package io.netty.handler.ssl;

import io.netty.buffer.AbstractByteBufAllocator;
import io.netty.internal.tcnative.CertificateVerifier;
import io.netty.internal.tcnative.SSL;
import io.netty.internal.tcnative.SSLContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import je.m;
import org.objectweb.asm.Opcodes;

/* loaded from: classes2.dex */
public abstract class b0 extends f0 implements je.l {
    public static final Integer K;
    public final b A;
    public final Certificate[] B;
    public final io.netty.handler.ssl.g C;
    public final String[] D;
    public final boolean E;
    public final g F;
    public final ReentrantReadWriteLock G;
    public volatile int H;

    /* renamed from: v, reason: collision with root package name */
    public long f20974v;

    /* renamed from: w, reason: collision with root package name */
    public final List<String> f20975w;

    /* renamed from: x, reason: collision with root package name */
    public final p f20976x;

    /* renamed from: y, reason: collision with root package name */
    public final int f20977y;

    /* renamed from: z, reason: collision with root package name */
    public final m.a f20978z;
    public static final me.b I = me.c.b(b0.class.getName());
    public static final int J = ((Integer) AccessController.doPrivileged((PrivilegedAction) new Object())).intValue();
    public static final je.m<b0> L = je.n.f21485b.c(b0.class);
    public static final c M = new Object();

    /* loaded from: classes2.dex */
    public static class a implements PrivilegedAction<Integer> {
        @Override // java.security.PrivilegedAction
        public final Integer run() {
            return Integer.valueOf(Math.max(1, le.a0.c("io.netty.handler.ssl.openssl.bioNonApplicationBufferSize", Opcodes.ACC_STRICT)));
        }
    }

    /* loaded from: classes2.dex */
    public class b extends je.b {
        public b() {
        }

        @Override // je.b
        public final void a() {
            b0 b0Var = b0.this;
            b0Var.i();
            m.a aVar = b0Var.f20978z;
            if (aVar != null) {
                aVar.a(b0Var);
            }
        }

        @Override // je.l
        public final je.l g(Object obj) {
            b0 b0Var = b0.this;
            m.a aVar = b0Var.f20978z;
            if (aVar != null) {
                aVar.d(obj);
            }
            return b0Var;
        }
    }

    /* loaded from: classes2.dex */
    public static class c implements p {
        @Override // io.netty.handler.ssl.p
        public final io.netty.handler.ssl.c a() {
            return io.netty.handler.ssl.c.CHOOSE_MY_LAST_PROTOCOL;
        }

        @Override // io.netty.handler.ssl.p
        public final io.netty.handler.ssl.a b() {
            return io.netty.handler.ssl.a.NONE;
        }

        @Override // io.netty.handler.ssl.d
        public final List<String> c() {
            return Collections.emptyList();
        }

        @Override // io.netty.handler.ssl.p
        public final io.netty.handler.ssl.b e() {
            return io.netty.handler.ssl.b.ACCEPT;
        }
    }

    /* loaded from: classes2.dex */
    public static class d implements PrivilegedAction<String> {
        @Override // java.security.PrivilegedAction
        public final String run() {
            return le.a0.a("jdk.tls.ephemeralDHKeySize", null);
        }
    }

    /* loaded from: classes2.dex */
    public static /* synthetic */ class e {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f20980a;

        /* renamed from: b, reason: collision with root package name */
        public static final /* synthetic */ int[] f20981b;

        /* renamed from: c, reason: collision with root package name */
        public static final /* synthetic */ int[] f20982c;

        static {
            int[] iArr = new int[io.netty.handler.ssl.b.values().length];
            f20982c = iArr;
            try {
                iArr[io.netty.handler.ssl.b.CHOOSE_MY_LAST_PROTOCOL.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f20982c[io.netty.handler.ssl.b.ACCEPT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            int[] iArr2 = new int[io.netty.handler.ssl.c.values().length];
            f20981b = iArr2;
            try {
                iArr2[io.netty.handler.ssl.c.NO_ADVERTISE.ordinal()] = 1;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                f20981b[io.netty.handler.ssl.c.CHOOSE_MY_LAST_PROTOCOL.ordinal()] = 2;
            } catch (NoSuchFieldError unused4) {
            }
            int[] iArr3 = new int[io.netty.handler.ssl.a.values().length];
            f20980a = iArr3;
            try {
                iArr3[io.netty.handler.ssl.a.NPN.ordinal()] = 1;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                f20980a[io.netty.handler.ssl.a.ALPN.ordinal()] = 2;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                f20980a[io.netty.handler.ssl.a.NPN_AND_ALPN.ordinal()] = 3;
            } catch (NoSuchFieldError unused7) {
            }
            try {
                f20980a[io.netty.handler.ssl.a.NONE.ordinal()] = 4;
            } catch (NoSuchFieldError unused8) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public static abstract class f extends CertificateVerifier {
    }

