package io.netty.handler.ssl;

import io.netty.buffer.ByteBufAllocator;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.File;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import org.apache.tomcat.jni.Pool;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.jni.SSLContext;

/* compiled from: OpenSslServerContext.java */
/* loaded from: classes2.dex */
public final class h extends k {

    /* renamed from: i, reason: collision with root package name */
    private static final InternalLogger f4587i;

    /* renamed from: j, reason: collision with root package name */
    private static final List<String> f4588j;
    private final long a;
    private final List<String> b;
    private final List<String> c;
    private final long d;
    private final long e;
    private final List<String> f;

    /* renamed from: g, reason: collision with root package name */
    private final long f4589g;

    /* renamed from: h, reason: collision with root package name */
    private final i f4590h;

    static {
        InternalLogger b = InternalLoggerFactory.b(h.class);
        f4587i = b;
        ArrayList arrayList = new ArrayList();
        Collections.addAll(arrayList, "ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-RSA-RC4-SHA", "ECDHE-RSA-AES128-SHA", "ECDHE-RSA-AES256-SHA", "AES128-GCM-SHA256", "RC4-SHA", "RC4-MD5", "AES128-SHA", "AES256-SHA", "DES-CBC3-SHA");
        f4588j = Collections.unmodifiableList(arrayList);
        if (b.isDebugEnabled()) {
            b.debug("Default cipher suite (OpenSSL): " + arrayList);
        }
    }

    public h(File file, File file2) throws SSLException {
        this(file, file2, null);
    }

    public h(File file, File file2, String str) throws SSLException {
        this(file, file2, str, null, null, 0L, 0L);
    }

    public h(File file, File file2, String str, Iterable<String> iterable, Iterable<String> iterable2, long j2, long j3) throws SSLException {
        String next;
        String next2;
        ArrayList arrayList = new ArrayList();
        this.b = arrayList;
        this.c = Collections.unmodifiableList(arrayList);
        f.a();
        if (file == null) {
            throw new NullPointerException("certChainFile");
        }
        if (!file.isFile()) {
            throw new IllegalArgumentException("certChainFile is not a file: " + file);
        }
        if (file2 == null) {
            throw new NullPointerException("keyPath");
        }
        if (!file2.isFile()) {
            throw new IllegalArgumentException("keyPath is not a file: " + file2);
        }
        Iterable<String> iterable3 = iterable == null ? f4588j : iterable;
        String str2 = str == null ? "" : str;
        Iterable<String> emptyList = iterable2 == null ? Collections.emptyList() : iterable2;
        Iterator<String> it = iterable3.iterator();
        while (it.hasNext() && (next2 = it.next()) != null) {
            this.b.add(next2);
        }
        ArrayList arrayList2 = new ArrayList();
        Iterator<String> it2 = emptyList.iterator();
        while (it2.hasNext() && (next = it2.next()) != null) {
            arrayList2.add(next);
        }
        this.f = Collections.unmodifiableList(arrayList2);
        long create = Pool.create(0L);
        this.a = create;
        try {
            synchronized (h.class) {
                try {
                    try {
                        long make = SSLContext.make(create, 6, 1);
                        this.f4589g = make;
                        SSLContext.setOptions(make, 4095);
                        SSLContext.setOptions(make, 16777216);
                        SSLContext.setOptions(make, 33554432);
                        SSLContext.setOptions(make, 4194304);
                        SSLContext.setOptions(make, 524288);
                        SSLContext.setOptions(make, 1048576);
                        SSLContext.setOptions(make, 65536);
                        try {
                            StringBuilder sb = new StringBuilder();
                            Iterator<String> it3 = this.b.iterator();
                            while (it3.hasNext()) {
                                sb.append(it3.next());
                                sb.append(':');
                            }
                            sb.setLength(sb.length() - 1);
                            SSLContext.setCipherSuite(this.f4589g, sb.toString());
                            SSLContext.setVerify(this.f4589g, 0, 10);
                            try {
                                if (!SSLContext.setCertificate(this.f4589g, file.getPath(), file2.getPath(), str2, 0)) {
                                    throw new SSLException("failed to set certificate: " + file + " and " + file2 + " (" + SSL.getLastError() + ')');
                                }
                                if (!SSLContext.setCertificateChainFile(this.f4589g, file.getPath(), true) && !SSL.getLastError().startsWith("error:00000000:")) {
                                    throw new SSLException("failed to set certificate chain: " + file + " (" + SSL.getLastError() + ')');
                                }
                                if (!arrayList2.isEmpty()) {
                                    StringBuilder sb2 = new StringBuilder();
                                    Iterator it4 = arrayList2.iterator();
                                    while (it4.hasNext()) {
                                        sb2.append((String) it4.next());
                                        sb2.append(',');
                                    }
                                    sb2.setLength(sb2.length() - 1);
                                    SSLContext.setNextProtos(this.f4589g, sb2.toString());
                                }
                                if (j2 > 0) {
                                    this.d = j2;
                                    SSLContext.setSessionCacheSize(this.f4589g, j2);
                                } else {
                                    long sessionCacheSize = SSLContext.setSessionCacheSize(this.f4589g, 20480L);
                                    this.d = sessionCacheSize;
                                    SSLContext.setSessionCacheSize(this.f4589g, sessionCacheSize);
                                }
                                if (j3 > 0) {
                                    this.e = j3;
                                    SSLContext.setSessionCacheTimeout(this.f4589g, j3);
                                } else {
                                    long sessionCacheTimeout = SSLContext.setSessionCacheTimeout(this.f4589g, 300L);
                                    this.e = sessionCacheTimeout;
                                    SSLContext.setSessionCacheTimeout(this.f4589g, sessionCacheTimeout);
                                }
                            } catch (SSLException e) {
                                throw e;
                            } catch (Exception e2) {
                                throw new SSLException("failed to set certificate: " + file + " and " + file2, e2);
                            }
                        } catch (SSLException e3) {
                            throw e3;
                        } catch (Exception e4) {
                            throw new SSLException("failed to set cipher suite: " + this.b, e4);
                        }
                    } catch (Exception e5) {
                        throw new SSLException("failed to create an SSL_CTX", e5);
                    }
                } catch (Throwable th) {
                    throw th;
                }
            }
            this.f4590h = new i(this.f4589g);
        } catch (Throwable th2) {
            E();
            throw th2;
        }
    }

