package org.eclipse.jetty.util.ssl;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.security.InvalidParameterException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.eclipse.jetty.util.l;
import org.eclipse.jetty.util.log.d;
import org.eclipse.jetty.util.log.e;
import org.eclipse.jetty.util.security.f;

/* compiled from: SslContextFactory.java */
/* loaded from: classes8.dex */
public class c extends org.eclipse.jetty.util.component.a {

    /* renamed from: q1, reason: collision with root package name */
    public static final TrustManager[] f94143q1 = {new a()};

    /* renamed from: r1, reason: collision with root package name */
    private static final e f94144r1 = d.f(c.class);

    /* renamed from: s1, reason: collision with root package name */
    public static final String f94145s1;

    /* renamed from: t1, reason: collision with root package name */
    public static final String f94146t1;

    /* renamed from: u1, reason: collision with root package name */
    public static final String f94147u1;

    /* renamed from: v1, reason: collision with root package name */
    public static final String f94148v1 = "org.eclipse.jetty.ssl.keypassword";

    /* renamed from: w1, reason: collision with root package name */
    public static final String f94149w1 = "org.eclipse.jetty.ssl.password";
    private String A;
    private InputStream B;
    private boolean C;
    private boolean D;
    private boolean E;
    private transient f F;
    private transient f G;
    private transient f H;
    private String I;
    private String J;
    private String K;
    private String L;
    private String M;
    private boolean N;
    private boolean O;
    private int P;
    private String Q;
    private boolean R;
    private boolean S;
    private String T;
    private KeyStore U;
    private KeyStore V;
    private boolean W;

    /* renamed from: m1, reason: collision with root package name */
    private int f94150m1;

    /* renamed from: n1, reason: collision with root package name */
    private int f94151n1;

    /* renamed from: o1, reason: collision with root package name */
    private SSLContext f94152o1;

    /* renamed from: p, reason: collision with root package name */
    private final Set<String> f94153p;

    /* renamed from: p1, reason: collision with root package name */
    private boolean f94154p1;

    /* renamed from: q, reason: collision with root package name */
    private Set<String> f94155q;

    /* renamed from: r, reason: collision with root package name */
    private final Set<String> f94156r;

    /* renamed from: s, reason: collision with root package name */
    private Set<String> f94157s;

    /* renamed from: t, reason: collision with root package name */
    private String f94158t;

    /* renamed from: u, reason: collision with root package name */
    private String f94159u;

    /* renamed from: v, reason: collision with root package name */
    private String f94160v;

    /* renamed from: w, reason: collision with root package name */
    private InputStream f94161w;

    /* renamed from: x, reason: collision with root package name */
    private String f94162x;

    /* renamed from: y, reason: collision with root package name */
    private String f94163y;

    /* renamed from: z, reason: collision with root package name */
    private String f94164z;

    /* compiled from: SslContextFactory.java */
    /* loaded from: classes8.dex */
    static class a implements X509TrustManager {
        a() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static {
        f94145s1 = Security.getProperty(pk.a.f99247y) == null ? "SunX509" : Security.getProperty(pk.a.f99247y);
        f94146t1 = Security.getProperty(pk.a.f99248z) != null ? Security.getProperty(pk.a.f99248z) : "SunX509";
        f94147u1 = System.getProperty("user.home") + File.separator + ".keystore";
    }

    public c() {
        this.f94153p = new LinkedHashSet();
        this.f94155q = new LinkedHashSet();
        this.f94156r = new LinkedHashSet();
        this.f94157s = new LinkedHashSet();
        this.f94160v = m0.e.f88444b;
        this.A = m0.e.f88444b;
        this.C = false;
        this.D = false;
        this.E = true;
        this.J = pk.a.A;
        this.L = f94145s1;
        this.M = f94146t1;
        this.P = -1;
        this.R = false;
        this.S = false;
        this.W = true;
        this.f94154p1 = true;
    }

    public c(String str) {
        this.f94153p = new LinkedHashSet();
        this.f94155q = new LinkedHashSet();
        this.f94156r = new LinkedHashSet();
        this.f94157s = new LinkedHashSet();
        this.f94160v = m0.e.f88444b;
        this.A = m0.e.f88444b;
        this.C = false;
        this.D = false;
        this.E = true;
        this.J = pk.a.A;
        this.L = f94145s1;
        this.M = f94146t1;
        this.P = -1;
        this.R = false;
        this.S = false;
        this.W = true;
        this.f94158t = str;
    }

