package io.netty.handler.ssl;

import io.netty.handler.ssl.OpenSslContext;
import io.netty.util.internal.ObjectUtil;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.jni.SSLContext;

/* loaded from: classes2.dex */
public final class OpenSslServerContext extends OpenSslContext {
    private final OpenSslServerSessionContext e;

    /* renamed from: io.netty.handler.ssl.OpenSslServerContext$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    class AnonymousClass1 extends OpenSslContext.AbstractCertificateVerifier {
    }

    /* renamed from: io.netty.handler.ssl.OpenSslServerContext$2, reason: invalid class name */
    /* loaded from: classes2.dex */
    class AnonymousClass2 extends OpenSslContext.AbstractCertificateVerifier {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSslServerContext(X509Certificate[] x509CertificateArr, TrustManagerFactory trustManagerFactory, X509Certificate[] x509CertificateArr2, PrivateKey privateKey, String str, KeyManagerFactory keyManagerFactory, Iterable<String> iterable, CipherSuiteFilter cipherSuiteFilter, ApplicationProtocolConfig applicationProtocolConfig, long j, long j2, ClientAuth clientAuth) throws SSLException {
        super(iterable, cipherSuiteFilter, applicationProtocolConfig, j, j2, 1, x509CertificateArr2, clientAuth);
        OpenSsl.e();
        ObjectUtil.a(x509CertificateArr2, "keyCertChainFile");
        ObjectUtil.a(privateKey, "keyFile");
        String str2 = str == null ? "" : str;
        try {
            synchronized (OpenSslContext.class) {
                SSLContext.setVerify(this.f4409a, 0, 10);
                long j3 = 0;
                try {
                    try {
                        j3 = a(x509CertificateArr2);
                        if (!SSLContext.setCertificateChainBio(this.f4409a, j3, true)) {
                            long lastErrorNumber = SSL.getLastErrorNumber();
                            if (OpenSsl.a(lastErrorNumber)) {
                                throw new SSLException("failed to set certificate chain: " + SSL.getErrorString(lastErrorNumber));
                            }
                        }
                        long j4 = 0;
                        long j5 = 0;
                        try {
                            try {
                                j4 = a(privateKey);
                                j5 = a(x509CertificateArr2);
                                if (!SSLContext.setCertificateBio(this.f4409a, j5, j4, str2, 0)) {
                                    long lastErrorNumber2 = SSL.getLastErrorNumber();
                                    if (OpenSsl.a(lastErrorNumber2)) {
                                        throw new SSLException("failed to set certificate and key: " + SSL.getErrorString(lastErrorNumber2));
                                    }
                                }
                                try {
                                    if (x509CertificateArr != null) {
                                        trustManagerFactory = a(x509CertificateArr, trustManagerFactory);
                                    } else if (trustManagerFactory == null) {
                                        trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                                        trustManagerFactory.init((KeyStore) null);
                                    }
                                    final X509TrustManager a2 = a(trustManagerFactory.getTrustManagers());
                                    if (a(a2)) {
                                        final X509ExtendedTrustManager x509ExtendedTrustManager = (X509ExtendedTrustManager) a2;
                                        SSLContext.setCertVerifyCallback(this.f4409a, new OpenSslContext.AbstractCertificateVerifier() { // from class: io.netty.handler.ssl.OpenSslServerContext.3
                                            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                                            {
                                                super();
                                            }
                                        });
                                    } else {
                                        SSLContext.setCertVerifyCallback(this.f4409a, new OpenSslContext.AbstractCertificateVerifier() { // from class: io.netty.handler.ssl.OpenSslServerContext.4
                                            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                                            {
                                                super();
                                            }
                                        });
                                    }
                                } catch (Exception e) {
                                    throw new SSLException("unable to setup trustmanager", e);
                                }
                            } catch (SSLException e2) {
                                throw e2;
                            } catch (Exception e3) {
                                throw new SSLException("failed to set certificate and key", e3);
                            }
                        } finally {
                            if (j4 != 0) {
                                SSL.freeBIO(j4);
                            }
                            if (j5 != 0) {
                                SSL.freeBIO(j5);
                            }
                        }
                    } finally {
                        if (j3 != 0) {
                            SSL.freeBIO(j3);
                        }
                    }
                } catch (Exception e4) {
                    throw new SSLException("failed to set certificate chain", e4);
                }
            }
            this.e = new OpenSslServerSessionContext(this.f4409a);
        } catch (Throwable th) {
            c();
            throw th;
        }
    }

    @Override // io.netty.handler.ssl.OpenSslContext
    /* renamed from: d, reason: merged with bridge method [inline-methods] */
    public OpenSslServerSessionContext b() {
        return this.e;
    }
}
