package sun.security.ssl;

import com.secneo.apkwrapper.Helper;
import java.lang.ref.Reference;
import java.net.Socket;
import java.security.AlgorithmConstraints;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicLong;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import sun.security.provider.certpath.AlgorithmChecker;

/* loaded from: classes2.dex */
final class X509KeyManagerImpl extends X509ExtendedKeyManager implements X509KeyManager {
    private static final Debug debug;
    private static final boolean useDebug;
    private static Date verificationDate;
    private final List<KeyStore.Builder> builders;
    private final Map<String, Reference<KeyStore.PrivateKeyEntry>> entryCacheMap;
    private final AtomicLong uidCounter;

    /* loaded from: classes2.dex */
    private enum CheckResult {
        OK,
        EXPIRED,
        EXTENSION_MISMATCH;

        static {
            Helper.stub();
        }
    }

    /* loaded from: classes2.dex */
    private enum CheckType {
        NONE(Collections.emptySet()),
        CLIENT(new HashSet(Arrays.asList("2.5.29.37.0", "1.3.6.1.5.5.7.3.2"))),
        SERVER(new HashSet(Arrays.asList("2.5.29.37.0", "1.3.6.1.5.5.7.3.1", "2.16.840.1.113730.4.1", "1.3.6.1.4.1.311.10.3.3")));

        final Set<String> validEku;

        static {
            Helper.stub();
        }

        CheckType(Set set) {
            this.validEku = set;
        }

        private static boolean getBit(boolean[] zArr, int i) {
            return i < zArr.length && zArr[i];
        }

        CheckResult check(X509Certificate x509Certificate, Date date) {
            if (this == NONE) {
                return CheckResult.OK;
            }
            try {
                List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
                if (extendedKeyUsage != null && Collections.disjoint(this.validEku, extendedKeyUsage)) {
                    return CheckResult.EXTENSION_MISMATCH;
                }
                boolean[] keyUsage = x509Certificate.getKeyUsage();
                if (keyUsage != null) {
                    String algorithm = x509Certificate.getPublicKey().getAlgorithm();
                    boolean bit = getBit(keyUsage, 0);
                    if (algorithm.equals("RSA")) {
                        if (!bit && (this == CLIENT || !getBit(keyUsage, 2))) {
                            return CheckResult.EXTENSION_MISMATCH;
                        }
                    } else if (algorithm.equals("DSA")) {
                        if (!bit) {
                            return CheckResult.EXTENSION_MISMATCH;
                        }
                    } else if (algorithm.equals("DH")) {
                        if (!getBit(keyUsage, 4)) {
                            return CheckResult.EXTENSION_MISMATCH;
                        }
                    } else if (algorithm.equals("EC")) {
                        if (!bit) {
                            return CheckResult.EXTENSION_MISMATCH;
                        }
                        if (this == SERVER && !getBit(keyUsage, 4)) {
                            return CheckResult.EXTENSION_MISMATCH;
                        }
                    }
                }
                try {
                    x509Certificate.checkValidity(date);
                    return CheckResult.OK;
                } catch (CertificateException e) {
                    return CheckResult.EXPIRED;
                }
            } catch (CertificateException e2) {
                return CheckResult.EXTENSION_MISMATCH;
            }
        }
    }

    /* loaded from: classes2.dex */
    private static class EntryStatus implements Comparable<EntryStatus> {
        final String alias;
        final int builderIndex;
        final CheckResult checkResult;
        final int keyIndex;

        EntryStatus(int i, int i2, String str, Certificate[] certificateArr, CheckResult checkResult) {
            Helper.stub();
            this.builderIndex = i;
            this.keyIndex = i2;
            this.alias = str;
            this.checkResult = checkResult;
        }

        @Override // java.lang.Comparable
        public int compareTo(EntryStatus entryStatus) {
            return 0;
        }

        public String toString() {
            return null;
        }
    }

    /* loaded from: classes2.dex */
    private static class KeyType {
        final String keyAlgorithm;
        final String sigKeyAlgorithm;

        KeyType(String str) {
            Helper.stub();
            int indexOf = str.indexOf("_");
            if (indexOf == -1) {
                this.keyAlgorithm = str;
                this.sigKeyAlgorithm = null;
            } else {
                this.keyAlgorithm = str.substring(0, indexOf);
                this.sigKeyAlgorithm = str.substring(indexOf + 1);
            }
        }

        boolean matches(Certificate[] certificateArr) {
            return false;
        }
    }

    /* loaded from: classes2.dex */
    private static class SizedMap<K, V> extends LinkedHashMap<K, V> {
        private SizedMap() {
            Helper.stub();
        }

        @Override // java.util.LinkedHashMap
        protected boolean removeEldestEntry(Map.Entry<K, V> entry) {
            return false;
        }
    }

    static {
        Helper.stub();
        debug = Debug.getInstance("ssl");
        useDebug = debug != null && Debug.isOn("keymanager");
    }

    X509KeyManagerImpl(KeyStore.Builder builder) {
        this((List<KeyStore.Builder>) Collections.singletonList(builder));
    }

    X509KeyManagerImpl(List<KeyStore.Builder> list) {
        this.builders = list;
        this.uidCounter = new AtomicLong();
        this.entryCacheMap = Collections.synchronizedMap(new SizedMap());
    }

    private String chooseAlias(List<KeyType> list, Principal[] principalArr, CheckType checkType, AlgorithmConstraints algorithmConstraints) {
        return null;
    }

    private static boolean conformsToAlgorithmConstraints(AlgorithmConstraints algorithmConstraints, Certificate[] certificateArr) {
        AlgorithmChecker algorithmChecker = new AlgorithmChecker(algorithmConstraints);
        try {
            algorithmChecker.init(false);
            for (int length = certificateArr.length - 1; length >= 0; length--) {
                try {
                    algorithmChecker.check(certificateArr[length], Collections.emptySet());
                } catch (CertPathValidatorException e) {
                    return false;
                }
            }
            return true;
        } catch (CertPathValidatorException e2) {
            return false;
        }
    }

    private AlgorithmConstraints getAlgorithmConstraints(Socket socket) {
        return null;
    }

    private AlgorithmConstraints getAlgorithmConstraints(SSLEngine sSLEngine) {
        return null;
    }

    private List<EntryStatus> getAliases(int i, List<KeyType> list, Set<Principal> set, boolean z, CheckType checkType, AlgorithmConstraints algorithmConstraints) throws Exception {
        return null;
    }

    private KeyStore.PrivateKeyEntry getEntry(String str) {
        return null;
    }

    private Set<Principal> getIssuerSet(Principal[] principalArr) {
        return null;
    }

    private static List<KeyType> getKeyTypes(String... strArr) {
        if (strArr == null || strArr.length == 0 || strArr[0] == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            arrayList.add(new KeyType(str));
        }
        return arrayList;
    }

    private String makeAlias(EntryStatus entryStatus) {
        return null;
    }

    private String[] toAliases(List<EntryStatus> list) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return null;
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    public String[] getAliases(String str, Principal[] principalArr, CheckType checkType, AlgorithmConstraints algorithmConstraints) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return getAliases(str, principalArr, CheckType.CLIENT, null);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return getAliases(str, principalArr, CheckType.SERVER, null);
    }
}
