package org.eclipse.jetty.security.authentication;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.Principal;
import java.security.cert.CRL;
import java.security.cert.X509Certificate;
import java.util.Collection;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import l.a.a.e.a.a;
import l.a.a.e.p;
import l.a.a.f.e;
import l.a.a.f.z;
import l.a.a.h.e.b;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.util.B64Code;
import org.eclipse.jetty.util.security.CertificateUtils;

/* loaded from: classes2.dex */
public class ClientCertAuthenticator extends LoginAuthenticator {

    /* renamed from: d, reason: collision with root package name */
    public static final String f26148d = "org.eclipse.jetty.ssl.password";

    /* renamed from: e, reason: collision with root package name */
    public String f26149e;

    /* renamed from: f, reason: collision with root package name */
    public String f26150f;

    /* renamed from: h, reason: collision with root package name */
    public transient b f26152h;

    /* renamed from: i, reason: collision with root package name */
    public boolean f26153i;

    /* renamed from: j, reason: collision with root package name */
    public String f26154j;

    /* renamed from: n, reason: collision with root package name */
    public String f26158n;

    /* renamed from: g, reason: collision with root package name */
    public String f26151g = "JKS";

    /* renamed from: k, reason: collision with root package name */
    public int f26155k = -1;

    /* renamed from: l, reason: collision with root package name */
    public boolean f26156l = false;

    /* renamed from: m, reason: collision with root package name */
    public boolean f26157m = false;

    public KeyStore a(InputStream inputStream, String str, String str2, String str3, String str4) throws Exception {
        return CertificateUtils.a(inputStream, str, str2, str3, str4);
    }

    public Collection<? extends CRL> a(String str) throws Exception {
        return CertificateUtils.a(str);
    }

    @Override // l.a.a.e.a
    public e a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws ServerAuthException {
        if (!z) {
            return new a(this);
        }
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        X509Certificate[] x509CertificateArr = (X509Certificate[]) ((HttpServletRequest) servletRequest).getAttribute("javax.servlet.request.X509Certificate");
        if (x509CertificateArr != null) {
            try {
                if (x509CertificateArr.length > 0) {
                    if (this.f26153i) {
                        new l.a.a.h.e.a(a(null, this.f26149e, this.f26151g, this.f26150f, this.f26152h == null ? null : this.f26152h.toString()), a(this.f26154j)).a(x509CertificateArr);
                    }
                    for (X509Certificate x509Certificate : x509CertificateArr) {
                        if (x509Certificate != null) {
                            Principal subjectDN = x509Certificate.getSubjectDN();
                            if (subjectDN == null) {
                                subjectDN = x509Certificate.getIssuerDN();
                            }
                            z a2 = a(subjectDN == null ? "clientcert" : subjectDN.getName(), B64Code.a(x509Certificate.getSignature()), servletRequest);
                            if (a2 != null) {
                                return new p(i(), a2);
                            }
                        }
                    }
                }
            } catch (Exception e2) {
                throw new ServerAuthException(e2.getMessage());
            }
        }
        if (a.a(httpServletResponse)) {
            return e.f25284a;
        }
        httpServletResponse.b(403);
        return e.f25287d;
    }

    public void a(int i2) {
        this.f26155k = i2;
    }

    public void a(boolean z) {
        this.f26156l = z;
    }

    @Override // l.a.a.e.a
    public boolean a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, e.f fVar) throws ServerAuthException {
        return true;
    }

    public String b() {
        return this.f26154j;
    }

    public void b(String str) {
        this.f26154j = str;
    }

    public void b(boolean z) {
        this.f26157m = z;
    }

    public int c() {
        return this.f26155k;
    }

    public void c(String str) {
        this.f26158n = str;
    }

    public void c(boolean z) {
        this.f26153i = z;
    }

    public String d() {
        return this.f26158n;
    }

    public void d(String str) {
        this.f26149e = str;
    }

    public String e() {
        return this.f26149e;
    }

    public void e(String str) {
        this.f26152h = b.a("org.eclipse.jetty.ssl.password", str, null);
    }

    public String f() {
        return this.f26150f;
    }

    public void f(String str) {
        this.f26150f = str;
    }

    public String g() {
        return this.f26151g;
    }

    public void g(String str) {
        this.f26151g = str;
    }

    public boolean h() {
        return this.f26156l;
    }

    @Override // l.a.a.e.a
    public String i() {
        return "CLIENT_CERT";
    }

    public boolean j() {
        return this.f26157m;
    }

    public boolean k() {
        return this.f26153i;
    }
}
