package jd;

import hd.n;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.tomcat.jni.Pool;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.jni.SSLConf;
import org.apache.tomcat.jni.SSLContext;
import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.openssl.OpenSSLEngine;
import org.apache.tomcat.util.net.openssl.OpenSSLX509Certificate;
import org.apache.tomcat.util.res.StringManager;

/* loaded from: classes2.dex */
public class a implements n {

    /* renamed from: q, reason: collision with root package name */
    public static final String f8282q = "TLS";

    /* renamed from: r, reason: collision with root package name */
    public static final CertificateFactory f8283r;

    /* renamed from: s, reason: collision with root package name */
    public static final String f8284s = "-----BEGIN RSA PRIVATE KEY-----\n";
    public final SSLHostConfig a;
    public final SSLHostConfigCertificate b;

    /* renamed from: c, reason: collision with root package name */
    public e f8286c;

    /* renamed from: d, reason: collision with root package name */
    public X509KeyManager f8287d;

    /* renamed from: e, reason: collision with root package name */
    public X509TrustManager f8288e;

    /* renamed from: f, reason: collision with root package name */
    public final List<String> f8289f;

    /* renamed from: h, reason: collision with root package name */
    public String f8291h;

    /* renamed from: k, reason: collision with root package name */
    public final long f8294k;

    /* renamed from: l, reason: collision with root package name */
    public final long f8295l;

    /* renamed from: n, reason: collision with root package name */
    public static final dc.b f8279n = dc.c.d(a.class);

    /* renamed from: o, reason: collision with root package name */
    public static final StringManager f8280o = StringManager.c(AbstractEndpoint.class);

    /* renamed from: p, reason: collision with root package name */
    public static final StringManager f8281p = StringManager.c(a.class);

    /* renamed from: t, reason: collision with root package name */
    public static final Object f8285t = "\n-----END RSA PRIVATE KEY-----";

    /* renamed from: g, reason: collision with root package name */
    public List<String> f8290g = new ArrayList();

    /* renamed from: j, reason: collision with root package name */
    public final AtomicInteger f8293j = new AtomicInteger(0);

    /* renamed from: m, reason: collision with root package name */
    public boolean f8296m = false;

    /* renamed from: i, reason: collision with root package name */
    public final long f8292i = Pool.create(0);

    /* renamed from: jd.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public class C0091a implements ic.b {
        public C0091a() {
        }

        @Override // ic.b
        public boolean a(long j10, byte[][] bArr, String str) {
            try {
                a.this.f8288e.checkClientTrusted(a.j(bArr), str);
                return true;
            } catch (Exception e10) {
                a.f8279n.b(a.f8281p.g("openssl.certificateVerificationFailed"), e10);
                return false;
            }
        }
    }

    /* loaded from: classes2.dex */
    public static /* synthetic */ class b {
        public static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[SSLHostConfig.CertificateVerification.values().length];
            a = iArr;
            try {
                iArr[SSLHostConfig.CertificateVerification.NONE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[SSLHostConfig.CertificateVerification.OPTIONAL.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[SSLHostConfig.CertificateVerification.OPTIONAL_NO_CA.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                a[SSLHostConfig.CertificateVerification.REQUIRED.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    static {
        try {
            f8283r = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e10) {
            throw new IllegalStateException(f8281p.g("openssl.X509FactoryError"), e10);
        }
    }

