package kotlin;

import java.lang.ref.SoftReference;
import java.lang.reflect.Method;
import java.net.Socket;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicLong;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;

/* loaded from: classes3.dex */
public class rn8 extends sk8 {
    public static final Logger a = Logger.getLogger(rn8.class.getName());
    public static final boolean b = km8.a("org.bouncycastle.jsse.keyManager.checkEKU", true);
    public static final Map<String, e> c;
    public static final Map<String, e> d;
    public final boolean f;
    public final fk8 g;
    public final List<KeyStore.Builder> h;
    public final AtomicLong e = new AtomicLong();
    public final Map<String, SoftReference<KeyStore.PrivateKeyEntry>> i = Collections.synchronizedMap(new a(this, 16, 0.75f, true));

    /* loaded from: classes3.dex */
    public class a extends LinkedHashMap<String, SoftReference<KeyStore.PrivateKeyEntry>> {
        public a(rn8 rn8Var, int i, float f, boolean z) {
            super(i, f, z);
        }

        @Override // java.util.LinkedHashMap
        public boolean removeEldestEntry(Map.Entry<String, SoftReference<KeyStore.PrivateKeyEntry>> entry) {
            return size() > 16;
        }
    }

    /* loaded from: classes3.dex */
    public static final class b implements e {
        public final String a;
        public final Class<? extends PublicKey> b;
        public final int c;

        public b(String str, Class<? extends PublicKey> cls, int i) {
            this.a = str;
            this.b = cls;
            this.c = i;
        }

        @Override // com.rn8.e
        public boolean a(PublicKey publicKey, boolean[] zArr, uk8 uk8Var) {
            Class<? extends PublicKey> cls;
            String str = this.a;
            return ((str != null && str.equalsIgnoreCase(em8.s(publicKey))) || ((cls = this.b) != null && cls.isInstance(publicKey))) && lm8.i(publicKey, zArr, this.c, uk8Var);
        }
    }

    /* loaded from: classes3.dex */
    public static final class c implements e {
        public final ed8 a;

        public c(ed8 ed8Var) {
            this.a = ed8Var;
        }

        @Override // com.rn8.e
        public boolean a(PublicKey publicKey, boolean[] zArr, uk8 uk8Var) {
            boolean z;
            if ("EC".equalsIgnoreCase(em8.s(publicKey)) || ECPublicKey.class.isInstance(publicKey)) {
                if (this.a.r(em8.p(publicKey))) {
                    z = true;
                    return !z && lm8.i(publicKey, zArr, 0, uk8Var);
                }
            }
            z = false;
            if (z) {
            }
        }
    }

    /* loaded from: classes3.dex */
    public static final class d implements Comparable<d> {
        public static final d a = new d(5, Integer.MAX_VALUE, -1, null, null, null);
        public final int b;
        public final int c;
        public final int d;
        public final String e;
        public final KeyStore f;
        public final X509Certificate[] g;

        public d(int i, int i2, int i3, String str, KeyStore keyStore, X509Certificate[] x509CertificateArr) {
            this.b = i;
            this.c = i2;
            this.d = i3;
            this.e = str;
            this.f = keyStore;
            this.g = x509CertificateArr;
        }

        @Override // java.lang.Comparable
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public int compareTo(d dVar) {
            int compare = Boolean.compare(dVar.b(), b());
            if (compare != 0) {
                return compare;
            }
            int compare2 = Integer.compare(this.c, dVar.c);
            return compare2 == 0 ? tb.g(this.b, dVar.b) : compare2;
        }

        public boolean b() {
            return tb.g(this.b, 3) < 0;
        }
    }

    /* loaded from: classes3.dex */
    public interface e {
        boolean a(PublicKey publicKey, boolean[] zArr, uk8 uk8Var);
    }

