package com.icbc.api.internal.apache.http.k;

import com.icbc.api.internal.apache.http.util.Args;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509TrustManager;

/* compiled from: SSLContextBuilder.java */
/* loaded from: input_file:com/icbc/api/internal/apache/http/k/c.class */
public class c {
    static final String fK = "TLS";
    private String protocol;
    private final Set<KeyManager> fT = new LinkedHashSet();
    private final Set<TrustManager> fU = new LinkedHashSet();
    private SecureRandom secureRandom;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SSLContextBuilder.java */
    /* loaded from: input_file:com/icbc/api/internal/apache/http/k/c$a.class */
    public static class a extends X509ExtendedKeyManager {
        private final X509ExtendedKeyManager Ap;
        private final com.icbc.api.internal.apache.http.k.b Aq;

        a(X509ExtendedKeyManager x509ExtendedKeyManager, com.icbc.api.internal.apache.http.k.b bVar) {
            this.Ap = x509ExtendedKeyManager;
            this.Aq = bVar;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.Ap.getClientAliases(str, principalArr);
        }

        public Map<String, com.icbc.api.internal.apache.http.k.a> a(String[] strArr, Principal[] principalArr) {
            HashMap hashMap = new HashMap();
            for (String str : strArr) {
                String[] clientAliases = this.Ap.getClientAliases(str, principalArr);
                if (clientAliases != null) {
                    for (String str2 : clientAliases) {
                        hashMap.put(str2, new com.icbc.api.internal.apache.http.k.a(str, this.Ap.getCertificateChain(str2)));
                    }
                }
            }
            return hashMap;
        }

        public Map<String, com.icbc.api.internal.apache.http.k.a> a(String str, Principal[] principalArr) {
            HashMap hashMap = new HashMap();
            String[] serverAliases = this.Ap.getServerAliases(str, principalArr);
            if (serverAliases != null) {
                for (String str2 : serverAliases) {
                    hashMap.put(str2, new com.icbc.api.internal.apache.http.k.a(str, this.Ap.getCertificateChain(str2)));
                }
            }
            return hashMap;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.Aq.a(a(strArr, principalArr), socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.Ap.getServerAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return this.Aq.a(a(str, principalArr), socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.Ap.getCertificateChain(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.Ap.getPrivateKey(str);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
            return this.Aq.a(a(strArr, principalArr), null);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
            return this.Aq.a(a(str, principalArr), null);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SSLContextBuilder.java */
    /* loaded from: input_file:com/icbc/api/internal/apache/http/k/c$b.class */
    public static class b implements X509TrustManager {
        private final X509TrustManager fX;
        private final f Ar;

        b(X509TrustManager x509TrustManager, f fVar) {
            this.fX = x509TrustManager;
            this.Ar = fVar;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.fX.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.Ar.a(x509CertificateArr, str)) {
                return;
            }
            this.fX.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.fX.getAcceptedIssuers();
        }
    }

    public static c mG() {
        return new c();
    }

    public c ca(String str) {
        this.protocol = str;
        return this;
    }

    public c b(SecureRandom secureRandom) {
        this.secureRandom = secureRandom;
        return this;
    }

    public c a(KeyStore keyStore, f fVar) throws NoSuchAlgorithmException, KeyStoreException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers != null) {
            if (fVar != null) {
                for (int i = 0; i < trustManagers.length; i++) {
                    TrustManager trustManager = trustManagers[i];
                    if (trustManager instanceof X509TrustManager) {
                        trustManagers[i] = new b((X509TrustManager) trustManager, fVar);
                    }
                }
            }
            for (TrustManager trustManager2 : trustManagers) {
                this.fU.add(trustManager2);
            }
        }
        return this;
    }

    public c a(f fVar) throws NoSuchAlgorithmException, KeyStoreException {
        return a((KeyStore) null, fVar);
    }

    public c a(File file, char[] cArr, f fVar) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        Args.notNull(file, "Truststore file");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            keyStore.load(fileInputStream, cArr);
            fileInputStream.close();
            return a(keyStore, fVar);
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    public c a(File file, char[] cArr) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        return a(file, cArr, (f) null);
    }

    public c c(File file) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        return a(file, (char[]) null);
    }

    public c a(URL url, char[] cArr, f fVar) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        Args.notNull(url, "Truststore URL");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        InputStream openStream = url.openStream();
        try {
            keyStore.load(openStream, cArr);
            openStream.close();
            return a(keyStore, fVar);
        } catch (Throwable th) {
            openStream.close();
            throw th;
        }
    }

    public c a(URL url, char[] cArr) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        return a(url, cArr, (f) null);
    }

    public c a(KeyStore keyStore, char[] cArr, com.icbc.api.internal.apache.http.k.b bVar) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, cArr);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (keyManagers != null) {
            if (bVar != null) {
                for (int i = 0; i < keyManagers.length; i++) {
                    KeyManager keyManager = keyManagers[i];
                    if (keyManager instanceof X509ExtendedKeyManager) {
                        keyManagers[i] = new a((X509ExtendedKeyManager) keyManager, bVar);
                    }
                }
            }
            for (KeyManager keyManager2 : keyManagers) {
                this.fT.add(keyManager2);
            }
        }
        return this;
    }

    public c b(KeyStore keyStore, char[] cArr) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
        return a(keyStore, cArr, (com.icbc.api.internal.apache.http.k.b) null);
    }

    public c a(File file, char[] cArr, char[] cArr2, com.icbc.api.internal.apache.http.k.b bVar) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException {
        Args.notNull(file, "Keystore file");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            keyStore.load(fileInputStream, cArr);
            fileInputStream.close();
            return a(keyStore, cArr2, bVar);
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    public c a(File file, char[] cArr, char[] cArr2) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException {
        return a(file, cArr, cArr2, (com.icbc.api.internal.apache.http.k.b) null);
    }

    public c a(URL url, char[] cArr, char[] cArr2, com.icbc.api.internal.apache.http.k.b bVar) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException {
        Args.notNull(url, "Keystore URL");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        InputStream openStream = url.openStream();
        try {
            keyStore.load(openStream, cArr);
            openStream.close();
            return a(keyStore, cArr2, bVar);
        } catch (Throwable th) {
            openStream.close();
            throw th;
        }
    }

    public c a(URL url, char[] cArr, char[] cArr2) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException {
        return a(url, cArr, cArr2, (com.icbc.api.internal.apache.http.k.b) null);
    }

    protected void a(SSLContext sSLContext, Collection<KeyManager> collection, Collection<TrustManager> collection2, SecureRandom secureRandom) throws KeyManagementException {
        sSLContext.init(!collection.isEmpty() ? (KeyManager[]) collection.toArray(new KeyManager[collection.size()]) : null, !collection2.isEmpty() ? (TrustManager[]) collection2.toArray(new TrustManager[collection2.size()]) : null, secureRandom);
    }

    /* renamed from: do, reason: not valid java name */
    public SSLContext m134do() throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance(this.protocol != null ? this.protocol : "TLS");
        a(sSLContext, this.fT, this.fU, this.secureRandom);
        return sSLContext;
    }
}