    public a(SSLHostConfigCertificate sSLHostConfigCertificate, List<String> list) throws SSLException {
        this.a = sSLHostConfigCertificate.getSSLHostConfig();
        this.b = sSLHostConfigCertificate;
        try {
            try {
                if (this.a.getOpenSslConf() != null) {
                    try {
                        if (f8279n.e()) {
                            f8279n.a(f8281p.g("openssl.makeConf"));
                        }
                        this.f8294k = SSLConf.make(this.f8292i, 58);
                    } catch (Exception e10) {
                        throw new SSLException(f8281p.g("openssl.errMakeConf"), e10);
                    }
                } else {
                    this.f8294k = 0L;
                }
                this.a.setOpenSslConfContext(Long.valueOf(this.f8294k));
                int i10 = 0;
                for (String str : this.a.getEnabledProtocols()) {
                    if (!hd.f.f7577k.equalsIgnoreCase(str)) {
                        if (hd.f.f7576j.equalsIgnoreCase(str)) {
                            i10 |= 1;
                        } else if (hd.f.f7575i.equalsIgnoreCase(str)) {
                            i10 |= 2;
                        } else if (hd.f.f7574h.equalsIgnoreCase(str)) {
                            i10 |= 4;
                        } else if (hd.f.f7572f.equalsIgnoreCase(str)) {
                            i10 |= 8;
                        } else if (hd.f.f7571e.equalsIgnoreCase(str)) {
                            i10 |= 16;
                        } else if (hd.f.f7570d.equalsIgnoreCase(str)) {
                            i10 |= 32;
                        } else {
                            if (!hd.f.b.equalsIgnoreCase(str)) {
                                throw new Exception(f8280o.h("endpoint.apr.invalidSslProtocol", str));
                            }
                            i10 |= SSL.H;
                        }
                    }
                }
                try {
                    this.f8295l = SSLContext.make(this.f8292i, i10, 1);
                    this.f8289f = list;
                } catch (Exception e11) {
                    throw new Exception(f8280o.g("endpoint.apr.failSslContextMake"), e11);
                }
            } catch (Exception e12) {
                throw new SSLException(f8281p.g("openssl.errorSSLCtxInit"), e12);
            }
        } catch (Throwable th) {
            destroy();
            throw th;
        }
    }

    public static X509Certificate[] j(byte[][] bArr) {
        int length = bArr.length;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        for (int i10 = 0; i10 < length; i10++) {
            x509CertificateArr[i10] = new OpenSSLX509Certificate(bArr[i10]);
        }
        return x509CertificateArr;
    }

    public static X509KeyManager k(KeyManager[] keyManagerArr) throws Exception {
        for (KeyManager keyManager : keyManagerArr) {
            if (keyManager instanceof id.b) {
                return (id.b) keyManager;
            }
        }
        for (KeyManager keyManager2 : keyManagerArr) {
            if (keyManager2 instanceof X509KeyManager) {
                return (X509KeyManager) keyManager2;
            }
        }
        throw new IllegalStateException(f8281p.g("openssl.keyManagerMissing"));
    }

    public static X509TrustManager l(TrustManager[] trustManagerArr) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        throw new IllegalStateException(f8281p.g("openssl.trustManagerMissing"));
    }

    public static String m(X509KeyManager x509KeyManager, SSLHostConfigCertificate sSLHostConfigCertificate) {
        SSLHostConfigCertificate.Type type = sSLHostConfigCertificate.getType();
        ArrayList arrayList = new ArrayList();
        if (SSLHostConfigCertificate.Type.UNDEFINED.equals(type)) {
            arrayList.addAll(Arrays.asList(SSLHostConfigCertificate.Type.values()));
            arrayList.remove(SSLHostConfigCertificate.Type.UNDEFINED);
        } else {
            arrayList.add(type);
        }
        Iterator it = arrayList.iterator();
        String str = null;
        while (str == null && it.hasNext()) {
            str = x509KeyManager.chooseServerAlias(((SSLHostConfigCertificate.Type) it.next()).toString(), null, null);
        }
        return str;
    }

    @Override // hd.n
    public SSLSessionContext a() {
        return this.f8286c;
    }

