package com.tongweb.gmssl.jsse.security.ssl;

import java.lang.ref.Reference;
import java.lang.ref.SoftReference;
import java.net.Socket;
import java.security.AlgorithmConstraints;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicLong;
import javax.net.ssl.ExtendedSSLSession;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:com/tongweb/gmssl/jsse/security/ssl/bn.class */
final class bn extends X509ExtendedKeyManager implements X509KeyManager {
    private static final C0046u a;
    private static final boolean b;
    private static Date c;
    private final List<KeyStore.Builder> d;
    private final AtomicLong e;
    private final Map<String, Reference<KeyStore.PrivateKeyEntry>> f;

    /* JADX INFO: Access modifiers changed from: package-private */
    public bn(KeyStore.Builder builder) {
        this((List<KeyStore.Builder>) Collections.singletonList(builder));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public bn(List<KeyStore.Builder> list) {
        this.d = list;
        this.e = new AtomicLong();
        this.f = Collections.synchronizedMap(new bs((byte) 0));
    }

    @Override // javax.net.ssl.X509KeyManager
    public final X509Certificate[] getCertificateChain(String str) {
        KeyStore.PrivateKeyEntry a2 = a(str);
        if (a2 == null) {
            return null;
        }
        return (X509Certificate[]) a2.getCertificateChain();
    }

    @Override // javax.net.ssl.X509KeyManager
    public final PrivateKey getPrivateKey(String str) {
        KeyStore.PrivateKeyEntry a2 = a(str);
        if (a2 == null) {
            return null;
        }
        return a2.getPrivateKey();
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return a(a(strArr), principalArr, bp.CLIENT, a(socket));
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public final String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return a(a(strArr), principalArr, bp.CLIENT, a(sSLEngine));
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return a(a(str), principalArr, bp.SERVER, a(socket));
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public final String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        return a(a(str), principalArr, bp.SERVER, a(sSLEngine));
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getClientAliases(String str, Principal[] principalArr) {
        return a(str, principalArr, bp.CLIENT, (AlgorithmConstraints) null);
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getServerAliases(String str, Principal[] principalArr) {
        return a(str, principalArr, bp.SERVER, (AlgorithmConstraints) null);
    }

    private static AlgorithmConstraints a(Socket socket) {
        if (socket == null || !socket.isConnected() || !(socket instanceof SSLSocket)) {
            return new C0024ax((SSLSocket) null, true);
        }
        SSLSocket sSLSocket = (SSLSocket) socket;
        SSLSession handshakeSession = sSLSocket.getHandshakeSession();
        if (handshakeSession == null || C0016ap.a(handshakeSession.getProtocol()).m < C0016ap.f.m) {
            return new C0024ax(sSLSocket, true);
        }
        String[] strArr = null;
        if (handshakeSession instanceof ExtendedSSLSession) {
            strArr = ((ExtendedSSLSession) handshakeSession).getPeerSupportedSignatureAlgorithms();
        }
        return new C0024ax(sSLSocket, strArr, true);
    }

    private static AlgorithmConstraints a(SSLEngine sSLEngine) {
        SSLSession handshakeSession;
        if (sSLEngine == null || (handshakeSession = sSLEngine.getHandshakeSession()) == null || C0016ap.a(handshakeSession.getProtocol()).m < C0016ap.f.m) {
            return new C0024ax(sSLEngine, true);
        }
        String[] strArr = null;
        if (handshakeSession instanceof ExtendedSSLSession) {
            strArr = ((ExtendedSSLSession) handshakeSession).getPeerSupportedSignatureAlgorithms();
        }
        return new C0024ax(sSLEngine, strArr, true);
    }

    private String a(bq bqVar) {
        return this.e.incrementAndGet() + "." + bqVar.a + "." + bqVar.b;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13 */
    /* JADX WARN: Type inference failed for: r0v15, types: [java.lang.Exception] */
    /* JADX WARN: Type inference failed for: r0v34, types: [java.security.KeyStore$PrivateKeyEntry] */
    private KeyStore.PrivateKeyEntry a(String str) {
        ?? r0;
        if (str == null) {
            return null;
        }
        Reference<KeyStore.PrivateKeyEntry> reference = this.f.get(str);
        KeyStore.PrivateKeyEntry privateKeyEntry = reference != null ? reference.get() : null;
        KeyStore.PrivateKeyEntry privateKeyEntry2 = privateKeyEntry;
        if (privateKeyEntry != null) {
            return privateKeyEntry2;
        }
        int indexOf = str.indexOf(46);
        int indexOf2 = str.indexOf(46, indexOf + 1);
        if (indexOf == -1 || (r0 = indexOf2) == indexOf) {
            return null;
        }
        try {
            int parseInt = Integer.parseInt(str.substring(indexOf + 1, indexOf2));
            String substring = str.substring(indexOf2 + 1);
            KeyStore.Builder builder = this.d.get(parseInt);
            KeyStore.Entry entry = builder.getKeyStore().getEntry(substring, builder.getProtectionParameter(str));
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                return null;
            }
            KeyStore.PrivateKeyEntry privateKeyEntry3 = (KeyStore.PrivateKeyEntry) entry;
            this.f.put(str, new SoftReference(privateKeyEntry3));
            r0 = privateKeyEntry3;
            return r0;
        } catch (Exception e) {
            r0.printStackTrace();
            return null;
        }
    }

