package org.conscrypt;

import java.security.AlgorithmConstraints;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Set;
import javax.crypto.SecretKey;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SNIMatcher;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public final class SSLParametersImpl implements Cloneable {
    private static volatile X509KeyManager a;

    /* renamed from: a, reason: collision with other field name */
    private static volatile X509TrustManager f8158a;

    /* renamed from: a, reason: collision with other field name */
    private static volatile SSLParametersImpl f8159a;
    private static final String[] c = new String[0];

    /* renamed from: a, reason: collision with other field name */
    private Boolean f8160a;

    /* renamed from: a, reason: collision with other field name */
    private String f8161a;

    /* renamed from: a, reason: collision with other field name */
    private AlgorithmConstraints f8162a;

    /* renamed from: a, reason: collision with other field name */
    private Collection<SNIMatcher> f8163a;

    /* renamed from: a, reason: collision with other field name */
    private final PSKKeyManager f8164a;

    /* renamed from: a, reason: collision with other field name */
    private final aq f8165a;

    /* renamed from: a, reason: collision with other field name */
    g f8166a;

    /* renamed from: a, reason: collision with other field name */
    private final n f8167a;

    /* renamed from: a, reason: collision with other field name */
    boolean f8168a;

    /* renamed from: a, reason: collision with other field name */
    byte[] f8169a;

    /* renamed from: a, reason: collision with other field name */
    String[] f8170a;
    private final X509KeyManager b;

    /* renamed from: b, reason: collision with other field name */
    private final X509TrustManager f8171b;

    /* renamed from: b, reason: collision with other field name */
    boolean f8172b;

    /* renamed from: b, reason: collision with other field name */
    byte[] f8173b;

    /* renamed from: b, reason: collision with other field name */
    String[] f8174b;

    /* renamed from: c, reason: collision with other field name */
    boolean f8175c;

    /* renamed from: c, reason: collision with other field name */
    byte[] f8176c;
    private boolean d;
    private boolean e;
    private boolean f;
    private boolean g;
    private boolean h;
    private boolean i;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public interface AliasChooser {
        String chooseClientAlias(X509KeyManager x509KeyManager, X500Principal[] x500PrincipalArr, String[] strArr);

        String chooseServerAlias(X509KeyManager x509KeyManager, String str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public interface PSKCallbacks {
        String chooseClientPSKIdentity(PSKKeyManager pSKKeyManager, String str);

        String chooseServerPSKIdentityHint(PSKKeyManager pSKKeyManager);

        SecretKey getPSKKey(PSKKeyManager pSKKeyManager, String str, String str2);
    }

    private SSLParametersImpl(n nVar, aq aqVar, X509KeyManager x509KeyManager, PSKKeyManager pSKKeyManager, X509TrustManager x509TrustManager, SSLParametersImpl sSLParametersImpl) {
        this.d = true;
        this.e = false;
        this.f = false;
        this.g = true;
        this.f8176c = t.a;
        this.f8167a = nVar;
        this.f8165a = aqVar;
        this.b = x509KeyManager;
        this.f8164a = pSKKeyManager;
        this.f8171b = x509TrustManager;
        String[] strArr = sSLParametersImpl.f8170a;
        this.f8170a = strArr == null ? null : (String[]) strArr.clone();
        this.f8168a = sSLParametersImpl.f8168a;
        String[] strArr2 = sSLParametersImpl.f8174b;
        this.f8174b = strArr2 == null ? null : (String[]) strArr2.clone();
        this.d = sSLParametersImpl.d;
        this.e = sSLParametersImpl.e;
        this.f = sSLParametersImpl.f;
        this.g = sSLParametersImpl.g;
        this.f8161a = sSLParametersImpl.f8161a;
        this.h = sSLParametersImpl.h;
        this.i = sSLParametersImpl.i;
        byte[] bArr = sSLParametersImpl.f8169a;
        this.f8169a = bArr == null ? null : (byte[]) bArr.clone();
        byte[] bArr2 = sSLParametersImpl.f8173b;
        this.f8173b = bArr2 == null ? null : (byte[]) bArr2.clone();
        byte[] bArr3 = sSLParametersImpl.f8176c;
        this.f8176c = bArr3 != null ? (byte[]) bArr3.clone() : null;
        this.f8166a = sSLParametersImpl.f8166a;
        this.f8172b = sSLParametersImpl.f8172b;
        this.f8160a = sSLParametersImpl.f8160a;
        this.f8175c = sSLParametersImpl.f8175c;
    }

