package com.sankuai.xmpp.netsimulate.ssl;

import android.os.Build;
import android.support.annotation.NonNull;
import com.google.common.cache.CacheBuilder;
import com.meituan.robust.ChangeQuickRedirect;
import com.meituan.robust.PatchProxy;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.bouncycastle.operator.OperatorCreationException;

/* loaded from: classes3.dex */
public final class d {

    /* renamed from: a, reason: collision with root package name */
    public static ChangeQuickRedirect f100631a = null;

    /* renamed from: b, reason: collision with root package name */
    private static final int f100632b = 10;

    /* renamed from: c, reason: collision with root package name */
    private static final int f100633c = 16;

    /* renamed from: d, reason: collision with root package name */
    private static final String f100634d = "TLSv1.2";

    /* renamed from: e, reason: collision with root package name */
    private static final String f100635e = "TLSv1";

    /* renamed from: f, reason: collision with root package name */
    private static final com.google.common.cache.c<String, SSLContext> f100636f = CacheBuilder.a().b(10, TimeUnit.MINUTES).b(16).u();

    /* renamed from: g, reason: collision with root package name */
    private static final com.google.common.cache.c<String, SSLContext> f100637g = CacheBuilder.a().b(10, TimeUnit.MINUTES).b(16).u();

    /* renamed from: h, reason: collision with root package name */
    private static volatile d f100638h;

    /* renamed from: i, reason: collision with root package name */
    private static e f100639i;

    /* renamed from: j, reason: collision with root package name */
    private static i f100640j;

    /* renamed from: k, reason: collision with root package name */
    private final b f100641k;

    /* renamed from: l, reason: collision with root package name */
    private final a f100642l;

    /* renamed from: m, reason: collision with root package name */
    private Certificate f100643m;

    /* renamed from: n, reason: collision with root package name */
    private PrivateKey f100644n;

    public d(@NonNull b bVar) throws GeneralSecurityException, IOException {
        Object[] objArr = {bVar};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "a3d2953d2fb69723f2eb0b030b3335bb", 4611686018427387904L)) {
            PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "a3d2953d2fb69723f2eb0b030b3335bb");
            return;
        }
        this.f100641k = bVar;
        this.f100642l = new a();
        a();
    }

    public static d a(b bVar) throws GeneralSecurityException, IOException {
        Object[] objArr = {bVar};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, null, changeQuickRedirect, true, "72596d2026f2697737e7e160a3aeca31", 4611686018427387904L)) {
            return (d) PatchProxy.accessDispatch(objArr, null, changeQuickRedirect, true, "72596d2026f2697737e7e160a3aeca31");
        }
        if (f100638h == null) {
            synchronized (d.class) {
                if (f100638h == null) {
                    f100638h = new d(bVar);
                }
            }
        }
        return f100638h;
    }

    private SSLContext a(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr) throws NoSuchAlgorithmException, KeyManagementException {
        Object[] objArr = {keyManagerArr, trustManagerArr};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "2bfd7fdc7ad361c47d7e71a9ed7f28cd", 4611686018427387904L)) {
            return (SSLContext) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "2bfd7fdc7ad361c47d7e71a9ed7f28cd");
        }
        SSLContext c2 = c();
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.setSeed(System.currentTimeMillis() + 1);
        c2.init(keyManagerArr, trustManagerArr, secureRandom);
        return c2;
    }

    private void a() throws GeneralSecurityException, IOException {
        Object[] objArr = new Object[0];
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "f220ab813e138432dc3ddca73d6aa385", 4611686018427387904L)) {
            PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "f220ab813e138432dc3ddca73d6aa385");
            return;
        }
        KeyStore b2 = b();
        this.f100643m = b2.getCertificate(this.f100641k.a());
        this.f100644n = (PrivateKey) b2.getKey(this.f100641k.a(), this.f100641k.b());
    }

    public static void a(e eVar, i iVar) {
        Object[] objArr = {eVar, iVar};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, null, changeQuickRedirect, true, "5373a557c339f35f7c42c88bbbaff093", 4611686018427387904L)) {
            PatchProxy.accessDispatch(objArr, null, changeQuickRedirect, true, "5373a557c339f35f7c42c88bbbaff093");
            return;
        }
        f100639i = eVar;
        f100640j = iVar;
        f100636f.invalidateAll();
        f100637g.invalidateAll();
    }

    private KeyStore b() throws GeneralSecurityException, IOException {
        Object[] objArr = new Object[0];
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "ac11b8082b16c727c3484505a781b9b2", 4611686018427387904L)) {
            return (KeyStore) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "ac11b8082b16c727c3484505a781b9b2");
        }
        KeyStore keyStore = KeyStore.getInstance(this.f100642l.a());
        FileInputStream fileInputStream = null;
        try {
            FileInputStream fileInputStream2 = new FileInputStream(this.f100641k.a(b.f100606b));
            try {
                keyStore.load(fileInputStream2, this.f100641k.b());
                com.sankuai.xmpp.netsimulate.core.g.a(fileInputStream2);
                return keyStore;
            } catch (Throwable th2) {
                th = th2;
                fileInputStream = fileInputStream2;
                com.sankuai.xmpp.netsimulate.core.g.a(fileInputStream);
                throw th;
            }
        } catch (Throwable th3) {
            th = th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SSLContext b(String str) throws GeneralSecurityException, IOException, OperatorCreationException {
        Object[] objArr = {str};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "1e5dcc01f7b6890c372b974ad5b333a6", 4611686018427387904L)) {
            return (SSLContext) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "1e5dcc01f7b6890c372b974ad5b333a6");
        }
        KeyManager[] a2 = f100639i != null ? f100639i.a(str, false) : null;
        if (a2 == null) {
            a2 = d(str);
        }
        return a(a2, f100640j != null ? f100640j.a(str, false) : null);
    }

