package net.luminis.tls.handshake;

import j$.util.Base64;
import j$.util.Objects;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import net.luminis.tls.TlsConstants;

/* loaded from: classes2.dex */
public class TlsServerEngineFactory {
    private PrivateKey certificateKey;
    private List<X509Certificate> serverCertificates;
    private TlsSessionRegistry tlsSessionRegistry = new TlsSessionRegistryImpl();

    public TlsServerEngineFactory(InputStream inputStream, InputStream inputStream2) throws IOException, CertificateException, InvalidKeySpecException {
        this.serverCertificates = readCertificates(inputStream);
        this.certificateKey = readPrivateKey(inputStream2);
    }

    private static List<X509Certificate> readCertificates(InputStream inputStream) throws IOException, CertificateException {
        byte[] readAllBytes;
        readAllBytes = inputStream.readAllBytes();
        String[] split = new String(readAllBytes, Charset.defaultCharset()).split("-----END CERTIFICATE-----\n");
        ArrayList arrayList = new ArrayList();
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        for (int i = 0; i < split.length; i++) {
            if (split[i].startsWith("-----BEGIN CERTIFICATE-----")) {
                arrayList.add((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(split[i].replace("-----BEGIN CERTIFICATE-----", "").replaceAll(System.lineSeparator(), "").replace("-----END CERTIFICATE-----", "")))));
            }
        }
        return arrayList;
    }

    private RSAPrivateKey readPrivateKey(InputStream inputStream) throws IOException, InvalidKeySpecException {
        byte[] readAllBytes;
        readAllBytes = inputStream.readAllBytes();
        try {
            return (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getMimeDecoder().decode(new String(readAllBytes, Charset.defaultCharset()).replace("-----BEGIN PRIVATE KEY-----", "").replaceAll(System.lineSeparator(), "").replace("-----END PRIVATE KEY-----", ""))));
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("Missing key algorithm RSA");
        }
    }

    public TlsServerEngine createServerEngine(ServerMessageSender serverMessageSender, TlsStatusEventHandler tlsStatusEventHandler) {
        TlsServerEngine tlsServerEngine = new TlsServerEngine(this.serverCertificates, this.certificateKey, serverMessageSender, tlsStatusEventHandler, this.tlsSessionRegistry);
        Object[] objArr = {TlsConstants.CipherSuite.TLS_AES_128_GCM_SHA256};
        ArrayList arrayList = new ArrayList(1);
        Object obj = objArr[0];
        Objects.requireNonNull(obj);
        arrayList.add(obj);
        tlsServerEngine.addSupportedCiphers(Collections.unmodifiableList(arrayList));
        return tlsServerEngine;
    }
}
