package com.rsa.sslj.x;

import com.rsa.crypto.AlgorithmStrings;
import com.rsa.jsafe.provider.X942DHParameterSpec;
import com.rsa.jsafe.provider.X942DHPrivateKeySpec;
import com.rsa.jsafe.provider.X942DHPublicKeySpec;
import com.rsa.jsse.SuiteBMode;
import com.rsa.jsse.engine.util.Debug;
import com.rsa.sslj.x.C0123br;
import java.net.Socket;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.x500.X500Principal;

/* renamed from: com.rsa.sslj.x.ci, reason: case insensitive filesystem */
/* loaded from: classes.dex */
public class C0141ci implements X509KeyManager {

    /* renamed from: a, reason: collision with root package name */
    private static final List<aW> f4413a = Arrays.asList(aW.a());

    /* renamed from: b, reason: collision with root package name */
    private static final Pattern f4414b = Pattern.compile("CN=([^,;]*)");

    /* renamed from: c, reason: collision with root package name */
    private static final String[] f4415c = {"RSA", AlgorithmStrings.DSA, AlgorithmStrings.ECDSA, "DiffieHellman", "ECDH"};

    /* renamed from: d, reason: collision with root package name */
    private static final String[] f4416d = new String[0];
    private static final String h = "default";
    private final Map<String, c> e = new HashMap();
    private final Map<String, List<c>> f = new HashMap();
    private X509KeyManager g;

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: com.rsa.sslj.x.ci$a */
    /* loaded from: classes.dex */
    public enum a {
        SERVER,
        CLIENT,
        UNKNOWN
    }

    /* renamed from: com.rsa.sslj.x.ci$b */
    /* loaded from: classes.dex */
    public static final class b {

        /* renamed from: a, reason: collision with root package name */
        private final C0097as f4421a;

        /* renamed from: b, reason: collision with root package name */
        private final c f4422b;

        /* renamed from: c, reason: collision with root package name */
        private final String f4423c;

        public b(C0097as c0097as, c cVar, String str) {
            this.f4421a = c0097as;
            this.f4422b = cVar;
            this.f4423c = str;
        }

        public C0097as a() {
            return this.f4421a;
        }

        public X509Certificate[] b() {
            return this.f4422b.f();
        }

        public String c() {
            return this.f4423c;
        }

        public String d() {
            return this.f4422b.b();
        }

        public PrivateKey e() {
            return this.f4422b.d();
        }

        public PublicKey f() {
            return this.f4422b.e();
        }

        public aW g() {
            return this.f4422b.h();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: com.rsa.sslj.x.ci$c */
    /* loaded from: classes.dex */
    public final class c {

        /* renamed from: b, reason: collision with root package name */
        private a f4425b;

        /* renamed from: c, reason: collision with root package name */
        private PrivateKey f4426c;

        /* renamed from: d, reason: collision with root package name */
        private final X509Certificate[] f4427d;
        private String e;
        private final aW f;
        private final List<String> g;
        private bS h;
        private final Set<X500Principal> i;
        private final String j;
        private PublicKey k;
        private boolean l;
        private boolean m;