    /* loaded from: classes2.dex */
    public static final class g {

        /* renamed from: a, reason: collision with root package name */
        public final ConcurrentHashMap f20983a;

        public g() {
            me.b bVar = le.p.f23783a;
            this.f20983a = new ConcurrentHashMap();
        }

        public final void a(c0 c0Var) {
            this.f20983a.put(Long.valueOf(c0Var.L()), c0Var);
        }

        public final c0 b(long j10) {
            return (c0) this.f20983a.remove(Long.valueOf(j10));
        }
    }

    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Object, io.netty.handler.ssl.b0$c] */
    /* JADX WARN: Type inference failed for: r2v2, types: [java.lang.Object, java.security.PrivilegedAction] */
    /* JADX WARN: Type inference failed for: r2v7, types: [java.lang.Object, java.security.PrivilegedAction] */
    static {
        Integer num = null;
        try {
            String str = (String) AccessController.doPrivileged((PrivilegedAction) new Object());
            if (str != null) {
                try {
                    num = Integer.valueOf(str);
                } catch (NumberFormatException unused) {
                    I.i("ReferenceCountedOpenSslContext supports -Djdk.tls.ephemeralDHKeySize={int}, but got: ".concat(str));
                }
            }
        } catch (Throwable unused2) {
        }
        K = num;
    }

    public b0(io.netty.handler.ssl.g gVar, boolean z10) throws SSLException {
        this(M, 0, gVar, z10);
    }

    public b0(p pVar, int i10, io.netty.handler.ssl.g gVar, boolean z10) throws SSLException {
        i iVar = i.f21045a;
        this.A = new b();
        this.F = new g();
        this.G = new ReentrantReadWriteLock();
        this.H = J;
        o.d();
        if (i10 != 1 && i10 != 0) {
            throw new IllegalArgumentException("mode most be either SSL.SSL_MODE_SERVER or SSL.SSL_MODE_CLIENT");
        }
        this.f20978z = z10 ? L.c(this) : null;
        this.f20977y = i10;
        if (c()) {
            pi.b.g(gVar, "clientAuth");
        } else {
            gVar = io.netty.handler.ssl.g.NONE;
        }
        this.C = gVar;
        this.D = null;
        int i11 = 0;
        this.E = false;
        this.B = null;
        List<String> asList = Arrays.asList(iVar.a(o.f21065c, o.a()));
        this.f20975w = asList;
        pi.b.g(pVar, "apn");
        this.f20976x = pVar;
        try {
            try {
                long make = SSLContext.make(31, i10);
                this.f20974v = make;
                SSLContext.setOptions(make, SSLContext.getOptions(make) | SSL.SSL_OP_NO_SSLv2 | SSL.SSL_OP_NO_SSLv3 | SSL.SSL_OP_CIPHER_SERVER_PREFERENCE | SSL.SSL_OP_NO_COMPRESSION | SSL.SSL_OP_NO_TICKET);
                long j10 = this.f20974v;
                SSLContext.setMode(j10, SSLContext.getMode(j10) | SSL.SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
                Integer num = K;
                if (num != null) {
                    SSLContext.setTmpDHLength(this.f20974v, num.intValue());
                }
                try {
                    SSLContext.setCipherSuite(this.f20974v, io.netty.handler.ssl.e.c(asList));
                    List<String> c10 = pVar.c();
                    if (!c10.isEmpty()) {
                        String[] strArr = (String[]) c10.toArray(new String[c10.size()]);
                        int i12 = e.f20981b[pVar.a().ordinal()];
                        if (i12 != 1) {
                            if (i12 != 2) {
                                throw new Error();
                            }
                            i11 = 1;
                        }
                        int i13 = e.f20980a[pVar.b().ordinal()];
                        if (i13 == 1) {
                            SSLContext.setNpnProtos(this.f20974v, strArr, i11);
                        } else if (i13 == 2) {
                            SSLContext.setAlpnProtos(this.f20974v, strArr, i11);
                        } else {
                            if (i13 != 3) {
                                throw new Error();
                            }
                            SSLContext.setNpnProtos(this.f20974v, strArr, i11);
                            SSLContext.setAlpnProtos(this.f20974v, strArr, i11);
                        }
                    }
                    SSLContext.setSessionCacheSize(this.f20974v, SSLContext.setSessionCacheSize(this.f20974v, 20480L));
                    SSLContext.setSessionCacheTimeout(this.f20974v, SSLContext.setSessionCacheTimeout(this.f20974v, 300L));
                } catch (SSLException e10) {
                    throw e10;
                } catch (Exception e11) {
                    throw new SSLException("failed to set cipher suite: " + this.f20975w, e11);
                }
            } catch (Exception e12) {
                throw new SSLException("failed to create an SSL_CTX", e12);
            }
        } catch (Throwable th2) {
            release();
            throw th2;
        }
    }

