package g.b.a.h.e0;

import c.j.a.a.a.d;
import g.b.a.h.b0.c;
import g.b.a.h.i;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* compiled from: SslContextFactory.java */
/* loaded from: classes3.dex */
public class b extends g.b.a.h.a0.a {
    public static final String A;
    public static final String B;
    public static final TrustManager[] y = {new a()};
    private static final c z = g.b.a.h.b0.b.a((Class<?>) b.class);

    /* renamed from: f, reason: collision with root package name */
    private InputStream f21932f;

    /* renamed from: g, reason: collision with root package name */
    private String f21933g;
    private String h;
    private String i;
    private InputStream k;
    private transient g.b.a.h.d0.b n;
    private KeyStore u;
    private SSLContext w;

    /* renamed from: a, reason: collision with root package name */
    private final Set<String> f21927a = new LinkedHashSet();

    /* renamed from: b, reason: collision with root package name */
    private Set<String> f21928b = new LinkedHashSet();

    /* renamed from: c, reason: collision with root package name */
    private final Set<String> f21929c = new LinkedHashSet();

    /* renamed from: d, reason: collision with root package name */
    private Set<String> f21930d = new LinkedHashSet();

    /* renamed from: e, reason: collision with root package name */
    private String f21931e = "JKS";
    private String j = "JKS";
    private boolean l = false;
    private boolean m = false;
    private String o = "TLS";
    private String p = A;
    private String q = B;
    private int r = -1;
    private boolean s = false;
    private boolean t = false;
    private boolean v = true;
    private boolean x = true;

    /* compiled from: SslContextFactory.java */
    /* loaded from: classes3.dex */
    static class a implements X509TrustManager {
        a() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static {
        A = Security.getProperty("ssl.KeyManagerFactory.algorithm") == null ? "SunX509" : Security.getProperty("ssl.KeyManagerFactory.algorithm");
        B = Security.getProperty("ssl.TrustManagerFactory.algorithm") != null ? Security.getProperty("ssl.TrustManagerFactory.algorithm") : "SunX509";
        System.getProperty("user.home");
        String str = File.separator;
    }

    public SSLEngine a(String str, int i) {
        SSLEngine createSSLEngine = this.v ? this.w.createSSLEngine(str, i) : this.w.createSSLEngine();
        a(createSSLEngine);
        return createSSLEngine;
    }

    public void a(SSLEngine sSLEngine) {
        boolean z2 = this.m;
        if (z2) {
            sSLEngine.setWantClientAuth(z2);
        }
        boolean z3 = this.l;
        if (z3) {
            sSLEngine.setNeedClientAuth(z3);
        }
        sSLEngine.setEnabledCipherSuites(a(sSLEngine.getEnabledCipherSuites(), sSLEngine.getSupportedCipherSuites()));
        sSLEngine.setEnabledProtocols(b(sSLEngine.getEnabledProtocols(), sSLEngine.getSupportedProtocols()));
    }