    public c(boolean z10) {
        this.f94153p = new LinkedHashSet();
        this.f94155q = new LinkedHashSet();
        this.f94156r = new LinkedHashSet();
        this.f94157s = new LinkedHashSet();
        this.f94160v = m0.e.f88444b;
        this.A = m0.e.f88444b;
        this.C = false;
        this.D = false;
        this.E = true;
        this.J = pk.a.A;
        this.L = f94145s1;
        this.M = f94146t1;
        this.P = -1;
        this.R = false;
        this.S = false;
        this.W = true;
        this.f94154p1 = z10;
    }

    protected Collection<? extends CRL> A3(String str) throws Exception {
        return org.eclipse.jetty.util.security.b.b(str);
    }

    protected KeyStore B3() throws Exception {
        KeyStore keyStore = this.U;
        if (keyStore != null) {
            return keyStore;
        }
        InputStream inputStream = this.f94161w;
        String str = this.f94158t;
        String str2 = this.f94160v;
        String str3 = this.f94159u;
        f fVar = this.F;
        return e3(inputStream, str, str2, str3, fVar == null ? null : fVar.toString());
    }

    public boolean C0() {
        return this.E;
    }

    protected KeyStore C3() throws Exception {
        KeyStore keyStore = this.V;
        if (keyStore != null) {
            return keyStore;
        }
        InputStream inputStream = this.B;
        String str = this.f94163y;
        String str2 = this.A;
        String str3 = this.f94164z;
        f fVar = this.H;
        return e3(inputStream, str, str2, str3, fVar == null ? null : fVar.toString());
    }

    public void D1(boolean z10) {
        W2();
        this.E = z10;
    }

    public SSLEngine D3() {
        SSLEngine createSSLEngine = this.f94152o1.createSSLEngine();
        X2(createSSLEngine);
        return createSSLEngine;
    }

    public SSLEngine E3(String str, int i10) {
        SSLEngine createSSLEngine = w3() ? this.f94152o1.createSSLEngine(str, i10) : this.f94152o1.createSSLEngine();
        X2(createSSLEngine);
        return createSSLEngine;
    }

    public SSLServerSocket F3(String str, int i10, int i11) throws IOException {
        SSLServerSocketFactory serverSocketFactory = this.f94152o1.getServerSocketFactory();
        SSLServerSocket sSLServerSocket = (SSLServerSocket) (str == null ? serverSocketFactory.createServerSocket(i10, i11) : serverSocketFactory.createServerSocket(i10, i11, InetAddress.getByName(str)));
        if (U1()) {
            sSLServerSocket.setWantClientAuth(U1());
        }
        if (a2()) {
            sSLServerSocket.setNeedClientAuth(a2());
        }
        sSLServerSocket.setEnabledCipherSuites(H3(sSLServerSocket.getEnabledCipherSuites(), sSLServerSocket.getSupportedCipherSuites()));
        sSLServerSocket.setEnabledProtocols(I3(sSLServerSocket.getEnabledProtocols(), sSLServerSocket.getSupportedProtocols()));
        return sSLServerSocket;
    }

    public SSLSocket G3() throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.f94152o1.getSocketFactory().createSocket();
        if (U1()) {
            sSLSocket.setWantClientAuth(U1());
        }
        if (a2()) {
            sSLSocket.setNeedClientAuth(a2());
        }
        sSLSocket.setEnabledCipherSuites(H3(sSLSocket.getEnabledCipherSuites(), sSLSocket.getSupportedCipherSuites()));
        sSLSocket.setEnabledProtocols(I3(sSLSocket.getEnabledProtocols(), sSLSocket.getSupportedProtocols()));
        return sSLSocket;
    }

    public String[] H3(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.f94157s.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.f94157s) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        Set<String> set = this.f94156r;
        if (set != null) {
            linkedHashSet.removeAll(set);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public String[] I3(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.f94155q.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.f94155q) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        Set<String> set = this.f94153p;
        if (set != null) {
            linkedHashSet.removeAll(set);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public void J3(String str) {
        W2();
        this.f94162x = str;
    }

