package com.a.b;

import com.a.b.du;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.Socket;
import java.net.SocketException;
import java.net.URL;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: ExportControlled.java */
/* loaded from: classes.dex */
public class al {

    /* renamed from: a, reason: collision with root package name */
    private static final String f2816a = "08000";

    /* renamed from: d, reason: collision with root package name */
    private static final String f2819d = "TLSv1.2";

    /* renamed from: c, reason: collision with root package name */
    private static final String f2818c = "TLSv1.1";

    /* renamed from: b, reason: collision with root package name */
    private static final String f2817b = "TLSv1";

    /* renamed from: e, reason: collision with root package name */
    private static final String[] f2820e = {f2819d, f2818c, f2817b};

    /* compiled from: ExportControlled.java */
    /* loaded from: classes.dex */
    public static class a implements dt, du {

        /* renamed from: a, reason: collision with root package name */
        private SSLSocket f2821a = null;

        /* renamed from: b, reason: collision with root package name */
        private final SSLSocketFactory f2822b;

        /* renamed from: c, reason: collision with root package name */
        private final dt f2823c;

        /* renamed from: d, reason: collision with root package name */
        private final Socket f2824d;

        public a(SSLSocketFactory sSLSocketFactory, dt dtVar, Socket socket) {
            this.f2822b = sSLSocketFactory;
            this.f2823c = dtVar;
            this.f2824d = socket;
        }

        @Override // com.a.b.dt
        public Socket a() throws SocketException, IOException {
            this.f2823c.a();
            return this.f2821a;
        }

        @Override // com.a.b.dt
        public Socket a(String str, int i, Properties properties) throws SocketException, IOException {
            this.f2821a = (SSLSocket) this.f2822b.createSocket(this.f2824d, str, i, true);
            return this.f2821a;
        }

        @Override // com.a.b.du
        public boolean a(x xVar) throws SQLException {
            return du.a.a(xVar);
        }

        @Override // com.a.b.dt
        public Socket b() throws SocketException, IOException {
            return this.f2821a;
        }
    }

    /* compiled from: ExportControlled.java */
    /* loaded from: classes.dex */
    public static class b implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        private X509TrustManager f2825a;

        /* renamed from: b, reason: collision with root package name */
        private boolean f2826b;

        /* renamed from: c, reason: collision with root package name */
        private CertificateFactory f2827c;

        /* renamed from: d, reason: collision with root package name */
        private PKIXParameters f2828d;

        /* renamed from: e, reason: collision with root package name */
        private CertPathValidator f2829e;

        public b() {
            this.f2825a = null;
            this.f2826b = false;
            this.f2827c = null;
            this.f2828d = null;
            this.f2829e = null;
        }

        public b(X509TrustManager x509TrustManager, boolean z) throws CertificateException {
            this.f2825a = null;
            this.f2826b = false;
            this.f2827c = null;
            this.f2828d = null;
            this.f2829e = null;
            this.f2825a = x509TrustManager;
            this.f2826b = z;
            if (z) {
                try {
                    HashSet hashSet = new HashSet();
                    for (X509Certificate x509Certificate : x509TrustManager.getAcceptedIssuers()) {
                        hashSet.add(new TrustAnchor(x509Certificate, null));
                    }
                    this.f2828d = new PKIXParameters(hashSet);
                    this.f2828d.setRevocationEnabled(false);
                    this.f2829e = CertPathValidator.getInstance("PKIX");
                    this.f2827c = CertificateFactory.getInstance("X.509");
                } catch (Exception e2) {
                    throw new CertificateException(e2);
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.f2825a.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                x509Certificate.checkValidity();
            }
            if (this.f2828d != null) {
                new X509CertSelector().setSerialNumber(x509CertificateArr[0].getSerialNumber());
                try {
                    ((PKIXCertPathValidatorResult) this.f2829e.validate(this.f2827c.generateCertPath(Arrays.asList(x509CertificateArr)), this.f2828d)).getTrustAnchor().getTrustedCert().checkValidity();
                } catch (InvalidAlgorithmParameterException e2) {
                    throw new CertificateException(e2);
                } catch (CertPathValidatorException e3) {
                    throw new CertificateException(e3);
                }
            }
            if (this.f2826b) {
                this.f2825a.checkServerTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.f2825a != null ? this.f2825a.getAcceptedIssuers() : new X509Certificate[0];
        }
    }

