package org.conscrypt;

import com.baidu.titan.runtime.InterceptResult;
import com.baidu.titan.runtime.Interceptable;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.ArrayList;
import java.util.Arrays;
import javax.crypto.SecretKey;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* compiled from: SearchBox */
/* loaded from: classes6.dex */
public final class SSLParametersImpl implements Cloneable {
    public static Interceptable $ic;
    public static final String[] EMPTY_STRING_ARRAY = new String[0];
    public static volatile SSLParametersImpl defaultParameters;
    public static volatile X509KeyManager defaultX509KeyManager;
    public static volatile X509TrustManager defaultX509TrustManager;
    public ApplicationProtocolSelectorAdapter applicationProtocolSelector;
    public boolean channelIdEnabled;
    public final ClientSessionContext clientSessionContext;
    public boolean ctVerificationEnabled;
    public String[] enabledCipherSuites;
    public String[] enabledProtocols;
    public String endpointIdentificationAlgorithm;
    public boolean isEnabledProtocolsFiltered;
    public byte[] ocspResponse;
    public final PSKKeyManager pskKeyManager;
    public byte[] sctExtension;
    public final ServerSessionContext serverSessionContext;
    public boolean useCipherSuitesOrder;
    public boolean useSessionTickets;
    public Boolean useSni;
    public final X509KeyManager x509KeyManager;
    public final X509TrustManager x509TrustManager;
    public boolean client_mode = true;
    public boolean need_client_auth = false;
    public boolean want_client_auth = false;
    public boolean enable_session_creation = true;
    public byte[] applicationProtocols = EmptyArray.BYTE;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SearchBox */
    /* loaded from: classes6.dex */
    public interface AliasChooser {
        String chooseClientAlias(X509KeyManager x509KeyManager, X500Principal[] x500PrincipalArr, String[] strArr);

        String chooseServerAlias(X509KeyManager x509KeyManager, String str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SearchBox */
    /* loaded from: classes6.dex */
    public interface PSKCallbacks {
        String chooseClientPSKIdentity(PSKKeyManager pSKKeyManager, String str);

        String chooseServerPSKIdentityHint(PSKKeyManager pSKKeyManager);

        SecretKey getPSKKey(PSKKeyManager pSKKeyManager, String str, String str2);
    }

    public SSLParametersImpl(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, SecureRandom secureRandom, ClientSessionContext clientSessionContext, ServerSessionContext serverSessionContext, String[] strArr) throws KeyManagementException {
        this.serverSessionContext = serverSessionContext;
        this.clientSessionContext = clientSessionContext;
        if (keyManagerArr == null) {
            this.x509KeyManager = getDefaultX509KeyManager();
            this.pskKeyManager = null;
        } else {
            this.x509KeyManager = findFirstX509KeyManager(keyManagerArr);
            this.pskKeyManager = findFirstPSKKeyManager(keyManagerArr);
        }
        if (trustManagerArr == null) {
            this.x509TrustManager = getDefaultX509TrustManager();
        } else {
            this.x509TrustManager = findFirstX509TrustManager(trustManagerArr);
        }
        this.enabledProtocols = (String[]) NativeCrypto.checkEnabledProtocols(strArr == null ? NativeCrypto.DEFAULT_PROTOCOLS : strArr).clone();
        this.enabledCipherSuites = getDefaultCipherSuites((this.x509KeyManager == null && this.x509TrustManager == null) ? false : true, this.pskKeyManager != null);
    }

    private static String[] concat(String[]... strArr) {
        InterceptResult invokeL;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeL = interceptable.invokeL(32196, null, strArr)) != null) {
            return (String[]) invokeL.objValue;
        }
        int i = 0;
        for (String[] strArr2 : strArr) {
            i += strArr2.length;
        }
        String[] strArr3 = new String[i];
        int i2 = 0;
        for (String[] strArr4 : strArr) {
            System.arraycopy(strArr4, 0, strArr3, i2, strArr4.length);
            i2 += strArr4.length;
        }
        return strArr3;
    }

