package org.snmp4j.transport.tls;

import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import org.snmp4j.TransportStateReference;
import org.snmp4j.log.LogAdapter;
import org.snmp4j.log.LogFactory;

/* loaded from: classes2.dex */
public class DefaultSSLEngineConfiguration implements SSLEngineConfigurator {

    /* renamed from: d, reason: collision with root package name */
    private static final LogAdapter f11679d = LogFactory.getLogger((Class<?>) DefaultSSLEngineConfiguration.class);

    /* renamed from: a, reason: collision with root package name */
    private TlsTransportMappingConfig<X509Certificate> f11680a;

    /* renamed from: b, reason: collision with root package name */
    private TLSTMTrustManagerFactory f11681b;

    /* renamed from: c, reason: collision with root package name */
    private String f11682c;

    public DefaultSSLEngineConfiguration(TlsTransportMappingConfig<X509Certificate> tlsTransportMappingConfig, TLSTMTrustManagerFactory tLSTMTrustManagerFactory, String str) {
        this.f11680a = tlsTransportMappingConfig;
        this.f11681b = tLSTMTrustManagerFactory;
        this.f11682c = str;
    }

    @Override // org.snmp4j.transport.tls.SSLEngineConfigurator
    public void configure(SSLEngine sSLEngine) {
        f11679d.debug("Configuring SSL engine, supported protocols are " + Arrays.asList(sSLEngine.getSupportedProtocols()) + ", supported ciphers are " + Arrays.asList(sSLEngine.getSupportedCipherSuites()) + ", https defaults are " + System.getProperty("https.cipherSuites"));
        String[] enabledCipherSuites = sSLEngine.getEnabledCipherSuites();
        ArrayList arrayList = new ArrayList(enabledCipherSuites.length);
        for (String str : enabledCipherSuites) {
            if (!str.contains("_anon_") && !str.contains("_NULL_")) {
                arrayList.add(str);
            }
        }
        sSLEngine.setEnabledCipherSuites((String[]) arrayList.toArray(new String[0]));
        sSLEngine.setEnabledProtocols(this.f11680a.getProtocolVersions());
        if (!sSLEngine.getUseClientMode()) {
            sSLEngine.setNeedClientAuth(true);
            sSLEngine.setWantClientAuth(true);
            f11679d.info("Need client authentication set to true");
        }
        LogAdapter logAdapter = f11679d;
        if (logAdapter.isInfoEnabled()) {
            logAdapter.info("Configured SSL engine, enabled protocols are " + Arrays.asList(sSLEngine.getEnabledProtocols()) + ", enabled ciphers are " + Arrays.asList(sSLEngine.getEnabledCipherSuites()) + ", supported ciphers are " + Arrays.asList(sSLEngine.getSupportedCipherSuites()));
        }
    }

    public String getDefaultProtocolVersion() {
        return this.f11682c;
    }

    @Override // org.snmp4j.transport.tls.SSLEngineConfigurator
    public SSLContext getSSLContext(boolean z10, TransportStateReference transportStateReference) {
        try {
            String str = this.f11682c;
            if (this.f11680a.getProtocolVersions() != null && this.f11680a.getProtocolVersions().length > 0) {
                str = this.f11680a.getProtocolVersions()[0];
            }
            return TLSTMUtil.createSSLContext(str, this.f11680a.getKeyStore(), this.f11680a.getKeyStorePassword(), this.f11680a.getTrustStore(), this.f11680a.getTrustStorePassword(), transportStateReference, this.f11681b, z10, this.f11680a.getSecurityCallback(), this.f11680a.getLocalCertificateAlias());
        } catch (NoSuchAlgorithmException e10) {
            f11679d.error("Failed to initialize SSLContext because of an NoSuchAlgorithmException: " + e10.getMessage(), e10);
            return null;
        }
    }

    public TlsTransportMappingConfig<X509Certificate> getTlsTransportMappingConfig() {
        return this.f11680a;
    }

    public TLSTMTrustManagerFactory getTrustManagerFactory() {
        return this.f11681b;
    }
}
