package com.rsa.sslj.x;

import com.rsa.cryptoj.o.ki;
import com.rsa.jsafe.crypto.CryptoJVersion;
import com.rsa.jsafe.provider.JsafeJCE;
import com.rsa.jsse.PSKKeyManager;
import com.rsa.jsse.SuiteBMode;
import com.rsa.jsse.engine.util.Debug;
import com.rsa.sslj.x.C0103ay;
import java.security.InvalidParameterException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class aF {

    /* renamed from: a, reason: collision with root package name */
    boolean f4130a;

    /* renamed from: b, reason: collision with root package name */
    private C0112bg f4131b;

    /* renamed from: c, reason: collision with root package name */
    private SecureRandom f4132c;

    /* renamed from: d, reason: collision with root package name */
    private X509KeyManager f4133d;
    private PSKKeyManager e;
    private X509TrustManager f;
    private aP g;
    private aP h;
    private boolean i;
    private List j;
    private List k;
    private AlgorithmParameterSpec[] l;

    public aF(C0112bg c0112bg) {
        this.g = new aP(c0112bg);
        this.h = new aP(c0112bg);
        this.f4131b = c0112bg;
    }

    private void a(List list) {
        if (com.rsa.jsse.engine.util.f.c()) {
            return;
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            if (((C0097as) it.next()).h() >= 256) {
                it.remove();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static TrustManager[] a(KeyStore keyStore, C0112bg c0112bg) {
        try {
            if (Debug.isSslCtx()) {
                Debug.println("Initializing trust managers");
            }
            TrustManagerFactorySpi c0137ce = bM.a(c0112bg.f) ? c0112bg.f.getEnforcementLevel() == SuiteBMode.EnforcementLevel.STRICT ? new C0137ce(c0112bg) : new C0136cd(c0112bg) : new C0138cf(c0112bg);
            c0137ce.engineInit(keyStore);
            return c0137ce.engineGetTrustManagers();
        } catch (KeyStoreException e) {
            throw new KeyManagementException(e.getMessage());
        }
    }

    private void b(List list) {
        Iterator it = list.iterator();
        while (it.hasNext()) {
            if (((C0097as) it.next()).o()) {
                it.remove();
            }
        }
    }

    private void o() {
        StringBuilder sb;
        String str;
        if (Debug.isSslCtx()) {
            if (this.f4131b.f4357c.getVersion() < 6.25d) {
                sb = new StringBuilder();
                str = "WARNING: Minimum recommended Crypto-J version is 6.2.5.0, found version: ";
            } else {
                sb = new StringBuilder();
                str = "Using Crypto-J version: ";
            }
            sb.append(str);
            sb.append(CryptoJVersion.getVersionString());
            Debug.println(sb.toString());
        }
    }

    private void p() {
        if (this.f4132c != null) {
            return;
        }
        if (Debug.isSslCtx()) {
            Debug.println("Initializing default SecureRandom from Crypto layer");
        }
        try {
            this.f4132c = SecureRandom.getInstance(ki.f2182a, this.f4131b.f4357c);
            this.f4132c.setSeed(JsafeJCE.getSeeder().generateSeed(20));
            if (Debug.isSslCtx()) {
                Debug.println("Finished seeding default SecureRandom");
            }
        } catch (NoSuchAlgorithmException e) {
            throw new SecurityException(e);
        }
    }

    private List q() {
        int i;
        C0112bg c0112bg = this.f4131b;
        List b2 = C0097as.b(c0112bg.e, c0112bg.f);
        ArrayList arrayList = new ArrayList();
        int size = b2.size();
        for (0; i < size; i + 1) {
            C0097as c0097as = (C0097as) b2.get(i);
            if (!c0097as.m()) {
                String f = c0097as.f();
                if (c0097as.e().b()) {
                    f = b.a.a.a.a.a("DiffieHellman_", f);
                } else if (c0097as.e().c()) {
                    f = c0097as.e().toString();
                }
                X509KeyManager x509KeyManager = this.f4133d;
                String[] serverAliases = x509KeyManager != null ? x509KeyManager.getServerAliases(f, null) : null;
                if (serverAliases != null) {
                    for (int i2 = 0; i2 < serverAliases.length; i2++) {
                        if (this.f4133d.getCertificateChain(serverAliases[i2]) != null && this.f4133d.getPrivateKey(serverAliases[i2]) != null) {
                            arrayList.add(c0097as);
                            break;
                        }
                    }
                }
            } else if (this.e != null) {
                i = c0097as.e().a().equals(C0103ay.a.f4281d) ? 0 : i + 1;
                arrayList.add(c0097as);
                break;
            } else {
                if (c0097as.e().a().equals(C0103ay.a.f4281d)) {
                }
                arrayList.add(c0097as);
                break;
            }
        }
        if (!com.rsa.jsse.engine.util.f.a() && !com.rsa.jsse.engine.util.f.b()) {
            b(arrayList);
        }
        a(arrayList);
        return arrayList;
    }