    private static X509KeyManager createDefaultX509KeyManager() throws KeyManagementException {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeV = interceptable.invokeV(32197, null)) != null) {
            return (X509KeyManager) invokeV.objValue;
        }
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(null, null);
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            X509KeyManager findFirstX509KeyManager = findFirstX509KeyManager(keyManagers);
            if (findFirstX509KeyManager == null) {
                throw new KeyManagementException("No X509KeyManager among default KeyManagers: " + Arrays.toString(keyManagers));
            }
            return findFirstX509KeyManager;
        } catch (KeyStoreException e) {
            throw new KeyManagementException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new KeyManagementException(e2);
        } catch (UnrecoverableKeyException e3) {
            throw new KeyManagementException(e3);
        }
    }

    private static X509TrustManager createDefaultX509TrustManager() throws KeyManagementException {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeV = interceptable.invokeV(32198, null)) != null) {
            return (X509TrustManager) invokeV.objValue;
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            X509TrustManager findFirstX509TrustManager = findFirstX509TrustManager(trustManagers);
            if (findFirstX509TrustManager == null) {
                throw new KeyManagementException("No X509TrustManager in among default TrustManagers: " + Arrays.toString(trustManagers));
            }
            return findFirstX509TrustManager;
        } catch (KeyStoreException e) {
            throw new KeyManagementException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new KeyManagementException(e2);
        }
    }

    private static String[] filterFromProtocols(String[] strArr, String str) {
        InterceptResult invokeLL;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeLL = interceptable.invokeLL(32199, null, strArr, str)) != null) {
            return (String[]) invokeLL.objValue;
        }
        if (strArr.length == 1 && str.equals(strArr[0])) {
            return EMPTY_STRING_ARRAY;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : strArr) {
            if (!str.equals(str2)) {
                arrayList.add(str2);
            }
        }
        return (String[]) arrayList.toArray(EMPTY_STRING_ARRAY);
    }

    private static PSKKeyManager findFirstPSKKeyManager(KeyManager[] keyManagerArr) {
        InterceptResult invokeL;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeL = interceptable.invokeL(32200, null, keyManagerArr)) != null) {
            return (PSKKeyManager) invokeL.objValue;
        }
        for (KeyManager keyManager : keyManagerArr) {
            if (keyManager instanceof PSKKeyManager) {
                return (PSKKeyManager) keyManager;
            }
            if (keyManager != null) {
                try {
                    return DuckTypedPSKKeyManager.getInstance(keyManager);
                } catch (NoSuchMethodException e) {
                }
            }
        }
        return null;
    }

    private static X509KeyManager findFirstX509KeyManager(KeyManager[] keyManagerArr) {
        InterceptResult invokeL;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeL = interceptable.invokeL(32201, null, keyManagerArr)) != null) {
            return (X509KeyManager) invokeL.objValue;
        }
        for (KeyManager keyManager : keyManagerArr) {
            if (keyManager instanceof X509KeyManager) {
                return (X509KeyManager) keyManager;
            }
        }
        return null;
    }

    private static X509TrustManager findFirstX509TrustManager(TrustManager[] trustManagerArr) {
        InterceptResult invokeL;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeL = interceptable.invokeL(32202, null, trustManagerArr)) != null) {
            return (X509TrustManager) invokeL.objValue;
        }
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    public static SSLParametersImpl getDefault() throws KeyManagementException {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeV = interceptable.invokeV(32205, null)) != null) {
            return (SSLParametersImpl) invokeV.objValue;
        }
        SSLParametersImpl sSLParametersImpl = defaultParameters;
        if (sSLParametersImpl == null) {
            sSLParametersImpl = new SSLParametersImpl(null, null, null, new ClientSessionContext(), new ServerSessionContext(), null);
            defaultParameters = sSLParametersImpl;
        }
        return (SSLParametersImpl) sSLParametersImpl.clone();
    }

    private static String[] getDefaultCipherSuites(boolean z, boolean z2) {
        InterceptResult invokeCommon;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeCommon = interceptable.invokeCommon(32206, null, new Object[]{Boolean.valueOf(z), Boolean.valueOf(z2)})) == null) ? z ? z2 ? concat(NativeCrypto.DEFAULT_PSK_CIPHER_SUITES, NativeCrypto.DEFAULT_X509_CIPHER_SUITES, new String[]{NativeCrypto.TLS_EMPTY_RENEGOTIATION_INFO_SCSV}) : concat(NativeCrypto.DEFAULT_X509_CIPHER_SUITES, new String[]{NativeCrypto.TLS_EMPTY_RENEGOTIATION_INFO_SCSV}) : z2 ? concat(NativeCrypto.DEFAULT_PSK_CIPHER_SUITES, new String[]{NativeCrypto.TLS_EMPTY_RENEGOTIATION_INFO_SCSV}) : new String[]{NativeCrypto.TLS_EMPTY_RENEGOTIATION_INFO_SCSV} : (String[]) invokeCommon.objValue;
    }

