package io.netty.handler.ssl;

import io.netty.handler.ssl.ApplicationProtocolConfig;
import java.security.AccessController;
import java.security.PrivateKey;
import java.security.PrivilegedAction;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.apache.tomcat.jni.Pool;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.jni.SSLContext;

/* compiled from: OpenSslContext.java */
/* loaded from: classes2.dex */
public abstract class e extends l {
    private static final List<String> g;
    private static final Integer h;
    protected volatile long a;
    long b;
    private static final io.netty.util.internal.logging.b e = io.netty.util.internal.logging.c.a((Class<?>) e.class);
    private static final boolean f = io.netty.util.internal.o.a("jdk.tls.rejectClientInitiatedRenegotiation", false);
    static final d c = new d() { // from class: io.netty.handler.ssl.e.1
        @Override // io.netty.handler.ssl.a
        public List<String> a() {
            return Collections.emptyList();
        }

        @Override // io.netty.handler.ssl.d
        public ApplicationProtocolConfig.Protocol b() {
            return ApplicationProtocolConfig.Protocol.NONE;
        }

        @Override // io.netty.handler.ssl.d
        public ApplicationProtocolConfig.SelectedListenerFailureBehavior c() {
            return ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT;
        }
    };

    static {
        ArrayList arrayList = new ArrayList();
        Collections.addAll(arrayList, "ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-RSA-AES128-SHA", "ECDHE-RSA-AES256-SHA", "AES128-GCM-SHA256", "AES128-SHA", "AES256-SHA", "DES-CBC3-SHA");
        g = Collections.unmodifiableList(arrayList);
        if (e.isDebugEnabled()) {
            e.debug("Default cipher suite (OpenSSL): " + arrayList);
        }
        Integer num = null;
        try {
            String str = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: io.netty.handler.ssl.e.2
                @Override // java.security.PrivilegedAction
                /* renamed from: a, reason: merged with bridge method [inline-methods] */
                public String run() {
                    return io.netty.util.internal.o.b("jdk.tls.ephemeralDHKeySize");
                }
            });
            if (str != null) {
                try {
                    num = Integer.valueOf(Integer.parseInt(str));
                } catch (NumberFormatException unused) {
                    e.debug("OpenSslContext only support -Djdk.tls.ephemeralDHKeySize={int}, but got: " + str);
                }
            }
        } catch (Throwable unused2) {
        }
        h = num;
    }

    private static long a(io.netty.buffer.i iVar) throws Exception {
        try {
            long newMemBIO = SSL.newMemBIO();
            int h2 = iVar.h();
            if (SSL.writeToBIO(newMemBIO, c.a(iVar), h2) == h2) {
                return newMemBIO;
            }
            SSL.freeBIO(newMemBIO);
            throw new IllegalStateException("Could not write data to memory BIO");
        } finally {
            iVar.release();
        }
    }

    private static long a(io.netty.buffer.j jVar, j jVar2) throws Exception {
        try {
            io.netty.buffer.i content = jVar2.content();
            if (content.P()) {
                return a(content.E());
            }
            io.netty.buffer.i d = jVar.d(content.h());
            try {
                d.b(content, content.c(), content.h());
                long a = a(d.E());
                try {
                    if (jVar2.isSensitive()) {
                        p.a(d);
                    }
                    return a;
                } finally {
                }
            } catch (Throwable th) {
                try {
                    if (jVar2.isSensitive()) {
                        p.a(d);
                    }
                    throw th;
                } finally {
                }
            }
        } finally {
            jVar2.release();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static long a(PrivateKey privateKey) throws Exception {
        if (privateKey == null) {
            return 0L;
        }
        io.netty.buffer.j jVar = io.netty.buffer.j.a;
        j pem = PemPrivateKey.toPEM(jVar, true, privateKey);
        try {
            return a(jVar, pem.retain());
        } finally {
            pem.release();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static long a(X509Certificate... x509CertificateArr) throws Exception {
        if (x509CertificateArr == null) {
            return 0L;
        }
        if (x509CertificateArr.length == 0) {
            throw new IllegalArgumentException("certChain can't be empty");
        }
        io.netty.buffer.j jVar = io.netty.buffer.j.a;
        j pem = PemX509Certificate.toPEM(jVar, true, x509CertificateArr);
        try {
            return a(jVar, pem.retain());
        } finally {
            pem.release();
        }
    }

    final void a() {
        synchronized (e.class) {
            if (this.a != 0) {
                SSLContext.free(this.a);
                this.a = 0L;
            }
            if (this.b != 0) {
                Pool.destroy(this.b);
                this.b = 0L;
            }
        }
    }

    protected final void finalize() throws Throwable {
        super.finalize();
        a();
    }
}