        private c(PrivateKey privateKey, X509Certificate[] x509CertificateArr, String str, C0112bg c0112bg, a aVar) {
            this.f4425b = aVar;
            this.f4426c = privateKey;
            this.j = str;
            this.f4427d = x509CertificateArr;
            int i = 0;
            X509Certificate x509Certificate = x509CertificateArr[0];
            this.k = x509Certificate.getPublicKey();
            this.i = new HashSet();
            while (true) {
                X509Certificate[] x509CertificateArr2 = this.f4427d;
                if (i >= x509CertificateArr2.length) {
                    break;
                }
                this.i.add(x509CertificateArr2[i].getIssuerX500Principal());
                i++;
            }
            this.e = C0114bi.a(this.k.getAlgorithm());
            this.f = aW.b(C0114bi.a(x509Certificate.getSigAlgName()));
            if (this.e.startsWith("Diffie")) {
                PublicKey publicKey = this.k;
                if (!(publicKey instanceof DHPublicKey)) {
                    this.k = C0134cb.a(publicKey, "DH", c0112bg.f4357c);
                }
                PrivateKey privateKey2 = this.f4426c;
                if (!(privateKey2 instanceof DHPrivateKey)) {
                    this.f4426c = C0134cb.a(privateKey2, "DH", c0112bg.f4357c);
                }
                DHPublicKey dHPublicKey = (DHPublicKey) this.k;
                if (!(dHPublicKey.getParams() instanceof X942DHParameterSpec)) {
                    DHParameterSpec params = dHPublicKey.getParams();
                    X942DHParameterSpec x942DHParameterSpec = C0123br.f4369a.get(new C0123br.a(params.getP(), params.getG()));
                    if (x942DHParameterSpec != null) {
                        try {
                            this.k = KeyFactory.getInstance("DiffieHellman", c0112bg.f4357c).generatePublic(new X942DHPublicKeySpec(dHPublicKey.getY(), x942DHParameterSpec.getP(), x942DHParameterSpec.getG(), x942DHParameterSpec.getQ()));
                        } catch (Exception unused) {
                        }
                        try {
                            this.f4426c = KeyFactory.getInstance("DiffieHellman", c0112bg.f4357c).generatePrivate(new X942DHPrivateKeySpec(((DHPrivateKey) this.f4426c).getX(), x942DHParameterSpec.getP(), x942DHParameterSpec.getG(), x942DHParameterSpec.getQ()));
                        } catch (Exception unused2) {
                        }
                    }
                }
            } else if (this.e.equals(AlgorithmStrings.EC)) {
                a(c0112bg);
            }
            this.g = a(x509Certificate);
        }

        private List<String> a(X509Certificate x509Certificate) {
            String group;
            ArrayList arrayList = new ArrayList();
            try {
                Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                if (subjectAlternativeNames != null) {
                    for (List<?> list : subjectAlternativeNames) {
                        if (((Integer) list.get(0)).intValue() == 2) {
                            arrayList.add((String) list.get(1));
                        }
                    }
                }
                if (!arrayList.isEmpty()) {
                    return arrayList;
                }
                Matcher matcher = C0141ci.f4414b.matcher(x509Certificate.getSubjectX500Principal().getName());
                if (!matcher.matches() || (group = matcher.group(1)) == "") {
                    return arrayList;
                }
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(group);
                return arrayList2;
            } catch (CertificateParsingException e) {
                throw new RuntimeException(e);
            }
        }

        private void a(C0112bg c0112bg) {
            this.f4426c = C0101aw.a(this.f4426c, c0112bg.f4357c);
            this.k = C0101aw.a(this.k, c0112bg.f4357c);
            this.h = bS.a(this.k);
            boolean[] keyUsage = this.f4427d[0].getKeyUsage();
            if (keyUsage == null) {
                if (Debug.keyManager) {
                    StringBuilder b2 = b.a.a.a.a.b("ECC Certificate with no KeyUsage extension, allow ECDSA or ECDH: ");
                    b2.append(this.f4427d[0].toString());
                    Debug.println(b2.toString());
                }
                this.e = AlgorithmStrings.EC;
                return;
            }
            this.e = "";
            if (ck.a(keyUsage, 0)) {
                this.e = AlgorithmStrings.ECDSA;
                if (this.h == bS.f4305b && this.f == aW.k) {
                    this.l = true;
                } else if (this.h == bS.f4306c && this.f == aW.l) {
                    this.m = true;
                }
            }
            if (ck.a(keyUsage, 4)) {
                if (this.e.equals(AlgorithmStrings.ECDSA)) {
                    this.e = AlgorithmStrings.EC;
                } else {
                    this.e = "ECDH";
                }
            }
            if (this.e.length() == 0 && Debug.keyManager) {
                StringBuilder b3 = b.a.a.a.a.b("ECC Certificate with unusable KeyUsage extension: ");
                b3.append(this.f4427d[0].toString());
                Debug.println(b3.toString());
            }
        }

