package org.bouncycastle.jsse.provider;

import com.google.android.gms.common.api.Api;
import java.net.Socket;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import org.bouncycastle.tls.h3;

/* loaded from: classes3.dex */
public class o1 extends org.bouncycastle.jsse.j {
    public static final Logger d = Logger.getLogger(o1.class.getName());
    public static final Map e = r();
    public static final Map f = s();
    public final boolean a;
    public final org.bouncycastle.jcajce.util.b b;
    public final Map c;

    /* loaded from: classes3.dex */
    public static class a {
        public final String a;
        public final PrivateKey b;
        public final X509Certificate[] c;

        public a(String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
            this.a = str;
            this.b = privateKey;
            this.c = x509CertificateArr;
        }
    }

    /* loaded from: classes3.dex */
    public static final class b implements e {
        public final String a;
        public final Class b;
        public final int c;

        public b(String str, Class cls, int i) {
            this.a = str;
            this.b = cls;
            this.c = i;
        }

        @Override // org.bouncycastle.jsse.provider.o1.e
        public boolean a(PublicKey publicKey, boolean[] zArr, org.bouncycastle.jsse.java.security.a aVar) {
            return b(publicKey) && i0.q(publicKey, zArr, this.c, aVar);
        }

        public final boolean b(PublicKey publicKey) {
            Class cls;
            String str = this.a;
            return (str != null && str.equalsIgnoreCase(a0.G(publicKey))) || ((cls = this.b) != null && cls.isInstance(publicKey));
        }
    }

    /* loaded from: classes3.dex */
    public static final class c implements e {
        public final org.bouncycastle.asn1.u a;

        public c(org.bouncycastle.asn1.u uVar) {
            this.a = uVar;
        }

        @Override // org.bouncycastle.jsse.provider.o1.e
        public boolean a(PublicKey publicKey, boolean[] zArr, org.bouncycastle.jsse.java.security.a aVar) {
            return b(publicKey) && i0.q(publicKey, zArr, 0, aVar);
        }

        public final boolean b(PublicKey publicKey) {
            if ("EC".equalsIgnoreCase(a0.G(publicKey)) || ECPublicKey.class.isInstance(publicKey)) {
                return this.a.o(a0.C(publicKey));
            }
            return false;
        }
    }

    /* loaded from: classes3.dex */
    public static final class d implements Comparable {
        public static final a e = a.MISMATCH_SNI;
        public static final d f = new d(a.NONE, Api.BaseClientBuilder.API_PRIORITY_OTHER, null);
        public final a b;
        public final int c;
        public final a d;

        /* loaded from: classes3.dex */
        public enum a {
            OK,
            RSA_MULTI_USE,
            MISMATCH_SNI,
            EXPIRED,
            NONE
        }

        public d(a aVar, int i, a aVar2) {
            this.b = aVar;
            this.c = i;
            this.d = aVar2;
        }

        @Override // java.lang.Comparable
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public int compareTo(d dVar) {
            int compare = Boolean.compare(dVar.c(), c());
            if (compare != 0) {
                return compare;
            }
            int compare2 = Integer.compare(this.c, dVar.c);
            return compare2 == 0 ? this.b.compareTo(dVar.b) : compare2;
        }

        public boolean b() {
            return a.OK == this.b && this.c == 0;
        }

        public boolean c() {
            return this.b.compareTo(e) < 0;
        }
    }

    /* loaded from: classes3.dex */
    public interface e {
        boolean a(PublicKey publicKey, boolean[] zArr, org.bouncycastle.jsse.java.security.a aVar);
    }

    public o1(boolean z, org.bouncycastle.jcajce.util.b bVar, KeyStore keyStore, char[] cArr) {
        this.a = z;
        this.b = bVar;
        this.c = I(keyStore, cArr);
    }

    public static List A(String... strArr) {
        if (strArr == null || strArr.length <= 0) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            if (str == null) {
                throw new IllegalArgumentException("Key types cannot be null");
            }
            if (!arrayList.contains(str)) {
                arrayList.add(str);
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    public static String[] B(int... iArr) {
        int length = iArr.length;
        String[] strArr = new String[length];
        for (int i = 0; i < length; i++) {
            strArr[i] = a0.z(iArr[i]);
        }
        return strArr;
    }

