package com.wasu.wasucapture.mitm;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.wasu.wasucapture.b.h;
import com.wasu.wasucapture.proxy.SslEngineSource;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.Writer;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.LinkedList;
import java.util.concurrent.Callable;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;

/* loaded from: classes2.dex */
public class b implements SslEngineSource {

    /* renamed from: a, reason: collision with root package name */
    private final a f4329a;
    private final boolean b;
    private final boolean c;
    private SSLContext d;
    private Certificate e;
    private PrivateKey f;
    private Cache<String, SSLContext> g;

    public b(a aVar, boolean z, boolean z2) {
        this(aVar, z, z2, a());
    }

    public b(a aVar, boolean z, boolean z2, Cache<String, SSLContext> cache) {
        this.f4329a = aVar;
        this.b = z;
        this.c = z2;
        this.g = cache;
        b();
        c();
    }

    private static Cache<String, SSLContext> a() {
        return CacheBuilder.newBuilder().expireAfterAccess(5L, TimeUnit.MINUTES).concurrencyLevel(16).build();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SSLContext a(String str, g gVar) {
        new f();
        return c.newServerContext(c.getKeyManagers(c.createServerCertificate(str, gVar, this.f4329a, this.e, this.f), this.f4329a));
    }

    private void a(File file, Object... objArr) {
        org.bouncycastle.openssl.a.b bVar;
        FileWriter fileWriter;
        FileWriter fileWriter2 = null;
        try {
            fileWriter = new FileWriter(file);
            try {
                bVar = new org.bouncycastle.openssl.a.b(fileWriter);
            } catch (Throwable th) {
                th = th;
                bVar = null;
                fileWriter2 = fileWriter;
            }
        } catch (Throwable th2) {
            th = th2;
            bVar = null;
        }
        try {
            for (Object obj : objArr) {
                bVar.writeObject(obj);
                bVar.flush();
            }
            h.closeQuietly((Writer) bVar);
            h.closeQuietly((Writer) fileWriter);
        } catch (Throwable th3) {
            th = th3;
            fileWriter2 = fileWriter;
            h.closeQuietly((Writer) bVar);
            h.closeQuietly((Writer) fileWriter2);
            throw th;
        }
    }

    private void a(SSLEngine sSLEngine) {
        LinkedList linkedList = new LinkedList();
        for (String str : sSLEngine.getEnabledCipherSuites()) {
            if (!str.equals("TLS_DHE_RSA_WITH_AES_128_CBC_SHA") && !str.equals("TLS_DHE_RSA_WITH_AES_256_CBC_SHA")) {
                linkedList.add(str);
            }
        }
        sSLEngine.setEnabledCipherSuites((String[]) linkedList.toArray(new String[linkedList.size()]));
    }

    private void b() {
        FileOutputStream fileOutputStream;
        if (this.f4329a.aliasFile(".p12").exists() && this.f4329a.aliasFile(".pem").exists()) {
            return;
        }
        KeyStore createRootCertificate = c.createRootCertificate(this.f4329a, "PKCS12");
        FileOutputStream fileOutputStream2 = null;
        try {
            fileOutputStream = new FileOutputStream(this.f4329a.aliasFile(".p12"));
            try {
                try {
                    createRootCertificate.store(fileOutputStream, this.f4329a.password());
                    h.closeQuietly((OutputStream) fileOutputStream);
                } catch (Exception e) {
                    e = e;
                    e.printStackTrace();
                    h.closeQuietly((OutputStream) fileOutputStream);
                    a(this.f4329a.aliasFile(".pem"), createRootCertificate.getCertificate(this.f4329a.alias()));
                }
            } catch (Throwable th) {
                th = th;
                fileOutputStream2 = fileOutputStream;
                h.closeQuietly((OutputStream) fileOutputStream2);
                throw th;
            }
        } catch (Exception e2) {
            e = e2;
            fileOutputStream = null;
        } catch (Throwable th2) {
            th = th2;
            h.closeQuietly((OutputStream) fileOutputStream2);
            throw th;
        }
        a(this.f4329a.aliasFile(".pem"), createRootCertificate.getCertificate(this.f4329a.alias()));
    }

    private void c() {
        KeyStore d = d();
        this.e = d.getCertificate(this.f4329a.alias());
        this.f = (PrivateKey) d.getKey(this.f4329a.alias(), this.f4329a.password());
        this.d = c.newClientContext(this.c ? c.getKeyManagers(d, this.f4329a) : new KeyManager[0], this.b ? io.netty.handler.ssl.util.b.INSTANCE.getTrustManagers() : new TrustManager[]{new e(d)});
    }

    private KeyStore d() {
        FileInputStream fileInputStream;
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        try {
            fileInputStream = new FileInputStream(this.f4329a.aliasFile(".p12"));
        } catch (Throwable th) {
            th = th;
            fileInputStream = null;
        }
        try {
            keyStore.load(fileInputStream, this.f4329a.password());
            h.closeQuietly((InputStream) fileInputStream);
            return keyStore;
        } catch (Throwable th2) {
            th = th2;
            h.closeQuietly((InputStream) fileInputStream);
            throw th;
        }
    }

    public SSLEngine createCertForHost(final String str, final g gVar) {
        if (str == null) {
            throw new IllegalArgumentException("Error, 'commonName' is not allowed to be null!");
        }
        if (gVar == null) {
            throw new IllegalArgumentException("Error, 'subjectAlternativeNames' is not allowed to be null!");
        }
        return (this.g == null ? a(str, gVar) : this.g.get(str, new Callable<SSLContext>() { // from class: com.wasu.wasucapture.mitm.b.1
            @Override // java.util.concurrent.Callable
            public SSLContext call() {
                return b.this.a(str, gVar);
            }
        })).createSSLEngine();
    }

    public void initializeServerCertificates(String str, g gVar) {
        KeyStore createServerCertificate = c.createServerCertificate(str, gVar, this.f4329a, this.e, this.f);
        a(this.f4329a.aliasFile("-" + str + "-key.pem"), (PrivateKey) createServerCertificate.getKey(this.f4329a.alias(), this.f4329a.password()));
        a(this.f4329a.aliasFile("-" + str + "-cert.pem"), createServerCertificate.getCertificateChain(this.f4329a.alias()));
    }

    @Override // com.wasu.wasucapture.proxy.SslEngineSource
    public SSLEngine newSslEngine() {
        SSLEngine createSSLEngine = this.d.createSSLEngine();
        a(createSSLEngine);
        return createSSLEngine;
    }

    @Override // com.wasu.wasucapture.proxy.SslEngineSource
    public SSLEngine newSslEngine(String str, int i) {
        SSLEngine createSSLEngine = this.d.createSSLEngine(str, i);
        createSSLEngine.setUseClientMode(true);
        a(createSSLEngine);
        return createSSLEngine;
    }
}