        public Set<X500Principal> a() {
            return this.i;
        }

        public void a(a aVar) {
            this.f4425b = aVar;
        }

        public String b() {
            return this.j;
        }

        public a c() {
            return this.f4425b;
        }

        public PrivateKey d() {
            return this.f4426c;
        }

        public PublicKey e() {
            return this.k;
        }

        public X509Certificate[] f() {
            return this.f4427d;
        }

        public String g() {
            return this.e;
        }

        public aW h() {
            return this.f;
        }

        public List<String> i() {
            return this.g;
        }

        public bS j() {
            return this.h;
        }
    }

    public C0141ci(KeyStore keyStore, char[] cArr, C0112bg c0112bg) {
        Certificate[] certificateChain;
        Certificate[] certificateArr;
        if (keyStore == null) {
            return;
        }
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                Key key = keyStore.getKey(nextElement, cArr);
                if ((key instanceof PrivateKey) && (certificateChain = keyStore.getCertificateChain(nextElement)) != null && certificateChain.length != 0 && (certificateChain[0] instanceof X509Certificate)) {
                    if (certificateChain instanceof X509Certificate[]) {
                        certificateArr = certificateChain;
                    } else {
                        certificateArr = new X509Certificate[certificateChain.length];
                        System.arraycopy(certificateChain, 0, certificateArr, 0, certificateChain.length);
                    }
                    a(nextElement, (PrivateKey) key, certificateArr, c0112bg, a.UNKNOWN);
                }
            }
        }
    }

    public C0141ci(X509KeyManager x509KeyManager, C0112bg c0112bg) {
        this.g = x509KeyManager;
        int i = 0;
        while (true) {
            String[] strArr = f4415c;
            if (i >= strArr.length) {
                break;
            }
            String[] serverAliases = x509KeyManager.getServerAliases(strArr[i], null);
            if (serverAliases != null) {
                for (String str : serverAliases) {
                    X509Certificate[] certificateChain = x509KeyManager.getCertificateChain(str);
                    PrivateKey privateKey = x509KeyManager.getPrivateKey(str);
                    if (certificateChain != null && certificateChain.length > 0 && privateKey != null) {
                        a(str, privateKey, certificateChain, c0112bg, a.SERVER);
                    }
                }
            }
            String[] clientAliases = x509KeyManager.getClientAliases(f4415c[i], null);
            if (clientAliases != null) {
                for (String str2 : clientAliases) {
                    X509Certificate[] certificateChain2 = x509KeyManager.getCertificateChain(str2);
                    PrivateKey privateKey2 = x509KeyManager.getPrivateKey(str2);
                    if (certificateChain2 != null && certificateChain2.length > 0 && privateKey2 != null) {
                        a(str2, privateKey2, certificateChain2, c0112bg, a.CLIENT);
                    }
                }
            }
            i++;
        }
        if (this.e.isEmpty()) {
            X509Certificate[] certificateChain3 = x509KeyManager.getCertificateChain("");
            PrivateKey privateKey3 = x509KeyManager.getPrivateKey("");
            if (certificateChain3 == null || certificateChain3.length <= 0 || privateKey3 == null) {
                return;
            }
            a(h, privateKey3, certificateChain3, c0112bg, a.UNKNOWN);
        }
    }

    private String a(String[] strArr, List<String> list) {
        for (String str : strArr) {
            if (list.contains(str)) {
                return str;
            }
        }
        return null;
    }

    private List<aW> a(boolean z) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList(aW.f4174d, aW.f4171a, aW.i));
        if (!z && C0110be.s()) {
            arrayList.add(aW.f4173c);
        }
        return arrayList;
    }

    private void a(String str, c cVar) {
        List<c> list = this.f.get(str);
        if (list == null) {
            list = new ArrayList<>();
            this.f.put(str, list);
        }
        list.add(cVar);
    }

