x509CertificateArr, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory) {
        String property = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        if (property == null) {
            property = "SunX509";
        }
        return a(x509CertificateArr, property, privateKey, str, keyManagerFactory);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static TrustManagerFactory a(X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory) {
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(null, null);
        int i = 1;
        for (X509Certificate x509Certificate : x509CertificateArr) {
            keyStore.setCertificateEntry(Integer.toString(i), x509Certificate);
            i++;
        }
        if (trustManagerFactory == null) {
            trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        }
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    static X509Certificate[] a(File file) {
        if (file == null) {
            return null;
        }
        return a(ag.a(file));
    }

    private static X509Certificate[] a(io.netty.buffer.h[] hVarArr) {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        X509Certificate[] x509CertificateArr = new X509Certificate[hVarArr.length];
        int i = 0;
        while (i < hVarArr.length) {
            try {
                io.netty.buffer.k kVar = new io.netty.buffer.k(hVarArr[i], true);
                try {
                    x509CertificateArr[i] = (X509Certificate) certificateFactory.generateCertificate(kVar);
                    try {
                        kVar.close();
                        i++;
                    } catch (IOException e) {
                        throw new RuntimeException(e);
                    }
                } catch (Throwable th) {
                    try {
                        kVar.close();
                        throw th;
                    } catch (IOException e2) {
                        throw new RuntimeException(e2);
                    }
                }
            } finally {
                while (i < hVarArr.length) {
                    hVarArr[i].B();
                    i++;
                }
            }
        }
        return x509CertificateArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PrivateKey b(File file, String str) {
        try {
            return a(file, str);
        } catch (Exception e) {
            throw new SSLException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Certificate[] b(File file) {
        try {
            return a(file);
        } catch (CertificateException e) {
            throw new SSLException(e);
        }
    }

    public static SslProvider g() {
        return a();
    }

    public static SslProvider h() {
        return a();
    }

    public abstract SSLEngine a(io.netty.buffer.i iVar);

    public abstract SSLEngine a(io.netty.buffer.i iVar, String str, int i);

    public abstract boolean b();

    public final boolean i() {
        return !b();
    }
}
