package kd;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.channels.NetworkChannel;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSessionContext;
import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.openssl.ciphers.Cipher;

/* loaded from: classes2.dex */
public abstract class b<S, U> extends AbstractEndpoint<S, U> {
    public String J = null;
    public int K = 65536;
    public o L = null;

    /* loaded from: classes2.dex */
    public static /* synthetic */ class a {
        public static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[SSLHostConfig.CertificateVerification.values().length];
            a = iArr;
            try {
                iArr[SSLHostConfig.CertificateVerification.NONE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[SSLHostConfig.CertificateVerification.OPTIONAL.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[SSLHostConfig.CertificateVerification.OPTIONAL_NO_CA.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                a[SSLHostConfig.CertificateVerification.REQUIRED.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    private SSLHostConfigCertificate n1(SSLHostConfig sSLHostConfig, List<Cipher> list) {
        Set<SSLHostConfigCertificate> certificates = sSLHostConfig.getCertificates(true);
        if (certificates.size() == 1) {
            return certificates.iterator().next();
        }
        LinkedHashSet<Cipher> cipherList = sSLHostConfig.getCipherList();
        ArrayList<Cipher> arrayList = new ArrayList();
        if (sSLHostConfig.getHonorCipherOrder()) {
            arrayList.addAll(cipherList);
            arrayList.retainAll(list);
        } else {
            arrayList.addAll(list);
            arrayList.retainAll(cipherList);
        }
        for (Cipher cipher : arrayList) {
            for (SSLHostConfigCertificate sSLHostConfigCertificate : certificates) {
                if (sSLHostConfigCertificate.getType().isCompatibleWith(cipher.getAu())) {
                    return sSLHostConfigCertificate;
                }
            }
        }
        return certificates.iterator().next();
    }

    @Override // org.apache.tomcat.util.net.AbstractEndpoint
    public final InetSocketAddress K() throws IOException {
        NetworkChannel i12 = i1();
        if (i12 == null) {
            return null;
        }
        SocketAddress localAddress = i12.getLocalAddress();
        if (localAddress instanceof InetSocketAddress) {
            return (InetSocketAddress) localAddress;
        }
        return null;
    }

    @Override // org.apache.tomcat.util.net.AbstractEndpoint
    public SSLHostConfig.Type Z() {
        return md.b.class.getName().equals(this.J) ? SSLHostConfig.Type.EITHER : SSLHostConfig.Type.JSSE;
    }

    @Override // org.apache.tomcat.util.net.AbstractEndpoint
    public void d1() throws Exception {
        Iterator<SSLHostConfig> it = this.f11152j.values().iterator();
        while (it.hasNext()) {
            Iterator<SSLHostConfigCertificate> it2 = it.next().getCertificates(true).iterator();
            while (it2.hasNext()) {
                it2.next().setSslContext(null);
            }
        }
    }

    public SSLEngine g1(String str, List<Cipher> list, List<String> list2) {
        SSLHostConfig X = X(str);
        n sslContext = n1(X, list).getSslContext();
        if (sslContext == null) {
            throw new IllegalStateException(AbstractEndpoint.I.h("endpoint.jsse.noSslContext", str));
        }
        SSLEngine d10 = sslContext.d();
        int i10 = a.a[X.getCertificateVerification().ordinal()];
        if (i10 == 1) {
            d10.setNeedClientAuth(false);
            d10.setWantClientAuth(false);
        } else if (i10 == 2 || i10 == 3) {
            d10.setWantClientAuth(true);
        } else if (i10 == 4) {
            d10.setNeedClientAuth(true);
        }
        d10.setUseClientMode(false);
        d10.setEnabledCipherSuites(X.getEnabledCiphers());
        d10.setEnabledProtocols(X.getEnabledProtocols());
        SSLParameters sSLParameters = d10.getSSLParameters();
        sSLParameters.setUseCipherSuitesOrder(X.getHonorCipherOrder());
        if (sc.b.f() && list2 != null && list2.size() > 0 && this.F.size() > 0) {
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(this.F);
            arrayList.retainAll(list2);
            if (arrayList.size() > 0) {
                sc.b.d().k(sSLParameters, (String[]) arrayList.toArray(new String[arrayList.size()]));
            }
        }
        d10.setSSLParameters(sSLParameters);
        return d10;
    }

    @Override // org.apache.tomcat.util.net.AbstractEndpoint
    public boolean h0() {
        if (!k0()) {
            return false;
        }
        try {
            return o.a(l1()).d();
        } catch (ClassNotFoundException unused) {
            return false;
        }
    }

    public void h1() throws Exception {
        if (k0()) {
            Iterator<SSLHostConfig> it = this.f11152j.values().iterator();
            while (it.hasNext()) {
                p0(it.next());
            }
        }
    }

    public abstract NetworkChannel i1();

    public int j1() {
        return this.K;
    }

    public o k1() {
        return this.L;
    }

    @Override // org.apache.tomcat.util.net.AbstractEndpoint
    public void l(SSLHostConfig sSLHostConfig) throws IllegalArgumentException {
        boolean z10 = true;
        for (SSLHostConfigCertificate sSLHostConfigCertificate : sSLHostConfig.getCertificates(true)) {
            r c10 = this.L.c(sSLHostConfigCertificate);
            if (z10) {
                z10 = false;
                sSLHostConfig.setEnabledProtocols(c10.e());
                sSLHostConfig.setEnabledCiphers(c10.f());
            }
            try {
                n a10 = c10.a(this.F);
                a10.b(c10.b(), c10.c(), null);
                SSLSessionContext a11 = a10.a();
                if (a11 != null) {
                    c10.d(a11);
                }
                sSLHostConfigCertificate.setSslContext(a10);
            } catch (Exception e10) {
                throw new IllegalArgumentException(e10.getMessage(), e10);
            }
        }
    }

    public String l1() {
        return this.J;
    }

    public void m1() throws Exception {
        if (k0()) {
            this.L = o.a(l1());
            for (SSLHostConfig sSLHostConfig : this.f11152j.values()) {
                sSLHostConfig.setConfigType(Z());
                l(sSLHostConfig);
            }
            if (this.f11152j.get(D()) == null) {
                throw new IllegalArgumentException(AbstractEndpoint.I.h("endpoint.noSslHostConfig", D(), S()));
            }
        }
    }

    public void o1(int i10) {
        this.K = i10;
    }

    @Override // org.apache.tomcat.util.net.AbstractEndpoint
    public void p0(SSLHostConfig sSLHostConfig) {
        n sslContext;
        for (SSLHostConfigCertificate sSLHostConfigCertificate : sSLHostConfig.getCertificates(true)) {
            if (sSLHostConfigCertificate.getSslContext() != null && (sslContext = sSLHostConfigCertificate.getSslContext()) != null) {
                sslContext.destroy();
            }
        }
    }

    public void p1(String str) {
        this.J = str;
    }
}