    SSLParametersImpl(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, SecureRandom secureRandom, n nVar, aq aqVar, String[] strArr) throws KeyManagementException {
        this.d = true;
        this.e = false;
        this.f = false;
        this.g = true;
        this.f8176c = t.a;
        this.f8165a = aqVar;
        this.f8167a = nVar;
        if (keyManagerArr == null) {
            this.b = b();
            this.f8164a = null;
        } else {
            this.b = a(keyManagerArr);
            this.f8164a = m5230a(keyManagerArr);
        }
        if (trustManagerArr == null) {
            this.f8171b = m5231b();
        } else {
            this.f8171b = a(trustManagerArr);
        }
        this.f8170a = (String[]) NativeCrypto.m5200a(strArr == null ? NativeCrypto.h : strArr).clone();
        this.f8174b = a((this.b == null && this.f8171b == null) ? false : true, this.f8164a != null);
    }

    private static X509KeyManager a(KeyManager[] keyManagerArr) {
        for (KeyManager keyManager : keyManagerArr) {
            if (keyManager instanceof X509KeyManager) {
                return (X509KeyManager) keyManager;
            }
        }
        return null;
    }

    private static X509TrustManager a(TrustManager[] trustManagerArr) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    /* renamed from: a, reason: collision with other method in class */
    private static PSKKeyManager m5230a(KeyManager[] keyManagerArr) {
        int length = keyManagerArr.length;
        for (int i = 0; i < length; i++) {
            KeyManager keyManager = keyManagerArr[i];
            if (keyManager instanceof PSKKeyManager) {
                return (PSKKeyManager) keyManager;
            }
            if (keyManager != null) {
                try {
                    return s.a(keyManager);
                } catch (NoSuchMethodException unused) {
                    continue;
                }
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSLParametersImpl a() throws KeyManagementException {
        SSLParametersImpl sSLParametersImpl = f8159a;
        if (sSLParametersImpl == null) {
            sSLParametersImpl = new SSLParametersImpl((KeyManager[]) null, (TrustManager[]) null, (SecureRandom) null, new n(), new aq(), (String[]) null);
            f8159a = sSLParametersImpl;
        }
        return (SSLParametersImpl) sSLParametersImpl.clone();
    }

    private static String[] a(boolean z, boolean z2) {
        return z ? z2 ? SSLUtils.a(NativeCrypto.f8140c, NativeCrypto.f8139b, new String[]{"TLS_EMPTY_RENEGOTIATION_INFO_SCSV"}) : SSLUtils.a(NativeCrypto.f8139b, new String[]{"TLS_EMPTY_RENEGOTIATION_INFO_SCSV"}) : z2 ? SSLUtils.a(NativeCrypto.f8140c, new String[]{"TLS_EMPTY_RENEGOTIATION_INFO_SCSV"}) : new String[]{"TLS_EMPTY_RENEGOTIATION_INFO_SCSV"};
    }

    private static String[] a(String[] strArr, String str) {
        if (strArr.length == 1 && str.equals(strArr[0])) {
            return c;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : strArr) {
            if (!str.equals(str2)) {
                arrayList.add(str2);
            }
        }
        return (String[]) arrayList.toArray(c);
    }

    private static String[] a(String[] strArr, Set<String> set) {
        if (strArr == null || strArr.length == 0) {
            return strArr;
        }
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            if (!set.contains(str)) {
                arrayList.add(str);
            }
        }
        return (String[]) arrayList.toArray(c);
    }

    private static X509KeyManager b() throws KeyManagementException {
        X509KeyManager x509KeyManager = a;
        if (x509KeyManager != null) {
            return x509KeyManager;
        }
        X509KeyManager c2 = c();
        a = c2;
        return c2;
    }

    /* renamed from: b, reason: collision with other method in class */
    static X509TrustManager m5231b() throws KeyManagementException {
        X509TrustManager x509TrustManager = f8158a;
        if (x509TrustManager != null) {
            return x509TrustManager;
        }
        X509TrustManager m5232c = m5232c();
        f8158a = m5232c;
        return m5232c;
    }

    private static X509KeyManager c() throws KeyManagementException {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(null, null);
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            X509KeyManager a2 = a(keyManagers);
            if (a2 != null) {
                return a2;
            }
            throw new KeyManagementException("No X509KeyManager among default KeyManagers: " + Arrays.toString(keyManagers));
        } catch (KeyStoreException e) {
            throw new KeyManagementException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new KeyManagementException(e2);
        } catch (UnrecoverableKeyException e3) {
            throw new KeyManagementException(e3);
        }
    }

