package io.netty.handler.ssl;

import io.netty.buffer.ByteBufAllocator;
import io.netty.buffer.UnpooledByteBufAllocator;
import io.netty.internal.tcnative.SSL;
import io.netty.util.ReferenceCountUtil;
import io.netty.util.internal.ObjectUtil;
import java.io.File;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.KeyManagerFactorySpi;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.X509KeyManager;

/* loaded from: classes2.dex */
public final class OpenSslX509KeyManagerFactory extends KeyManagerFactory {
    private final b spi;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class b extends KeyManagerFactorySpi {

        /* renamed from: a, reason: collision with root package name */
        final KeyManagerFactory f14147a;

        /* renamed from: b, reason: collision with root package name */
        private volatile a f14148b;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: classes2.dex */
        public static final class a {

            /* renamed from: a, reason: collision with root package name */
            private final X509KeyManager f14149a;

            /* renamed from: b, reason: collision with root package name */
            private final String f14150b;

            /* renamed from: c, reason: collision with root package name */
            private final Iterable f14151c;

            /* JADX INFO: Access modifiers changed from: private */
            /* renamed from: io.netty.handler.ssl.OpenSslX509KeyManagerFactory$b$a$a, reason: collision with other inner class name */
            /* loaded from: classes2.dex */
            public static final class C0186a extends t0 {

                /* renamed from: c, reason: collision with root package name */
                private final Map f14152c;

                C0186a(X509KeyManager x509KeyManager, String str, Iterable iterable) {
                    super(x509KeyManager, str);
                    this.f14152c = new HashMap();
                    try {
                        Iterator it = iterable.iterator();
                        while (it.hasNext()) {
                            String str2 = (String) it.next();
                            if (str2 != null && !this.f14152c.containsKey(str2)) {
                                try {
                                    this.f14152c.put(str2, super.a(UnpooledByteBufAllocator.DEFAULT, str2));
                                } catch (Exception e10) {
                                    this.f14152c.put(str2, e10);
                                }
                            }
                        }
                        ObjectUtil.checkNonEmpty(this.f14152c, "materialMap");
                    } catch (Throwable th) {
                        b();
                        throw th;
                    }
                }

                /* JADX INFO: Access modifiers changed from: package-private */
                @Override // io.netty.handler.ssl.t0
                public r0 a(ByteBufAllocator byteBufAllocator, String str) {
                    Object obj = this.f14152c.get(str);
                    if (obj == null) {
                        return null;
                    }
                    if (obj instanceof r0) {
                        return ((r0) obj).retain();
                    }
                    throw ((Exception) obj);
                }

                /* JADX INFO: Access modifiers changed from: package-private */
                @Override // io.netty.handler.ssl.t0
                public void b() {
                    Iterator it = this.f14152c.values().iterator();
                    while (it.hasNext()) {
                        ReferenceCountUtil.release(it.next());
                    }
                    this.f14152c.clear();
                }
            }

            a(X509KeyManager x509KeyManager, String str, Iterable iterable) {
                this.f14149a = x509KeyManager;
                this.f14150b = str;
                this.f14151c = iterable;
            }

            t0 b() {
                return new C0186a(this.f14149a, this.f14150b, this.f14151c);
            }
        }

        b(KeyManagerFactory keyManagerFactory) {
            this.f14147a = (KeyManagerFactory) ObjectUtil.checkNotNull(keyManagerFactory, "kmf");
        }

        private static String b(char[] cArr) {
            if (cArr == null || cArr.length == 0) {
                return null;
            }
            return new String(cArr);
        }

        t0 a() {
            a aVar = this.f14148b;
            if (aVar != null) {
                return aVar.b();
            }
            throw new IllegalStateException("engineInit(...) not called yet");
        }

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected KeyManager[] engineGetKeyManagers() {
            a aVar = this.f14148b;
            if (aVar != null) {
                return new KeyManager[]{aVar.f14149a};
            }
            throw new IllegalStateException("engineInit(...) not called yet");
        }

