package org.bouncycastle.jsse.provider;

import java.lang.ref.SoftReference;
import java.net.Socket;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicLong;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;

/* loaded from: classes5.dex */
class o1 extends X509ExtendedKeyManager {

    /* renamed from: f, reason: collision with root package name */
    private static final int f55184f = 3;

    /* renamed from: a, reason: collision with root package name */
    private final org.bouncycastle.jcajce.util.f f55187a;

    /* renamed from: b, reason: collision with root package name */
    private final List<KeyStore.Builder> f55188b;

    /* renamed from: c, reason: collision with root package name */
    private final Map<String, SoftReference<KeyStore.PrivateKeyEntry>> f55189c = Collections.synchronizedMap(new a(16, 0.75f, true));

    /* renamed from: d, reason: collision with root package name */
    private final AtomicLong f55190d = new AtomicLong();

    /* renamed from: e, reason: collision with root package name */
    private static final Logger f55183e = Logger.getLogger(o1.class.getName());

    /* renamed from: g, reason: collision with root package name */
    private static final Map<String, c> f55185g = l();

    /* renamed from: h, reason: collision with root package name */
    private static final Map<String, c> f55186h = m();

    /* loaded from: classes5.dex */
    public class a extends LinkedHashMap<String, SoftReference<KeyStore.PrivateKeyEntry>> {
        public a(int i10, float f10, boolean z10) {
            super(i10, f10, z10);
        }

        @Override // java.util.LinkedHashMap
        public boolean removeEldestEntry(Map.Entry<String, SoftReference<KeyStore.PrivateKeyEntry>> entry) {
            return size() > 16;
        }
    }

    /* loaded from: classes5.dex */
    public static final class b implements Comparable<b> {

        /* renamed from: d, reason: collision with root package name */
        public static final b f55192d = new b(-1, null, a.NONE);

        /* renamed from: a, reason: collision with root package name */
        public final int f55193a;

        /* renamed from: b, reason: collision with root package name */
        public final String f55194b;

        /* renamed from: c, reason: collision with root package name */
        public final a f55195c;

        /* loaded from: classes5.dex */
        public enum a {
            OK,
            MISMATCH_SNI,
            EXPIRED,
            NONE
        }

        public b(int i10, String str, a aVar) {
            this.f55193a = i10;
            this.f55194b = str;
            this.f55195c = aVar;
        }

        @Override // java.lang.Comparable
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public int compareTo(b bVar) {
            return this.f55195c.compareTo(bVar.f55195c);
        }
    }

    /* loaded from: classes5.dex */
    public static final class c {

        /* renamed from: a, reason: collision with root package name */
        public final String f55201a;

        /* renamed from: b, reason: collision with root package name */
        public final Class<? extends PublicKey> f55202b;

        /* renamed from: c, reason: collision with root package name */
        public final int f55203c;

        public c(String str, Class<? extends PublicKey> cls, int i10) {
            this.f55201a = str;
            this.f55202b = cls;
            this.f55203c = i10;
        }

        private boolean b(PublicKey publicKey) {
            Class<? extends PublicKey> cls;
            String str = this.f55201a;
            return (str != null && str.equalsIgnoreCase(f0.C(publicKey))) || ((cls = this.f55202b) != null && cls.isInstance(publicKey));
        }

        public boolean a(PublicKey publicKey, boolean[] zArr, g8.a aVar) {
            return b(publicKey) && m0.n(publicKey, zArr, this.f55203c, aVar);
        }
    }

    public o1(org.bouncycastle.jcajce.util.f fVar, List<KeyStore.Builder> list) {
        this.f55187a = fVar;
        this.f55188b = list;
    }

    private static boolean A(X509Certificate[] x509CertificateArr, Set<Principal> set) {
        if (set == null || set.isEmpty()) {
            return true;
        }
        int length = x509CertificateArr.length;
        do {
            length--;
            if (length < 0) {
                X509Certificate x509Certificate = x509CertificateArr[0];
                return x509Certificate.getBasicConstraints() >= 0 && set.contains(x509Certificate.getSubjectX500Principal());
            }
        } while (!set.contains(x509CertificateArr[length].getIssuerX500Principal()));
        return true;
    }

