package io.netty.handler.ssl;

import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:essential_essential_1-2-2-2_fabric_1-18.jar:gg/essential/sps/quic/jvm/netty.jar:io/netty/handler/ssl/OpenSslKeyMaterialManager.class */
public final class OpenSslKeyMaterialManager {
    static final String KEY_TYPE_RSA = "RSA";
    static final String KEY_TYPE_DH_RSA = "DH_RSA";
    static final String KEY_TYPE_EC = "EC";
    static final String KEY_TYPE_EC_EC = "EC_EC";
    static final String KEY_TYPE_EC_RSA = "EC_RSA";
    private static final Map<String, String> KEY_TYPES = new HashMap();
    private final OpenSslKeyMaterialProvider provider;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSslKeyMaterialManager(OpenSslKeyMaterialProvider openSslKeyMaterialProvider) {
        this.provider = openSslKeyMaterialProvider;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setKeyMaterialServerSide(ReferenceCountedOpenSslEngine referenceCountedOpenSslEngine) throws SSLException {
        String chooseServerAlias;
        String[] authMethods = referenceCountedOpenSslEngine.authMethods();
        if (authMethods.length == 0) {
            throw new SSLHandshakeException("Unable to find key material");
        }
        HashSet hashSet = new HashSet(KEY_TYPES.size());
        for (String str : authMethods) {
            String str2 = KEY_TYPES.get(str);
            if (str2 != null && hashSet.add(str2) && (chooseServerAlias = chooseServerAlias(referenceCountedOpenSslEngine, str2)) != null) {
                setKeyMaterial(referenceCountedOpenSslEngine, chooseServerAlias);
                return;
            }
        }
        throw new SSLHandshakeException("Unable to find key material for auth method(s): " + Arrays.toString(authMethods));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setKeyMaterialClientSide(ReferenceCountedOpenSslEngine referenceCountedOpenSslEngine, String[] strArr, X500Principal[] x500PrincipalArr) throws SSLException {
        String chooseClientAlias = chooseClientAlias(referenceCountedOpenSslEngine, strArr, x500PrincipalArr);
        if (chooseClientAlias != null) {
            setKeyMaterial(referenceCountedOpenSslEngine, chooseClientAlias);
        }
    }

    private void setKeyMaterial(ReferenceCountedOpenSslEngine referenceCountedOpenSslEngine, String str) throws SSLException {
        OpenSslKeyMaterial openSslKeyMaterial = null;
        try {
            try {
                try {
                    openSslKeyMaterial = this.provider.chooseKeyMaterial(referenceCountedOpenSslEngine.alloc, str);
                    if (openSslKeyMaterial == null) {
                        if (openSslKeyMaterial != null) {
                            openSslKeyMaterial.release();
                        }
                    } else {
                        referenceCountedOpenSslEngine.setKeyMaterial(openSslKeyMaterial);
                        if (openSslKeyMaterial != null) {
                            openSslKeyMaterial.release();
                        }
                    }
                } catch (Exception e) {
                    throw new SSLException(e);
                }
            } catch (SSLException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (openSslKeyMaterial != null) {
                openSslKeyMaterial.release();
            }
            throw th;
        }
    }

    private String chooseClientAlias(ReferenceCountedOpenSslEngine referenceCountedOpenSslEngine, String[] strArr, X500Principal[] x500PrincipalArr) {
        X509KeyManager keyManager = this.provider.keyManager();
        return keyManager instanceof X509ExtendedKeyManager ? ((X509ExtendedKeyManager) keyManager).chooseEngineClientAlias(strArr, x500PrincipalArr, referenceCountedOpenSslEngine) : keyManager.chooseClientAlias(strArr, x500PrincipalArr, null);
    }

    private String chooseServerAlias(ReferenceCountedOpenSslEngine referenceCountedOpenSslEngine, String str) {
        X509KeyManager keyManager = this.provider.keyManager();
        return keyManager instanceof X509ExtendedKeyManager ? ((X509ExtendedKeyManager) keyManager).chooseEngineServerAlias(str, null, referenceCountedOpenSslEngine) : keyManager.chooseServerAlias(str, null, null);
    }

    static {
        KEY_TYPES.put(KEY_TYPE_RSA, KEY_TYPE_RSA);
        KEY_TYPES.put("DHE_RSA", KEY_TYPE_RSA);
        KEY_TYPES.put("ECDHE_RSA", KEY_TYPE_RSA);
        KEY_TYPES.put("ECDHE_ECDSA", KEY_TYPE_EC);
        KEY_TYPES.put("ECDH_RSA", KEY_TYPE_EC_RSA);
        KEY_TYPES.put("ECDH_ECDSA", KEY_TYPE_EC_EC);
        KEY_TYPES.put(KEY_TYPE_DH_RSA, KEY_TYPE_DH_RSA);
    }
}