    public static X509TrustManager h(TrustManager[] trustManagerArr) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        throw new IllegalStateException("no X509TrustManager found");
    }

    public static long l(ae.i iVar) throws Exception {
        try {
            long newMemBIO = SSL.newMemBIO();
            int E1 = iVar.E1();
            if (SSL.bioWrite(newMemBIO, o.h(iVar) + iVar.F1(), E1) == E1) {
                return newMemBIO;
            }
            SSL.freeBIO(newMemBIO);
            throw new IllegalStateException("Could not write data to memory BIO");
        } finally {
            iVar.release();
        }
    }

    public static long o(AbstractByteBufAllocator abstractByteBufAllocator, x xVar) throws Exception {
        try {
            ae.i u10 = xVar.u();
            if (u10.b1()) {
                return l(u10.I1());
            }
            ae.i directBuffer = abstractByteBufAllocator.directBuffer(u10.E1());
            try {
                directBuffer.b2(u10.F1(), u10.E1(), u10);
                long l10 = l(directBuffer.I1());
                try {
                    if (xVar.K()) {
                        l0.k(directBuffer);
                    }
                    return l10;
                } finally {
                }
            } catch (Throwable th2) {
                try {
                    if (xVar.K()) {
                        l0.k(directBuffer);
                    }
                    throw th2;
                } finally {
                }
            }
        } finally {
            xVar.release();
        }
    }

    public static long p(X509Certificate... x509CertificateArr) throws Exception {
        if (x509CertificateArr.length == 0) {
            throw new IllegalArgumentException("certChain can't be empty");
        }
        AbstractByteBufAllocator abstractByteBufAllocator = ae.j.f331a;
        je.l c10 = z.c(abstractByteBufAllocator, x509CertificateArr);
        try {
            y yVar = (y) c10;
            yVar.b();
            long o10 = o(abstractByteBufAllocator, yVar);
            yVar.release();
            return o10;
        } catch (Throwable th2) {
            ((je.b) c10).release();
            throw th2;
        }
    }

    public static boolean s(X509TrustManager x509TrustManager) {
        me.b bVar = le.p.f23783a;
        return le.q.f23809g >= 7 && androidx.appcompat.app.r.u(x509TrustManager);
    }

    @Override // je.l
    public final int E() {
        return this.A.f21407t;
    }

    @Override // io.netty.handler.ssl.f0
    public final boolean a() {
        return this.f20977y == 0;
    }

    @Override // je.l
    public final je.l b() {
        this.A.b();
        return this;
    }

    @Override // io.netty.handler.ssl.f0
    public final SSLEngine d(ae.j jVar, String str, int i10) {
        return m(jVar, str, i10, true);
    }

    @Override // io.netty.handler.ssl.f0
    public final g0 e(ae.j jVar, String str, int i10, boolean z10) {
        return new g0(m(jVar, str, i10, false), z10);
    }

    public final p f() {
        return this.f20976x;
    }

    @Override // je.l
    public final je.l g(Object obj) {
        this.A.g(obj);
        return this;
    }

    public final void i() {
        Lock writeLock = this.G.writeLock();
        writeLock.lock();
        try {
            long j10 = this.f20974v;
            if (j10 != 0) {
                if (this.E) {
                    SSLContext.disableOcsp(j10);
                }
                SSLContext.free(this.f20974v);
                this.f20974v = 0L;
            }
            writeLock.unlock();
        } catch (Throwable th2) {
            writeLock.unlock();
            throw th2;
        }
    }

    public final int j() {
        return this.H;
    }

    public abstract u k();

    public SSLEngine m(ae.j jVar, String str, int i10, boolean z10) {
        return new c0(this, jVar, str, i10, z10, true);
    }

    public abstract v n();

    @Override // je.l
    public final boolean release() {
        return this.A.release();
    }
}
