package org.eclipse.californium.elements.util;

import com.het.basic.utils.SystemInfoUtils;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Pattern;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import org.eclipse.californium.elements.util.Asn1DerDecoder;
import org.eclipse.paho.client.mqttv3.internal.security.SSLSocketFactoryFactory;
import org.slf4j.LoggerFactory;

/* loaded from: classes6.dex */
public class SslContextUtil {

    /* renamed from: b, reason: collision with root package name */
    public static final String f21544b = "classpath://";

    /* renamed from: c, reason: collision with root package name */
    public static final String f21545c = "#";

    /* renamed from: d, reason: collision with root package name */
    public static final String f21546d = ".jks";

    /* renamed from: e, reason: collision with root package name */
    public static final String f21547e = ".bks";
    public static final String f = ".p12";
    public static final String g = ".pem";
    public static final String h = "*";
    public static final String i = "JKS";
    public static final String j = "BKS";
    public static final String k = "PKCS12";
    public static final String l = "PEM";
    public static final String m = "TLSv1.2";
    private static final String n = "://";
    private static final String o = "californium";
    private static final KeyManager r;
    private static final TrustManager s;
    private static final boolean t;

    /* renamed from: a, reason: collision with root package name */
    public static final org.slf4j.c f21543a = LoggerFactory.i(SslContextUtil.class);
    private static final Map<String, c> p = new ConcurrentHashMap();
    private static final Map<String, b> q = new ConcurrentHashMap();

    /* loaded from: classes6.dex */
    private static class AnonymousX509ExtendedKeyManager extends X509ExtendedKeyManager {
        private AnonymousX509ExtendedKeyManager() {
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return null;
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
            return null;
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes6.dex */
    public static class ClassLoaderInputStreamFactory implements b {
        private ClassLoaderInputStreamFactory() {
        }

        @Override // org.eclipse.californium.elements.util.SslContextUtil.b
        public InputStream a(String str) throws IOException {
            InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(str.substring(12));
            if (resourceAsStream != null) {
                return resourceAsStream;
            }
            throw new IOException("'" + str + "' not found!");
        }
    }

    /* loaded from: classes6.dex */
    public static class IncompleteCredentialsException extends IllegalArgumentException {
        private static final long serialVersionUID = -53656;
        private final a incompleteCredentials;

        public IncompleteCredentialsException(a aVar) {
            this.incompleteCredentials = aVar;
        }

        public IncompleteCredentialsException(a aVar, String str) {
            super(str);
            this.incompleteCredentials = aVar;
        }

        public IncompleteCredentialsException(a aVar, String str, Throwable th) {
            super(str, th);
            this.incompleteCredentials = aVar;
        }

        public a getIncompleteCredentials() {
            return this.incompleteCredentials;
        }
    }

    /* loaded from: classes6.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        private final PrivateKey f21548a;

        /* renamed from: b, reason: collision with root package name */
        private final PublicKey f21549b;

        /* renamed from: c, reason: collision with root package name */
        private final X509Certificate[] f21550c;

        /* renamed from: d, reason: collision with root package name */
        private final Certificate[] f21551d;

        public a(PrivateKey privateKey, PublicKey publicKey, X509Certificate[] x509CertificateArr) {
            if (x509CertificateArr != null) {
                if (x509CertificateArr.length == 0) {
                    x509CertificateArr = null;
                } else if (publicKey == null) {
                    publicKey = x509CertificateArr[0].getPublicKey();
                } else if (!publicKey.equals(x509CertificateArr[0].getPublicKey())) {
                    throw new IllegalArgumentException("public key doesn't match certificate!");
                }
            }
            this.f21548a = privateKey;
            this.f21550c = x509CertificateArr;
            this.f21549b = publicKey;
            this.f21551d = null;
        }

        public a(Certificate[] certificateArr) {
            this.f21548a = null;
            this.f21549b = null;
            this.f21550c = null;
            this.f21551d = certificateArr;
        }

        public X509Certificate[] e() {
            return this.f21550c;
        }

        public List<X509Certificate> f() {
            X509Certificate[] x509CertificateArr = this.f21550c;
            if (x509CertificateArr == null) {
                return null;
            }
            return Arrays.asList(x509CertificateArr);
        }

        public PrivateKey g() {
            return this.f21548a;
        }

        public PublicKey h() {
            return this.f21549b;
        }

        public Certificate[] i() {
            return this.f21551d;
        }
    }

    /* loaded from: classes6.dex */
    public interface b {
        InputStream a(String str) throws IOException;
    }