    private static X509KeyManager getDefaultX509KeyManager() throws KeyManagementException {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeV = interceptable.invokeV(32207, null)) != null) {
            return (X509KeyManager) invokeV.objValue;
        }
        X509KeyManager x509KeyManager = defaultX509KeyManager;
        if (x509KeyManager != null) {
            return x509KeyManager;
        }
        X509KeyManager createDefaultX509KeyManager = createDefaultX509KeyManager();
        defaultX509KeyManager = createDefaultX509KeyManager;
        return createDefaultX509KeyManager;
    }

    public static X509TrustManager getDefaultX509TrustManager() throws KeyManagementException {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeV = interceptable.invokeV(32208, null)) != null) {
            return (X509TrustManager) invokeV.objValue;
        }
        X509TrustManager x509TrustManager = defaultX509TrustManager;
        if (x509TrustManager != null) {
            return x509TrustManager;
        }
        X509TrustManager createDefaultX509TrustManager = createDefaultX509TrustManager();
        defaultX509TrustManager = createDefaultX509TrustManager;
        return createDefaultX509TrustManager;
    }

    private boolean isSniEnabledByDefault() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeV = interceptable.invokeV(32224, this)) != null) {
            return invokeV.booleanValue;
        }
        try {
            String property = System.getProperty("jsse.enableSNIExtension", "true");
            if ("true".equalsIgnoreCase(property)) {
                return true;
            }
            if ("false".equalsIgnoreCase(property)) {
                return false;
            }
            throw new RuntimeException("Can only set \"jsse.enableSNIExtension\" to \"true\" or \"false\"");
        } catch (SecurityException e) {
            return true;
        }
    }

    public Object clone() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeV = interceptable.invokeV(32195, this)) != null) {
            return invokeV.objValue;
        }
        try {
            return super.clone();
        } catch (CloneNotSupportedException e) {
            throw new AssertionError(e);
        }
    }

    public String[] getApplicationProtocols() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32203, this)) == null) ? SSLUtils.decodeProtocols(this.applicationProtocols) : (String[]) invokeV.objValue;
    }

    public ClientSessionContext getClientSessionContext() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32204, this)) == null) ? this.clientSessionContext : (ClientSessionContext) invokeV.objValue;
    }

    public boolean getEnableSessionCreation() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32209, this)) == null) ? this.enable_session_creation : invokeV.booleanValue;
    }

    public String[] getEnabledCipherSuites() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32210, this)) == null) ? (String[]) this.enabledCipherSuites.clone() : (String[]) invokeV.objValue;
    }

    public String[] getEnabledProtocols() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32211, this)) == null) ? (String[]) this.enabledProtocols.clone() : (String[]) invokeV.objValue;
    }

    public String getEndpointIdentificationAlgorithm() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32212, this)) == null) ? this.endpointIdentificationAlgorithm : (String) invokeV.objValue;
    }

    public boolean getNeedClientAuth() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32213, this)) == null) ? this.need_client_auth : invokeV.booleanValue;
    }

    public byte[] getOCSPResponse() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32214, this)) == null) ? this.ocspResponse : (byte[]) invokeV.objValue;
    }

    public PSKKeyManager getPSKKeyManager() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32215, this)) == null) ? this.pskKeyManager : (PSKKeyManager) invokeV.objValue;
    }

    public AbstractSessionContext getSessionContext() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32216, this)) == null) ? this.client_mode ? this.clientSessionContext : this.serverSessionContext : (AbstractSessionContext) invokeV.objValue;
    }

    public boolean getUseCipherSuitesOrder() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32217, this)) == null) ? this.useCipherSuitesOrder : invokeV.booleanValue;
    }

    public boolean getUseClientMode() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32218, this)) == null) ? this.client_mode : invokeV.booleanValue;
    }