    public static String D(w1 w1Var, boolean z) {
        org.bouncycastle.jsse.b e2;
        org.bouncycastle.jsse.c H;
        if (w1Var == null || !z || (e2 = w1Var.e()) == null || (H = a0.H(e2.f())) == null) {
            return null;
        }
        return H.c();
    }

    public static int E(X509Certificate x509Certificate, List list, int i, org.bouncycastle.jsse.java.security.a aVar, boolean z) {
        Map map = z ? f : e;
        PublicKey publicKey = x509Certificate.getPublicKey();
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        for (int i2 = 0; i2 < i; i2++) {
            e eVar = (e) map.get((String) list.get(i2));
            if (eVar != null && eVar.a(publicKey, keyUsage, aVar)) {
                return i2;
            }
        }
        return -1;
    }

    public static Set F(Principal[] principalArr) {
        if (principalArr == null) {
            return null;
        }
        if (principalArr.length > 0) {
            HashSet hashSet = new HashSet();
            for (Principal principal : principalArr) {
                if (principal != null) {
                    hashSet.add(principal);
                }
            }
            if (!hashSet.isEmpty()) {
                return Collections.unmodifiableSet(hashSet);
            }
        }
        return Collections.emptySet();
    }

    public static boolean H(X509Certificate[] x509CertificateArr, Set set) {
        if (set == null || set.isEmpty()) {
            return true;
        }
        int length = x509CertificateArr.length;
        do {
            length--;
            if (length < 0) {
                X509Certificate x509Certificate = x509CertificateArr[0];
                return x509Certificate.getBasicConstraints() >= 0 && set.contains(x509Certificate.getSubjectX500Principal());
            }
        } while (!set.contains(x509CertificateArr[length].getIssuerX500Principal()));
        return true;
    }

    public static Map I(KeyStore keyStore, char[] cArr) {
        PrivateKey privateKey;
        HashMap hashMap = new HashMap(4);
        if (keyStore != null) {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.entryInstanceOf(nextElement, KeyStore.PrivateKeyEntry.class) && (privateKey = (PrivateKey) keyStore.getKey(nextElement, cArr)) != null) {
                    X509Certificate[] P = a0.P(keyStore.getCertificateChain(nextElement));
                    if (!h3.n1(P)) {
                        hashMap.put(nextElement, new a(nextElement, privateKey, P));
                    }
                }
            }
        }
        return Collections.unmodifiableMap(hashMap);
    }

    public static void f(Map map, int i) {
        org.bouncycastle.asn1.u a2;
        if (!org.bouncycastle.tls.p0.a(i, org.bouncycastle.tls.v0.g)) {
            throw new IllegalStateException("Invalid named group for TLS 1.3 EC filter");
        }
        String c2 = org.bouncycastle.tls.p0.c(i);
        if (c2 != null && (a2 = org.bouncycastle.asn1.x9.a.a(c2)) != null) {
            n(map, a0.x("EC", i), new c(a2));
            return;
        }
        d.warning("Failed to register public key filter for EC with " + org.bouncycastle.tls.p0.h(i));
    }

    public static void g(Map map, int i, String str, Class cls, String... strArr) {
        b bVar = new b(str, cls, i);
        for (String str2 : strArr) {
            n(map, str2, bVar);
        }
    }

    public static void h(Map map, Class cls, String... strArr) {
        g(map, 0, null, cls, strArr);
    }

    public static void i(Map map, String str) {
        g(map, 0, str, null, str);
    }

    public static void j(Map map, int i, String str, Class cls, int... iArr) {
        g(map, i, str, cls, B(iArr));
    }

    public static void k(Map map, int i, String str, int... iArr) {
        j(map, i, str, null, iArr);
    }

    public static void l(Map map, Class cls, int... iArr) {
        j(map, 0, null, cls, iArr);
    }

    public static void m(Map map, String str, int... iArr) {
        k(map, 0, str, iArr);
    }

    public static void n(Map map, String str, e eVar) {
        if (map.put(str, eVar) != null) {
            throw new IllegalStateException("Duplicate keys in filters");
        }
    }

    public static List o(List list, d dVar) {
        if (list == null) {
            list = new ArrayList();
        }
        list.add(dVar);
        return list;
    }