    /* renamed from: c, reason: collision with other method in class */
    private static X509TrustManager m5232c() throws KeyManagementException {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            X509TrustManager a2 = a(trustManagers);
            if (a2 != null) {
                return a2;
            }
            throw new KeyManagementException("No X509TrustManager in among default TrustManagers: " + Arrays.toString(trustManagers));
        } catch (KeyStoreException e) {
            throw new KeyManagementException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new KeyManagementException(e2);
        }
    }

    private boolean g() {
        try {
            String property = System.getProperty("jsse.enableSNIExtension", "true");
            if ("true".equalsIgnoreCase(property)) {
                return true;
            }
            if ("false".equalsIgnoreCase(property)) {
                return false;
            }
            throw new RuntimeException("Can only set \"jsse.enableSNIExtension\" to \"true\" or \"false\"");
        } catch (SecurityException unused) {
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public String m5233a() {
        return this.f8161a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public AlgorithmConstraints m5234a() {
        return this.f8162a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public Collection<SNIMatcher> m5235a() {
        if (this.f8163a == null) {
            return null;
        }
        return new ArrayList(this.f8163a);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public X509KeyManager m5236a() {
        return this.b;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public X509TrustManager m5237a() {
        return this.f8171b;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public AbstractSessionContext m5238a() {
        return this.d ? this.f8167a : this.f8165a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public PSKKeyManager m5239a() {
        return this.f8164a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLParametersImpl a(X509TrustManager x509TrustManager) {
        return new SSLParametersImpl(this.f8167a, this.f8165a, this.b, this.f8164a, x509TrustManager, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public g m5240a() {
        return this.f8166a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public n m5241a() {
        return this.f8167a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str) {
        this.f8161a = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(AlgorithmConstraints algorithmConstraints) {
        this.f8162a = algorithmConstraints;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(Collection<SNIMatcher> collection) {
        this.f8163a = collection != null ? new ArrayList(collection) : null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(g gVar) {
        this.f8166a = gVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(boolean z) {
        this.d = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String[] strArr) {
        this.f8174b = NativeCrypto.b(a(strArr, NativeCrypto.b));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public boolean m5242a() {
        return this.d;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public boolean m5243a(String str) {
        if (str == null) {
            return false;
        }
        if (this.i) {
            return true;
        }
        return an.m5289a(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public byte[] m5244a() {
        return this.f8173b;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: a, reason: collision with other method in class */
    public String[] m5245a() {
        return Arrays.asList(this.f8170a).contains("TLSv1.3") ? SSLUtils.a(NativeCrypto.f8138a, this.f8174b) : (String[]) this.f8174b.clone();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(boolean z) {
        this.e = z;
        this.f = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(String[] strArr) {
        if (strArr == null) {
            throw new IllegalArgumentException("protocols == null");
        }
        String[] a2 = a(strArr, "SSLv3");
        this.f8168a = strArr.length != a2.length;
        this.f8170a = (String[]) NativeCrypto.m5200a(a2).clone();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: b, reason: collision with other method in class */
    public boolean m5246b() {
        return this.e;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: b, reason: collision with other method in class */
    public String[] m5247b() {
        return (String[]) this.f8170a.clone();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void c(boolean z) {
        this.f = z;
        this.e = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void c(String[] strArr) {
        this.f8176c = SSLUtils.a(strArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: c, reason: collision with other method in class */
    public boolean m5248c() {
        return this.f;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: c, reason: collision with other method in class */
    public String[] m5249c() {
        return SSLUtils.m5253a(this.f8176c);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Object clone() {
        try {
            return super.clone();
        } catch (CloneNotSupportedException e) {
            throw new AssertionError(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void d(boolean z) {
        this.g = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean d() {
        return this.g;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void e(boolean z) {
        this.f8172b = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean e() {
        Boolean bool = this.f8160a;
        return bool != null ? bool.booleanValue() : g();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void f(boolean z) {
        this.f8160a = Boolean.valueOf(z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean f() {
        return this.h;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void g(boolean z) {
        this.h = z;
    }
}
