package io.netty.handler.ssl;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufAllocator;
import io.netty.buffer.ByteBufInputStream;
import io.netty.util.internal.EmptyArrays;
import io.netty.util.internal.logging.InternalLogger;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.NoSuchPaddingException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLEngine;
import org.conscrypt.OpenSSLProvider$$ExternalSyntheticOutline0;
import org.conscrypt.OpenSSLProvider$$ExternalSyntheticOutline1;

/* loaded from: classes.dex */
public abstract class SslContext {
    public static final CertificateFactory X509_CERT_FACTORY;

    static {
        try {
            X509_CERT_FACTORY = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e) {
            throw new IllegalStateException("unable to instance X.509 CertificateFactory", e);
        }
    }

    public SslContext(boolean z) {
    }

    public static KeyManagerFactory buildKeyManagerFactory(X509Certificate[] x509CertificateArr, PrivateKey privateKey, String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, IOException, CertificateException, UnrecoverableKeyException {
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        char[] keyStorePassword = keyStorePassword(str);
        KeyStore buildKeyStore = buildKeyStore(x509CertificateArr, privateKey, keyStorePassword, str2);
        if (defaultAlgorithm == null) {
            defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        keyManagerFactory.init(buildKeyStore, keyStorePassword);
        return keyManagerFactory;
    }

    public static KeyStore buildKeyStore(X509Certificate[] x509CertificateArr, PrivateKey privateKey, char[] cArr, String str) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (str == null) {
            str = KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(null, null);
        keyStore.setKeyEntry("key", privateKey, cArr, x509CertificateArr);
        return keyStore;
    }

    public static char[] keyStorePassword(String str) {
        return str == null ? EmptyArrays.EMPTY_CHARS : str.toCharArray();
    }

    public static PrivateKey toPrivateKey(File file) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidAlgorithmParameterException, KeyException, IOException {
        InternalLogger internalLogger = PemReader.logger;
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                ByteBuf readPrivateKey = PemReader.readPrivateKey(fileInputStream);
                byte[] bArr = new byte[readPrivateKey.readableBytes()];
                readPrivateKey.readBytes(bArr).release();
                PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(bArr);
                try {
                    try {
                        try {
                            return KeyFactory.getInstance("RSA").generatePrivate(pKCS8EncodedKeySpec);
                        } catch (InvalidKeySpecException e) {
                            throw new InvalidKeySpecException("Neither RSA, DSA nor EC worked", e);
                        }
                    } catch (InvalidKeySpecException unused) {
                        return KeyFactory.getInstance("EC").generatePrivate(pKCS8EncodedKeySpec);
                    }
                } catch (InvalidKeySpecException unused2) {
                    return KeyFactory.getInstance("DSA").generatePrivate(pKCS8EncodedKeySpec);
                }
            } finally {
                PemReader.safeClose(fileInputStream);
            }
        } catch (FileNotFoundException unused3) {
            throw new KeyException("could not find key file: " + file);
        }
    }

    public static X509Certificate[] toX509Certificates(File file) throws CertificateException {
        InternalLogger internalLogger = PemReader.logger;
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                ByteBuf[] readCertificates = PemReader.readCertificates(fileInputStream);
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                X509Certificate[] x509CertificateArr = new X509Certificate[readCertificates.length];
                int i = 0;
                for (int i2 = 0; i2 < readCertificates.length; i2++) {
                    try {
                        ByteBufInputStream byteBufInputStream = new ByteBufInputStream(readCertificates[i2]);
                        try {
                            x509CertificateArr[i2] = (X509Certificate) certificateFactory.generateCertificate(byteBufInputStream);
                            try {
                                byteBufInputStream.close();
                            } catch (IOException e) {
                                throw new RuntimeException(e);
                            }
                        } catch (Throwable th) {
                            try {
                                byteBufInputStream.close();
                                throw th;
                            } catch (IOException e2) {
                                throw new RuntimeException(e2);
                            }
                        }
                    } finally {
                        int length = readCertificates.length;
                        while (i < length) {
                            readCertificates[i].release();
                            i++;
                        }
                    }
                }
                return x509CertificateArr;
            } finally {
                PemReader.safeClose(fileInputStream);
            }
        } catch (FileNotFoundException unused) {
            throw new CertificateException("could not find certificate file: " + file);
        }
    }

    public static void verifyNullSslContextProvider(int i, Provider provider) {
        if (provider == null) {
            return;
        }
        StringBuilder m = OpenSSLProvider$$ExternalSyntheticOutline1.m("Java Security Provider unsupported for SslProvider: ");
        m.append(OpenSSLProvider$$ExternalSyntheticOutline0.stringValueOf$1(i));
        throw new IllegalArgumentException(m.toString());
    }

    public abstract ApplicationProtocolNegotiator applicationProtocolNegotiator();

    public abstract boolean isClient();

    public final boolean isServer() {
        return !isClient();
    }

    public abstract SSLEngine newEngine(ByteBufAllocator byteBufAllocator);
}
