package jlibs.core.net;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:jlibs-core-2.2.1.jar:jlibs/core/net/SSLUtil.class */
public class SSLUtil {
    private static KeyStore[] defaultKeyStore;
    private static KeyStore[] defaultTrustStore;
    public static final TrustManager[] DUMMY_TRUST_MANAGERS = {new X509TrustManager() { // from class: jlibs.core.net.SSLUtil.2
        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }
    }};
    private static SSLContext defaultContext;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jlibs-core-2.2.1.jar:jlibs/core/net/SSLUtil$AliasKeyManager.class */
    public static final class AliasKeyManager implements X509KeyManager {
        private X509KeyManager delegate;
        private String serverKeyAlias;

        public AliasKeyManager(KeyManager keyManager, String str) {
            this.delegate = (X509KeyManager) keyManager;
            this.serverKeyAlias = str;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.delegate.chooseClientAlias(strArr, principalArr, socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return SSLUtil.chooseAlias(this.delegate, this.serverKeyAlias, str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.delegate.getCertificateChain(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.delegate.getClientAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.delegate.getServerAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.delegate.getPrivateKey(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jlibs-core-2.2.1.jar:jlibs/core/net/SSLUtil$ExtendedAliasKeyManager.class */
    public static final class ExtendedAliasKeyManager extends X509ExtendedKeyManager {
        private X509ExtendedKeyManager delegate;
        private String serverKeyAlias;

        public ExtendedAliasKeyManager(KeyManager keyManager, String str) {
            this.delegate = (X509ExtendedKeyManager) keyManager;
            this.serverKeyAlias = str;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.delegate.chooseClientAlias(strArr, principalArr, socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return SSLUtil.chooseAlias(this.delegate, this.serverKeyAlias, str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.delegate.getCertificateChain(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.delegate.getClientAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.delegate.getServerAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.delegate.getPrivateKey(str);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
            return this.delegate.chooseEngineClientAlias(strArr, principalArr, sSLEngine);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
            return SSLUtil.chooseAlias(this.delegate, this.serverKeyAlias, str);
        }
    }

    public static boolean isClientHello(byte b) {
        return b == 128 || b == 22;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.security.cert.X509Certificate[], java.security.cert.X509Certificate[][]] */
    public static X509Certificate[] getX509CertificateChain(String str, int i) throws GeneralSecurityException, IOException {
        final ?? r0 = new X509Certificate[1];
        X509TrustManager x509TrustManager = new X509TrustManager() { // from class: jlibs.core.net.SSLUtil.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) {
                r0[0] = x509CertificateArr;
            }
        };
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
        SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, i);
        try {
            sSLSocket.startHandshake();
            sSLSocket.close();
            return r0[0];
        } catch (Throwable th) {
            sSLSocket.close();
            throw th;
        }
    }

    public static KeyStore newKeyStore(String str, String str2, char[] cArr) throws SSLException {
        String defaultType;
        if (str == null) {
            try {
                defaultType = KeyStore.getDefaultType();
            } catch (Exception e) {
                throw new SSLException(e);
            }
        } else {
            defaultType = str;
        }
        KeyStore keyStore = KeyStore.getInstance(defaultType);
        keyStore.load(str2 != null ? new FileInputStream(str2) : null, cArr != null ? cArr : null);
        return keyStore;
    }

    public static String getKeyStoreType() {
        return System.getProperty("javax.net.ssl.keyStoreType", "JKS");
    }

    public static String getKeyStoreLocation() {
        return System.getProperty("javax.net.ssl.keyStore");
    }

    public static char[] getKeyStorePassword() {
        String property = System.getProperty("javax.net.ssl.keyStorePassword");
        if (property != null) {
            return property.toCharArray();
        }
        return null;
    }

    public static KeyStore defaultKeyStore() throws SSLException {
        if (defaultKeyStore == null) {
            String keyStoreLocation = getKeyStoreLocation();
            if (keyStoreLocation != null) {
                defaultKeyStore = new KeyStore[]{newKeyStore(getKeyStoreType(), keyStoreLocation, getKeyStorePassword())};
            } else {
                defaultKeyStore = new KeyStore[]{null};
            }
        }
        return defaultKeyStore[0];
    }

    public static String getTrustStoreType() {
        return System.getProperty("javax.net.ssl.trustStoreType", "JKS");
    }

    public static String getTrustStoreLocation() {
        return System.getProperty("javax.net.ssl.trustStore");
    }

    public static char[] getTrustStorePassword() {
        String property = System.getProperty("javax.net.ssl.trustStorePassword");
        if (property != null) {
            return property.toCharArray();
        }
        return null;
    }

    public static KeyStore defaultTrustStore() throws SSLException {
        if (defaultTrustStore == null) {
            String trustStoreLocation = getTrustStoreLocation();
            if (trustStoreLocation != null) {
                defaultTrustStore = new KeyStore[]{newKeyStore(getTrustStoreType(), trustStoreLocation, getTrustStorePassword())};
            } else {
                defaultTrustStore = new KeyStore[]{null};
            }
        }
        return defaultTrustStore[0];
    }

    public static SSLContext newContext(KeyStore keyStore, char[] cArr, String str, KeyStore keyStore2) throws SSLException, GeneralSecurityException {
        TrustManager[] trustManagers;
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        if (keyStore2 == null) {
            trustManagers = DUMMY_TRUST_MANAGERS;
        } else {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore2);
            trustManagers = trustManagerFactory.getTrustManagers();
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, cArr);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (str != null) {
            for (int i = 0; i < keyManagers.length; i++) {
                if (keyManagers[i] instanceof X509ExtendedKeyManager) {
                    keyManagers[i] = new ExtendedAliasKeyManager(keyManagers[i], str);
                } else if (keyManagers[i] instanceof X509KeyManager) {
                    keyManagers[i] = new AliasKeyManager(keyManagers[i], str);
                }
            }
        }
        sSLContext.init(keyManagers, trustManagers, null);
        return sSLContext;
    }

    public static SSLContext defaultContext() throws SSLException, GeneralSecurityException {
        if (defaultContext == null) {
            defaultContext = newContext(defaultKeyStore(), getKeyStorePassword(), null, defaultTrustStore());
        }
        return defaultContext;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String chooseAlias(X509KeyManager x509KeyManager, String str, String str2) {
        PrivateKey privateKey = x509KeyManager.getPrivateKey(str);
        if (privateKey == null || !privateKey.getAlgorithm().equals(str2)) {
            return null;
        }
        return str;
    }
}