    public boolean getUseSni() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32219, this)) == null) ? this.useSni != null ? this.useSni.booleanValue() : isSniEnabledByDefault() : invokeV.booleanValue;
    }

    public boolean getWantClientAuth() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32220, this)) == null) ? this.want_client_auth : invokeV.booleanValue;
    }

    public X509KeyManager getX509KeyManager() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32221, this)) == null) ? this.x509KeyManager : (X509KeyManager) invokeV.objValue;
    }

    public X509TrustManager getX509TrustManager() {
        InterceptResult invokeV;
        Interceptable interceptable = $ic;
        return (interceptable == null || (invokeV = interceptable.invokeV(32222, this)) == null) ? this.x509TrustManager : (X509TrustManager) invokeV.objValue;
    }

    public boolean isCTVerificationEnabled(String str) {
        InterceptResult invokeL;
        Interceptable interceptable = $ic;
        if (interceptable != null && (invokeL = interceptable.invokeL(32223, this, str)) != null) {
            return invokeL.booleanValue;
        }
        if (str == null) {
            return false;
        }
        if (this.ctVerificationEnabled) {
            return true;
        }
        return Platform.isCTVerificationRequired(str);
    }

    public void setApplicationProtocolSelector(ApplicationProtocolSelectorAdapter applicationProtocolSelectorAdapter) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeL(32225, this, applicationProtocolSelectorAdapter) == null) {
            this.applicationProtocolSelector = applicationProtocolSelectorAdapter;
        }
    }

    public void setApplicationProtocols(String[] strArr) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeL(32226, this, strArr) == null) {
            this.applicationProtocols = SSLUtils.encodeProtocols(strArr);
        }
    }

    public void setCTVerificationEnabled(boolean z) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeZ(32227, this, z) == null) {
            this.ctVerificationEnabled = z;
        }
    }

    public void setEnableSessionCreation(boolean z) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeZ(32228, this, z) == null) {
            this.enable_session_creation = z;
        }
    }

    public void setEnabledCipherSuites(String[] strArr) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeL(32229, this, strArr) == null) {
            this.enabledCipherSuites = (String[]) NativeCrypto.checkEnabledCipherSuites(strArr).clone();
        }
    }

    public void setEnabledProtocols(String[] strArr) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeL(32230, this, strArr) == null) {
            if (strArr == null) {
                throw new IllegalArgumentException("protocols == null");
            }
            String[] filterFromProtocols = filterFromProtocols(strArr, NativeCrypto.OBSOLETE_PROTOCOL_SSLV3);
            this.isEnabledProtocolsFiltered = strArr.length != filterFromProtocols.length;
            this.enabledProtocols = (String[]) NativeCrypto.checkEnabledProtocols(filterFromProtocols).clone();
        }
    }

    public void setEndpointIdentificationAlgorithm(String str) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeL(32231, this, str) == null) {
            this.endpointIdentificationAlgorithm = str;
        }
    }

    public void setNeedClientAuth(boolean z) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeZ(32232, this, z) == null) {
            this.need_client_auth = z;
            this.want_client_auth = false;
        }
    }

    public void setOCSPResponse(byte[] bArr) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeL(32233, this, bArr) == null) {
            this.ocspResponse = bArr;
        }
    }

    public void setSCTExtension(byte[] bArr) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeL(32234, this, bArr) == null) {
            this.sctExtension = bArr;
        }
    }

    public void setUseCipherSuitesOrder(boolean z) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeZ(32235, this, z) == null) {
            this.useCipherSuitesOrder = z;
        }
    }

    public void setUseClientMode(boolean z) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeZ(32236, this, z) == null) {
            this.client_mode = z;
        }
    }

    public void setUseSessionTickets(boolean z) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeZ(32237, this, z) == null) {
            this.useSessionTickets = z;
        }
    }

    public void setUseSni(boolean z) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeZ(32238, this, z) == null) {
            this.useSni = Boolean.valueOf(z);
        }
    }

    public void setWantClientAuth(boolean z) {
        Interceptable interceptable = $ic;
        if (interceptable == null || interceptable.invokeZ(32239, this, z) == null) {
            this.want_client_auth = z;
            this.need_client_auth = false;
        }
    }
}