    /* loaded from: classes6.dex */
    public static class c {

        /* renamed from: a, reason: collision with root package name */
        public final String f21552a;

        /* renamed from: b, reason: collision with root package name */
        public final d f21553b;

        public c(String str) {
            Objects.requireNonNull(str, "key store type must not be null!");
            if (str.isEmpty()) {
                throw new IllegalArgumentException("key store type must not be empty!");
            }
            this.f21552a = str;
            this.f21553b = null;
        }

        public c(d dVar) {
            Objects.requireNonNull(dVar, "simple key store must not be null!");
            this.f21552a = null;
            this.f21553b = dVar;
        }
    }

    /* loaded from: classes6.dex */
    public interface d {
        a a(InputStream inputStream) throws GeneralSecurityException, IOException;
    }

    @NotForAndroid
    /* loaded from: classes6.dex */
    private static class e extends X509ExtendedTrustManager {

        /* renamed from: a, reason: collision with root package name */
        private final X509Certificate[] f21554a;

        private e(X509Certificate[] x509CertificateArr) {
            this.f21554a = x509CertificateArr;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            f.b(this.f21554a, x509CertificateArr, true);
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
            f.b(this.f21554a, x509CertificateArr, true);
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
            f.b(this.f21554a, x509CertificateArr, true);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            f.b(this.f21554a, x509CertificateArr, false);
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
            f.b(this.f21554a, x509CertificateArr, false);
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
            f.b(this.f21554a, x509CertificateArr, false);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.f21554a;
        }
    }

    /* loaded from: classes6.dex */
    private static class f implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        private final X509Certificate[] f21555a;

        private f(X509Certificate[] x509CertificateArr) {
            this.f21555a = x509CertificateArr;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static void b(X509Certificate[] x509CertificateArr, X509Certificate[] x509CertificateArr2, boolean z) throws CertificateException {
            if (x509CertificateArr2 == null || x509CertificateArr2.length <= 0) {
                return;
            }
            org.slf4j.c cVar = SslContextUtil.f21543a;
            cVar.debug("check certificate {} for {}", x509CertificateArr2[0].getSubjectDN(), z ? "client" : "server");
            if (!CertPathUtil.a(x509CertificateArr2[0], z)) {
                cVar.debug("check certificate {} for {} failed on key-usage!", x509CertificateArr2[0].getSubjectDN(), z ? "client" : "server");
                StringBuilder sb = new StringBuilder();
                sb.append("Key usage not proper for ");
                sb.append(z ? "client" : "server");
                throw new CertificateException(sb.toString());
            }
            cVar.trace("check certificate {} for {} succeeded on key-usage!", x509CertificateArr2[0].getSubjectDN(), z ? "client" : "server");
            try {
                CertPathUtil.j(true, CertPathUtil.f(Arrays.asList(x509CertificateArr2), null), x509CertificateArr);
                Object[] objArr = new Object[3];
                objArr[0] = x509CertificateArr2[0].getSubjectDN();
                objArr[1] = Integer.valueOf(x509CertificateArr2.length);
                objArr[2] = z ? "client" : "server";
                cVar.trace("check certificate {} [chain.length={}] for {} validated!", objArr);
            } catch (GeneralSecurityException e2) {
                org.slf4j.c cVar2 = SslContextUtil.f21543a;
                Object[] objArr2 = new Object[3];
                objArr2[0] = x509CertificateArr2[0].getSubjectDN();
                objArr2[1] = z ? "client" : "server";
                objArr2[2] = e2.getMessage();
                cVar2.debug("check certificate {} for {} failed on {}!", objArr2);
                if (!(e2 instanceof CertificateException)) {
                    throw new CertificateException(e2);
                }
                throw ((CertificateException) e2);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            b(this.f21555a, x509CertificateArr, true);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            b(this.f21555a, x509CertificateArr, false);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.f21555a;
        }
    }