    private void E() {
        long j2 = this.a;
        if (j2 != 0) {
            Pool.destroy(j2);
        }
    }

    @Override // io.netty.handler.ssl.k
    public List<String> A() {
        return this.f;
    }

    @Override // io.netty.handler.ssl.k
    public long B() {
        return this.d;
    }

    @Override // io.netty.handler.ssl.k
    public long C() {
        return this.e;
    }

    public long D() {
        return this.f4589g;
    }

    public void F(byte[] bArr) {
        if (bArr == null) {
            throw new NullPointerException("keys");
        }
        SSLContext.setSessionTicketKeys(this.f4589g, bArr);
    }

    public i G() {
        return this.f4590h;
    }

    @Override // io.netty.handler.ssl.k
    public List<String> a() {
        return this.c;
    }

    @Override // io.netty.handler.ssl.k
    public boolean d() {
        return false;
    }

    protected void finalize() throws Throwable {
        super.finalize();
        synchronized (h.class) {
            long j2 = this.f4589g;
            if (j2 != 0) {
                SSLContext.free(j2);
            }
        }
        E();
    }

    @Override // io.netty.handler.ssl.k
    public SSLEngine p(ByteBufAllocator byteBufAllocator) {
        if (this.f.isEmpty()) {
            return new g(this.f4589g, byteBufAllocator, null);
        }
        return new g(this.f4589g, byteBufAllocator, this.f.get(r3.size() - 1));
    }

    @Override // io.netty.handler.ssl.k
    public SSLEngine q(ByteBufAllocator byteBufAllocator, String str, int i2) {
        throw new UnsupportedOperationException();
    }
}