    static {
        HashMap hashMap = new HashMap();
        h(hashMap, "Ed25519");
        h(hashMap, "Ed448");
        f(hashMap, 31);
        f(hashMap, 32);
        f(hashMap, 33);
        f(hashMap, 23);
        f(hashMap, 24);
        f(hashMap, 25);
        h(hashMap, "RSA");
        h(hashMap, "RSASSA-PSS");
        g(hashMap, 0, null, DSAPublicKey.class, "DSA");
        g(hashMap, 0, null, ECPublicKey.class, "EC");
        c = Collections.unmodifiableMap(hashMap);
        HashMap hashMap2 = new HashMap();
        h(hashMap2, "Ed25519");
        h(hashMap2, "Ed448");
        f(hashMap2, 31);
        f(hashMap2, 32);
        f(hashMap2, 33);
        f(hashMap2, 23);
        f(hashMap2, 24);
        f(hashMap2, 25);
        h(hashMap2, "RSA");
        h(hashMap2, "RSASSA-PSS");
        i(hashMap2, 0, null, DSAPublicKey.class, 3, 22);
        i(hashMap2, 0, null, ECPublicKey.class, 17);
        i(hashMap2, 0, "RSA", null, 5, 19, 23);
        i(hashMap2, 2, "RSA", null, 1);
        d = Collections.unmodifiableMap(hashMap2);
    }

    public rn8(boolean z, fk8 fk8Var, List<KeyStore.Builder> list) {
        this.f = z;
        this.g = fk8Var;
        this.h = list;
    }

    public static void f(Map<String, e> map, int i) {
        ed8 E0;
        if (!st8.a(i, wt8.e)) {
            throw new IllegalStateException("Invalid named group for TLS 1.3 EC filter");
        }
        String c2 = st8.c(i);
        if (c2 != null && (E0 = m68.E0(c2)) != null) {
            if (map.put(em8.o("EC", i), new c(E0)) != null) {
                throw new IllegalStateException("Duplicate keys in filters");
            }
        } else {
            Logger logger = a;
            StringBuilder Y0 = ud1.Y0("Failed to register public key filter for EC with ");
            Y0.append(st8.g(i));
            logger.warning(Y0.toString());
        }
    }

    public static void g(Map<String, e> map, int i, String str, Class<? extends PublicKey> cls, String... strArr) {
        b bVar = new b(str, cls, i);
        for (String str2 : strArr) {
            if (map.put(str2, bVar) != null) {
                throw new IllegalStateException("Duplicate keys in filters");
            }
        }
    }

    public static void h(Map<String, e> map, String str) {
        g(map, 0, str, null, str);
    }

    public static void i(Map<String, e> map, int i, String str, Class<? extends PublicKey> cls, int... iArr) {
        int length = iArr.length;
        String[] strArr = new String[length];
        for (int i2 = 0; i2 < length; i2++) {
            strArr[i2] = em8.j(iArr[i2]);
        }
        g(map, i, str, cls, strArr);
    }

    public static String m(d dVar, String str) {
        StringBuilder sb = new StringBuilder();
        sb.append(dVar.d);
        sb.append(".");
        return ud1.L0(sb, dVar.e, str);
    }

    public static List<String> p(String... strArr) {
        if (strArr == null || strArr.length <= 0) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            if (str == null) {
                throw new IllegalArgumentException("Key types cannot be null");
            }
            if (!arrayList.contains(str)) {
                arrayList.add(str);
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    public static String t(co8 co8Var, boolean z) {
        lk8 lk8Var;
        mk8 t;
        if (co8Var == null || !z || (lk8Var = co8Var.b) == null || (t = em8.t(lk8Var.f())) == null) {
            return null;
        }
        return t.c;
    }

    public static Set<Principal> u(Principal[] principalArr) {
        if (principalArr == null) {
            return null;
        }
        if (principalArr.length > 0) {
            HashSet hashSet = new HashSet();
            for (Principal principal : principalArr) {
                if (principal != null) {
                    hashSet.add(principal);
                }
            }
            if (!hashSet.isEmpty()) {
                return Collections.unmodifiableSet(hashSet);
            }
        }
        return Collections.emptySet();
    }

    @Override // kotlin.sk8
    public qn8 a(String[] strArr, Principal[] principalArr, Socket socket) {
        return k(p(strArr), principalArr, co8.a(socket), false);
    }

    @Override // kotlin.sk8
    public qn8 b(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return k(p(strArr), principalArr, co8.b(sSLEngine), false);
    }

    @Override // kotlin.sk8
    public qn8 c(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return k(p(strArr), principalArr, co8.b(sSLEngine), true);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return j(p(strArr), principalArr, co8.a(socket), false);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return j(p(strArr), principalArr, co8.b(sSLEngine), false);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        return j(p(str), principalArr, co8.b(sSLEngine), true);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return j(p(str), principalArr, co8.a(socket), true);
    }

    @Override // kotlin.sk8
    public qn8 d(String[] strArr, Principal[] principalArr, Socket socket) {
        return k(p(strArr), principalArr, co8.a(socket), true);
    }