    public String[] a(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.f21930d.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.f21930d) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        Set<String> set = this.f21929c;
        if (set != null) {
            linkedHashSet.removeAll(set);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public String[] b(String[] strArr, String[] strArr2) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (this.f21928b.isEmpty()) {
            linkedHashSet.addAll(Arrays.asList(strArr));
        } else {
            for (String str : this.f21928b) {
                if (Arrays.asList(strArr2).contains(str)) {
                    linkedHashSet.add(str);
                }
            }
        }
        Set<String> set = this.f21927a;
        if (set != null) {
            linkedHashSet.removeAll(set);
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // g.b.a.h.a0.a
    public void doStart() throws Exception {
        KeyManager[] keyManagerArr;
        TrustManager[] trustManagerArr;
        TrustManager[] trustManagerArr2;
        if (this.w == null) {
            if (this.f21932f == null && this.u == null && this.k == null && this.h == null) {
                if (this.x) {
                    z.b("No keystore or trust store configured.  ACCEPTING UNTRUSTED CERTIFICATES!!!!!", new Object[0]);
                    trustManagerArr2 = y;
                } else {
                    trustManagerArr2 = null;
                }
                SSLContext sSLContext = SSLContext.getInstance(this.o);
                this.w = sSLContext;
                sSLContext.init(null, trustManagerArr2, null);
                return;
            }
            if (this.w == null) {
                InputStream inputStream = this.f21932f;
                if (inputStream == null) {
                    throw new IllegalStateException("SSL doesn't have a valid keystore");
                }
                if (this.u == null && this.k == null && this.h == null) {
                    this.u = null;
                    this.h = null;
                    this.k = inputStream;
                    this.j = this.f21931e;
                    this.i = null;
                    this.n = null;
                    this.q = this.p;
                }
                InputStream inputStream2 = this.f21932f;
                if (inputStream2 != null && inputStream2 == this.k) {
                    try {
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        i.a(this.f21932f, byteArrayOutputStream, -1L);
                        this.f21932f.close();
                        this.f21932f = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                        this.k = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                    } catch (Exception e2) {
                        throw new IllegalStateException(e2);
                    }
                }
            }
            KeyStore a2 = d.a(this.f21932f, null, this.f21931e, null, null);
            KeyStore keyStore = this.u;
            if (keyStore == null) {
                InputStream inputStream3 = this.k;
                String str = this.h;
                String str2 = this.j;
                String str3 = this.i;
                g.b.a.h.d0.b bVar = this.n;
                keyStore = d.a(inputStream3, str, str2, str3, bVar == null ? null : bVar.toString());
            }
            d.j((String) null);
            if (a2 != null) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.p);
                keyManagerFactory.init(a2, null);
                keyManagerArr = keyManagerFactory.getKeyManagers();
                if (this.f21933g != null) {
                    for (int i = 0; i < keyManagerArr.length; i++) {
                        if (keyManagerArr[i] instanceof X509KeyManager) {
                            keyManagerArr[i] = new g.b.a.h.e0.a(this.f21933g, (X509KeyManager) keyManagerArr[i]);
                        }
                    }
                }
            } else {
                keyManagerArr = null;
            }
            if (keyStore != null) {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.q);
                trustManagerFactory.init(keyStore);
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } else {
                trustManagerArr = null;
            }
            SSLContext sSLContext2 = SSLContext.getInstance(this.o);
            this.w = sSLContext2;
            sSLContext2.init(keyManagerArr, trustManagerArr, null);
            SSLEngine createSSLEngine = this.w.createSSLEngine();
            a(createSSLEngine);
            z.c("Enabled Protocols {} of {}", Arrays.asList(createSSLEngine.getEnabledProtocols()), Arrays.asList(createSSLEngine.getSupportedProtocols()));
            if (z.a()) {
                z.b("Enabled Ciphers   {} of {}", Arrays.asList(createSSLEngine.getEnabledCipherSuites()), Arrays.asList(createSSLEngine.getSupportedCipherSuites()));
            }
        }
    }

    public SSLEngine t() {
        SSLEngine createSSLEngine = this.w.createSSLEngine();
        a(createSSLEngine);
        return createSSLEngine;
    }

    public String toString() {
        return String.format("%s@%x(%s,%s)", b.class.getSimpleName(), Integer.valueOf(hashCode()), null, this.h);
    }

    public SSLSocket u() throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.w.getSocketFactory().createSocket();
        boolean z2 = this.m;
        if (z2) {
            sSLSocket.setWantClientAuth(z2);
        }
        boolean z3 = this.l;
        if (z3) {
            sSLSocket.setNeedClientAuth(z3);
        }
        sSLSocket.setEnabledCipherSuites(a(sSLSocket.getEnabledCipherSuites(), sSLSocket.getSupportedCipherSuites()));
        sSLSocket.setEnabledProtocols(b(sSLSocket.getEnabledProtocols(), sSLSocket.getSupportedProtocols()));
        return sSLSocket;
    }
}
