package defpackage;

import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.ClientAuth;
import java.io.File;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.crypto.NoSuchPaddingException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSessionContext;

/* loaded from: classes5.dex */
public class edn extends eev {
    static final String PROTOCOL = "TLS";
    static final String[] evT;
    static final List<String> evU;
    static final Set<String> evV;
    private static final elt logger = elu.af(edn.class);
    private final String[] cipherSuites;
    private final List<String> evW;
    private final edi evX;
    private final ClientAuth evY;
    private final boolean isClient;
    private final String[] protocols;
    private final SSLContext sslContext;

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    static {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, null, null);
            SSLEngine createSSLEngine = sSLContext.createSSLEngine();
            String[] supportedProtocols = createSSLEngine.getSupportedProtocols();
            HashSet hashSet = new HashSet(supportedProtocols.length);
            for (String str : supportedProtocols) {
                hashSet.add(str);
            }
            ArrayList arrayList = new ArrayList();
            a(hashSet, arrayList, "TLSv1.2", "TLSv1.1", "TLSv1");
            if (arrayList.isEmpty()) {
                evT = createSSLEngine.getEnabledProtocols();
            } else {
                evT = (String[]) arrayList.toArray(new String[arrayList.size()]);
            }
            String[] supportedCipherSuites = createSSLEngine.getSupportedCipherSuites();
            evV = new HashSet(supportedCipherSuites.length);
            for (String str2 : supportedCipherSuites) {
                evV.add(str2);
                if (str2.startsWith("SSL_")) {
                    evV.add("TLS_" + str2.substring(4));
                }
            }
            ArrayList arrayList2 = new ArrayList();
            a(evV, arrayList2, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA");
            if (arrayList2.isEmpty()) {
                for (String str3 : createSSLEngine.getEnabledCipherSuites()) {
                    if (!str3.contains("_RC4_")) {
                        arrayList2.add(str3);
                    }
                }
            }
            evU = Collections.unmodifiableList(arrayList2);
            if (logger.isDebugEnabled()) {
                logger.debug("Default protocols (JDK): {} ", Arrays.asList(evT));
                logger.debug("Default cipher suites (JDK): {}", evU);
            }
        } catch (Exception e) {
            throw new Error("failed to initialize the default SSL context", e);
        }
    }

    public edn(SSLContext sSLContext, boolean z, ClientAuth clientAuth) {
        this(sSLContext, z, null, ede.evE, edk.evQ, clientAuth, null, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public edn(SSLContext sSLContext, boolean z, Iterable<String> iterable, edb edbVar, edi ediVar, ClientAuth clientAuth, String[] strArr, boolean z2) {
        super(z2);
        this.evX = (edi) ela.checkNotNull(ediVar, "apn");
        this.evY = (ClientAuth) ela.checkNotNull(clientAuth, "clientAuth");
        this.cipherSuites = ((edb) ela.checkNotNull(edbVar, "cipherFilter")).a(iterable, evU, evV);
        this.protocols = strArr == null ? evT : strArr;
        this.evW = Collections.unmodifiableList(Arrays.asList(this.cipherSuites));
        this.sslContext = (SSLContext) ela.checkNotNull(sSLContext, "sslContext");
        this.isClient = z;
    }