    public void K1(String str) {
        W2();
        this.L = str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.jetty.util.component.a
    public void K2() throws Exception {
        String str;
        TrustManager[] trustManagerArr;
        if (this.f94152o1 == null) {
            if (this.U == null && this.f94161w == null && this.f94158t == null && this.V == null && this.B == null && this.f94163y == null) {
                if (this.f94154p1) {
                    f94144r1.debug("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!", new Object[0]);
                    trustManagerArr = f94143q1;
                } else {
                    trustManagerArr = null;
                }
                String str2 = this.K;
                SecureRandom secureRandom = str2 == null ? null : SecureRandom.getInstance(str2);
                String str3 = this.I;
                SSLContext sSLContext = str3 == null ? SSLContext.getInstance(this.J) : SSLContext.getInstance(this.J, str3);
                this.f94152o1 = sSLContext;
                sSLContext.init(null, trustManagerArr, secureRandom);
                return;
            }
            V2();
            KeyStore B3 = B3();
            KeyStore C3 = C3();
            Collection<? extends CRL> A3 = A3(this.Q);
            if (this.N && B3 != null) {
                if (this.f94162x == null) {
                    ArrayList list = Collections.list(B3.aliases());
                    this.f94162x = list.size() == 1 ? (String) list.get(0) : null;
                }
                String str4 = this.f94162x;
                Certificate certificate = str4 == null ? null : B3.getCertificate(str4);
                if (certificate == null) {
                    StringBuilder sb2 = new StringBuilder();
                    sb2.append("No certificate found in the keystore");
                    if (this.f94162x == null) {
                        str = "";
                    } else {
                        str = " for alias " + this.f94162x;
                    }
                    sb2.append(str);
                    throw new Exception(sb2.toString());
                }
                org.eclipse.jetty.util.security.c cVar = new org.eclipse.jetty.util.security.c(C3, A3);
                cVar.i(this.P);
                cVar.g(this.R);
                cVar.h(this.S);
                cVar.j(this.T);
                cVar.m(B3, certificate);
            }
            KeyManager[] c32 = c3(B3);
            TrustManager[] o32 = o3(C3, A3);
            String str5 = this.K;
            SecureRandom secureRandom2 = str5 != null ? SecureRandom.getInstance(str5) : null;
            String str6 = this.I;
            SSLContext sSLContext2 = str6 == null ? SSLContext.getInstance(this.J) : SSLContext.getInstance(this.J, str6);
            this.f94152o1 = sSLContext2;
            sSLContext2.init(c32, o32, secureRandom2);
            SSLEngine D3 = D3();
            e eVar = f94144r1;
            eVar.info("Enabled Protocols {} of {}", Arrays.asList(D3.getEnabledProtocols()), Arrays.asList(D3.getSupportedProtocols()));
            if (eVar.isDebugEnabled()) {
                eVar.debug("Enabled Ciphers   {} of {}", Arrays.asList(D3.getEnabledCipherSuites()), Arrays.asList(D3.getSupportedCipherSuites()));
            }
        }
    }

    public void K3(String str) {
        W2();
        this.Q = str;
    }

    public String L() {
        return this.K;
    }

    public void L3(boolean z10) {
        W2();
        this.R = z10;
    }

    public void M3(boolean z10) {
        W2();
        this.S = z10;
    }

    public void N3(String... strArr) {
        W2();
        this.f94153p.clear();
        this.f94153p.addAll(Arrays.asList(strArr));
    }

    public String O() {
        return this.I;
    }

    public void O3(String... strArr) {
        W2();
        this.f94155q.clear();
        this.f94155q.addAll(Arrays.asList(strArr));
    }

    public String[] P0() {
        Set<String> set = this.f94156r;
        return (String[]) set.toArray(new String[set.size()]);
    }

    public void P3(String str) {
        W2();
        this.G = f.e("org.eclipse.jetty.ssl.keypassword", str, null);
    }

    @Deprecated
    public void Q3(String str) {
        W2();
        this.f94158t = str;
    }

    public void R3(KeyStore keyStore) {
        W2();
        this.U = keyStore;
    }