    static {
        TrustManager fVar;
        r = new AnonymousX509ExtendedKeyManager();
        Asn1DerDecoder.d();
        e();
        boolean z = false;
        try {
            fVar = new e(new X509Certificate[0]);
            z = true;
        } catch (NoClassDefFoundError unused) {
            fVar = new f(new X509Certificate[0]);
        }
        t = z;
        s = fVar;
    }

    private static a A(String str, c cVar) throws GeneralSecurityException, IOException {
        InputStream p2 = p(str);
        try {
            return cVar.f21553b.a(p2);
        } finally {
            p2.close();
        }
    }

    public static TrustManager[] B(String str, String str2, char[] cArr) throws IOException, GeneralSecurityException {
        return m("trusts", D(str, str2, cArr));
    }

    public static Certificate[] C(String str) throws IOException, GeneralSecurityException {
        Objects.requireNonNull(str, "trust must be provided!");
        String[] split = str.split("#", 3);
        if (1 == split.length && q(split[0]).f21553b != null) {
            return D(split[0], null, null);
        }
        if (3 == split.length) {
            return D(split[0], split[2], StringUtil.l(split[1]));
        }
        throw new IllegalArgumentException("trust must comply the pattern <keystore#hexstorepwd#aliaspattern>");
    }

    public static Certificate[] D(String str, String str2, char[] cArr) throws IOException, GeneralSecurityException {
        c q2 = q(str);
        if (q2.f21553b != null) {
            a A = A(str, q2);
            if (A.f21551d != null) {
                return A.f21551d;
            }
            throw new IllegalArgumentException("no trusted x509 certificates found in '" + str + "'!");
        }
        KeyStore w = w(str, cArr, q2);
        Pattern pattern = null;
        if (str2 != null && !str2.isEmpty()) {
            pattern = Pattern.compile(str2);
        }
        ArrayList arrayList = new ArrayList();
        Enumeration<String> aliases = w.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (pattern == null || pattern.matcher(nextElement).matches()) {
                Certificate certificate = w.getCertificate(nextElement);
                if (!arrayList.contains(certificate)) {
                    arrayList.add(certificate);
                }
            }
        }
        if (!arrayList.isEmpty()) {
            return (Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]);
        }
        throw new IllegalArgumentException("no trusted x509 certificates found in '" + str + "' for '" + str2 + "'!");
    }

    public static X509Certificate[] b(Certificate[] certificateArr) {
        if (certificateArr == null || certificateArr.length == 0) {
            throw new IllegalArgumentException("certificates missing!");
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateArr.length];
        for (int i2 = 0; certificateArr.length > i2; i2++) {
            if (certificateArr[i2] == null) {
                throw new IllegalArgumentException(SystemInfoUtils.CommonConsts.LEFT_SQUARE_BRACKET + i2 + "] is null!");
            }
            try {
                x509CertificateArr[i2] = (X509Certificate) certificateArr[i2];
            } catch (ClassCastException unused) {
                throw new IllegalArgumentException(SystemInfoUtils.CommonConsts.LEFT_SQUARE_BRACKET + i2 + "] is not a x509 certificate! Instead it's a " + certificateArr[i2].getClass().getName());
            }
        }
        return x509CertificateArr;
    }

    public static b c(String str, b bVar) {
        Objects.requireNonNull(str, "scheme must not be null!");
        if (!str.endsWith("://")) {
            throw new IllegalArgumentException("scheme must end with \"://\"!");
        }
        Objects.requireNonNull(bVar, "stream factory must not be null!");
        return q.put(str.toLowerCase(), bVar);
    }

    public static c d(String str, c cVar) {
        Objects.requireNonNull(str, "ending must not be null!");
        if (!str.equals("*") && !str.startsWith(".")) {
            throw new IllegalArgumentException("ending must start with \".\"!");
        }
        Objects.requireNonNull(cVar, "key store type must not be null!");
        return p.put(str.toLowerCase(), cVar);
    }