    public static Map r() {
        HashMap hashMap = new HashMap();
        i(hashMap, "Ed25519");
        i(hashMap, "Ed448");
        f(hashMap, 31);
        f(hashMap, 32);
        f(hashMap, 33);
        f(hashMap, 23);
        f(hashMap, 24);
        f(hashMap, 25);
        i(hashMap, "RSA");
        i(hashMap, "RSASSA-PSS");
        h(hashMap, DSAPublicKey.class, "DSA");
        h(hashMap, ECPublicKey.class, "EC");
        return Collections.unmodifiableMap(hashMap);
    }

    public static Map s() {
        HashMap hashMap = new HashMap();
        i(hashMap, "Ed25519");
        i(hashMap, "Ed448");
        f(hashMap, 31);
        f(hashMap, 32);
        f(hashMap, 33);
        f(hashMap, 23);
        f(hashMap, 24);
        f(hashMap, 25);
        i(hashMap, "RSA");
        i(hashMap, "RSASSA-PSS");
        l(hashMap, DSAPublicKey.class, 3, 22);
        l(hashMap, ECPublicKey.class, 17);
        m(hashMap, "RSA", 5, 19, 23);
        k(hashMap, 2, "RSA", 1);
        return Collections.unmodifiableMap(hashMap);
    }

    public static String u(d dVar) {
        return dVar.d.a;
    }

    public static String[] v(List list) {
        String[] strArr = new String[list.size()];
        Iterator it = list.iterator();
        int i = 0;
        while (it.hasNext()) {
            strArr[i] = u((d) it.next());
            i++;
        }
        return strArr;
    }

    public static d.a y(X509Certificate x509Certificate, Date date, String str) {
        try {
            x509Certificate.checkValidity(date);
            if (str != null) {
                try {
                    p1.i(str, x509Certificate, "HTTPS");
                } catch (CertificateException unused) {
                    return d.a.MISMATCH_SNI;
                }
            }
            if ("RSA".equalsIgnoreCase(a0.G(x509Certificate.getPublicKey()))) {
                boolean[] keyUsage = x509Certificate.getKeyUsage();
                if (i0.u(keyUsage, 0) && i0.u(keyUsage, 2)) {
                    return d.a.RSA_MULTI_USE;
                }
            }
            return d.a.OK;
        } catch (CertificateException unused2) {
            return d.a.EXPIRED;
        }
    }

    public final d C(a aVar, List list, int i, Set set, org.bouncycastle.jsse.java.security.a aVar2, boolean z, Date date, String str) {
        int E;
        X509Certificate[] x509CertificateArr = aVar.c;
        if (!h3.n1(x509CertificateArr) && H(x509CertificateArr, set) && (E = E(x509CertificateArr[0], list, i, aVar2, z)) >= 0) {
            String str2 = (String) list.get(E);
            Logger logger = d;
            logger.finer("EE cert potentially usable for key type: " + str2);
            if (G(x509CertificateArr, aVar2, z)) {
                return new d(y(x509CertificateArr[0], date, str), E, aVar);
            }
            logger.finer("Unsuitable chain for key type: " + str2);
        }
        return d.f;
    }

    public final boolean G(X509Certificate[] x509CertificateArr, org.bouncycastle.jsse.java.security.a aVar, boolean z) {
        try {
            i0.d(this.a, this.b, aVar, Collections.emptySet(), x509CertificateArr, n1.F(z), -1);
            return true;
        } catch (CertPathValidatorException e2) {
            d.log(Level.FINEST, "Certificate chain check failed", (Throwable) e2);
            return false;
        }
    }

    @Override // org.bouncycastle.jsse.j
    public org.bouncycastle.jsse.l a(String[] strArr, Principal[] principalArr, Socket socket) {
        return q(A(strArr), principalArr, w1.a(socket), false);
    }

    @Override // org.bouncycastle.jsse.j
    public org.bouncycastle.jsse.l b(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return q(A(strArr), principalArr, w1.b(sSLEngine), false);
    }