    @Deprecated
    public void S3(InputStream inputStream) {
        W2();
        this.f94161w = inputStream;
    }

    public void T2(String... strArr) {
        W2();
        this.f94156r.addAll(Arrays.asList(strArr));
    }

    public void T3(String str) {
        W2();
        this.F = f.e("org.eclipse.jetty.ssl.password", str, null);
    }

    public boolean U1() {
        return this.D;
    }

    public void U2(String... strArr) {
        W2();
        this.f94153p.addAll(Arrays.asList(strArr));
    }

    public void U3(String str) {
        W2();
        this.f94158t = str;
    }

    public void V2() {
        if (this.f94152o1 != null) {
            return;
        }
        KeyStore keyStore = this.U;
        if (keyStore == null && this.f94161w == null && this.f94158t == null) {
            throw new IllegalStateException("SSL doesn't have a valid keystore");
        }
        if (this.V == null && this.B == null && this.f94163y == null) {
            this.V = keyStore;
            this.f94163y = this.f94158t;
            this.B = this.f94161w;
            this.A = this.f94160v;
            this.f94164z = this.f94159u;
            this.H = this.F;
            this.M = this.L;
        }
        InputStream inputStream = this.f94161w;
        if (inputStream == null || inputStream != this.B) {
            return;
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            l.h(this.f94161w, byteArrayOutputStream);
            this.f94161w.close();
            this.f94161w = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            this.B = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
        } catch (Exception e2) {
            throw new IllegalStateException(e2);
        }
    }

    public void V3(String str) {
        W2();
        this.f94159u = str;
    }

    protected void W2() {
        if (isStarted()) {
            throw new IllegalStateException("Cannot modify configuration when " + M2());
        }
    }

    public void W3(org.eclipse.jetty.util.resource.e eVar) {
        W2();
        try {
            this.f94161w = eVar.k();
        } catch (IOException unused) {
            throw new InvalidParameterException("Unable to get resource input stream for resource " + eVar.toString());
        }
    }

    public void X2(SSLEngine sSLEngine) {
        if (U1()) {
            sSLEngine.setWantClientAuth(U1());
        }
        if (a2()) {
            sSLEngine.setNeedClientAuth(a2());
        }
        sSLEngine.setEnabledCipherSuites(H3(sSLEngine.getEnabledCipherSuites(), sSLEngine.getSupportedCipherSuites()));
        sSLEngine.setEnabledProtocols(I3(sSLEngine.getEnabledProtocols(), sSLEngine.getSupportedProtocols()));
    }

    public void X3(String str) {
        W2();
        this.f94160v = str;
    }

    public void Y0(String... strArr) {
        W2();
        this.f94156r.clear();
        this.f94156r.addAll(Arrays.asList(strArr));
    }

    public void Y1(String str) {
        W2();
        this.J = str;
    }

    public String Y2() {
        return this.f94162x;
    }

    public void Y3(int i10) {
        W2();
        this.P = i10;
    }

    public String Z2() {
        return this.Q;
    }

    public void Z3(String str) {
        W2();
        this.T = str;
    }

    public boolean a2() {
        return this.C;
    }

    public String[] a3() {
        Set<String> set = this.f94153p;
        return (String[]) set.toArray(new String[set.size()]);
    }

    public void a4(boolean z10) {
        this.W = z10;
    }

    public String[] b3() {
        Set<String> set = this.f94155q;
        return (String[]) set.toArray(new String[set.size()]);
    }

    public void b4(int i10) {
        this.f94150m1 = i10;
    }

    protected KeyManager[] c3(KeyStore keyStore) throws Exception {
        KeyManager[] keyManagerArr = null;
        if (keyStore != null) {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.L);
            f fVar = this.G;
            keyManagerFactory.init(keyStore, (fVar == null && (fVar = this.F) == null) ? null : fVar.toString().toCharArray());
            keyManagerArr = keyManagerFactory.getKeyManagers();
            if (this.f94162x != null) {
                for (int i10 = 0; i10 < keyManagerArr.length; i10++) {
                    if (keyManagerArr[i10] instanceof X509KeyManager) {
                        keyManagerArr[i10] = new org.eclipse.jetty.util.ssl.a(this.f94162x, (X509KeyManager) keyManagerArr[i10]);
                    }
                }
            }
        }
        return keyManagerArr;
    }

    public void c4(int i10) {
        this.f94151n1 = i10;
    }

    public void d1(String str) {
        W2();
        this.K = str;
    }

    @Deprecated
    public String d3() {
        return this.f94158t;
    }

    public void d4(boolean z10) {
        this.f94154p1 = z10;
    }

    @Deprecated
    protected KeyStore e3(InputStream inputStream, String str, String str2, String str3, String str4) throws Exception {
        return org.eclipse.jetty.util.security.b.a(inputStream, str, str2, str3, str4);
    }

