package io.netty.handler.ssl;

import io.netty.buffer.ByteBufAllocator;
import io.netty.util.internal.EmptyArrays;
import io.netty.util.internal.ObjectUtil;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.File;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.crypto.NoSuchPaddingException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSessionContext;

/* loaded from: classes.dex */
public abstract class JdkSslContext extends SslContext {

    /* renamed from: ˊ, reason: contains not printable characters */
    private static final InternalLogger f2016 = InternalLoggerFactory.getInstance((Class<?>) JdkSslContext.class);

    /* renamed from: ˎ, reason: contains not printable characters */
    private static String[] f2017;

    /* renamed from: ˏ, reason: contains not printable characters */
    private static List<String> f2018;

    /* renamed from: ᐝ, reason: contains not printable characters */
    private static Set<String> f2019;

    /* renamed from: ʻ, reason: contains not printable characters */
    private final String[] f2020;

    /* renamed from: ʼ, reason: contains not printable characters */
    private final List<String> f2021;

    /* renamed from: ʽ, reason: contains not printable characters */
    private final JdkApplicationProtocolNegotiator f2022;

    /* JADX WARN: Type inference failed for: r3v5, types: [java.util.HashSet, java.util.Set<java.lang.String>] */
    static {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, null, null);
            SSLEngine createSSLEngine = sSLContext.createSSLEngine();
            String[] supportedProtocols = createSSLEngine.getSupportedProtocols();
            HashSet hashSet = new HashSet(supportedProtocols.length);
            for (String str : supportedProtocols) {
                hashSet.add(str);
            }
            ArrayList arrayList = new ArrayList();
            m773(hashSet, arrayList, "TLSv1.2", "TLSv1.1", "TLSv1");
            if (arrayList.isEmpty()) {
                f2017 = createSSLEngine.getEnabledProtocols();
            } else {
                f2017 = (String[]) arrayList.toArray(new String[arrayList.size()]);
            }
            String[] supportedCipherSuites = createSSLEngine.getSupportedCipherSuites();
            f2019 = new HashSet(supportedCipherSuites.length);
            for (String str2 : supportedCipherSuites) {
                f2019.add(str2);
            }
            ArrayList arrayList2 = new ArrayList();
            m773((Set<String>) f2019, arrayList2, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA");
            if (arrayList2.isEmpty()) {
                for (String str3 : createSSLEngine.getEnabledCipherSuites()) {
                    if (!str3.contains("_RC4_")) {
                        arrayList2.add(str3);
                    }
                }
            }
            f2018 = Collections.unmodifiableList(arrayList2);
            if (f2016.isDebugEnabled()) {
                f2016.debug("Default protocols (JDK): {} ", Arrays.asList(f2017));
                f2016.debug("Default cipher suites (JDK): {}", f2018);
            }
        } catch (Exception e) {
            throw new Error("failed to initialize the default SSL context", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JdkSslContext(Iterable<String> iterable, CipherSuiteFilter cipherSuiteFilter, JdkApplicationProtocolNegotiator jdkApplicationProtocolNegotiator) {
        this.f2022 = (JdkApplicationProtocolNegotiator) ObjectUtil.checkNotNull(jdkApplicationProtocolNegotiator, "apn");
        this.f2020 = ((CipherSuiteFilter) ObjectUtil.checkNotNull(cipherSuiteFilter, "cipherFilter")).filterCipherSuites(iterable, f2018, f2019);
        this.f2021 = Collections.unmodifiableList(Arrays.asList(this.f2020));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static KeyManagerFactory buildKeyManagerFactory(File file, File file2, String str, KeyManagerFactory keyManagerFactory) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidAlgorithmParameterException, CertificateException, KeyException, IOException {
        String property = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        if (property == null) {
            property = "SunX509";
        }
        return buildKeyManagerFactory(file, property, file2, str, keyManagerFactory);
    }