    /* JADX WARN: Removed duplicated region for block: B:101:0x01f6 A[Catch: Exception -> 0x0355, all -> 0x0368, TryCatch #2 {Exception -> 0x0355, blocks: (B:10:0x0014, B:12:0x001e, B:13:0x0029, B:15:0x0033, B:16:0x003e, B:18:0x0048, B:19:0x0053, B:21:0x005d, B:22:0x0068, B:24:0x0070, B:25:0x008a, B:27:0x0092, B:28:0x00ac, B:30:0x00c7, B:31:0x0186, B:38:0x01a4, B:40:0x01b1, B:42:0x01cb, B:44:0x01de, B:46:0x01f3, B:49:0x020f, B:51:0x0213, B:53:0x021b, B:54:0x023c, B:56:0x0244, B:58:0x024c, B:60:0x0254, B:64:0x0269, B:66:0x0271, B:70:0x0288, B:72:0x029d, B:73:0x02a2, B:75:0x02a7, B:76:0x02ac, B:78:0x02b1, B:79:0x02b6, B:81:0x02bb, B:82:0x02c0, B:84:0x02c5, B:85:0x02ca, B:90:0x0303, B:91:0x0310, B:96:0x032d, B:97:0x033a, B:98:0x033b, B:101:0x01f6, B:104:0x0110, B:107:0x0120, B:109:0x0128, B:110:0x0136, B:111:0x0175, B:113:0x0178, B:115:0x009f, B:116:0x007d, B:117:0x0063, B:118:0x004e, B:119:0x0039, B:120:0x0024), top: B:9:0x0014, outer: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:40:0x01b1 A[Catch: Exception -> 0x0355, all -> 0x0368, TryCatch #2 {Exception -> 0x0355, blocks: (B:10:0x0014, B:12:0x001e, B:13:0x0029, B:15:0x0033, B:16:0x003e, B:18:0x0048, B:19:0x0053, B:21:0x005d, B:22:0x0068, B:24:0x0070, B:25:0x008a, B:27:0x0092, B:28:0x00ac, B:30:0x00c7, B:31:0x0186, B:38:0x01a4, B:40:0x01b1, B:42:0x01cb, B:44:0x01de, B:46:0x01f3, B:49:0x020f, B:51:0x0213, B:53:0x021b, B:54:0x023c, B:56:0x0244, B:58:0x024c, B:60:0x0254, B:64:0x0269, B:66:0x0271, B:70:0x0288, B:72:0x029d, B:73:0x02a2, B:75:0x02a7, B:76:0x02ac, B:78:0x02b1, B:79:0x02b6, B:81:0x02bb, B:82:0x02c0, B:84:0x02c5, B:85:0x02ca, B:90:0x0303, B:91:0x0310, B:96:0x032d, B:97:0x033a, B:98:0x033b, B:101:0x01f6, B:104:0x0110, B:107:0x0120, B:109:0x0128, B:110:0x0136, B:111:0x0175, B:113:0x0178, B:115:0x009f, B:116:0x007d, B:117:0x0063, B:118:0x004e, B:119:0x0039, B:120:0x0024), top: B:9:0x0014, outer: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:60:0x0254 A[Catch: Exception -> 0x0355, all -> 0x0368, TRY_LEAVE, TryCatch #2 {Exception -> 0x0355, blocks: (B:10:0x0014, B:12:0x001e, B:13:0x0029, B:15:0x0033, B:16:0x003e, B:18:0x0048, B:19:0x0053, B:21:0x005d, B:22:0x0068, B:24:0x0070, B:25:0x008a, B:27:0x0092, B:28:0x00ac, B:30:0x00c7, B:31:0x0186, B:38:0x01a4, B:40:0x01b1, B:42:0x01cb, B:44:0x01de, B:46:0x01f3, B:49:0x020f, B:51:0x0213, B:53:0x021b, B:54:0x023c, B:56:0x0244, B:58:0x024c, B:60:0x0254, B:64:0x0269, B:66:0x0271, B:70:0x0288, B:72:0x029d, B:73:0x02a2, B:75:0x02a7, B:76:0x02ac, B:78:0x02b1, B:79:0x02b6, B:81:0x02bb, B:82:0x02c0, B:84:0x02c5, B:85:0x02ca, B:90:0x0303, B:91:0x0310, B:96:0x032d, B:97:0x033a, B:98:0x033b, B:101:0x01f6, B:104:0x0110, B:107:0x0120, B:109:0x0128, B:110:0x0136, B:111:0x0175, B:113:0x0178, B:115:0x009f, B:116:0x007d, B:117:0x0063, B:118:0x004e, B:119:0x0039, B:120:0x0024), top: B:9:0x0014, outer: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:64:0x0269 A[Catch: Exception -> 0x0355, all -> 0x0368, TRY_ENTER, TryCatch #2 {Exception -> 0x0355, blocks: (B:10:0x0014, B:12:0x001e, B:13:0x0029, B:15:0x0033, B:16:0x003e, B:18:0x0048, B:19:0x0053, B:21:0x005d, B:22:0x0068, B:24:0x0070, B:25:0x008a, B:27:0x0092, B:28:0x00ac, B:30:0x00c7, B:31:0x0186, B:38:0x01a4, B:40:0x01b1, B:42:0x01cb, B:44:0x01de, B:46:0x01f3, B:49:0x020f, B:51:0x0213, B:53:0x021b, B:54:0x023c, B:56:0x0244, B:58:0x024c, B:60:0x0254, B:64:0x0269, B:66:0x0271, B:70:0x0288, B:72:0x029d, B:73:0x02a2, B:75:0x02a7, B:76:0x02ac, B:78:0x02b1, B:79:0x02b6, B:81:0x02bb, B:82:0x02c0, B:84:0x02c5, B:85:0x02ca, B:90:0x0303, B:91:0x0310, B:96:0x032d, B:97:0x033a, B:98:0x033b, B:101:0x01f6, B:104:0x0110, B:107:0x0120, B:109:0x0128, B:110:0x0136, B:111:0x0175, B:113:0x0178, B:115:0x009f, B:116:0x007d, B:117:0x0063, B:118:0x004e, B:119:0x0039, B:120:0x0024), top: B:9:0x0014, outer: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:92:0x0311 A[Catch: Exception -> 0x032c, all -> 0x0368, TRY_ENTER, TryCatch #0 {Exception -> 0x032c, blocks: (B:62:0x0261, B:92:0x0311, B:93:0x032b), top: B:61:0x0261 }] */
    @Override // hd.n
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized void b(javax.net.ssl.KeyManager[] r9, javax.net.ssl.TrustManager[] r10, java.security.SecureRandom r11) {
        /*
            Method dump skipped, instructions count: 875
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: jd.a.b(javax.net.ssl.KeyManager[], javax.net.ssl.TrustManager[], java.security.SecureRandom):void");
    }