    public void e4(String str) {
        W2();
        this.M = str;
    }

    @Deprecated
    public InputStream f3() {
        V2();
        return this.f94161w;
    }

    public void f4(String str) {
        W2();
        this.f94163y = str;
    }

    public String g3() {
        return this.f94158t;
    }

    public void g4(KeyStore keyStore) {
        W2();
        this.V = keyStore;
    }

    public String h3() {
        return this.f94159u;
    }

    @Deprecated
    public void h4(InputStream inputStream) {
        W2();
        this.B = inputStream;
    }

    public String i3() {
        return this.f94160v;
    }

    public void i4(String str) {
        W2();
        this.H = f.e("org.eclipse.jetty.ssl.password", str, null);
    }

    public int j3() {
        return this.P;
    }

    public void j4(String str) {
        W2();
        this.f94164z = str;
    }

    public void k0(String str) {
        W2();
        this.I = str;
    }

    public String k3() {
        return this.T;
    }

    public void k4(org.eclipse.jetty.util.resource.e eVar) {
        W2();
        try {
            this.B = eVar.k();
        } catch (IOException unused) {
            throw new InvalidParameterException("Unable to get resource input stream for resource " + eVar.toString());
        }
    }

    public String l() {
        return this.J;
    }

    public int l3() {
        return this.f94150m1;
    }

    public void l4(String str) {
        W2();
        this.A = str;
    }

    public int m3() {
        return this.f94151n1;
    }

    public void m4(boolean z10) {
        W2();
        this.N = z10;
    }

    public String n3() {
        return this.M;
    }

    public void n4(boolean z10) {
        W2();
        this.O = z10;
    }

    public String o0() {
        return this.L;
    }

    public void o1(SSLContext sSLContext) {
        W2();
        this.f94152o1 = sSLContext;
    }

    protected TrustManager[] o3(KeyStore keyStore, Collection<? extends CRL> collection) throws Exception {
        if (keyStore == null) {
            return null;
        }
        if (!this.O || !this.M.equalsIgnoreCase("PKIX")) {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.M);
            trustManagerFactory.init(keyStore);
            return trustManagerFactory.getTrustManagers();
        }
        PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore, new X509CertSelector());
        pKIXBuilderParameters.setMaxPathLength(this.P);
        pKIXBuilderParameters.setRevocationEnabled(true);
        if (collection != null && !collection.isEmpty()) {
            pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(collection)));
        }
        if (this.R) {
            System.setProperty("com.sun.security.enableCRLDP", "true");
        }
        if (this.S) {
            Security.setProperty("ocsp.enable", "true");
            String str = this.T;
            if (str != null) {
                Security.setProperty("ocsp.responderURL", str);
            }
        }
        TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(this.M);
        trustManagerFactory2.init(new CertPathTrustManagerParameters(pKIXBuilderParameters));
        return trustManagerFactory2.getTrustManagers();
    }

    public String p3() {
        return this.f94163y;
    }

    public String[] q0() {
        Set<String> set = this.f94157s;
        return (String[]) set.toArray(new String[set.size()]);
    }

    @Deprecated
    public InputStream q3() {
        V2();
        return this.B;
    }

    public String r3() {
        return this.f94164z;
    }

    public String s3() {
        return this.A;
    }

    @Deprecated
    public boolean t3() {
        return this.N;
    }

    public String toString() {
        return String.format("%s@%x(%s,%s)", getClass().getSimpleName(), Integer.valueOf(hashCode()), this.f94158t, this.f94163y);
    }

    public boolean u3() {
        return this.R;
    }

    public boolean v3() {
        return this.S;
    }

    public void w(boolean z10) {
        W2();
        this.C = z10;
    }

    public boolean w3() {
        return this.W;
    }

    public void x1(String... strArr) {
        W2();
        this.f94157s.clear();
        this.f94157s.addAll(Arrays.asList(strArr));
    }

    public SSLContext x2() {
        if (isStarted()) {
            return this.f94152o1;
        }
        throw new IllegalStateException(M2());
    }

    public boolean x3() {
        return this.f94154p1;
    }

    public void y(boolean z10) {
        W2();
        this.D = z10;
    }

    public boolean y3() {
        return this.N;
    }

    public boolean z3() {
        return this.O;
    }
}