    /* JADX WARN: Removed duplicated region for block: B:19:0x009c  */
    /* JADX WARN: Removed duplicated region for block: B:21:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void a(java.lang.String r11, java.security.PrivateKey r12, java.security.cert.Certificate[] r13, com.rsa.sslj.x.C0112bg r14, com.rsa.sslj.x.C0141ci.a r15) {
        /*
            r10 = this;
            boolean r0 = com.rsa.jsse.engine.util.f.a()
            java.lang.String r1 = "EC"
            if (r0 != 0) goto L19
            boolean r0 = com.rsa.jsse.engine.util.f.b()
            if (r0 != 0) goto L19
            java.lang.String r0 = r12.getAlgorithm()
            boolean r0 = r0.startsWith(r1)
            if (r0 == 0) goto L19
            return
        L19:
            java.util.Map<java.lang.String, com.rsa.sslj.x.ci$c> r0 = r10.e
            java.lang.Object r0 = r0.get(r11)
            com.rsa.sslj.x.ci$c r0 = (com.rsa.sslj.x.C0141ci.c) r0
            if (r0 == 0) goto L29
            com.rsa.sslj.x.ci$a r11 = com.rsa.sslj.x.C0141ci.a.UNKNOWN
            r0.a(r11)
            return
        L29:
            com.rsa.sslj.x.ci$c r0 = new com.rsa.sslj.x.ci$c
            r5 = r13
            java.security.cert.X509Certificate[] r5 = (java.security.cert.X509Certificate[]) r5
            r9 = 0
            r2 = r0
            r3 = r10
            r4 = r12
            r6 = r11
            r7 = r14
            r8 = r15
            r2.<init>(r4, r5, r6, r7, r8)
            java.util.Map<java.lang.String, com.rsa.sslj.x.ci$c> r12 = r10.e
            r12.put(r11, r0)
            java.lang.String r12 = r0.g()
            boolean r14 = r12.equals(r1)
            java.lang.String r15 = "ECDH"
            if (r14 == 0) goto L67
            r10.a(r15, r0)
            java.lang.String r12 = "ECDH_"
            java.lang.StringBuilder r12 = b.a.a.a.a.b(r12)
            com.rsa.sslj.x.aW r14 = r0.h()
            java.lang.String r14 = r14.f()
            r12.append(r14)
            java.lang.String r12 = r12.toString()
            r10.a(r12, r0)
            java.lang.String r12 = "ECDSA"
            goto L93
        L67:
            int r14 = r12.length()
            if (r14 <= 0) goto L70
            r10.a(r12, r0)
        L70:
            java.lang.String r14 = "Diffie"
            boolean r14 = r12.startsWith(r14)
            if (r14 != 0) goto L7e
            boolean r14 = r12.equals(r15)
            if (r14 == 0) goto L96
        L7e:
            java.lang.String r14 = "_"
            java.lang.StringBuilder r12 = b.a.a.a.a.b(r12, r14)
            com.rsa.sslj.x.aW r14 = r0.h()
            java.lang.String r14 = r14.f()
            r12.append(r14)
            java.lang.String r12 = r12.toString()
        L93:
            r10.a(r12, r0)
        L96:
            boolean r12 = com.rsa.jsse.engine.util.Debug.isKeyManager()
            if (r12 == 0) goto Lb3
            java.lang.StringBuilder r12 = new java.lang.StringBuilder
            r12.<init>()
            java.lang.String r14 = "*** Found key for alias: "
            r12.append(r14)
            r12.append(r11)
            java.lang.String r11 = r12.toString()
            com.rsa.jsse.engine.util.Debug.println(r11)
            com.rsa.jsse.engine.util.Debug.println(r13)
        Lb3:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.rsa.sslj.x.C0141ci.a(java.lang.String, java.security.PrivateKey, java.security.cert.Certificate[], com.rsa.sslj.x.bg, com.rsa.sslj.x.ci$a):void");
    }

    private boolean a(C0097as c0097as, c cVar, List<aW> list, String str, List<bS> list2, SuiteBMode suiteBMode, Principal[] principalArr) {
        if (!list.contains(cVar.h())) {
            return false;
        }
        if (principalArr != null && !a(cVar.a(), principalArr)) {
            return false;
        }
        if (!str.startsWith(AlgorithmStrings.EC)) {
            return true;
        }
        bS j = cVar.j();
        if (list2 != null && !list2.contains(j)) {
            return false;
        }
        if (!bM.a(suiteBMode, c0097as)) {
            return true;
        }
        if (!c0097as.u() || cVar.l) {
            return !c0097as.v() || cVar.m;
        }
        return false;
    }

    private boolean a(Set<X500Principal> set, Principal[] principalArr) {
        for (Principal principal : principalArr) {
            if (set.contains(principal)) {
                return true;
            }
        }
        return false;
    }

    private String[] a(String str, Principal[] principalArr, a aVar) {
        Object[] array;
        if (str == null) {
            return null;
        }
        if (principalArr == null) {
            principalArr = new X500Principal[0];
        }
        if (!(principalArr instanceof X500Principal[])) {
            principalArr = a(principalArr);
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        List<c> list = this.f.get(str);
        if (list != null) {
            for (c cVar : list) {
                a c2 = cVar.c();
                if (c2 == aVar || c2 == a.UNKNOWN) {
                    boolean z = true;
                    if (principalArr.length > 0) {
                        Set<X500Principal> a2 = cVar.a();
                        int i = 0;
                        while (true) {
                            if (i >= principalArr.length) {
                                z = false;
                                break;
                            }
                            if (a2.contains(principalArr[i])) {
                                break;
                            }
                            i++;
                        }
                    }
                    if (z) {
                        String b2 = cVar.b();
                        if (c2 == aVar) {
                            arrayList.add(b2);
                        } else {
                            arrayList2.add(b2);
                        }
                    }
                }
            }
        }
        if (!arrayList.isEmpty()) {
            array = arrayList.toArray(f4416d);
        } else {
            if (arrayList2.isEmpty()) {
                return null;
            }
            array = arrayList2.toArray(f4416d);
        }
        return (String[]) array;
    }

