package io.netty.handler.ssl;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufInputStream;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.File;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes.dex */
public final class OpenSslClientContext extends OpenSslContext {
    private static final InternalLogger logger = InternalLoggerFactory.getInstance((Class<?>) OpenSslClientContext.class);
    private final OpenSslSessionContext sessionContext;

    /* loaded from: classes.dex */
    private static final class OpenSslClientSessionContext extends OpenSslSessionContext {
        private OpenSslClientSessionContext(long j) {
            super(j);
        }

        @Override // javax.net.ssl.SSLSessionContext
        public int getSessionCacheSize() {
            return 0;
        }

        @Override // javax.net.ssl.SSLSessionContext
        public int getSessionTimeout() {
            return 0;
        }

        @Override // io.netty.handler.ssl.OpenSslSessionContext
        public boolean isSessionCacheEnabled() {
            return false;
        }

        @Override // io.netty.handler.ssl.OpenSslSessionContext
        public void setSessionCacheEnabled(boolean z) {
        }

        @Override // javax.net.ssl.SSLSessionContext
        public void setSessionCacheSize(int i) {
            if (i < 0) {
                throw new IllegalArgumentException();
            }
        }

        @Override // javax.net.ssl.SSLSessionContext
        public void setSessionTimeout(int i) {
            if (i < 0) {
                throw new IllegalArgumentException();
            }
        }
    }

    public OpenSslClientContext() throws SSLException {
        this(null, null, null, null, 0L, 0L);
    }

    public OpenSslClientContext(File file) throws SSLException {
        this(file, null);
    }

    public OpenSslClientContext(File file, TrustManagerFactory trustManagerFactory) throws SSLException {
        this(file, trustManagerFactory, null, null, 0L, 0L);
    }

