package io.netty.handler.ssl;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufAllocator;
import io.netty.buffer.ByteBufInputStream;
import java.io.File;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes.dex */
public abstract class SslContext {
    static final CertificateFactory d;

    /* renamed from: io.netty.handler.ssl.SslContext$1, reason: invalid class name */
    /* loaded from: classes3.dex */
    /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] a = new int[SslProvider.values().length];

        static {
            try {
                a[SslProvider.JDK.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                a[SslProvider.OPENSSL.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    static {
        try {
            d = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e) {
            throw new IllegalStateException("unable to instance X.509 CertificateFactory", e);
        }
    }

    private static SslHandler a(SSLEngine sSLEngine) {
        return new SslHandler(sSLEngine);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore a(X509Certificate[] x509CertificateArr, PrivateKey privateKey, char[] cArr) {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        keyStore.setKeyEntry("key", privateKey, cArr, x509CertificateArr);
        return keyStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PrivateKey a(File file, String str) {
        if (file == null) {
            return null;
        }
        ByteBuf b = PemReader.b(file);
        byte[] bArr = new byte[b.g()];
        b.a(bArr).G();
        PKCS8EncodedKeySpec a = a(str != null ? str.toCharArray() : null, bArr);
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(a);
        } catch (InvalidKeySpecException e) {
            try {
                return KeyFactory.getInstance("DSA").generatePrivate(a);
            } catch (InvalidKeySpecException e2) {
                try {
                    return KeyFactory.getInstance("EC").generatePrivate(a);
                } catch (InvalidKeySpecException e3) {
                    throw new InvalidKeySpecException("Neither RSA, DSA nor EC worked", e3);
                }
            }
        }
    }

    protected static PKCS8EncodedKeySpec a(char[] cArr, byte[] bArr) {
        if (cArr == null || cArr.length == 0) {
            return new PKCS8EncodedKeySpec(bArr);
        }
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(bArr);
        SecretKey generateSecret = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(cArr));
        Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
        cipher.init(2, generateSecret, encryptedPrivateKeyInfo.getAlgParameters());
        return encryptedPrivateKeyInfo.getKeySpec(cipher);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Deprecated
    public static TrustManagerFactory a(File file, TrustManagerFactory trustManagerFactory) {
        return a(a(file), trustManagerFactory);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static TrustManagerFactory a(X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory) {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        for (X509Certificate x509Certificate : x509CertificateArr) {
            keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName("RFC2253"), x509Certificate);
        }
        if (trustManagerFactory == null) {
            trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        }
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Certificate[] a(File file) {
        if (file == null) {
            return null;
        }
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ByteBuf[] a = PemReader.a(file);
        X509Certificate[] x509CertificateArr = new X509Certificate[a.length];
        for (int i = 0; i < a.length; i++) {
            try {
                x509CertificateArr[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteBufInputStream(a[i]));
            } catch (Throwable th) {
                for (ByteBuf byteBuf : a) {
                    byteBuf.G();
                }
                throw th;
            }
        }
        for (ByteBuf byteBuf2 : a) {
            byteBuf2.G();
        }
        return x509CertificateArr;
    }

    public abstract SSLEngine a(ByteBufAllocator byteBufAllocator);

    public abstract boolean a();

    public final SslHandler b(ByteBufAllocator byteBufAllocator) {
        return a(a(byteBufAllocator));
    }

    public final boolean e() {
        return !a();
    }
}
