package qe;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.x500.X500Principal;
import qe.b;
import se.u;
import se.v;

/* loaded from: classes2.dex */
public class a implements X509KeyManager {

    /* renamed from: c, reason: collision with root package name */
    private String f28674c;

    /* renamed from: d, reason: collision with root package name */
    private String f28675d;

    /* renamed from: e, reason: collision with root package name */
    private CallbackHandler f28676e;

    /* renamed from: f, reason: collision with root package name */
    private boolean f28677f;

    /* renamed from: a, reason: collision with root package name */
    private X509Certificate[] f28672a = null;

    /* renamed from: b, reason: collision with root package name */
    private PrivateKey f28673b = null;

    /* renamed from: g, reason: collision with root package name */
    private u f28678g = null;

    public a(String str, String str2, CallbackHandler callbackHandler, boolean z10) {
        this.f28674c = str;
        this.f28675d = str2;
        this.f28676e = callbackHandler;
        this.f28677f = z10;
    }

    private static byte[] a(String str) {
        RandomAccessFile randomAccessFile = new RandomAccessFile(str, "r");
        try {
            byte[] bArr = new byte[(int) randomAccessFile.length()];
            randomAccessFile.readFully(bArr);
            return bArr;
        } finally {
            randomAccessFile.close();
        }
    }

    public void b() {
        u uVar = this.f28678g;
        if (uVar != null) {
            throw uVar;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        if (this.f28674c == null) {
            return null;
        }
        if (principalArr == null || principalArr.length == 0) {
            return "user";
        }
        X509Certificate[] certificateChain = getCertificateChain("user");
        if (certificateChain == null) {
            return null;
        }
        X500Principal issuerX500Principal = certificateChain[certificateChain.length - 1].getIssuerX500Principal();
        boolean z10 = false;
        for (Principal principal : principalArr) {
            if (issuerX500Principal.equals(principal)) {
                z10 = true;
            }
        }
        if (z10) {
            return "user";
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        if (this.f28672a == null && this.f28674c != null) {
            try {
                try {
                    this.f28672a = (X509Certificate[]) CertificateFactory.getInstance("X.509").generateCertificates(new FileInputStream(this.f28674c)).toArray(new X509Certificate[0]);
                } catch (FileNotFoundException e10) {
                    if (!this.f28677f) {
                        this.f28678g = new u(se.d.a("Could not open SSL certificate file {0}.", this.f28674c), v.CONNECTION_FAILURE, e10);
                    }
                    return null;
                } catch (CertificateException e11) {
                    this.f28678g = new u(se.d.a("Loading the SSL certificate {0} into a KeyManager failed.", this.f28674c), v.CONNECTION_FAILURE, e11);
                    return null;
                }
            } catch (CertificateException e12) {
                this.f28678g = new u(se.d.a("Could not find a java cryptographic algorithm: X.509 CertificateFactory not available.", new Object[0]), v.CONNECTION_FAILURE, e12);
                return null;
            }
        }
        return this.f28672a;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        String chooseClientAlias = chooseClientAlias(new String[]{str}, principalArr, null);
        return chooseClientAlias == null ? new String[0] : new String[]{chooseClientAlias};
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        try {
            try {
                if (this.f28673b == null && this.f28675d != null) {
                    if (this.f28672a == null && getCertificateChain("user") == null) {
                        return null;
                    }
                    try {
                        byte[] a10 = a(this.f28675d);
                        KeyFactory keyFactory = KeyFactory.getInstance(this.f28672a[0].getPublicKey().getAlgorithm());
                        try {
                            this.f28673b = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(a10));
                        } catch (InvalidKeySpecException unused) {
                            EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(a10);
                            try {
                                Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
                                PasswordCallback passwordCallback = new PasswordCallback(se.d.a("Enter SSL password: ", new Object[0]), false);
                                try {
                                    this.f28676e.handle(new Callback[]{passwordCallback});
                                    try {
                                        PBEKeySpec pBEKeySpec = new PBEKeySpec(passwordCallback.getPassword());
                                        passwordCallback.clearPassword();
                                        cipher.init(2, SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(pBEKeySpec), encryptedPrivateKeyInfo.getAlgParameters());
                                        this.f28673b = keyFactory.generatePrivate(encryptedPrivateKeyInfo.getKeySpec(cipher));
                                    } catch (GeneralSecurityException e10) {
                                        this.f28678g = new u(se.d.a("Could not decrypt SSL key file {0}.", this.f28675d), v.CONNECTION_FAILURE, e10);
                                        return null;
                                    }
                                } catch (UnsupportedCallbackException e11) {
                                    this.f28678g = ((this.f28676e instanceof b.a) && "Console is not available".equals(e11.getMessage())) ? new u(se.d.a("Could not read password for SSL key file, console is not available.", new Object[0]), v.CONNECTION_FAILURE, e11) : new u(se.d.a("Could not read password for SSL key file by callbackhandler {0}.", this.f28676e.getClass().getName()), v.CONNECTION_FAILURE, e11);
                                    return null;
                                }
                            } catch (NoSuchPaddingException e12) {
                                throw new NoSuchAlgorithmException(e12.getMessage(), e12);
                            }
                        }
                    } catch (FileNotFoundException e13) {
                        if (this.f28677f) {
                            return null;
                        }
                        throw e13;
                    }
                }
            } catch (NoSuchAlgorithmException e14) {
                this.f28678g = new u(se.d.a("Could not find a java cryptographic algorithm: {0}.", e14.getMessage()), v.CONNECTION_FAILURE, e14);
                return null;
            }
        } catch (IOException e15) {
            this.f28678g = new u(se.d.a("Could not read SSL key file {0}.", this.f28675d), v.CONNECTION_FAILURE, e15);
        }
        return this.f28673b;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return new String[0];
    }
}