    public static void e() {
        Map<String, c> map = p;
        map.clear();
        map.put(f21546d, new c(i));
        map.put(f21547e, new c(j));
        map.put(f, new c(k));
        map.put(g, new c(new d() { // from class: org.eclipse.californium.elements.util.SslContextUtil.1
            @Override // org.eclipse.californium.elements.util.SslContextUtil.d
            public a a(InputStream inputStream) throws GeneralSecurityException, IOException {
                return SslContextUtil.x(inputStream);
            }
        }));
        map.put("*", new c(KeyStore.getDefaultType()));
        Map<String, b> map2 = q;
        map2.clear();
        map2.put(f21544b, new ClassLoaderInputStreamFactory());
    }

    public static KeyManager[] f() {
        return new KeyManager[]{r};
    }

    public static KeyManager[] g(String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr) throws GeneralSecurityException {
        Objects.requireNonNull(privateKey, "private key must be provided!");
        Objects.requireNonNull(x509CertificateArr, "certificate chain must be provided!");
        if (x509CertificateArr.length == 0) {
            throw new IllegalArgumentException("certificate chain must not be empty!");
        }
        if (str == null) {
            str = o;
        }
        try {
            char[] charArray = "intern".toCharArray();
            KeyStore keyStore = KeyStore.getInstance(q("*").f21552a);
            keyStore.load(null);
            keyStore.setKeyEntry(str, privateKey, charArray, x509CertificateArr);
            return h(keyStore, charArray);
        } catch (IOException e2) {
            throw new GeneralSecurityException(e2.getMessage());
        }
    }

    private static KeyManager[] h(KeyStore keyStore, char[] cArr) throws GeneralSecurityException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(Security.getProperty(SSLSocketFactoryFactory.SYSKEYMGRALGO));
        keyManagerFactory.init(keyStore, cArr);
        return keyManagerFactory.getKeyManagers();
    }

    public static SSLContext i(String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr, Certificate[] certificateArr) throws GeneralSecurityException {
        return j(str, privateKey, x509CertificateArr, certificateArr, m);
    }

    public static SSLContext j(String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr, Certificate[] certificateArr, String str2) throws GeneralSecurityException {
        if (str == null) {
            str = o;
        }
        KeyManager[] g2 = g(str, privateKey, x509CertificateArr);
        TrustManager[] m2 = m(str, certificateArr);
        SSLContext sSLContext = SSLContext.getInstance(str2);
        sSLContext.init(g2, m2, null);
        return sSLContext;
    }

    public static TrustManager[] k(Certificate[] certificateArr) {
        Objects.requireNonNull(certificateArr, "trusted certificates must be provided!");
        X509Certificate[] b2 = b(certificateArr);
        return t ? new TrustManager[]{new e(b2)} : new TrustManager[]{new f(b2)};
    }

    @NotForAndroid
    public static TrustManager[] l() {
        return new TrustManager[]{s};
    }

    public static TrustManager[] m(String str, Certificate[] certificateArr) throws GeneralSecurityException {
        Objects.requireNonNull(certificateArr, "trusted certificates must be provided!");
        if (certificateArr.length == 0) {
            throw new IllegalArgumentException("trusted certificates must not be empty!");
        }
        if (str == null) {
            str = o;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(q("*").f21552a);
            keyStore.load(null);
            int i2 = 1;
            for (Certificate certificate : certificateArr) {
                keyStore.setCertificateEntry(str + i2, certificate);
                i2++;
            }
            return n(keyStore);
        } catch (IOException e2) {
            throw new GeneralSecurityException(e2.getMessage());
        }
    }

    private static TrustManager[] n(KeyStore keyStore) throws GeneralSecurityException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(Security.getProperty(SSLSocketFactoryFactory.SYSTRUSTMGRALGO));
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    public static void o(X509Certificate[] x509CertificateArr) {
        HashSet hashSet = new HashSet();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            if (!hashSet.add(x509Certificate)) {
                throw new IllegalArgumentException("Truststore contains certificates duplicates with subject: " + x509Certificate.getSubjectX500Principal());
            }
        }
    }

