package org.jboss.netty.handler.ssl;

import android.support.v4.view.ViewCompat;
import android.support.v4.view.accessibility.AccessibilityEventCompat;
import ch.qos.logback.core.CoreConstants;
import java.io.File;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import org.apache.tomcat.jni.Pool;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.jni.SSLContext;
import org.jboss.netty.logging.InternalLogger;
import org.jboss.netty.logging.InternalLoggerFactory;

/* loaded from: classes.dex */
public final class OpenSslServerContext extends SslContext {
    private static final List<String> DEFAULT_CIPHERS;
    private static final InternalLogger logger = InternalLoggerFactory.getInstance((Class<?>) OpenSslServerContext.class);
    private final long aprPool;
    private final List<String> ciphers;
    private final long ctx;
    private final List<String> nextProtocols;
    private final long sessionCacheSize;
    private final long sessionTimeout;
    private final OpenSslSessionStats stats;
    private final List<String> unmodifiableCiphers;

    static {
        ArrayList arrayList = new ArrayList();
        Collections.addAll(arrayList, "ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-RSA-AES128-SHA", "ECDHE-RSA-AES256-SHA", "AES128-GCM-SHA256", "AES128-SHA", "AES256-SHA", "DES-CBC3-SHA", "RC4-SHA");
        DEFAULT_CIPHERS = Collections.unmodifiableList(arrayList);
        if (logger.isDebugEnabled()) {
            logger.debug("Default cipher suite (OpenSSL): " + arrayList);
        }
    }

    public OpenSslServerContext(File file, File file2) throws SSLException {
        this(file, file2, null);
    }

    public OpenSslServerContext(File file, File file2, String str) throws SSLException {
        this(null, file, file2, str, null, null, 0L, 0L);
    }