    private static List<br> a(String... strArr) {
        if (strArr == null || strArr.length == 0 || strArr[0] == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            arrayList.add(new br(str));
        }
        return arrayList;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12 */
    /* JADX WARN: Type inference failed for: r0v24, types: [java.lang.Exception] */
    /* JADX WARN: Type inference failed for: r0v37, types: [java.lang.String] */
    private String a(List<br> list, Principal[] principalArr, bp bpVar, AlgorithmConstraints algorithmConstraints) {
        if (list == null || list.size() == 0) {
            return null;
        }
        Set<Principal> a2 = a(principalArr);
        ArrayList arrayList = null;
        int i = 0;
        int size = this.d.size();
        while (true) {
            ?? r0 = i;
            if (r0 >= size) {
                if (arrayList == null) {
                    if (!b) {
                        return null;
                    }
                    a.c("KeyMgr: no matching key found");
                    return null;
                }
                Collections.sort(arrayList);
                if (b) {
                    a.c("KeyMgr: no good matching key found, returning best match out of:");
                    a.c(arrayList.toString());
                }
                return a((bq) arrayList.get(0));
            }
            try {
                List<bq> a3 = a(i, list, a2, false, bpVar, algorithmConstraints);
                if (a3 != null) {
                    bq bqVar = a3.get(0);
                    if (bqVar.c == bo.OK) {
                        if (b) {
                            a.c("KeyMgr: choosing key: " + bqVar);
                        }
                        r0 = a(bqVar);
                        return r0;
                    }
                    if (arrayList == null) {
                        arrayList = new ArrayList();
                    }
                    arrayList.addAll(a3);
                }
            } catch (Exception e) {
                r0.printStackTrace();
            }
            i++;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v11 */
    /* JADX WARN: Type inference failed for: r0v24, types: [java.lang.Exception] */
    /* JADX WARN: Type inference failed for: r0v26, types: [java.util.List, java.util.Collection] */
    private String[] a(String str, Principal[] principalArr, bp bpVar, AlgorithmConstraints algorithmConstraints) {
        if (str == null) {
            return null;
        }
        Set<Principal> a2 = a(principalArr);
        List<br> a3 = a(str);
        ArrayList arrayList = null;
        int i = 0;
        int size = this.d.size();
        while (true) {
            ?? r0 = i;
            if (r0 >= size) {
                break;
            }
            try {
                r0 = a(i, a3, a2, true, bpVar, null);
                if (r0 != 0) {
                    if (arrayList == null) {
                        arrayList = new ArrayList();
                    }
                    arrayList.addAll(r0);
                }
            } catch (Exception e) {
                r0.printStackTrace();
            }
            i++;
        }
        if (arrayList == null || arrayList.size() == 0) {
            if (!b) {
                return null;
            }
            a.c("KeyMgr: no matching alias found");
            return null;
        }
        Collections.sort(arrayList);
        if (b) {
            a.c("KeyMgr: getting aliases: " + arrayList);
        }
        return a(arrayList);
    }

    private String[] a(List<bq> list) {
        String[] strArr = new String[list.size()];
        int i = 0;
        Iterator<bq> it = list.iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            strArr[i2] = a(it.next());
        }
        return strArr;
    }

    private static Set<Principal> a(Principal[] principalArr) {
        if (principalArr == null || principalArr.length == 0) {
            return null;
        }
        return new HashSet(Arrays.asList(principalArr));
    }

    private List<bq> a(int i, List<br> list, Set<Principal> set, boolean z, bp bpVar, AlgorithmConstraints algorithmConstraints) {
        Certificate[] certificateChain;
        KeyStore keyStore = this.d.get(i).getKeyStore();
        ArrayList arrayList = null;
        Date date = null;
        boolean z2 = false;
        keyStore.aliases();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && (certificateChain = keyStore.getCertificateChain(nextElement)) != null && certificateChain.length != 0) {
                boolean z3 = false;
                int length = certificateChain.length;
                int i2 = 0;
                while (true) {
                    if (i2 >= length) {
                        break;
                    }
                    if (!(certificateChain[i2] instanceof X509Certificate)) {
                        z3 = true;
                        break;
                    }
                    i2++;
                }
                if (z3) {
                    continue;
                } else {
                    int i3 = -1;
                    int i4 = 0;
                    Iterator<br> it = list.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (it.next().a(certificateChain)) {
                            i3 = i4;
                            break;
                        }
                        i4++;
                    }
                    if (i3 != -1) {
                        if (set != null) {
                            boolean z4 = false;
                            int length2 = certificateChain.length;
                            int i5 = 0;
                            while (true) {
                                if (i5 >= length2) {
                                    break;
                                }
                                if (set.contains(((X509Certificate) certificateChain[i5]).getIssuerX500Principal())) {
                                    z4 = true;
                                    break;
                                }
                                i5++;
                            }
                            if (!z4) {
                                if (b) {
                                    a.c("Ignoring alias " + nextElement + ": issuers do not match");
                                }
                            }
                        }
                        if (date == null) {
                            date = new Date();
                        }
                        bo a2 = bpVar.a((X509Certificate) certificateChain[0], date);
                        bq bqVar = new bq(i, i3, nextElement, a2);
                        if (!z2 && a2 == bo.OK && i3 == 0) {
                            z2 = true;
                        }
                        if (z2 && !z) {
                            return Collections.singletonList(bqVar);
                        }
                        if (arrayList == null) {
                            arrayList = new ArrayList();
                        }
                        arrayList.add(bqVar);
                    } else if (b) {
                        a.c("Ignoring alias " + nextElement + ": key algorithm does not match");
                    }
                }
            }
        }
        return arrayList;
    }

    private static boolean a() {
        return true;
    }

    static {
        C0046u a2 = C0046u.a("ssl");
        a = a2;
        b = a2 != null && C0046u.b("keymanager");
    }
}