    protected static KeyManagerFactory buildKeyManagerFactory(File file, String str, File file2, String str2, KeyManagerFactory keyManagerFactory) throws KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidAlgorithmParameterException, IOException, CertificateException, KeyException, UnrecoverableKeyException {
        char[] charArray = str2 == null ? EmptyArrays.EMPTY_CHARS : str2.toCharArray();
        KeyStore keyStore = m804(file, file2, charArray);
        if (keyManagerFactory == null) {
            keyManagerFactory = KeyManagerFactory.getInstance(str);
        }
        keyManagerFactory.init(keyStore, charArray);
        return keyManagerFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: ˊ, reason: contains not printable characters */
    public static JdkApplicationProtocolNegotiator m772(ApplicationProtocolConfig applicationProtocolConfig, boolean z) {
        if (applicationProtocolConfig == null) {
            return C0413iF.f2192;
        }
        switch (applicationProtocolConfig.protocol()) {
            case NONE:
                return C0413iF.f2192;
            case ALPN:
                if (z) {
                    switch (applicationProtocolConfig.selectorFailureBehavior()) {
                        case FATAL_ALERT:
                            return new JdkAlpnApplicationProtocolNegotiator(true, (Iterable<String>) applicationProtocolConfig.supportedProtocols());
                        case NO_ADVERTISE:
                            return new JdkAlpnApplicationProtocolNegotiator(false, (Iterable<String>) applicationProtocolConfig.supportedProtocols());
                        default:
                            throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.selectorFailureBehavior() + " failure behavior");
                    }
                }
                switch (applicationProtocolConfig.selectedListenerFailureBehavior()) {
                    case ACCEPT:
                        return new JdkAlpnApplicationProtocolNegotiator(false, (Iterable<String>) applicationProtocolConfig.supportedProtocols());
                    case FATAL_ALERT:
                        return new JdkAlpnApplicationProtocolNegotiator(true, (Iterable<String>) applicationProtocolConfig.supportedProtocols());
                    default:
                        throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.selectedListenerFailureBehavior() + " failure behavior");
                }
            case NPN:
                if (z) {
                    switch (applicationProtocolConfig.selectedListenerFailureBehavior()) {
                        case ACCEPT:
                            return new JdkNpnApplicationProtocolNegotiator(false, (Iterable<String>) applicationProtocolConfig.supportedProtocols());
                        case FATAL_ALERT:
                            return new JdkNpnApplicationProtocolNegotiator(true, (Iterable<String>) applicationProtocolConfig.supportedProtocols());
                        default:
                            throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.selectedListenerFailureBehavior() + " failure behavior");
                    }
                }
                switch (applicationProtocolConfig.selectorFailureBehavior()) {
                    case FATAL_ALERT:
                        return new JdkNpnApplicationProtocolNegotiator(true, (Iterable<String>) applicationProtocolConfig.supportedProtocols());
                    case NO_ADVERTISE:
                        return new JdkNpnApplicationProtocolNegotiator(false, (Iterable<String>) applicationProtocolConfig.supportedProtocols());
                    default:
                        throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.selectorFailureBehavior() + " failure behavior");
                }
            default:
                throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.protocol() + " protocol");
        }
    }

    /* renamed from: ˊ, reason: contains not printable characters */
    private static void m773(Set<String> set, List<String> list, String... strArr) {
        for (String str : strArr) {
            if (set.contains(str)) {
                list.add(str);
            }
        }
    }

    @Override // io.netty.handler.ssl.SslContext
    public JdkApplicationProtocolNegotiator applicationProtocolNegotiator() {
        return this.f2022;
    }

    @Override // io.netty.handler.ssl.SslContext
    public final List<String> cipherSuites() {
        return this.f2021;
    }

    public abstract SSLContext context();

    @Override // io.netty.handler.ssl.SslContext
    public final SSLEngine newEngine(ByteBufAllocator byteBufAllocator) {
        SSLEngine createSSLEngine = context().createSSLEngine();
        createSSLEngine.setEnabledCipherSuites(this.f2020);
        createSSLEngine.setEnabledProtocols(f2017);
        createSSLEngine.setUseClientMode(isClient());
        return this.f2022.wrapperFactory().wrapSslEngine(createSSLEngine, this.f2022, isServer());
    }

    @Override // io.netty.handler.ssl.SslContext
    public final SSLEngine newEngine(ByteBufAllocator byteBufAllocator, String str, int i) {
        SSLEngine createSSLEngine = context().createSSLEngine(str, i);
        createSSLEngine.setEnabledCipherSuites(this.f2020);
        createSSLEngine.setEnabledProtocols(f2017);
        createSSLEngine.setUseClientMode(isClient());
        return this.f2022.wrapperFactory().wrapSslEngine(createSSLEngine, this.f2022, isServer());
    }

    @Override // io.netty.handler.ssl.SslContext
    public final long sessionCacheSize() {
        return sessionContext().getSessionCacheSize();
    }

    @Override // io.netty.handler.ssl.SslContext
    public final SSLSessionContext sessionContext() {
        return isServer() ? context().getServerSessionContext() : context().getClientSessionContext();
    }

    @Override // io.netty.handler.ssl.SslContext
    public final long sessionTimeout() {
        return sessionContext().getSessionTimeout();
    }
}