    private static InputStream p(String str) throws IOException {
        Objects.requireNonNull(str, "keyStoreUri must be provided!");
        String r2 = r(str);
        InputStream inputStream = null;
        String str2 = null;
        if (r2 == null) {
            File file = new File(str);
            if (!file.exists()) {
                str2 = " doesn't exists!";
            } else if (!file.isFile()) {
                str2 = " is not a file!";
            } else if (!file.canRead()) {
                str2 = " could not be read!";
            }
            if (str2 != null) {
                throw new IOException("URI: " + str + ", file: " + file.getAbsolutePath() + str2);
            }
            inputStream = new FileInputStream(file);
        } else {
            b bVar = q.get(r2);
            if (bVar != null) {
                inputStream = bVar.a(str);
            }
        }
        return inputStream == null ? new URL(str).openStream() : inputStream;
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x0036  */
    /* JADX WARN: Removed duplicated region for block: B:7:0x002a  */
    /* JADX WARN: Removed duplicated region for block: B:9:0x0035 A[RETURN] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static org.eclipse.californium.elements.util.SslContextUtil.c q(java.lang.String r3) throws java.security.GeneralSecurityException {
        /*
            java.lang.String r0 = "*"
            boolean r1 = r3.equals(r0)
            if (r1 != 0) goto L27
            r1 = 47
            int r1 = r3.lastIndexOf(r1)
            r2 = 46
            int r2 = r3.lastIndexOf(r2)
            if (r1 >= r2) goto L27
            java.lang.String r1 = r3.substring(r2)
            java.lang.String r1 = r1.toLowerCase()
            java.util.Map<java.lang.String, org.eclipse.californium.elements.util.SslContextUtil$c> r2 = org.eclipse.californium.elements.util.SslContextUtil.p
            java.lang.Object r1 = r2.get(r1)
            org.eclipse.californium.elements.util.SslContextUtil$c r1 = (org.eclipse.californium.elements.util.SslContextUtil.c) r1
            goto L28
        L27:
            r1 = 0
        L28:
            if (r1 != 0) goto L33
            java.util.Map<java.lang.String, org.eclipse.californium.elements.util.SslContextUtil$c> r1 = org.eclipse.californium.elements.util.SslContextUtil.p
            java.lang.Object r0 = r1.get(r0)
            r1 = r0
            org.eclipse.californium.elements.util.SslContextUtil$c r1 = (org.eclipse.californium.elements.util.SslContextUtil.c) r1
        L33:
            if (r1 == 0) goto L36
            return r1
        L36:
            java.security.GeneralSecurityException r0 = new java.security.GeneralSecurityException
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r1.<init>()
            java.lang.String r2 = "no key store type for "
            r1.append(r2)
            r1.append(r3)
            java.lang.String r3 = r1.toString()
            r0.<init>(r3)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.eclipse.californium.elements.util.SslContextUtil.q(java.lang.String):org.eclipse.californium.elements.util.SslContextUtil$c");
    }

    private static String r(String str) {
        int indexOf = str.indexOf("://");
        if (indexOf > 0) {
            return str.substring(0, indexOf + 3).toLowerCase();
        }
        return null;
    }

    public static X509Certificate[] s(String str, String str2, char[] cArr) throws IOException, GeneralSecurityException {
        c q2 = q(str);
        if (q2.f21553b != null) {
            a A = A(str, q2);
            if (A.f21550c != null) {
                return A.f21550c;
            }
            throw new IllegalArgumentException("No certificate chain found!");
        }
        Objects.requireNonNull(str2, "alias must be provided!");
        if (str2.isEmpty()) {
            throw new IllegalArgumentException("alias must not be empty!");
        }
        return b(w(str, cArr, q2).getCertificateChain(str2));
    }

    public static a t(String str) throws IOException, GeneralSecurityException {
        Objects.requireNonNull(str, "credentials must be provided!");
        String[] split = str.split("#", 4);
        if (1 == split.length && q(split[0]).f21553b != null) {
            return u(split[0], null, null, null);
        }
        if (4 == split.length) {
            return u(split[0], split[3], StringUtil.l(split[1]), StringUtil.l(split[2]));
        }
        throw new IllegalArgumentException("credentials must comply the pattern <keystore#hexstorepwd#hexkeypwd#alias>");
    }