    @Override // kotlin.sk8
    public qn8 e(String str, String str2) {
        PrivateKey privateKey;
        KeyStore.PrivateKeyEntry s = s(str2);
        if (s == null || (privateKey = s.getPrivateKey()) == null) {
            return null;
        }
        X509Certificate[] x = em8.x(s.getCertificateChain());
        if (uv8.f0(x)) {
            return null;
        }
        return new qn8(str, privateKey, x);
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        KeyStore.PrivateKeyEntry s = s(str);
        if (s == null) {
            return null;
        }
        return (X509Certificate[]) s.getCertificateChain();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return n(p(str), principalArr, null, false);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        KeyStore.PrivateKeyEntry s = s(str);
        if (s == null) {
            return null;
        }
        return s.getPrivateKey();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return n(p(str), principalArr, null, true);
    }

    public final String j(List<String> list, Principal[] principalArr, co8 co8Var, boolean z) {
        d o = o(list, principalArr, co8Var, z);
        if (o.compareTo(d.a) >= 0) {
            a.fine("No matching key found");
            return null;
        }
        String str = list.get(o.c);
        String m = m(o, q());
        Logger logger = a;
        if (logger.isLoggable(Level.FINE)) {
            logger.fine("Found matching key of type: " + str + ", returning alias: " + m);
        }
        return m;
    }

    public final qn8 k(List<String> list, Principal[] principalArr, co8 co8Var, boolean z) {
        d o = o(list, principalArr, co8Var, z);
        if (o.compareTo(d.a) < 0) {
            try {
                String str = list.get(o.c);
                qn8 l = l(str, o.d, o.e, o.f, o.g);
                if (l != null) {
                    Logger logger = a;
                    if (logger.isLoggable(Level.FINE)) {
                        logger.fine("Found matching key of type: " + str + ", from alias: " + o.d + "." + o.e);
                    }
                    return l;
                }
            } catch (Exception e2) {
                a.log(Level.FINER, "Failed to load private key", (Throwable) e2);
            }
        }
        a.fine("No matching key found");
        return null;
    }

    public final qn8 l(String str, int i, String str2, KeyStore keyStore, X509Certificate[] x509CertificateArr) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        KeyStore.ProtectionParameter protectionParameter = this.h.get(i).getProtectionParameter(str2);
        Method method = hm8.a;
        if (protectionParameter == null) {
            throw new UnrecoverableKeyException("requested key requires a password");
        }
        if (!(protectionParameter instanceof KeyStore.PasswordProtection)) {
            throw new UnsupportedOperationException();
        }
        KeyStore.PasswordProtection passwordProtection = (KeyStore.PasswordProtection) protectionParameter;
        Method method2 = hm8.a;
        if (method2 != null && vn8.h(passwordProtection, method2) != null) {
            throw new KeyStoreException("unsupported password protection algorithm");
        }
        Key key = keyStore.getKey(str2, passwordProtection.getPassword());
        if (key instanceof PrivateKey) {
            return new qn8(str, (PrivateKey) key, x509CertificateArr);
        }
        return null;
    }

    public final String[] n(List<String> list, Principal[] principalArr, co8 co8Var, boolean z) {
        int i;
        int i2;
        if (this.h.isEmpty() || list.isEmpty()) {
            return null;
        }
        int size = list.size();
        Set<Principal> u = u(principalArr);
        uk8 c2 = co8.c(null, true);
        Date date = new Date();
        String t = t(null, z);
        int size2 = this.h.size();
        int i3 = 0;
        ArrayList arrayList = null;
        int i4 = 0;
        while (i4 < size2) {
            try {
                KeyStore keyStore = this.h.get(i4).getKeyStore();
                Enumeration<String> aliases = keyStore.aliases();
                ArrayList arrayList2 = arrayList;
                while (aliases.hasMoreElements()) {
                    try {
                        i = i4;
                        i2 = size2;
                    } catch (KeyStoreException e2) {
                        e = e2;
                        i = i4;
                        i2 = size2;
                    }
                    try {
                        d r = r(i4, keyStore, aliases.nextElement(), list, size, u, c2, z, date, t);
                        if (r.compareTo(d.a) < 0) {
                            ArrayList arrayList3 = arrayList2 == null ? new ArrayList() : arrayList2;
                            arrayList3.add(r);
                            arrayList2 = arrayList3;
                        }
                        i4 = i;
                        size2 = i2;
                    } catch (KeyStoreException e3) {
                        e = e3;
                        arrayList = arrayList2;
                        a.log(Level.WARNING, "Failed to fully process KeyStore.Builder at index " + i, (Throwable) e);
                        i4 = i + 1;
                        size2 = i2;
                    }
                }
                i = i4;
                i2 = size2;
                arrayList = arrayList2;
            } catch (KeyStoreException e4) {
                e = e4;
                i = i4;
                i2 = size2;
            }
            i4 = i + 1;
            size2 = i2;
        }
        if (arrayList == null || arrayList.isEmpty()) {
            return null;
        }
        Collections.sort(arrayList);
        String q = q();
        String[] strArr = new String[arrayList.size()];
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            strArr[i3] = m((d) it.next(), q);
            i3++;
        }
        return strArr;
    }