    public OpenSslServerContext(SslBufferPool sslBufferPool, File file, File file2, String str, Iterable<String> iterable, Iterable<String> iterable2, long j, long j2) throws SSLException {
        super(sslBufferPool);
        String next;
        String next2;
        this.ciphers = new ArrayList();
        this.unmodifiableCiphers = Collections.unmodifiableList(this.ciphers);
        OpenSsl.ensureAvailability();
        if (file == null) {
            throw new NullPointerException("certChainFile");
        }
        if (!file.isFile()) {
            throw new IllegalArgumentException("certChainFile is not a file: " + file);
        }
        if (file2 == null) {
            throw new NullPointerException("keyPath");
        }
        if (!file2.isFile()) {
            throw new IllegalArgumentException("keyPath is not a file: " + file2);
        }
        iterable = iterable == null ? DEFAULT_CIPHERS : iterable;
        str = str == null ? "" : str;
        iterable2 = iterable2 == null ? Collections.emptyList() : iterable2;
        Iterator<String> it = iterable.iterator();
        while (it.hasNext() && (next2 = it.next()) != null) {
            this.ciphers.add(next2);
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> it2 = iterable2.iterator();
        while (it2.hasNext() && (next = it2.next()) != null) {
            arrayList.add(next);
        }
        this.nextProtocols = Collections.unmodifiableList(arrayList);
        this.aprPool = Pool.create(0L);
        try {
            synchronized (OpenSslServerContext.class) {
                try {
                    this.ctx = SSLContext.make(this.aprPool, 6, 1);
                    SSLContext.setOptions(this.ctx, 4095);
                    SSLContext.setOptions(this.ctx, ViewCompat.MEASURED_STATE_TOO_SMALL);
                    SSLContext.setOptions(this.ctx, 33554432);
                    SSLContext.setOptions(this.ctx, 4194304);
                    SSLContext.setOptions(this.ctx, AccessibilityEventCompat.TYPE_GESTURE_DETECTION_END);
                    SSLContext.setOptions(this.ctx, AccessibilityEventCompat.TYPE_TOUCH_INTERACTION_START);
                    SSLContext.setOptions(this.ctx, 65536);
                    try {
                        try {
                            StringBuilder sb = new StringBuilder();
                            Iterator<String> it3 = this.ciphers.iterator();
                            while (it3.hasNext()) {
                                sb.append(it3.next());
                                sb.append(CoreConstants.COLON_CHAR);
                            }
                            sb.setLength(sb.length() - 1);
                            SSLContext.setCipherSuite(this.ctx, sb.toString());
                            SSLContext.setVerify(this.ctx, 0, 10);
                            try {
                                try {
                                    if (!SSLContext.setCertificate(this.ctx, file.getPath(), file2.getPath(), str, 0)) {
                                        throw new SSLException("failed to set certificate: " + file + " and " + file2 + " (" + SSL.getLastError() + CoreConstants.RIGHT_PARENTHESIS_CHAR);
                                    }
                                    if (!SSLContext.setCertificateChainFile(this.ctx, file.getPath(), true) && !SSL.getLastError().startsWith("error:00000000:")) {
                                        throw new SSLException("failed to set certificate chain: " + file + " (" + SSL.getLastError() + CoreConstants.RIGHT_PARENTHESIS_CHAR);
                                    }
                                    if (!arrayList.isEmpty()) {
                                        StringBuilder sb2 = new StringBuilder();
                                        Iterator it4 = arrayList.iterator();
                                        while (it4.hasNext()) {
                                            sb2.append((String) it4.next());
                                            sb2.append(CoreConstants.COMMA_CHAR);
                                        }
                                        sb2.setLength(sb2.length() - 1);
                                        SSLContext.setNextProtos(this.ctx, sb2.toString());
                                    }
                                    if (j > 0) {
                                        this.sessionCacheSize = j;
                                        SSLContext.setSessionCacheSize(this.ctx, j);
                                    } else {
                                        long sessionCacheSize = SSLContext.setSessionCacheSize(this.ctx, 20480L);
                                        this.sessionCacheSize = sessionCacheSize;
                                        SSLContext.setSessionCacheSize(this.ctx, sessionCacheSize);
                                    }
                                    if (j2 > 0) {
                                        this.sessionTimeout = j2;
                                        SSLContext.setSessionCacheTimeout(this.ctx, j2);
                                    } else {
                                        long sessionCacheTimeout = SSLContext.setSessionCacheTimeout(this.ctx, 300L);
                                        this.sessionTimeout = sessionCacheTimeout;
                                        SSLContext.setSessionCacheTimeout(this.ctx, sessionCacheTimeout);
                                    }
                                } catch (SSLException e) {
                                    throw e;
                                }
                            } catch (Exception e2) {
                                throw new SSLException("failed to set certificate: " + file + " and " + file2, e2);
                            }
                        } catch (SSLException e3) {
                            throw e3;
                        }
                    } catch (Exception e4) {
                        throw new SSLException("failed to set cipher suite: " + this.ciphers, e4);
                    }
                } catch (Exception e5) {
                    throw new SSLException("failed to create an SSL_CTX", e5);
                }
            }
            if (1 == 0) {
                destroyPools();
            }
            this.stats = new OpenSslSessionStats(this.ctx);
        } catch (Throwable th) {
            if (0 == 0) {
                destroyPools();
            }
            throw th;
        }
    }

    private void destroyPools() {
        if (this.aprPool != 0) {
            Pool.destroy(this.aprPool);
        }
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public List<String> cipherSuites() {
        return this.unmodifiableCiphers;
    }

    public long context() {
        return this.ctx;
    }

    protected void finalize() throws Throwable {
        super.finalize();
        synchronized (OpenSslServerContext.class) {
            if (this.ctx != 0) {
                SSLContext.free(this.ctx);
            }
        }
        destroyPools();
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public boolean isClient() {
        return false;
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    SslBufferPool newBufferPool() {
        return new SslBufferPool(true, true);
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public SSLEngine newEngine() {
        return this.nextProtocols.isEmpty() ? new OpenSslEngine(this.ctx, bufferPool(), null) : new OpenSslEngine(this.ctx, bufferPool(), this.nextProtocols.get(this.nextProtocols.size() - 1));
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public SSLEngine newEngine(String str, int i) {
        throw new UnsupportedOperationException();
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public List<String> nextProtocols() {
        return this.nextProtocols;
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public long sessionCacheSize() {
        return this.sessionCacheSize;
    }

    @Override // org.jboss.netty.handler.ssl.SslContext
    public long sessionTimeout() {
        return this.sessionTimeout;
    }

    public void setTicketKeys(byte[] bArr) {
        if (bArr != null) {
            throw new NullPointerException("keys");
        }
        SSLContext.setSessionTicketKeys(this.ctx, bArr);
    }

    public OpenSslSessionStats stats() {
        return this.stats;
    }
}