    /* JADX WARN: Removed duplicated region for block: B:44:0x00c9  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public OpenSslClientContext(java.io.File r12, javax.net.ssl.TrustManagerFactory r13, java.lang.Iterable<java.lang.String> r14, io.netty.handler.ssl.ApplicationProtocolConfig r15, long r16, long r18) throws javax.net.ssl.SSLException {
        /*
            r11 = this;
            r9 = r11
            r10 = r12
            r8 = 0
            r1 = r11
            r2 = r14
            r3 = r15
            r4 = r16
            r6 = r18
            r1.<init>(r2, r3, r4, r6, r8)
            r1 = 0
            if (r10 == 0) goto L2e
            boolean r0 = r12.isFile()     // Catch: java.lang.Throwable -> Lc5
            if (r0 == 0) goto L17
            goto L2e
        L17:
            java.lang.IllegalArgumentException r0 = new java.lang.IllegalArgumentException     // Catch: java.lang.Throwable -> Lc5
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> Lc5
            r2.<init>()     // Catch: java.lang.Throwable -> Lc5
            java.lang.String r3 = "certChainFile is not a file: "
            r2.append(r3)     // Catch: java.lang.Throwable -> Lc5
            r2.append(r12)     // Catch: java.lang.Throwable -> Lc5
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> Lc5
            r0.<init>(r2)     // Catch: java.lang.Throwable -> Lc5
            throw r0     // Catch: java.lang.Throwable -> Lc5
        L2e:
            java.lang.Class<io.netty.handler.ssl.OpenSslContext> r2 = io.netty.handler.ssl.OpenSslContext.class
            monitor-enter(r2)     // Catch: java.lang.Throwable -> Lc5
            if (r10 == 0) goto L74
            long r3 = r9.ctx     // Catch: java.lang.Throwable -> Lbd
            java.lang.String r0 = r12.getPath()     // Catch: java.lang.Throwable -> Lbd
            r5 = 1
            boolean r0 = org.apache.tomcat.jni.SSLContext.setCertificateChainFile(r3, r0, r5)     // Catch: java.lang.Throwable -> Lbd
            if (r0 != 0) goto L74
            int r0 = org.apache.tomcat.jni.SSL.getLastErrorNumber()     // Catch: java.lang.Throwable -> Lbd
            long r3 = (long) r0     // Catch: java.lang.Throwable -> Lbd
            boolean r0 = io.netty.handler.ssl.OpenSsl.isError(r3)     // Catch: java.lang.Throwable -> Lbd
            if (r0 != 0) goto L4c
            goto L74
        L4c:
            javax.net.ssl.SSLException r0 = new javax.net.ssl.SSLException     // Catch: java.lang.Throwable -> Lbd
            java.lang.StringBuilder r5 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> Lbd
            r5.<init>()     // Catch: java.lang.Throwable -> Lbd
            java.lang.String r6 = "failed to set certificate chain: "
            r5.append(r6)     // Catch: java.lang.Throwable -> Lbd
            r5.append(r12)     // Catch: java.lang.Throwable -> Lbd
            java.lang.String r6 = " ("
            r5.append(r6)     // Catch: java.lang.Throwable -> Lbd
            java.lang.String r6 = org.apache.tomcat.jni.SSL.getErrorString(r3)     // Catch: java.lang.Throwable -> Lbd
            r5.append(r6)     // Catch: java.lang.Throwable -> Lbd
            r6 = 41
            r5.append(r6)     // Catch: java.lang.Throwable -> Lbd
            java.lang.String r5 = r5.toString()     // Catch: java.lang.Throwable -> Lbd
            r0.<init>(r5)     // Catch: java.lang.Throwable -> Lbd
            throw r0     // Catch: java.lang.Throwable -> Lbd
        L74:
            long r3 = r9.ctx     // Catch: java.lang.Throwable -> Lbd
            r0 = 0
            r5 = 10
            org.apache.tomcat.jni.SSLContext.setVerify(r3, r0, r5)     // Catch: java.lang.Throwable -> Lbd
            if (r13 != 0) goto L8b
            java.lang.String r0 = javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm()     // Catch: java.lang.Exception -> L88 java.lang.Throwable -> Lbd
            javax.net.ssl.TrustManagerFactory r0 = javax.net.ssl.TrustManagerFactory.getInstance(r0)     // Catch: java.lang.Exception -> L88 java.lang.Throwable -> Lbd
            r3 = r0
            goto L8c
        L88:
            r0 = move-exception
            r3 = r13
            goto Lb5
        L8b:
            r3 = r13
        L8c:
            initTrustManagerFactory(r12, r3)     // Catch: java.lang.Exception -> Lb4 java.lang.Throwable -> Lc3
            javax.net.ssl.TrustManager[] r0 = r3.getTrustManagers()     // Catch: java.lang.Exception -> Lb4 java.lang.Throwable -> Lc3
            javax.net.ssl.X509TrustManager r0 = chooseTrustManager(r0)     // Catch: java.lang.Exception -> Lb4 java.lang.Throwable -> Lc3
            long r4 = r9.ctx     // Catch: java.lang.Exception -> Lb4 java.lang.Throwable -> Lc3
            io.netty.handler.ssl.OpenSslClientContext$1 r6 = new io.netty.handler.ssl.OpenSslClientContext$1     // Catch: java.lang.Exception -> Lb4 java.lang.Throwable -> Lc3
            r6.<init>()     // Catch: java.lang.Exception -> Lb4 java.lang.Throwable -> Lc3
            org.apache.tomcat.jni.SSLContext.setCertVerifyCallback(r4, r6)     // Catch: java.lang.Exception -> Lb4 java.lang.Throwable -> Lc3
            monitor-exit(r2)     // Catch: java.lang.Throwable -> Lc3
            io.netty.handler.ssl.OpenSslClientContext$OpenSslClientSessionContext r0 = new io.netty.handler.ssl.OpenSslClientContext$OpenSslClientSessionContext     // Catch: java.lang.Throwable -> Lc1
            long r4 = r9.ctx     // Catch: java.lang.Throwable -> Lc1
            r2 = 0
            r0.<init>(r4)     // Catch: java.lang.Throwable -> Lc1
            r9.sessionContext = r0     // Catch: java.lang.Throwable -> Lc1
            r0 = 1
            if (r0 != 0) goto Lb3
            r11.destroyPools()
        Lb3:
            return
        Lb4:
            r0 = move-exception
        Lb5:
            javax.net.ssl.SSLException r4 = new javax.net.ssl.SSLException     // Catch: java.lang.Throwable -> Lc3
            java.lang.String r5 = "unable to setup trustmanager"
            r4.<init>(r5, r0)     // Catch: java.lang.Throwable -> Lc3
            throw r4     // Catch: java.lang.Throwable -> Lc3
        Lbd:
            r0 = move-exception
            r3 = r13
        Lbf:
            monitor-exit(r2)     // Catch: java.lang.Throwable -> Lc3
            throw r0     // Catch: java.lang.Throwable -> Lc1
        Lc1:
            r0 = move-exception
            goto Lc7
        Lc3:
            r0 = move-exception
            goto Lbf
        Lc5:
            r0 = move-exception
            r3 = r13
        Lc7:
            if (r1 != 0) goto Lcc
            r11.destroyPools()
        Lcc:
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: io.netty.handler.ssl.OpenSslClientContext.<init>(java.io.File, javax.net.ssl.TrustManagerFactory, java.lang.Iterable, io.netty.handler.ssl.ApplicationProtocolConfig, long, long):void");
    }

    public OpenSslClientContext(TrustManagerFactory trustManagerFactory) throws SSLException {
        this(null, trustManagerFactory);
    }

    private static void initTrustManagerFactory(File file, TrustManagerFactory trustManagerFactory) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        if (file != null) {
            ByteBuf[] readCertificates = PemReader.readCertificates(file);
            try {
                for (ByteBuf byteBuf : readCertificates) {
                    X509Certificate x509Certificate = (X509Certificate) X509_CERT_FACTORY.generateCertificate(new ByteBufInputStream(byteBuf));
                    keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName("RFC2253"), x509Certificate);
                }
            } finally {
                for (ByteBuf byteBuf2 : readCertificates) {
                    byteBuf2.release();
                }
            }
        }
        trustManagerFactory.init(keyStore);
    }

    @Override // io.netty.handler.ssl.OpenSslContext, io.netty.handler.ssl.SslContext
    public OpenSslSessionContext sessionContext() {
        return this.sessionContext;
    }
}