    @Override // org.bouncycastle.jsse.j
    public org.bouncycastle.jsse.l c(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return q(A(strArr), principalArr, w1.b(sSLEngine), true);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return p(A(strArr), principalArr, w1.a(socket), false);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return p(A(strArr), principalArr, w1.b(sSLEngine), false);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        return p(A(str), principalArr, w1.b(sSLEngine), true);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return p(A(str), principalArr, w1.a(socket), true);
    }

    @Override // org.bouncycastle.jsse.j
    public org.bouncycastle.jsse.l d(String[] strArr, Principal[] principalArr, Socket socket) {
        return q(A(strArr), principalArr, w1.a(socket), true);
    }

    @Override // org.bouncycastle.jsse.j
    public org.bouncycastle.jsse.l e(String str, String str2) {
        return t(str, z(str2));
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        a z = z(str);
        if (z == null) {
            return null;
        }
        return (X509Certificate[]) z.c.clone();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return w(A(str), principalArr, null, false);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        a z = z(str);
        if (z == null) {
            return null;
        }
        return z.b;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return w(A(str), principalArr, null, true);
    }

    public final String p(List list, Principal[] principalArr, w1 w1Var, boolean z) {
        d x = x(list, principalArr, w1Var, z);
        if (x.compareTo(d.f) >= 0) {
            d.fine("No matching key found");
            return null;
        }
        String str = (String) list.get(x.c);
        String u = u(x);
        Logger logger = d;
        if (logger.isLoggable(Level.FINE)) {
            logger.fine("Found matching key of type: " + str + ", returning alias: " + u);
        }
        return u;
    }

    public final org.bouncycastle.jsse.l q(List list, Principal[] principalArr, w1 w1Var, boolean z) {
        String str;
        org.bouncycastle.jsse.l t;
        d x = x(list, principalArr, w1Var, z);
        if (x.compareTo(d.f) >= 0 || (t = t((str = (String) list.get(x.c)), x.d)) == null) {
            d.fine("No matching key found");
            return null;
        }
        Logger logger = d;
        if (logger.isLoggable(Level.FINE)) {
            logger.fine("Found matching key of type: " + str + ", from alias: " + u(x));
        }
        return t;
    }

    public final org.bouncycastle.jsse.l t(String str, a aVar) {
        if (aVar == null) {
            return null;
        }
        return new m1(str, aVar.b, aVar.c);
    }

    public final String[] w(List list, Principal[] principalArr, w1 w1Var, boolean z) {
        if (this.c.isEmpty() || list.isEmpty()) {
            return null;
        }
        int size = list.size();
        Set F = F(principalArr);
        org.bouncycastle.jsse.java.security.a c2 = w1.c(w1Var, true);
        Date date = new Date();
        String D = D(w1Var, z);
        Iterator it = this.c.values().iterator();
        List list2 = null;
        while (it.hasNext()) {
            List list3 = list2;
            d C = C((a) it.next(), list, size, F, c2, z, date, D);
            list2 = C.compareTo(d.f) < 0 ? o(list3, C) : list3;
        }
        List list4 = list2;
        if (list4 == null || list4.isEmpty()) {
            return null;
        }
        Collections.sort(list4);
        return v(list4);
    }

    public final d x(List list, Principal[] principalArr, w1 w1Var, boolean z) {
        boolean z2;
        d dVar = d.f;
        if (this.c.isEmpty() || list.isEmpty()) {
            return dVar;
        }
        int size = list.size();
        Set F = F(principalArr);
        org.bouncycastle.jsse.java.security.a c2 = w1.c(w1Var, true);
        Date date = new Date();
        String D = D(w1Var, z);
        Iterator it = this.c.values().iterator();
        d dVar2 = dVar;
        int i = size;
        while (it.hasNext()) {
            int i2 = i;
            d dVar3 = dVar2;
            dVar2 = C((a) it.next(), list, i, F, c2, z, date, D);
            if (dVar2.compareTo(dVar3) >= 0) {
                z2 = true;
                i = i2;
                dVar2 = dVar3;
            } else {
                if (dVar2.b()) {
                    return dVar2;
                }
                if (dVar2.c()) {
                    z2 = true;
                    i = Math.min(i2, dVar2.c + 1);
                } else {
                    z2 = true;
                    i = i2;
                }
            }
        }
        return dVar2;
    }

    public final a z(String str) {
        if (str == null) {
            return null;
        }
        return (a) this.c.get(str);
    }
}