    private al() {
    }

    public static RSAPublicKey a(String str, ak akVar) throws SQLException {
        try {
            if (str == null) {
                throw new SQLException("key parameter is null");
            }
            int indexOf = str.indexOf("\n") + 1;
            return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(com.a.b.i.a.a(str.getBytes(), indexOf, str.indexOf("-----END PUBLIC KEY-----") - indexOf)));
        } catch (Exception e2) {
            throw dn.a("Unable to decode public key", dn.aj, e2, akVar);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Removed duplicated region for block: B:55:0x010c A[Catch: IOException -> 0x0185, TryCatch #0 {IOException -> 0x0185, blocks: (B:3:0x000d, B:5:0x0023, B:7:0x0029, B:9:0x004e, B:10:0x0056, B:12:0x0076, B:14:0x007e, B:16:0x0084, B:18:0x0087, B:22:0x008a, B:24:0x00a2, B:28:0x00ad, B:30:0x00c8, B:32:0x00d0, B:34:0x00d3, B:38:0x013a, B:39:0x0149, B:41:0x015a, B:42:0x0170, B:46:0x0163, B:47:0x00d6, B:49:0x00e0, B:51:0x00fb, B:55:0x010c, B:57:0x011d, B:59:0x0121, B:61:0x012a, B:64:0x0135, B:66:0x0132, B:70:0x00e6, B:72:0x00ef, B:74:0x00f5, B:76:0x0102, B:80:0x0030, B:82:0x0036, B:84:0x0040), top: B:2:0x000d }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void a(com.a.b.cd r13) throws java.sql.SQLException {
        /*
            Method dump skipped, instructions count: 410
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.a.b.al.a(com.a.b.cd):void");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean a() {
        return true;
    }

    public static byte[] a(byte[] bArr, RSAPublicKey rSAPublicKey, ak akVar) throws SQLException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
            cipher.init(1, rSAPublicKey);
            return cipher.doFinal(bArr);
        } catch (Exception e2) {
            throw dn.a(e2.getMessage(), dn.aj, e2, akVar);
        }
    }