    /* JADX WARN: Removed duplicated region for block: B:14:0x006b  */
    /* JADX WARN: Removed duplicated region for block: B:19:0x007a  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static org.eclipse.californium.elements.util.SslContextUtil.a u(java.lang.String r3, java.lang.String r4, char[] r5, char[] r6) throws java.io.IOException, java.security.GeneralSecurityException {
        /*
            org.eclipse.californium.elements.util.SslContextUtil$c r0 = q(r3)
            org.eclipse.californium.elements.util.SslContextUtil$d r1 = r0.f21553b
            r2 = 0
            if (r1 == 0) goto L80
            org.eclipse.californium.elements.util.SslContextUtil$a r4 = A(r3, r0)
            java.security.cert.Certificate[] r5 = r4.i()
            java.lang.String r6 = "credentials missing! No private key found!"
            if (r5 != 0) goto L16
            goto L50
        L16:
            java.lang.String r5 = "X.509"
            java.security.cert.CertificateFactory r5 = java.security.cert.CertificateFactory.getInstance(r5)     // Catch: java.security.GeneralSecurityException -> L45
            java.security.cert.Certificate[] r0 = r4.i()     // Catch: java.security.GeneralSecurityException -> L45
            java.util.List r0 = java.util.Arrays.asList(r0)     // Catch: java.security.GeneralSecurityException -> L45
            java.security.cert.CertPath r5 = r5.generateCertPath(r0)     // Catch: java.security.GeneralSecurityException -> L45
            java.util.List r5 = r5.getCertificates()     // Catch: java.security.GeneralSecurityException -> L45
            int r0 = r5.size()     // Catch: java.security.GeneralSecurityException -> L45
            java.security.cert.X509Certificate[] r0 = new java.security.cert.X509Certificate[r0]     // Catch: java.security.GeneralSecurityException -> L45
            java.lang.Object[] r5 = r5.toArray(r0)     // Catch: java.security.GeneralSecurityException -> L45
            java.security.cert.X509Certificate[] r5 = (java.security.cert.X509Certificate[]) r5     // Catch: java.security.GeneralSecurityException -> L45
            org.eclipse.californium.elements.util.SslContextUtil$a r0 = new org.eclipse.californium.elements.util.SslContextUtil$a     // Catch: java.security.GeneralSecurityException -> L45
            r0.<init>(r2, r2, r5)     // Catch: java.security.GeneralSecurityException -> L45
            org.eclipse.californium.elements.util.SslContextUtil$IncompleteCredentialsException r4 = new org.eclipse.californium.elements.util.SslContextUtil$IncompleteCredentialsException     // Catch: java.security.GeneralSecurityException -> L43
            r4.<init>(r0, r6)     // Catch: java.security.GeneralSecurityException -> L43
            throw r4     // Catch: java.security.GeneralSecurityException -> L43
        L43:
            r4 = move-exception
            goto L48
        L45:
            r5 = move-exception
            r0 = r4
            r4 = r5
        L48:
            org.slf4j.c r5 = org.eclipse.californium.elements.util.SslContextUtil.f21543a
            java.lang.String r1 = "Load PEM {}:"
            r5.warn(r1, r3, r4)
            r4 = r0
        L50:
            java.security.PublicKey r3 = org.eclipse.californium.elements.util.SslContextUtil.a.d(r4)
            if (r3 != 0) goto L65
            java.security.PrivateKey r3 = org.eclipse.californium.elements.util.SslContextUtil.a.a(r4)
            if (r3 == 0) goto L5d
            goto L65
        L5d:
            java.lang.IllegalArgumentException r3 = new java.lang.IllegalArgumentException
            java.lang.String r4 = "credentials missing! No keys found!"
            r3.<init>(r4)
            throw r3
        L65:
            java.security.PrivateKey r3 = org.eclipse.californium.elements.util.SslContextUtil.a.a(r4)
            if (r3 == 0) goto L7a
            java.security.PublicKey r3 = org.eclipse.californium.elements.util.SslContextUtil.a.d(r4)
            if (r3 == 0) goto L72
            return r4
        L72:
            org.eclipse.californium.elements.util.SslContextUtil$IncompleteCredentialsException r3 = new org.eclipse.californium.elements.util.SslContextUtil$IncompleteCredentialsException
            java.lang.String r5 = "credentials missing! Neither certificate chain nor public key found!"
            r3.<init>(r4, r5)
            throw r3
        L7a:
            org.eclipse.californium.elements.util.SslContextUtil$IncompleteCredentialsException r3 = new org.eclipse.californium.elements.util.SslContextUtil$IncompleteCredentialsException
            r3.<init>(r4, r6)
            throw r3
        L80:
            java.lang.String r1 = "alias must be provided!"
            java.util.Objects.requireNonNull(r4, r1)
            boolean r1 = r4.isEmpty()
            if (r1 != 0) goto Le1
            java.lang.String r1 = "keyPassword must be provided!"
            java.util.Objects.requireNonNull(r6, r1)
            java.security.KeyStore r5 = w(r3, r5, r0)
            java.lang.Class<java.security.KeyStore$PrivateKeyEntry> r0 = java.security.KeyStore.PrivateKeyEntry.class
            boolean r0 = r5.entryInstanceOf(r4, r0)
            if (r0 == 0) goto Lbd
            java.security.KeyStore$PasswordProtection r0 = new java.security.KeyStore$PasswordProtection
            r0.<init>(r6)
            java.security.KeyStore$Entry r5 = r5.getEntry(r4, r0)
            boolean r6 = r5 instanceof java.security.KeyStore.PrivateKeyEntry
            if (r6 == 0) goto Lbd
            java.security.KeyStore$PrivateKeyEntry r5 = (java.security.KeyStore.PrivateKeyEntry) r5
            java.security.cert.Certificate[] r3 = r5.getCertificateChain()
            java.security.cert.X509Certificate[] r3 = b(r3)
            org.eclipse.californium.elements.util.SslContextUtil$a r4 = new org.eclipse.californium.elements.util.SslContextUtil$a
            java.security.PrivateKey r5 = r5.getPrivateKey()
            r4.<init>(r5, r2, r3)
            return r4
        Lbd:
            java.lang.IllegalArgumentException r5 = new java.lang.IllegalArgumentException
            java.lang.StringBuilder r6 = new java.lang.StringBuilder
            r6.<init>()
            java.lang.String r0 = "no credentials found for '"
            r6.append(r0)
            r6.append(r4)
            java.lang.String r4 = "' in '"
            r6.append(r4)
            r6.append(r3)
            java.lang.String r3 = "'!"
            r6.append(r3)
            java.lang.String r3 = r6.toString()
            r5.<init>(r3)
            throw r5
        Le1:
            java.lang.IllegalArgumentException r3 = new java.lang.IllegalArgumentException
            java.lang.String r4 = "alias must not be empty!"
            r3.<init>(r4)
            throw r3
        */
        throw new UnsupportedOperationException("Method not decompiled: org.eclipse.californium.elements.util.SslContextUtil.u(java.lang.String, java.lang.String, char[], char[]):org.eclipse.californium.elements.util.SslContextUtil$a");
    }