    @Override // hd.n
    public SSLParameters c() {
        throw new UnsupportedOperationException();
    }

    @Override // hd.n
    public SSLEngine d() {
        long j10 = this.f8295l;
        e eVar = this.f8286c;
        List<String> list = this.f8289f;
        return new OpenSSLEngine(j10, "TLS", false, eVar, list != null && list.size() > 0, this.f8296m);
    }

    @Override // hd.n
    public synchronized void destroy() {
        if (this.f8293j.compareAndSet(0, 1)) {
            if (this.f8295l != 0) {
                SSLContext.free(this.f8295l);
            }
            if (this.f8294k != 0) {
                SSLConf.free(this.f8294k);
            }
            if (this.f8292i != 0) {
                Pool.destroy(this.f8292i);
            }
        }
    }

    @Override // hd.n
    public SSLServerSocketFactory e() {
        throw new UnsupportedOperationException();
    }

    public void finalize() throws Throwable {
        try {
            destroy();
        } finally {
            super.finalize();
        }
    }

    @Override // hd.n
    public X509Certificate[] getAcceptedIssuers() {
        X509TrustManager x509TrustManager = this.f8288e;
        if (x509TrustManager != null) {
            return x509TrustManager.getAcceptedIssuers();
        }
        return null;
    }

    @Override // hd.n
    public X509Certificate[] getCertificateChain(String str) {
        if (this.f8287d == null) {
            return null;
        }
        if (str == null) {
            str = "tomcat";
        }
        X509Certificate[] certificateChain = this.f8287d.getCertificateChain(str);
        if (certificateChain != null) {
            return certificateChain;
        }
        return this.f8287d.getCertificateChain(m(this.f8287d, this.b));
    }

    public String n() {
        return this.f8291h;
    }

    public List<String> o() {
        return this.f8290g;
    }

    public long p() {
        return this.f8295l;
    }

    public void q(String str) {
        if (str == null) {
            str = "TLS";
        }
        this.f8291h = str;
    }
}