    private static boolean B(X509Certificate[] x509CertificateArr) {
        for (X509Certificate x509Certificate : x509CertificateArr) {
            if (3 != x509Certificate.getVersion()) {
                return false;
            }
        }
        return true;
    }

    private static boolean C(X509Certificate x509Certificate, List<String> list, g8.a aVar, boolean z10) {
        Map<String, c> map = z10 ? f55186h : f55185g;
        PublicKey publicKey = x509Certificate.getPublicKey();
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            c cVar = map.get(it.next());
            if (cVar != null && cVar.a(publicKey, keyUsage, aVar)) {
                return true;
            }
        }
        return false;
    }

    private KeyStore.PrivateKeyEntry D(String str) {
        int i10;
        int indexOf;
        int parseInt;
        try {
            int indexOf2 = str.indexOf(46, 0);
            if (indexOf2 <= 0 || (indexOf = str.indexOf(46, (i10 = indexOf2 + 1))) <= i10 || (parseInt = Integer.parseInt(str.substring(0, indexOf2))) < 0 || parseInt >= this.f55188b.size()) {
                return null;
            }
            KeyStore.Builder builder = this.f55188b.get(parseInt);
            String substring = str.substring(i10, indexOf);
            KeyStore.Entry entry = builder.getKeyStore().getEntry(substring, builder.getProtectionParameter(substring));
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return (KeyStore.PrivateKeyEntry) entry;
            }
            return null;
        } catch (Exception e10) {
            f55183e.log(Level.FINER, "Failed to load PrivateKeyEntry: " + str, (Throwable) e10);
            return null;
        }
    }

    private static void a(Map<String, c> map, int i10, String str, Class<? extends PublicKey> cls, String... strArr) {
        c cVar = new c(str, cls, i10);
        for (String str2 : strArr) {
            if (map.put(str2.toUpperCase(Locale.ENGLISH), cVar) != null) {
                throw new IllegalStateException("Duplicate keys in filters");
            }
        }
    }

    private static void b(Map<String, c> map, Class<? extends PublicKey> cls, String... strArr) {
        a(map, 0, null, cls, strArr);
    }

    private static void c(Map<String, c> map, String str) {
        a(map, 0, str, null, str);
    }

    private static void d(Map<String, c> map, int i10, String str, Class<? extends PublicKey> cls, int... iArr) {
        a(map, i10, str, cls, t(iArr));
    }

    private static void e(Map<String, c> map, int i10, String str, int... iArr) {
        d(map, i10, str, null, iArr);
    }

    private static void f(Map<String, c> map, Class<? extends PublicKey> cls, int... iArr) {
        d(map, 0, null, cls, iArr);
    }

    private static void g(Map<String, c> map, String str, int... iArr) {
        e(map, 0, str, iArr);
    }

    private static List<b> h(List<b> list, List<b> list2) {
        if (list2 == null || list2.isEmpty()) {
            return list;
        }
        if (list == null) {
            return list2;
        }
        list.addAll(list2);
        return list;
    }

    private static List<b> i(List<b> list, b bVar) {
        if (list == null) {
            list = new ArrayList<>();
        }
        list.add(bVar);
        return list;
    }

    private String j(List<String> list, Principal[] principalArr, y1 y1Var, boolean z10) {
        b bVar = b.f55192d;
        if (!this.f55188b.isEmpty() && !list.isEmpty()) {
            Set<Principal> y10 = y(principalArr);
            g8.a c10 = y1.c(y1Var, true);
            Date date = new Date();
            String x10 = x(y1Var, z10);
            int size = this.f55188b.size();
            b bVar2 = bVar;
            int i10 = 0;
            while (true) {
                if (i10 >= size) {
                    bVar = bVar2;
                    break;
                }
                try {
                    bVar = k(i10, list, y10, c10, z10, date, x10);
                    if (bVar.compareTo(bVar2) < 0) {
                        try {
                            if (b.a.OK == bVar.f55195c) {
                                break;
                            }
                        } catch (Exception unused) {
                        }
                        bVar2 = bVar;
                    } else {
                        continue;
                    }
                } catch (Exception unused2) {
                }
                i10++;
            }
        }
        if (b.f55192d == bVar) {
            f55183e.fine("No matching key found");
            return null;
        }
        String n10 = n(bVar, u());
        f55183e.fine("Found matching key, returning alias: " + n10);
        return n10;
    }