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected synchronized void engineInit(KeyStore keyStore, char[] cArr) {
            if (this.f14148b != null) {
                throw new KeyStoreException("Already initialized");
            }
            if (!keyStore.aliases().hasMoreElements()) {
                throw new KeyStoreException("No aliases found");
            }
            this.f14147a.init(keyStore, cArr);
            this.f14148b = new a(ReferenceCountedOpenSslContext.chooseX509KeyManager(this.f14147a.getKeyManagers()), b(cArr), Collections.list(keyStore.aliases()));
        }

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
            throw new InvalidAlgorithmParameterException("Not supported");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class c extends KeyStore {

        /* loaded from: classes2.dex */
        class a extends KeyStoreSpi {

            /* renamed from: a, reason: collision with root package name */
            private final Date f14153a = new Date();

            /* renamed from: b, reason: collision with root package name */
            final /* synthetic */ boolean f14154b;

            /* renamed from: c, reason: collision with root package name */
            final /* synthetic */ X509Certificate[] f14155c;

            a(boolean z10, X509Certificate[] x509CertificateArr) {
                this.f14154b = z10;
                this.f14155c = x509CertificateArr;
            }

            @Override // java.security.KeyStoreSpi
            public Enumeration engineAliases() {
                return Collections.enumeration(Collections.singleton("key"));
            }

            @Override // java.security.KeyStoreSpi
            public boolean engineContainsAlias(String str) {
                return "key".equals(str);
            }

            @Override // java.security.KeyStoreSpi
            public void engineDeleteEntry(String str) {
                throw new KeyStoreException("Not supported");
            }

            @Override // java.security.KeyStoreSpi
            public Certificate engineGetCertificate(String str) {
                if (engineContainsAlias(str)) {
                    return this.f14155c[0];
                }
                return null;
            }

            @Override // java.security.KeyStoreSpi
            public String engineGetCertificateAlias(Certificate certificate) {
                if (!(certificate instanceof X509Certificate)) {
                    return null;
                }
                for (X509Certificate x509Certificate : this.f14155c) {
                    if (x509Certificate.equals(certificate)) {
                        return "key";
                    }
                }
                return null;
            }

            @Override // java.security.KeyStoreSpi
            public Certificate[] engineGetCertificateChain(String str) {
                if (engineContainsAlias(str)) {
                    return (X509Certificate[]) this.f14155c.clone();
                }
                return null;
            }

            @Override // java.security.KeyStoreSpi
            public Date engineGetCreationDate(String str) {
                if (engineContainsAlias(str)) {
                    return this.f14153a;
                }
                return null;
            }

            @Override // java.security.KeyStoreSpi
            public Key engineGetKey(String str, char[] cArr) {
                long loadPrivateKeyFromEngine;
                String str2 = null;
                if (!engineContainsAlias(str)) {
                    return null;
                }
                if (this.f14154b) {
                    loadPrivateKeyFromEngine = 0;
                } else {
                    if (cArr != null) {
                        try {
                            str2 = new String(cArr);
                        } catch (Exception e10) {
                            UnrecoverableKeyException unrecoverableKeyException = new UnrecoverableKeyException("Unable to load key from engine");
                            unrecoverableKeyException.initCause(e10);
                            throw unrecoverableKeyException;
                        }
                    }
                    loadPrivateKeyFromEngine = SSL.loadPrivateKeyFromEngine(str, str2);
                }
                return new u0(loadPrivateKeyFromEngine);
            }

            @Override // java.security.KeyStoreSpi
            public boolean engineIsCertificateEntry(String str) {
                return engineContainsAlias(str);
            }

            @Override // java.security.KeyStoreSpi
            public boolean engineIsKeyEntry(String str) {
                return engineContainsAlias(str);
            }