    private X500Principal[] a(Principal[] principalArr) {
        ArrayList arrayList = new ArrayList(principalArr.length);
        for (Principal principal : principalArr) {
            if (principal instanceof X500Principal) {
                arrayList.add((X500Principal) principal);
            } else {
                arrayList.add(new X500Principal(principal.getName()));
            }
        }
        return (X500Principal[]) arrayList.toArray(new X500Principal[arrayList.size()]);
    }

    /* JADX WARN: Code restructure failed: missing block: B:38:0x0089, code lost:
    
        if (r7.s() != false) goto L50;
     */
    /* JADX WARN: Code restructure failed: missing block: B:39:0x008b, code lost:
    
        if (r16 == false) goto L48;
     */
    /* JADX WARN: Code restructure failed: missing block: B:40:0x008d, code lost:
    
        r3 = com.rsa.sslj.x.C0141ci.f4413a;
     */
    /* JADX WARN: Code restructure failed: missing block: B:41:0x0094, code lost:
    
        r19 = r3;
     */
    /* JADX WARN: Code restructure failed: missing block: B:87:0x0090, code lost:
    
        r3 = a(false);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.rsa.sslj.x.C0141ci.b a(java.util.List<com.rsa.sslj.x.C0097as> r25, java.util.List r26, java.util.List<com.rsa.sslj.x.bS> r27, java.lang.String[] r28, com.rsa.sslj.x.aE r29, boolean r30, com.rsa.jsse.SuiteBMode r31, java.security.Principal[] r32) {
        /*
            Method dump skipped, instructions count: 359
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.rsa.sslj.x.C0141ci.a(java.util.List, java.util.List, java.util.List, java.lang.String[], com.rsa.sslj.x.aE, boolean, com.rsa.jsse.SuiteBMode, java.security.Principal[]):com.rsa.sslj.x.ci$b");
    }

    public PublicKey a(String str) {
        c cVar;
        if (str == null || (cVar = this.e.get(str)) == null) {
            return null;
        }
        return cVar.e();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        String chooseClientAlias;
        X509KeyManager x509KeyManager = this.g;
        if (x509KeyManager != null && (chooseClientAlias = x509KeyManager.chooseClientAlias(strArr, principalArr, socket)) != null && chooseClientAlias.length() > 0) {
            return chooseClientAlias;
        }
        if (strArr == null) {
            return null;
        }
        for (String str : strArr) {
            String[] clientAliases = getClientAliases(str, principalArr);
            if (clientAliases != null && clientAliases.length > 0) {
                return clientAliases[0];
            }
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        String[] serverAliases;
        String chooseServerAlias;
        X509KeyManager x509KeyManager = this.g;
        if (x509KeyManager != null && (chooseServerAlias = x509KeyManager.chooseServerAlias(str, principalArr, socket)) != null && chooseServerAlias.length() > 0) {
            return chooseServerAlias;
        }
        if (str == null || (serverAliases = getServerAliases(str, principalArr)) == null) {
            return null;
        }
        return serverAliases[0];
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        c cVar;
        if (str == null || (cVar = this.e.get(str)) == null) {
            return null;
        }
        return (X509Certificate[]) cVar.f4427d.clone();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        String[] clientAliases;
        X509KeyManager x509KeyManager = this.g;
        return (x509KeyManager == null || (clientAliases = x509KeyManager.getClientAliases(str, principalArr)) == null || clientAliases.length <= 0) ? a(str, principalArr, a.CLIENT) : clientAliases;
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        c cVar;
        if (str == null || (cVar = this.e.get(str)) == null) {
            return null;
        }
        return cVar.d();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        String[] serverAliases;
        X509KeyManager x509KeyManager = this.g;
        return (x509KeyManager == null || (serverAliases = x509KeyManager.getServerAliases(str, principalArr)) == null || serverAliases.length <= 0) ? a(str, principalArr, a.SERVER) : serverAliases;
    }
}