    private b k(int i10, List<String> list, Set<Principal> set, g8.a aVar, boolean z10, Date date, String str) throws Exception {
        KeyStore keyStore = this.f55188b.get(i10).getKeyStore();
        b bVar = b.f55192d;
        Enumeration<String> aliases = keyStore.aliases();
        b bVar2 = bVar;
        while (aliases.hasMoreElements()) {
            b v10 = v(i10, keyStore, aliases.nextElement(), bVar2.f55195c, list, set, aVar, z10, date, str);
            if (v10 != null) {
                bVar2 = v10;
                if (b.a.OK == v10.f55195c) {
                    break;
                }
            }
        }
        return bVar2;
    }

    private static Map<String, c> l() {
        HashMap hashMap = new HashMap();
        c(hashMap, org.bouncycastle.jcajce.spec.g.f54538b);
        c(hashMap, org.bouncycastle.jcajce.spec.g.f54539c);
        c(hashMap, com.alipay.sdk.m.j.d.f14284a);
        c(hashMap, "RSASSA-PSS");
        b(hashMap, DSAPublicKey.class, "DSA");
        b(hashMap, ECPublicKey.class, "EC");
        return Collections.unmodifiableMap(hashMap);
    }

    private static Map<String, c> m() {
        HashMap hashMap = new HashMap();
        c(hashMap, org.bouncycastle.jcajce.spec.g.f54538b);
        c(hashMap, org.bouncycastle.jcajce.spec.g.f54539c);
        c(hashMap, com.alipay.sdk.m.j.d.f14284a);
        c(hashMap, "RSASSA-PSS");
        f(hashMap, DSAPublicKey.class, 3, 22);
        f(hashMap, ECPublicKey.class, 17);
        g(hashMap, com.alipay.sdk.m.j.d.f14284a, 5, 19, 23);
        e(hashMap, 2, com.alipay.sdk.m.j.d.f14284a, 1);
        return Collections.unmodifiableMap(hashMap);
    }

    private static String n(b bVar, String str) {
        return bVar.f55193a + "." + bVar.f55194b + str;
    }

    private static String[] o(List<b> list, String str) {
        String[] strArr = new String[list.size()];
        Iterator<b> it = list.iterator();
        int i10 = 0;
        while (it.hasNext()) {
            strArr[i10] = n(it.next(), str);
            i10++;
        }
        return strArr;
    }

    private String[] p(List<String> list, Principal[] principalArr, y1 y1Var, boolean z10) {
        if (this.f55188b.isEmpty() || list.isEmpty()) {
            return null;
        }
        Set<Principal> y10 = y(principalArr);
        g8.a c10 = y1.c(y1Var, true);
        Date date = new Date();
        String x10 = x(y1Var, z10);
        int size = this.f55188b.size();
        List<b> list2 = null;
        for (int i10 = 0; i10 < size; i10++) {
            List<b> list3 = list2;
            try {
                list2 = h(list3, q(i10, list, y10, c10, z10, date, x10));
            } catch (Exception unused) {
                list2 = list3;
            }
        }
        List<b> list4 = list2;
        if (list4 == null || list4.isEmpty()) {
            return null;
        }
        Collections.sort(list4);
        return o(list4, u());
    }

    private List<b> q(int i10, List<String> list, Set<Principal> set, g8.a aVar, boolean z10, Date date, String str) throws Exception {
        b v10;
        KeyStore keyStore = this.f55188b.get(i10).getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        List<b> list2 = null;
        while (true) {
            List<b> list3 = list2;
            while (aliases.hasMoreElements()) {
                v10 = v(i10, keyStore, aliases.nextElement(), b.a.NONE, list, set, aVar, z10, date, str);
                if (v10 != null) {
                    break;
                }
            }
            return list3;
            list2 = i(list3, v10);
        }
    }

