package lh;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.x500.X500Principal;
import nh.u;

/* loaded from: classes.dex */
public final class a implements X509KeyManager {

    /* renamed from: c, reason: collision with root package name */
    public final String f12124c;

    /* renamed from: d, reason: collision with root package name */
    public final String f12125d;

    /* renamed from: e, reason: collision with root package name */
    public final CallbackHandler f12126e;

    /* renamed from: f, reason: collision with root package name */
    public final boolean f12127f;

    /* renamed from: a, reason: collision with root package name */
    public X509Certificate[] f12122a = null;

    /* renamed from: b, reason: collision with root package name */
    public PrivateKey f12123b = null;

    /* renamed from: g, reason: collision with root package name */
    public u f12128g = null;

    public a(String str, String str2, CallbackHandler callbackHandler, boolean z10) {
        this.f12124c = str;
        this.f12125d = str2;
        this.f12126e = callbackHandler;
        this.f12127f = z10;
    }

    public static byte[] a(String str) {
        RandomAccessFile randomAccessFile = new RandomAccessFile(str, "r");
        try {
            byte[] bArr = new byte[(int) randomAccessFile.length()];
            randomAccessFile.readFully(bArr);
            return bArr;
        } finally {
            randomAccessFile.close();
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        if (this.f12124c == null) {
            return null;
        }
        if (principalArr == null || principalArr.length == 0) {
            return "user";
        }
        X509Certificate[] certificateChain = getCertificateChain("user");
        if (certificateChain == null) {
            return null;
        }
        int i10 = 1;
        X509Certificate x509Certificate = certificateChain[certificateChain.length - 1];
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        String algorithm = x509Certificate.getPublicKey().getAlgorithm();
        int i11 = 0;
        if (strArr != null && strArr.length > 0) {
            int i12 = 0;
            for (String str : strArr) {
                if (str.equalsIgnoreCase(algorithm)) {
                    i12 = 1;
                }
            }
            i10 = i12;
        }
        if (i10 != 0) {
            int length = principalArr.length;
            int i13 = 0;
            while (i11 < length) {
                if (issuerX500Principal.equals(principalArr[i11])) {
                    i13 = i10;
                }
                i11++;
            }
            i11 = i13;
        }
        if (i11 != 0) {
            return "user";
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    /* JADX WARN: Not initialized variable reg: 7, insn: 0x008d: MOVE (r3 I:??[OBJECT, ARRAY]) = (r7 I:??[OBJECT, ARRAY]), block:B:45:0x008c */
    /* JADX WARN: Removed duplicated region for block: B:48:0x0090 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    @Override // javax.net.ssl.X509KeyManager
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final java.security.cert.X509Certificate[] getCertificateChain(java.lang.String r12) {
        /*
            Method dump skipped, instructions count: 212
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: lh.a.getCertificateChain(java.lang.String):java.security.cert.X509Certificate[]");
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getClientAliases(String str, Principal[] principalArr) {
        String chooseClientAlias = chooseClientAlias(new String[]{str}, principalArr, null);
        return chooseClientAlias == null ? new String[0] : new String[]{chooseClientAlias};
    }

    @Override // javax.net.ssl.X509KeyManager
    public final PrivateKey getPrivateKey(String str) {
        CallbackHandler callbackHandler = this.f12126e;
        String str2 = this.f12125d;
        try {
            try {
                if (this.f12123b == null && str2 != null) {
                    X509Certificate[] certificateChain = getCertificateChain("user");
                    if (certificateChain == null || certificateChain.length == 0) {
                        return null;
                    }
                    try {
                        byte[] a10 = a(str2);
                        KeyFactory keyFactory = KeyFactory.getInstance(certificateChain[0].getPublicKey().getAlgorithm());
                        try {
                            this.f12123b = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(a10));
                        } catch (InvalidKeySpecException unused) {
                            EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(a10);
                            try {
                                Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
                                PasswordCallback passwordCallback = new PasswordCallback(nh.d.a("Enter SSL password: ", new Object[0]), false);
                                try {
                                    callbackHandler.handle(new Callback[]{passwordCallback});
                                    try {
                                        PBEKeySpec pBEKeySpec = new PBEKeySpec(passwordCallback.getPassword());
                                        passwordCallback.clearPassword();
                                        cipher.init(2, SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(pBEKeySpec), encryptedPrivateKeyInfo.getAlgParameters());
                                        this.f12123b = keyFactory.generatePrivate(encryptedPrivateKeyInfo.getKeySpec(cipher));
                                    } catch (GeneralSecurityException e10) {
                                        this.f12128g = new u(nh.d.a("Could not decrypt SSL key file {0}.", str2), 8, e10);
                                        return null;
                                    }
                                } catch (UnsupportedCallbackException e11) {
                                    if ((callbackHandler instanceof b) && "Console is not available".equals(e11.getMessage())) {
                                        this.f12128g = new u(nh.d.a("Could not read password for SSL key file, console is not available.", new Object[0]), 8, e11);
                                    } else {
                                        this.f12128g = new u(nh.d.a("Could not read password for SSL key file by callbackhandler {0}.", callbackHandler.getClass().getName()), 8, e11);
                                    }
                                    return null;
                                }
                            } catch (NoSuchPaddingException e12) {
                                throw new NoSuchAlgorithmException(e12.getMessage(), e12);
                            }
                        }
                    } catch (FileNotFoundException e13) {
                        if (this.f12127f) {
                            return null;
                        }
                        throw e13;
                    }
                }
            } catch (NoSuchAlgorithmException e14) {
                this.f12128g = new u(nh.d.a("Could not find a java cryptographic algorithm: {0}.", e14.getMessage()), 8, e14);
                return null;
            }
        } catch (IOException e15) {
            this.f12128g = new u(nh.d.a("Could not read SSL key file {0}.", str2), 8, e15);
        }
        return this.f12123b;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getServerAliases(String str, Principal[] principalArr) {
        return new String[0];
    }
}