    private List r() {
        ArrayList arrayList = new ArrayList();
        C0112bg c0112bg = this.f4131b;
        arrayList.addAll(C0097as.b(c0112bg.e, c0112bg.f));
        if (!com.rsa.jsse.engine.util.f.a() && !com.rsa.jsse.engine.util.f.b()) {
            b(arrayList);
        }
        a(arrayList);
        return arrayList;
    }

    public SSLSessionContext a() {
        return this.g;
    }

    public void a(X509Certificate[] x509CertificateArr, String str, boolean z) {
        if (z) {
            this.f.checkServerTrusted(x509CertificateArr, str);
        } else {
            if (this.i && C0110be.d()) {
                return;
            }
            this.f.checkClientTrusted(x509CertificateArr, str);
        }
    }

    public void a(AlgorithmParameterSpec[] algorithmParameterSpecArr) {
        this.l = algorithmParameterSpecArr;
    }

    public void a(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, SecureRandom secureRandom) {
        int i = 0;
        this.f4130a = false;
        o();
        if (secureRandom == null) {
            p();
        } else {
            this.f4132c = secureRandom;
            if (Debug.isSslCtx()) {
                Debug.println("Using provided SecureRandom");
            }
        }
        if (Debug.isSslCtx() && (com.rsa.jsse.engine.util.f.a() || com.rsa.jsse.engine.util.f.b())) {
            StringBuilder b2 = b.a.a.a.a.b("SecureRandom algorithm: ");
            b2.append(this.f4132c.getAlgorithm());
            Debug.println(b2.toString());
        }
        this.f = (X509TrustManager) (trustManagerArr != null ? trustManagerArr[0] : a(null, this.f4131b)[0]);
        if (bM.a(this.f4131b.f)) {
            if (!ck.class.isInstance(this.f)) {
                throw new InvalidParameterException("In any SuiteB mode one of the SuiteB TrustManagers must be used");
            }
            ck ckVar = (ck) this.f;
            if (!ckVar.b() && !ckVar.a()) {
                throw new InvalidParameterException("In any SuiteB mode one of the SuiteB TrustManagers must be used");
            }
        }
        X509Certificate[] acceptedIssuers = this.f.getAcceptedIssuers();
        this.i = acceptedIssuers == null || acceptedIssuers.length == 0;
        if (keyManagerArr == null || keyManagerArr.length <= 0) {
            try {
                this.f4133d = new C0141ci(null, null, this.f4131b);
            } catch (Exception e) {
                throw new KeyManagementException(e);
            }
        } else {
            int i2 = 0;
            while (true) {
                if (i2 >= keyManagerArr.length) {
                    break;
                }
                if (keyManagerArr[i2] instanceof C0141ci) {
                    this.f4133d = (C0141ci) keyManagerArr[i2];
                    break;
                } else {
                    if (keyManagerArr[i2] instanceof PSKKeyManager) {
                        this.e = (PSKKeyManager) keyManagerArr[i2];
                        break;
                    }
                    i2++;
                }
            }
            if (this.f4133d == null) {
                while (true) {
                    if (i >= keyManagerArr.length) {
                        break;
                    }
                    if (keyManagerArr[i] instanceof X509KeyManager) {
                        this.f4133d = new C0141ci((X509KeyManager) keyManagerArr[i], this.f4131b);
                        break;
                    }
                    i++;
                }
            }
        }
        this.j = q();
        this.k = r();
        this.f4130a = true;
    }

    public X509Certificate[] a(String str) {
        return this.f4133d.getCertificateChain(str);
    }

    public PublicKey b(String str) {
        return ((C0141ci) this.f4133d).a(str);
    }

    public SSLSessionContext b() {
        return this.h;
    }

    public PrivateKey c(String str) {
        return this.f4133d.getPrivateKey(str);
    }

    public SSLServerSocketFactory c() {
        if (this.f4130a) {
            return new aN(this);
        }
        throw new IllegalStateException("SSLContext not initialized");
    }

    public SSLSocketFactory d() {
        if (this.f4130a) {
            return new aS(this);
        }
        throw new IllegalStateException("SSLContext not initialized");
    }

    public C0112bg e() {
        return this.f4131b;
    }

    public X509Certificate[] f() {
        return this.f.getAcceptedIssuers();
    }

    public SecureRandom g() {
        return this.f4132c;
    }

    public X509KeyManager h() {
        return this.f4133d;
    }

    public PSKKeyManager i() {
        return this.e;
    }

    public X509TrustManager j() {
        return this.f;
    }

    public boolean k() {
        return this.i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List l() {
        return this.j;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List m() {
        return this.k;
    }

    public AlgorithmParameterSpec[] n() {
        return this.l;
    }
}