    private static b.a r(X509Certificate x509Certificate, Date date, String str) {
        try {
            x509Certificate.checkValidity(date);
            if (str != null) {
                try {
                    p1.i(str, x509Certificate, "HTTPS");
                } catch (CertificateException unused) {
                    return b.a.MISMATCH_SNI;
                }
            }
            return b.a.OK;
        } catch (CertificateException unused2) {
            return b.a.EXPIRED;
        }
    }

    private static List<String> s(String... strArr) {
        if (strArr != null && strArr.length > 0) {
            ArrayList arrayList = new ArrayList(strArr.length);
            for (String str : strArr) {
                if (str != null) {
                    arrayList.add(str.toUpperCase(Locale.ENGLISH));
                }
            }
            if (!arrayList.isEmpty()) {
                return Collections.unmodifiableList(arrayList);
            }
        }
        return Collections.emptyList();
    }

    private static String[] t(int... iArr) {
        int length = iArr.length;
        String[] strArr = new String[length];
        for (int i10 = 0; i10 < length; i10++) {
            strArr[i10] = f0.y(iArr[i10]);
        }
        return strArr;
    }

    private String u() {
        return "." + this.f55190d.incrementAndGet();
    }

    private b v(int i10, KeyStore keyStore, String str, b.a aVar, List<String> list, Set<Principal> set, g8.a aVar2, boolean z10, Date date, String str2) throws Exception {
        if (!keyStore.isKeyEntry(str)) {
            return null;
        }
        X509Certificate[] K = f0.K(keyStore.getCertificateChain(str));
        if (!z(K, list, set, aVar2, z10)) {
            return null;
        }
        b.a r10 = r(K[0], date, str2);
        if (r10.compareTo(aVar) < 0) {
            return new b(i10, str, r10);
        }
        return null;
    }

    private KeyStore.PrivateKeyEntry w(String str) {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        if (str == null) {
            return null;
        }
        SoftReference<KeyStore.PrivateKeyEntry> softReference = this.f55189c.get(str);
        if (softReference != null && (privateKeyEntry = softReference.get()) != null) {
            return privateKeyEntry;
        }
        KeyStore.PrivateKeyEntry D = D(str);
        if (D != null) {
            this.f55189c.put(str, new SoftReference<>(D));
        }
        return D;
    }

    private static String x(y1 y1Var, boolean z10) {
        org.bouncycastle.jsse.b e10;
        org.bouncycastle.jsse.c D;
        if (y1Var == null || !z10 || (e10 = y1Var.e()) == null || (D = f0.D(e10.f())) == null) {
            return null;
        }
        return D.e();
    }

    private static Set<Principal> y(Principal[] principalArr) {
        if (principalArr == null) {
            return null;
        }
        if (principalArr.length > 0) {
            HashSet hashSet = new HashSet();
            for (Principal principal : principalArr) {
                if (principal != null) {
                    hashSet.add(principal);
                }
            }
            if (!hashSet.isEmpty()) {
                return Collections.unmodifiableSet(hashSet);
            }
        }
        return Collections.emptySet();
    }

    private boolean z(X509Certificate[] x509CertificateArr, List<String> list, Set<Principal> set, g8.a aVar, boolean z10) {
        if (x509CertificateArr != null && x509CertificateArr.length >= 1 && B(x509CertificateArr) && A(x509CertificateArr, set) && C(x509CertificateArr[0], list, aVar, z10)) {
            try {
                m0.b(this.f55187a, aVar, Collections.emptySet(), x509CertificateArr, p1.p(z10), -1);
                return true;
            } catch (CertPathValidatorException unused) {
            }
        }
        return false;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return j(s(strArr), principalArr, y1.a(socket), false);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return j(s(strArr), principalArr, y1.b(sSLEngine), false);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        return j(s(str), principalArr, y1.b(sSLEngine), true);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return j(s(str), principalArr, y1.a(socket), true);
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        KeyStore.PrivateKeyEntry w10 = w(str);
        if (w10 == null) {
            return null;
        }
        return (X509Certificate[]) w10.getCertificateChain();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return p(s(str), principalArr, null, false);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        KeyStore.PrivateKeyEntry w10 = w(str);
        if (w10 == null) {
            return null;
        }
        return w10.getPrivateKey();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return p(s(str), principalArr, null, true);
    }
}