    public static KeyManager[] v(String str, String str2, char[] cArr, char[] cArr2) throws IOException, GeneralSecurityException {
        c q2 = q(str);
        if (q2.f21553b != null) {
            a A = A(str, q2);
            if (A.f21548a == null) {
                throw new IllegalArgumentException("credentials missing! No private key found!");
            }
            if (A.f21550c != null) {
                return g(o, A.f21548a, A.f21550c);
            }
            throw new IllegalArgumentException("credentials missing! No certificate chain found!");
        }
        Objects.requireNonNull(cArr2, "keyPassword must be provided!");
        KeyStore w = w(str, cArr, q2);
        if (str2 != null && !str2.isEmpty()) {
            boolean z = false;
            Pattern compile = Pattern.compile(str2);
            KeyStore keyStore = KeyStore.getInstance(w.getType());
            keyStore.load(null);
            Enumeration<String> aliases = w.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (compile.matcher(nextElement).matches()) {
                    KeyStore.Entry entry = w.getEntry(nextElement, new KeyStore.PasswordProtection(cArr2));
                    if (entry == null) {
                        throw new GeneralSecurityException("key stores '" + str + "' doesn't contain credentials for '" + nextElement + "'");
                    }
                    keyStore.setEntry(nextElement, entry, new KeyStore.PasswordProtection(cArr2));
                    z = true;
                }
            }
            if (!z) {
                throw new GeneralSecurityException("no credentials found in '" + str + "' for '" + str2 + "'!");
            }
            w = keyStore;
        }
        return h(w, cArr2);
    }