    public static boolean b(cd cdVar) {
        return SSLSocket.class.isAssignableFrom(cdVar.u.getClass());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v34, types: [boolean] */
    /* JADX WARN: Type inference failed for: r0v35 */
    /* JADX WARN: Type inference failed for: r0v36 */
    /* JADX WARN: Type inference failed for: r0v37 */
    /* JADX WARN: Type inference failed for: r0v38 */
    /* JADX WARN: Type inference failed for: r0v39 */
    /* JADX WARN: Type inference failed for: r0v40 */
    /* JADX WARN: Type inference failed for: r0v41 */
    /* JADX WARN: Type inference failed for: r0v42, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r0v58 */
    private static SSLSocketFactory c(cd cdVar) throws SQLException {
        KeyManager[] keyManagerArr;
        InputStream inputStream;
        ?? d2;
        KeyStore keyStore;
        String clientCertificateKeyStoreUrl = cdVar.s.getClientCertificateKeyStoreUrl();
        String clientCertificateKeyStorePassword = cdVar.s.getClientCertificateKeyStorePassword();
        String clientCertificateKeyStoreType = cdVar.s.getClientCertificateKeyStoreType();
        String trustCertificateKeyStoreUrl = cdVar.s.getTrustCertificateKeyStoreUrl();
        String trustCertificateKeyStorePassword = cdVar.s.getTrustCertificateKeyStorePassword();
        String trustCertificateKeyStoreType = cdVar.s.getTrustCertificateKeyStoreType();
        if (ed.d(clientCertificateKeyStoreUrl)) {
            clientCertificateKeyStoreUrl = System.getProperty("javax.net.ssl.keyStore");
            clientCertificateKeyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
            clientCertificateKeyStoreType = System.getProperty("javax.net.ssl.keyStoreType");
            if (ed.d(clientCertificateKeyStoreType)) {
                clientCertificateKeyStoreType = "JKS";
            }
            if (!ed.d(clientCertificateKeyStoreUrl)) {
                try {
                    new URL(clientCertificateKeyStoreUrl);
                } catch (MalformedURLException unused) {
                    clientCertificateKeyStoreUrl = "file:" + clientCertificateKeyStoreUrl;
                }
            }
        }
        if (ed.d(trustCertificateKeyStoreUrl)) {
            trustCertificateKeyStoreUrl = System.getProperty("javax.net.ssl.trustStore");
            trustCertificateKeyStorePassword = System.getProperty("javax.net.ssl.trustStorePassword");
            trustCertificateKeyStoreType = System.getProperty("javax.net.ssl.trustStoreType");
            if (ed.d(trustCertificateKeyStoreType)) {
                trustCertificateKeyStoreType = "JKS";
            }
            if (!ed.d(trustCertificateKeyStoreUrl)) {
                try {
                    new URL(trustCertificateKeyStoreUrl);
                } catch (MalformedURLException unused2) {
                    trustCertificateKeyStoreUrl = "file:" + trustCertificateKeyStoreUrl;
                }
            }
        }
        ArrayList arrayList = new ArrayList();
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            InputStream inputStream2 = null;
            try {
                if (ed.d(clientCertificateKeyStoreUrl)) {
                    keyManagerArr = null;
                } else {
                    try {
                        if (ed.d(clientCertificateKeyStoreType)) {
                            keyManagerArr = null;
                            inputStream = null;
                        } else {
                            KeyStore keyStore2 = KeyStore.getInstance(clientCertificateKeyStoreType);
                            URL url = new URL(clientCertificateKeyStoreUrl);
                            char[] charArray = clientCertificateKeyStorePassword == null ? new char[0] : clientCertificateKeyStorePassword.toCharArray();
                            inputStream = url.openStream();
                            try {
                                keyStore2.load(inputStream, charArray);
                                keyManagerFactory.init(keyStore2, charArray);
                                keyManagerArr = keyManagerFactory.getKeyManagers();
                            } catch (MalformedURLException unused3) {
                                throw dn.a(clientCertificateKeyStoreUrl + " does not appear to be a valid URL.", f2816a, 0, false, cdVar.K());
                            } catch (IOException e2) {
                                e = e2;
                                SQLException a2 = dn.a("Cannot open " + clientCertificateKeyStoreUrl + " [" + e.getMessage() + "]", f2816a, 0, false, cdVar.K());
                                a2.initCause(e);
                                throw a2;
                            } catch (KeyStoreException e3) {
                                e = e3;
                                throw dn.a("Could not create KeyStore instance [" + e.getMessage() + "]", f2816a, 0, false, cdVar.K());
                            } catch (NoSuchAlgorithmException e4) {
                                e = e4;
                                throw dn.a("Unsupported keystore algorithm [" + e.getMessage() + "]", f2816a, 0, false, cdVar.K());
                            } catch (UnrecoverableKeyException unused4) {
                                throw dn.a("Could not recover keys from client keystore.  Check password?", f2816a, 0, false, cdVar.K());
                            } catch (CertificateException unused5) {
                                throw dn.a("Could not load client" + clientCertificateKeyStoreType + " keystore from " + clientCertificateKeyStoreUrl, cdVar.K());
                            } catch (Throwable th) {
                                th = th;
                                inputStream2 = inputStream;
                                if (inputStream2 != null) {
                                    try {