    public edn(SSLContext sSLContext, boolean z, Iterable<String> iterable, edb edbVar, ApplicationProtocolConfig applicationProtocolConfig, ClientAuth clientAuth) {
        this(sSLContext, z, iterable, edbVar, a(applicationProtocolConfig, !z), clientAuth, null, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static edi a(ApplicationProtocolConfig applicationProtocolConfig, boolean z) {
        if (applicationProtocolConfig == null) {
            return edk.evQ;
        }
        switch (applicationProtocolConfig.blP()) {
            case NONE:
                return edk.evQ;
            case ALPN:
                if (z) {
                    switch (applicationProtocolConfig.blQ()) {
                        case FATAL_ALERT:
                            return new edh(true, (Iterable<String>) applicationProtocolConfig.blO());
                        case NO_ADVERTISE:
                            return new edh(false, (Iterable<String>) applicationProtocolConfig.blO());
                        default:
                            throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.blQ() + " failure behavior");
                    }
                }
                switch (applicationProtocolConfig.blR()) {
                    case ACCEPT:
                        return new edh(false, (Iterable<String>) applicationProtocolConfig.blO());
                    case FATAL_ALERT:
                        return new edh(true, (Iterable<String>) applicationProtocolConfig.blO());
                    default:
                        throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.blR() + " failure behavior");
                }
            case NPN:
                if (z) {
                    switch (applicationProtocolConfig.blR()) {
                        case ACCEPT:
                            return new edl(false, (Iterable<String>) applicationProtocolConfig.blO());
                        case FATAL_ALERT:
                            return new edl(true, (Iterable<String>) applicationProtocolConfig.blO());
                        default:
                            throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.blR() + " failure behavior");
                    }
                }
                switch (applicationProtocolConfig.blQ()) {
                    case FATAL_ALERT:
                        return new edl(true, (Iterable<String>) applicationProtocolConfig.blO());
                    case NO_ADVERTISE:
                        return new edl(false, (Iterable<String>) applicationProtocolConfig.blO());
                    default:
                        throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.blQ() + " failure behavior");
                }
            default:
                throw new UnsupportedOperationException("JDK provider does not support " + applicationProtocolConfig.blP() + " protocol");
        }
    }

    @Deprecated
    protected static KeyManagerFactory a(File file, File file2, String str, KeyManagerFactory keyManagerFactory) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidAlgorithmParameterException, CertificateException, KeyException, IOException {
        String property = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        if (property == null) {
            property = "SunX509";
        }
        return a(file, property, file2, str, keyManagerFactory);
    }

    @Deprecated
    protected static KeyManagerFactory a(File file, String str, File file2, String str2, KeyManagerFactory keyManagerFactory) throws KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidAlgorithmParameterException, IOException, CertificateException, KeyException, UnrecoverableKeyException {
        return a(O(file), str, c(file2, str2), str2, keyManagerFactory);
    }

    private static void a(Set<String> set, List<String> list, String... strArr) {
        for (String str : strArr) {
            if (set.contains(str)) {
                list.add(str);
            }
        }
    }

    private SSLEngine c(SSLEngine sSLEngine) {
        sSLEngine.setEnabledCipherSuites(this.cipherSuites);
        sSLEngine.setEnabledProtocols(this.protocols);
        sSLEngine.setUseClientMode(blV());
        if (bnH()) {
            switch (this.evY) {
                case OPTIONAL:
                    sSLEngine.setWantClientAuth(true);
                    break;
                case REQUIRE:
                    sSLEngine.setNeedClientAuth(true);
                    break;
                case NONE:
                    break;
                default:
                    throw new Error("Unknown auth " + this.evY);
            }
        }
        return this.evX.bma().a(sSLEngine, this.evX, bnH());
    }

    @Override // defpackage.eev
    public final SSLEngine a(dqs dqsVar, String str, int i) {
        return c(bmf().createSSLEngine(str, i));
    }

    @Override // defpackage.eev
    public final boolean blV() {
        return this.isClient;
    }

    @Override // defpackage.eev
    public final long blW() {
        return blZ().getSessionCacheSize();
    }

    @Override // defpackage.eev
    public final long blX() {
        return blZ().getSessionTimeout();
    }

    @Override // defpackage.eev
    public final SSLSessionContext blZ() {
        return bnH() ? bmf().getServerSessionContext() : bmf().getClientSessionContext();
    }

    public final SSLContext bmf() {
        return this.sslContext;
    }

    @Override // defpackage.eev
    /* renamed from: bmg, reason: merged with bridge method [inline-methods] */
    public final edi blY() {
        return this.evX;
    }

    @Override // defpackage.eev
    public final List<String> cipherSuites() {
        return this.evW;
    }

    @Override // defpackage.eev
    public final SSLEngine h(dqs dqsVar) {
        return c(bmf().createSSLEngine());
    }
}