    public final d o(List<String> list, Principal[] principalArr, co8 co8Var, boolean z) {
        int i;
        int i2;
        boolean z2;
        int i3;
        d dVar;
        int i4;
        rn8 rn8Var = this;
        d dVar2 = d.a;
        if (rn8Var.h.isEmpty() || list.isEmpty()) {
            return dVar2;
        }
        int size = list.size();
        Set<Principal> u = u(principalArr);
        boolean z3 = true;
        uk8 c2 = co8.c(co8Var, true);
        Date date = new Date();
        String t = t(co8Var, z);
        int size2 = rn8Var.h.size();
        int i5 = size;
        int i6 = 0;
        d dVar3 = dVar2;
        while (i6 < size2) {
            try {
                KeyStore keyStore = rn8Var.h.get(i6).getKeyStore();
                Enumeration<String> aliases = keyStore.aliases();
                d dVar4 = dVar3;
                int i7 = i5;
                while (aliases.hasMoreElements()) {
                    try {
                        int i8 = i7;
                        dVar = dVar4;
                        i = i6;
                        i2 = size2;
                        try {
                            dVar3 = r(i6, keyStore, aliases.nextElement(), list, i7, u, c2, z, date, t);
                            if (dVar3.compareTo(dVar) < 0) {
                                try {
                                    if (1 == dVar3.b && dVar3.c == 0) {
                                        return dVar3;
                                    }
                                    if (dVar3.b()) {
                                        z2 = true;
                                        i4 = i8;
                                        try {
                                            dVar4 = dVar3;
                                            i7 = Math.min(i4, dVar3.c + 1);
                                        } catch (KeyStoreException e2) {
                                            e = e2;
                                            i5 = i4;
                                            a.log(Level.WARNING, "Failed to fully process KeyStore.Builder at index " + i, (Throwable) e);
                                            i6 = i + 1;
                                            rn8Var = this;
                                            z3 = z2;
                                            size2 = i2;
                                        }
                                    } else {
                                        z2 = true;
                                        dVar4 = dVar3;
                                        i7 = i8;
                                    }
                                } catch (KeyStoreException e3) {
                                    e = e3;
                                    i4 = i8;
                                    z2 = true;
                                }
                            } else {
                                z2 = true;
                                i7 = i8;
                                dVar4 = dVar;
                            }
                            z3 = z2;
                            i6 = i;
                            size2 = i2;
                        } catch (KeyStoreException e4) {
                            e = e4;
                            i3 = i8;
                            z2 = true;
                            i5 = i3;
                            dVar3 = dVar;
                            a.log(Level.WARNING, "Failed to fully process KeyStore.Builder at index " + i, (Throwable) e);
                            i6 = i + 1;
                            rn8Var = this;
                            z3 = z2;
                            size2 = i2;
                        }
                    } catch (KeyStoreException e5) {
                        e = e5;
                        i3 = i7;
                        i = i6;
                        i2 = size2;
                        z2 = z3;
                        dVar = dVar4;
                    }
                }
                i = i6;
                i2 = size2;
                z2 = z3;
                i5 = i7;
                dVar3 = dVar4;
            } catch (KeyStoreException e6) {
                e = e6;
                i = i6;
                i2 = size2;
                z2 = z3;
            }
            i6 = i + 1;
            rn8Var = this;
            z3 = z2;
            size2 = i2;
        }
        return dVar3;
    }

    public final String q() {
        StringBuilder Y0 = ud1.Y0(".");
        Y0.append(this.e.incrementAndGet());
        return Y0.toString();
    }