            @Override // java.security.KeyStoreSpi
            public void engineLoad(InputStream inputStream, char[] cArr) {
                if (inputStream != null && cArr != null) {
                    throw new UnsupportedOperationException();
                }
            }

            @Override // java.security.KeyStoreSpi
            public void engineSetCertificateEntry(String str, Certificate certificate) {
                throw new KeyStoreException("Not supported");
            }

            @Override // java.security.KeyStoreSpi
            public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
                throw new KeyStoreException("Not supported");
            }

            @Override // java.security.KeyStoreSpi
            public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
                throw new KeyStoreException("Not supported");
            }

            @Override // java.security.KeyStoreSpi
            public int engineSize() {
                return 1;
            }

            @Override // java.security.KeyStoreSpi
            public void engineStore(OutputStream outputStream, char[] cArr) {
                throw new UnsupportedOperationException();
            }
        }

        private c(X509Certificate[] x509CertificateArr, boolean z10) {
            super(new a(z10, x509CertificateArr), null, "native");
            OpenSsl.ensureAvailability();
        }
    }

    public OpenSslX509KeyManagerFactory() {
        this(newOpenSslKeyManagerFactorySpi(null));
    }

    private OpenSslX509KeyManagerFactory(b bVar) {
        super(bVar, bVar.f14147a.getProvider(), bVar.f14147a.getAlgorithm());
        this.spi = bVar;
    }

    public OpenSslX509KeyManagerFactory(String str, Provider provider) {
        this(newOpenSslKeyManagerFactorySpi(str, provider));
    }

    public OpenSslX509KeyManagerFactory(Provider provider) {
        this(newOpenSslKeyManagerFactorySpi(provider));
    }

    public static OpenSslX509KeyManagerFactory newEngineBased(File file, String str) {
        return newEngineBased(SslContext.toX509Certificates(file), str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static OpenSslX509KeyManagerFactory newEngineBased(X509Certificate[] x509CertificateArr, String str) {
        ObjectUtil.checkNotNull(x509CertificateArr, "certificateChain");
        c cVar = new c((X509Certificate[]) x509CertificateArr.clone(), false);
        cVar.load(null, null);
        OpenSslX509KeyManagerFactory openSslX509KeyManagerFactory = new OpenSslX509KeyManagerFactory();
        openSslX509KeyManagerFactory.init(cVar, str != null ? str.toCharArray() : null);
        return openSslX509KeyManagerFactory;
    }

    public static OpenSslX509KeyManagerFactory newKeyless(File file) {
        return newKeyless(SslContext.toX509Certificates(file));
    }

    public static OpenSslX509KeyManagerFactory newKeyless(InputStream inputStream) {
        return newKeyless(SslContext.toX509Certificates(inputStream));
    }

    public static OpenSslX509KeyManagerFactory newKeyless(X509Certificate... x509CertificateArr) {
        ObjectUtil.checkNotNull(x509CertificateArr, "certificateChain");
        c cVar = new c((X509Certificate[]) x509CertificateArr.clone(), true);
        cVar.load(null, null);
        OpenSslX509KeyManagerFactory openSslX509KeyManagerFactory = new OpenSslX509KeyManagerFactory();
        openSslX509KeyManagerFactory.init(cVar, null);
        return openSslX509KeyManagerFactory;
    }

    private static b newOpenSslKeyManagerFactorySpi(String str, Provider provider) {
        if (str == null) {
            str = KeyManagerFactory.getDefaultAlgorithm();
        }
        return new b(provider == null ? KeyManagerFactory.getInstance(str) : KeyManagerFactory.getInstance(str, provider));
    }

    private static b newOpenSslKeyManagerFactorySpi(Provider provider) {
        try {
            return newOpenSslKeyManagerFactorySpi(null, provider);
        } catch (NoSuchAlgorithmException e10) {
            throw new IllegalStateException(e10);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public t0 newProvider() {
        return this.spi.a();
    }
}