    private static KeyStore w(String str, char[] cArr, c cVar) throws GeneralSecurityException, IOException {
        Objects.requireNonNull(cArr, "storePassword must be provided!");
        InputStream p2 = p(str);
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(cVar.f21552a);
                keyStore.load(p2, cArr);
                return keyStore;
            } catch (IOException e2) {
                throw new IOException(e2 + ", URI: " + str + ", type: " + cVar.f21552a);
            }
        } finally {
            p2.close();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static a x(InputStream inputStream) throws GeneralSecurityException, IOException {
        h hVar = new h(inputStream);
        try {
            Asn1DerDecoder.Keys keys = new Asn1DerDecoder.Keys();
            ArrayList<Certificate> arrayList = new ArrayList();
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            while (true) {
                String b2 = hVar.b();
                if (b2 == null) {
                    if (keys.d() != null || keys.e() != null) {
                        List<? extends Certificate> certificates = certificateFactory.generateCertPath(arrayList).getCertificates();
                        return new a(keys.d(), keys.e(), (X509Certificate[]) certificates.toArray(new X509Certificate[certificates.size()]));
                    }
                    ArrayList arrayList2 = new ArrayList();
                    for (Certificate certificate : arrayList) {
                        if (!arrayList2.contains(certificate)) {
                            arrayList2.add(certificate);
                        }
                    }
                    return new a((Certificate[]) arrayList2.toArray(new Certificate[arrayList2.size()]));
                }
                byte[] c2 = hVar.c();
                if (c2 != null) {
                    if (b2.contains("CERTIFICATE")) {
                        arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(c2)));
                    } else if (b2.contains("PRIVATE KEY")) {
                        Asn1DerDecoder.Keys o2 = Asn1DerDecoder.o(c2);
                        if (o2 == null) {
                            throw new GeneralSecurityException("private key type not supported!");
                        }
                        keys.c(o2);
                    } else if (b2.contains("PUBLIC KEY")) {
                        PublicKey s2 = Asn1DerDecoder.s(c2);
                        if (s2 == null) {
                            throw new GeneralSecurityException("public key type not supported!");
                        }
                        keys.g(s2);
                    } else {
                        f21543a.warn("{} not supported!", b2);
                    }
                }
            }
        } finally {
            hVar.a();
        }
    }

    public static PrivateKey y(String str, String str2, char[] cArr, char[] cArr2) throws IOException, GeneralSecurityException {
        c q2 = q(str);
        if (q2.f21553b != null) {
            a A = A(str, q2);
            if (A.f21548a != null) {
                return A.f21548a;
            }
        } else {
            Objects.requireNonNull(str2, "alias must be provided!");
            if (str2.isEmpty()) {
                throw new IllegalArgumentException("alias must not be empty!");
            }
            Objects.requireNonNull(cArr2, "keyPassword must be provided!");
            KeyStore w = w(str, cArr, q2);
            if (w.entryInstanceOf(str2, KeyStore.PrivateKeyEntry.class)) {
                KeyStore.Entry entry = w.getEntry(str2, new KeyStore.PasswordProtection(cArr2));
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
                }
            }
        }
        throw new IllegalArgumentException("no private key found for '" + str2 + "' in '" + str + "'!");
    }

    public static PublicKey z(String str, String str2, char[] cArr) throws IOException, GeneralSecurityException {
        c q2 = q(str);
        if (q2.f21553b == null) {
            Objects.requireNonNull(str2, "alias must be provided!");
            if (str2.isEmpty()) {
                throw new IllegalArgumentException("alias must not be empty!");
            }
            return w(str, cArr, q2).getCertificateChain(str2)[0].getPublicKey();
        }
        a A = A(str, q2);
        if (A.f21549b != null) {
            return A.f21549b;
        }
        throw new IllegalArgumentException("no public key found for '" + str2 + "' in '" + str + "'!");
    }
}