    public final d r(int i, KeyStore keyStore, String str, List list, int i2, Set set, uk8 uk8Var, boolean z, Date date, String str2) throws KeyStoreException {
        boolean z2;
        int i3;
        boolean z3;
        int i4;
        if (keyStore.isKeyEntry(str)) {
            X509Certificate[] x = em8.x(keyStore.getCertificateChain(str));
            if (!uv8.f0(x)) {
                if (set != null && !set.isEmpty()) {
                    int length = x.length;
                    while (true) {
                        length--;
                        if (length < 0) {
                            X509Certificate x509Certificate = x[0];
                            if (x509Certificate.getBasicConstraints() < 0 || !set.contains(x509Certificate.getSubjectX500Principal())) {
                                z2 = false;
                            }
                        } else if (set.contains(x[length].getIssuerX500Principal())) {
                            break;
                        }
                    }
                }
                z2 = true;
                if (z2) {
                    X509Certificate x509Certificate2 = x[0];
                    Map<String, e> map = z ? d : c;
                    PublicKey publicKey = x509Certificate2.getPublicKey();
                    boolean[] keyUsage = x509Certificate2.getKeyUsage();
                    int i5 = 0;
                    while (true) {
                        if (i5 < i2) {
                            e eVar = map.get((String) list.get(i5));
                            if (eVar != null && eVar.a(publicKey, keyUsage, uk8Var)) {
                                i3 = i5;
                                break;
                            }
                            i5++;
                        } else {
                            i3 = -1;
                            break;
                        }
                    }
                    if (i3 >= 0) {
                        String str3 = (String) list.get(i3);
                        a.finer("EE cert potentially usable for key type: " + str3);
                        try {
                            lm8.a(this.f, this.g, uk8Var, Collections.emptySet(), x, !b ? null : z ? oh8.c : oh8.d, -1);
                            z3 = true;
                        } catch (CertPathValidatorException e2) {
                            a.log(Level.FINEST, "Certificate chain check failed", (Throwable) e2);
                            z3 = false;
                        }
                        if (z3) {
                            X509Certificate x509Certificate3 = x[0];
                            try {
                                x509Certificate3.checkValidity(date);
                                if (str2 != null) {
                                    try {
                                        un8.h(str2, x509Certificate3, "HTTPS");
                                    } catch (CertificateException unused) {
                                        i4 = 3;
                                    }
                                }
                            } catch (CertificateException unused2) {
                                i4 = 4;
                            }
                            if ("RSA".equalsIgnoreCase(em8.s(x509Certificate3.getPublicKey()))) {
                                boolean[] keyUsage2 = x509Certificate3.getKeyUsage();
                                if (lm8.j(keyUsage2, 0) && lm8.j(keyUsage2, 2)) {
                                    i4 = 2;
                                    return new d(i4, i3, i, str, keyStore, x);
                                }
                            }
                            i4 = 1;
                            return new d(i4, i3, i, str, keyStore, x);
                        }
                        a.finer("Unsuitable chain for key type: " + str3);
                    }
                }
            }
        }
        return d.a;
    }

    public final KeyStore.PrivateKeyEntry s(String str) {
        int i;
        int lastIndexOf;
        int parseInt;
        KeyStore.PrivateKeyEntry privateKeyEntry;
        KeyStore.PrivateKeyEntry privateKeyEntry2 = null;
        if (str == null) {
            return null;
        }
        SoftReference<KeyStore.PrivateKeyEntry> softReference = this.i.get(str);
        if (softReference != null && (privateKeyEntry = softReference.get()) != null) {
            return privateKeyEntry;
        }
        try {
            int indexOf = str.indexOf(46, 0);
            if (indexOf > 0 && (lastIndexOf = str.lastIndexOf(46)) > (i = indexOf + 1) && (parseInt = Integer.parseInt(str.substring(0, indexOf))) >= 0 && parseInt < this.h.size()) {
                KeyStore.Builder builder = this.h.get(parseInt);
                String substring = str.substring(i, lastIndexOf);
                KeyStore.Entry entry = builder.getKeyStore().getEntry(substring, builder.getProtectionParameter(substring));
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    privateKeyEntry2 = (KeyStore.PrivateKeyEntry) entry;
                }
            }
        } catch (Exception e2) {
            a.log(Level.FINER, "Failed to load PrivateKeyEntry: " + str, (Throwable) e2);
        }
        if (privateKeyEntry2 != null) {
            this.i.put(str, new SoftReference<>(privateKeyEntry2));
        }
        return privateKeyEntry2;
    }
}
