package io.grpc.netty.shaded.io.netty.handler.ssl;

import com.amazonaws.mobileconnectors.s3.transferutility.TransferTable;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManagerFactory;

/* compiled from: SslContext.java */
/* loaded from: classes8.dex */
public abstract class e1 {

    /* renamed from: a, reason: collision with root package name */
    static final CertificateFactory f11038a;

    static {
        try {
            f11038a = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e2) {
            throw new IllegalStateException("unable to instance X.509 CertificateFactory", e2);
        }
    }

    protected e1() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public e1(boolean z) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyManagerFactory c(X509Certificate[] x509CertificateArr, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, String str2) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        char[] k = k(str);
        KeyStore d = d(x509CertificateArr, privateKey, k, str2);
        if (keyManagerFactory == null) {
            keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        }
        keyManagerFactory.init(d, k);
        return keyManagerFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore d(X509Certificate[] x509CertificateArr, PrivateKey privateKey, char[] cArr, String str) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (str == null) {
            str = KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(null, null);
        keyStore.setKeyEntry(TransferTable.COLUMN_KEY, privateKey, cArr, x509CertificateArr);
        return keyStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static TrustManagerFactory e(X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, String str) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
        if (str == null) {
            str = KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(null, null);
        int i2 = 1;
        for (X509Certificate x509Certificate : x509CertificateArr) {
            keyStore.setCertificateEntry(Integer.toString(i2), x509Certificate);
            i2++;
        }
        if (trustManagerFactory == null) {
            trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        }
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static char[] k(String str) {
        return str == null ? io.grpc.netty.shaded.io.netty.util.internal.h.b : str.toCharArray();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static e1 l(SslProvider sslProvider, Provider provider, X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, e eVar, ApplicationProtocolConfig applicationProtocolConfig, String[] strArr, long j2, long j3, boolean z, String str2) throws SSLException {
        SslProvider sslProvider2 = sslProvider == null ? x.d() ? SslProvider.OPENSSL : SslProvider.JDK : sslProvider;
        int ordinal = sslProvider2.ordinal();
        if (ordinal == 0) {
            if (!z) {
                return new r(provider, x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, eVar, applicationProtocolConfig, strArr, j2, j3, str2);
            }
            throw new IllegalArgumentException("OCSP is not supported with this SslProvider: " + sslProvider2);
        }
        if (ordinal == 1) {
            r(sslProvider2, provider);
            return new b0(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, eVar, applicationProtocolConfig, strArr, j2, j3, z, str2);
        }
        if (ordinal != 2) {
            throw new Error(sslProvider2.toString());
        }
        r(sslProvider2, provider);
        return new x0(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, eVar, applicationProtocolConfig, strArr, j2, j3, z, str2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static e1 o(SslProvider sslProvider, Provider provider, X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, e eVar, ApplicationProtocolConfig applicationProtocolConfig, long j2, long j3, ClientAuth clientAuth, String[] strArr, boolean z, boolean z2, String str2) throws SSLException {
        SslProvider sslProvider2 = sslProvider == null ? x.d() ? SslProvider.OPENSSL : SslProvider.JDK : sslProvider;
        int ordinal = sslProvider2.ordinal();
        if (ordinal == 0) {
            if (!z2) {
                return new u(provider, x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, eVar, applicationProtocolConfig, j2, j3, clientAuth, strArr, z, str2);
            }
            throw new IllegalArgumentException("OCSP is not supported with this SslProvider: " + sslProvider2);
        }
        if (ordinal == 1) {
            r(sslProvider2, provider);
            return new l0(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, eVar, applicationProtocolConfig, j2, j3, clientAuth, strArr, z, z2, str2);
        }
        if (ordinal != 2) {
            throw new Error(sslProvider2.toString());
        }
        r(sslProvider2, provider);
        return new a1(x509CertificateArr, trustManagerFactory, x509CertificateArr2, privateKey, str, keyManagerFactory, iterable, eVar, applicationProtocolConfig, j2, j3, clientAuth, strArr, z, z2, str2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PrivateKey p(InputStream inputStream, String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidAlgorithmParameterException, KeyException, IOException {
        PKCS8EncodedKeySpec keySpec;
        if (inputStream == null) {
            return null;
        }
        io.grpc.l1.a.a.a.b.j c = v0.c(inputStream);
        byte[] bArr = new byte[c.j1()];
        c.W0(bArr).release();
        char[] charArray = str != null ? str.toCharArray() : null;
        if (charArray == null) {
            keySpec = new PKCS8EncodedKeySpec(bArr);
        } else {
            EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(bArr);
            SecretKey generateSecret = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(charArray));
            Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
            cipher.init(2, generateSecret, encryptedPrivateKeyInfo.getAlgParameters());
            keySpec = encryptedPrivateKeyInfo.getKeySpec(cipher);
        }
        try {
            try {
                try {
                    return KeyFactory.getInstance("RSA").generatePrivate(keySpec);
                } catch (InvalidKeySpecException unused) {
                    return KeyFactory.getInstance("EC").generatePrivate(keySpec);
                }
            } catch (InvalidKeySpecException unused2) {
                return KeyFactory.getInstance("DSA").generatePrivate(keySpec);
            }
        } catch (InvalidKeySpecException e2) {
            throw new InvalidKeySpecException("Neither RSA, DSA nor EC worked", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Certificate[] q(InputStream inputStream) throws CertificateException {
        if (inputStream == null) {
            return null;
        }
        io.grpc.l1.a.a.a.b.j[] a2 = v0.a(inputStream);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        X509Certificate[] x509CertificateArr = new X509Certificate[a2.length];
        int i2 = 0;
        for (int i3 = 0; i3 < a2.length; i3++) {
            try {
                io.grpc.l1.a.a.a.b.m mVar = new io.grpc.l1.a.a.a.b.m(a2[i3], false);
                try {
                    x509CertificateArr[i3] = (X509Certificate) certificateFactory.generateCertificate(mVar);
                    try {
                        mVar.close();
                    } catch (IOException e2) {
                        throw new RuntimeException(e2);
                    }
                } catch (Throwable th) {
                    try {
                        mVar.close();
                        throw th;
                    } catch (IOException e3) {
                        throw new RuntimeException(e3);
                    }
                }
            } finally {
                int length = a2.length;
                while (i2 < length) {
                    a2[i2].release();
                    i2++;
                }
            }
        }
        return x509CertificateArr;
    }

    private static void r(SslProvider sslProvider, Provider provider) {
        if (provider == null) {
            return;
        }
        throw new IllegalArgumentException("Java Security Provider unsupported for SslProvider: " + sslProvider);
    }

    public abstract b a();

    public abstract boolean f();

    public final boolean j() {
        return !f();
    }

    public abstract SSLEngine m(io.grpc.l1.a.a.a.b.k kVar, String str, int i2);
}