    private SSLContext c() throws NoSuchAlgorithmException {
        Object[] objArr = new Object[0];
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "84d29a2413d0181ef2d614cc7b757f3a", 4611686018427387904L)) {
            return (SSLContext) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "84d29a2413d0181ef2d614cc7b757f3a");
        }
        try {
            return SSLContext.getInstance(f100634d);
        } catch (NoSuchAlgorithmException unused) {
            return SSLContext.getInstance(f100635e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SSLContext c(String str) throws GeneralSecurityException {
        Object[] objArr = {str};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "011e3241c1e2f607c4f654dbaf6a9e59", 4611686018427387904L)) {
            return (SSLContext) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "011e3241c1e2f607c4f654dbaf6a9e59");
        }
        KeyManager[] a2 = f100639i != null ? f100639i.a(str, true) : null;
        TrustManager[] a3 = f100640j != null ? f100640j.a(str, true) : null;
        if (a3 == null) {
            a3 = d();
        }
        return a(a2, a3);
    }

    private KeyManager[] d(String str) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, OperatorCreationException, InvalidKeyException, IOException, SignatureException, NoSuchProviderException, CertificateException {
        Object[] objArr = {str};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "faf43c7fdf3b86060e054712af3e574a", 4611686018427387904L)) {
            return (KeyManager[]) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "faf43c7fdf3b86060e054712af3e574a");
        }
        KeyStore a2 = this.f100642l.a(str, this.f100641k, this.f100643m, this.f100644n);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(a2, this.f100641k.b());
        return keyManagerFactory.getKeyManagers();
    }

    private TrustManager[] d() {
        Object[] objArr = new Object[0];
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "119182636af1ea78a15a4a7c19acbf50", 4611686018427387904L)) {
            return (TrustManager[]) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "119182636af1ea78a15a4a7c19acbf50");
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return trustManagers;
            }
            throw new KeyManagementException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e2) {
            com.sankuai.xmpp.netsimulate.core.f.a(e2);
            return null;
        }
    }

    public SSLEngine a(@NonNull final String str) throws ExecutionException {
        Object[] objArr = {str};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "d9e69385af85c5900cdd64866990a0e2", 4611686018427387904L)) {
            return (SSLEngine) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "d9e69385af85c5900cdd64866990a0e2");
        }
        SSLContext sSLContext = f100636f.get(str, new Callable<SSLContext>() { // from class: com.sankuai.xmpp.netsimulate.ssl.d.1

            /* renamed from: a, reason: collision with root package name */
            public static ChangeQuickRedirect f100645a;

            @Override // java.util.concurrent.Callable
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public SSLContext call() throws GeneralSecurityException, IOException, OperatorCreationException {
                Object[] objArr2 = new Object[0];
                ChangeQuickRedirect changeQuickRedirect2 = f100645a;
                return PatchProxy.isSupport(objArr2, this, changeQuickRedirect2, false, "842e10a352fcb969d4ef7d4296e93b66", 4611686018427387904L) ? (SSLContext) PatchProxy.accessDispatch(objArr2, this, changeQuickRedirect2, false, "842e10a352fcb969d4ef7d4296e93b66") : d.this.b(str);
            }
        });
        if (Build.VERSION.SDK_INT != 27) {
            return sSLContext.createSSLEngine();
        }
        try {
            return sSLContext.createSSLEngine();
        } catch (Exception e2) {
            throw new ExecutionException(e2);
        }
    }

    public SSLEngine a(@NonNull final String str, int i2) throws ExecutionException {
        Object[] objArr = {str, new Integer(i2)};
        ChangeQuickRedirect changeQuickRedirect = f100631a;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect, false, "d391b969f8dfa70304f527459e22a838", 4611686018427387904L)) {
            return (SSLEngine) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect, false, "d391b969f8dfa70304f527459e22a838");
        }
        SSLEngine createSSLEngine = f100637g.get(str, new Callable<SSLContext>() { // from class: com.sankuai.xmpp.netsimulate.ssl.d.2

            /* renamed from: a, reason: collision with root package name */
            public static ChangeQuickRedirect f100648a;

            @Override // java.util.concurrent.Callable
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public SSLContext call() throws GeneralSecurityException, IOException, OperatorCreationException {
                Object[] objArr2 = new Object[0];
                ChangeQuickRedirect changeQuickRedirect2 = f100648a;
                return PatchProxy.isSupport(objArr2, this, changeQuickRedirect2, false, "f3e2fd1ff57b1582382404393bd6dbf0", 4611686018427387904L) ? (SSLContext) PatchProxy.accessDispatch(objArr2, this, changeQuickRedirect2, false, "f3e2fd1ff57b1582382404393bd6dbf0") : d.this.c(str);
            }
        }).createSSLEngine(str, i2);
        LinkedList linkedList = new LinkedList();
        for (String str2 : createSSLEngine.getEnabledCipherSuites()) {
            if (!str2.equals("TLS_DHE_RSA_WITH_AES_128_CBC_SHA") && !str2.equals("TLS_DHE_RSA_WITH_AES_256_CBC_SHA")) {
                linkedList.add(str2);
            }
        }
        createSSLEngine.setEnabledCipherSuites((String[]) linkedList.toArray(new String[0]));
        createSSLEngine.setUseClientMode(true);
        createSSLEngine.setNeedClientAuth(false);
        return createSSLEngine;
    }
}
