package io.netty.handler.ssl;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufInputStream;
import java.io.File;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes3.dex */
public final class JdkSslClientContext extends JdkSslContext {
    private final SSLContext ctx;
    private final List<String> nextProtocols;

    public JdkSslClientContext() {
        this(null, null, null, null, 0L, 0L);
    }

    public JdkSslClientContext(File file) {
        this(file, null);
    }

    public JdkSslClientContext(File file, TrustManagerFactory trustManagerFactory) {
        this(file, trustManagerFactory, null, null, 0L, 0L);
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public JdkSslClientContext(File file, TrustManagerFactory trustManagerFactory, Iterable<String> iterable, Iterable<String> iterable2, long j2, long j3) {
        super(iterable);
        List<String> emptyList;
        String next;
        TrustManagerFactory trustManagerFactory2 = trustManagerFactory;
        if (iterable2 == null || !iterable2.iterator().hasNext()) {
            emptyList = Collections.emptyList();
        } else {
            if (!JettyNpnSslEngine.isAvailable()) {
                throw new SSLException("NPN/ALPN unsupported: ".concat(String.valueOf(iterable2)));
            }
            ArrayList arrayList = new ArrayList();
            Iterator<String> it = iterable2.iterator();
            while (it.hasNext() && (next = it.next()) != null) {
                arrayList.add(next);
            }
            emptyList = Collections.unmodifiableList(arrayList);
        }
        this.nextProtocols = emptyList;
        try {
            if (file == null) {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                this.ctx = sSLContext;
                if (trustManagerFactory2 == null) {
                    sSLContext.init(null, null, null);
                } else {
                    trustManagerFactory2.init((KeyStore) null);
                    sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                }
            } else {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null, null);
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                ByteBuf[] readCertificates = PemReader.readCertificates(file);
                try {
                    for (ByteBuf byteBuf : readCertificates) {
                        X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ByteBufInputStream(byteBuf));
                        keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName("RFC2253"), x509Certificate);
                    }
                    trustManagerFactory2 = trustManagerFactory2 == null ? TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()) : trustManagerFactory2;
                    trustManagerFactory2.init(keyStore);
                    SSLContext sSLContext2 = SSLContext.getInstance("TLS");
                    this.ctx = sSLContext2;
                    sSLContext2.init(null, trustManagerFactory2.getTrustManagers(), null);
                } finally {
                    for (ByteBuf byteBuf2 : readCertificates) {
                        byteBuf2.release();
                    }
                }
            }
            SSLSessionContext clientSessionContext = this.ctx.getClientSessionContext();
            if (j2 > 0) {
                clientSessionContext.setSessionCacheSize((int) Math.min(j2, 2147483647L));
            }
            if (j3 > 0) {
                clientSessionContext.setSessionTimeout((int) Math.min(j3, 2147483647L));
            }
        } catch (Exception e2) {
            throw new SSLException("failed to initialize the server-side SSL context", e2);
        }
    }

    public JdkSslClientContext(TrustManagerFactory trustManagerFactory) {
        this(null, trustManagerFactory);
    }

    @Override // io.netty.handler.ssl.JdkSslContext
    public final SSLContext context() {
        return this.ctx;
    }

    @Override // io.netty.handler.ssl.SslContext
    public final boolean isClient() {
        return true;
    }

    @Override // io.netty.handler.ssl.SslContext
    public final List<String> nextProtocols() {
        return this.nextProtocols;
    }
}