                                        inputStream2.close();
                                    } catch (IOException unused6) {
                                    }
                                }
                                throw th;
                            }
                        }
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (IOException unused7) {
                            }
                        }
                    } catch (MalformedURLException unused8) {
                    } catch (IOException e5) {
                        e = e5;
                    } catch (KeyStoreException e6) {
                        e = e6;
                    } catch (NoSuchAlgorithmException e7) {
                        e = e7;
                    } catch (UnrecoverableKeyException unused9) {
                    } catch (CertificateException unused10) {
                    }
                }
                try {
                    try {
                        d2 = ed.d(trustCertificateKeyStoreUrl);
                    } catch (Throwable th2) {
                        th = th2;
                    }
                    try {
                        if (d2 != 0 || ed.d(trustCertificateKeyStoreType)) {
                            d2 = 0;
                            keyStore = null;
                        } else {
                            InputStream openStream = new URL(trustCertificateKeyStoreUrl).openStream();
                            char[] charArray2 = trustCertificateKeyStorePassword == null ? new char[0] : trustCertificateKeyStorePassword.toCharArray();
                            KeyStore keyStore3 = KeyStore.getInstance(trustCertificateKeyStoreType);
                            keyStore3.load(openStream, charArray2);
                            d2 = openStream;
                            keyStore = keyStore3;
                        }
                        trustManagerFactory.init(keyStore);
                        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                        boolean verifyServerCertificate = cdVar.s.getVerifyServerCertificate();
                        for (TrustManager trustManager : trustManagers) {
                            if (trustManager instanceof X509TrustManager) {
                                trustManager = new b((X509TrustManager) trustManager, verifyServerCertificate);
                            }
                            arrayList.add(trustManager);
                        }
                        if (d2 != 0) {
                            try {
                                d2.close();
                            } catch (IOException unused11) {
                            }
                        }
                        if (arrayList.size() == 0) {
                            arrayList.add(new b());
                        }
                        try {
                            SSLContext sSLContext = SSLContext.getInstance("TLS");
                            sSLContext.init(keyManagerArr, (TrustManager[]) arrayList.toArray(new TrustManager[arrayList.size()]), null);
                            return sSLContext.getSocketFactory();
                        } catch (KeyManagementException e8) {
                            throw dn.a("KeyManagementException: " + e8.getMessage(), f2816a, 0, false, cdVar.K());
                        } catch (NoSuchAlgorithmException unused12) {
                            throw dn.a("TLS is not a valid SSL protocol.", f2816a, 0, false, cdVar.K());
                        }
                    } catch (MalformedURLException unused13) {
                        throw dn.a(trustCertificateKeyStoreUrl + " does not appear to be a valid URL.", f2816a, 0, false, cdVar.K());
                    } catch (IOException e9) {
                        e = e9;
                        SQLException a3 = dn.a("Cannot open " + trustCertificateKeyStoreType + " [" + e.getMessage() + "]", f2816a, 0, false, cdVar.K());
                        a3.initCause(e);
                        throw a3;
                    } catch (KeyStoreException e10) {
                        e = e10;
                        throw dn.a("Could not create KeyStore instance [" + e.getMessage() + "]", f2816a, 0, false, cdVar.K());
                    } catch (NoSuchAlgorithmException e11) {
                        e = e11;
                        throw dn.a("Unsupported keystore algorithm [" + e.getMessage() + "]", f2816a, 0, false, cdVar.K());
                    } catch (CertificateException unused14) {
                        throw dn.a("Could not load trust" + trustCertificateKeyStoreType + " keystore from " + trustCertificateKeyStoreUrl, f2816a, 0, false, cdVar.K());
                    } catch (Throwable th3) {
                        th = th3;
                        inputStream2 = d2;
                        if (inputStream2 != null) {
                            try {
                                inputStream2.close();
                            } catch (IOException unused15) {
                            }
                        }
                        throw th;
                    }
                } catch (MalformedURLException unused16) {
                } catch (IOException e12) {
                    e = e12;
                } catch (KeyStoreException e13) {
                    e = e13;
                } catch (NoSuchAlgorithmException e14) {
                    e = e14;
                } catch (CertificateException unused17) {
                }
            } catch (Throwable th4) {
                th = th4;
            }
        } catch (NoSuchAlgorithmException unused18) {
            throw dn.a("Default algorithm definitions for TrustManager and/or KeyManager are invalid.  Check java security properties file.", f2816a, 0, false, cdVar.K());
        }
    }
}
