package org.bouncycastle.jsse.provider;

import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.c3;
import org.bouncycastle.tls.d2;
import org.bouncycastle.tls.e3;
import org.bouncycastle.tls.f3;
import org.bouncycastle.tls.t1;
import org.bouncycastle.tls.v1;
import org.bouncycastle.tls.x2;

/* loaded from: classes4.dex */
public class b1 extends org.bouncycastle.tls.v implements e1 {

    /* renamed from: o, reason: collision with root package name */
    public static final Logger f48661o = Logger.getLogger(b1.class.getName());

    /* renamed from: p, reason: collision with root package name */
    public static final boolean f48662p = e0.b("jdk.tls.client.enableCAExtension", false);

    /* renamed from: q, reason: collision with root package name */
    public static final boolean f48663q = e0.b("org.bouncycastle.jsse.client.enableSessionResumption", true);

    /* renamed from: r, reason: collision with root package name */
    public static final boolean f48664r = e0.b("jdk.tls.client.enableStatusRequestExtension", true);

    /* renamed from: s, reason: collision with root package name */
    public static final boolean f48665s = e0.b("org.bouncycastle.jsse.client.enableTrustedCAKeysExtension", false);

    /* renamed from: t, reason: collision with root package name */
    public static final boolean f48666t = e0.b("jsse.enableSNIExtension", true);

    /* renamed from: j, reason: collision with root package name */
    public final d1 f48667j;

    /* renamed from: k, reason: collision with root package name */
    public final o0 f48668k;

    /* renamed from: l, reason: collision with root package name */
    public final w f48669l;

    /* renamed from: m, reason: collision with root package name */
    public r0 f48670m;

    /* renamed from: n, reason: collision with root package name */
    public boolean f48671n;

    /* loaded from: classes4.dex */
    public class a implements org.bouncycastle.tls.j1 {
        public a() {
        }

        @Override // org.bouncycastle.tls.j1
        public t1 a(org.bouncycastle.tls.n nVar) {
            d s11 = b1.this.f48667j.s();
            org.bouncycastle.tls.y0 f11 = b1.this.f49020c.f();
            org.bouncycastle.tls.u0 s12 = f11.s();
            boolean h12 = e3.h1(s12);
            Vector C = f11.C();
            Vector D = f11.D();
            b1.this.f48669l.f48881d = s11.g(C);
            w wVar = b1.this.f48669l;
            wVar.f48882e = C == D ? wVar.f48881d : s11.g(D);
            if (f.f48695a == s11.h()) {
                return null;
            }
            X500Principal[] Z = y.Z(nVar.c());
            byte[] d11 = nVar.d();
            if (h12 != (d11 != null)) {
                throw new TlsFatalAlert((short) 80);
            }
            short[] e11 = nVar.e();
            if (h12 == (e11 == null)) {
                return h12 ? b1.this.E0(Z, d11) : e3.b1(s12) ? b1.this.D0(Z, e11) : b1.this.F0(Z, e11);
            }
            throw new TlsFatalAlert((short) 80);
        }

        @Override // org.bouncycastle.tls.j1
        public void b(x2 x2Var) {
            if (x2Var == null || x2Var.b() == null || x2Var.b().h()) {
                throw new TlsFatalAlert((short) 40);
            }
            X509Certificate[] N = y.N(b1.this.c(), x2Var.b());
            String r11 = y.r(b1.this.f49020c.f().n());
            b1.this.f48669l.f48883f = y.J(x2Var.a());
            b1.this.f48667j.checkServerTrusted(N, r11);
        }
    }

    public b1(d1 d1Var, o0 o0Var) {
        super(d1Var.s().d());
        this.f48669l = new w();
        this.f48670m = null;
        this.f48671n = false;
        this.f48667j = d1Var;
        this.f48668k = o0Var.b();
    }

    @Override // org.bouncycastle.tls.n2
    public int A() {
        return y.B();
    }

    public String[] A0(short[] sArr) {
        String[] strArr = new String[sArr.length];
        for (int i11 = 0; i11 < sArr.length; i11++) {
            strArr[i11] = y.y(sArr[i11]);
        }
        return strArr;
    }

    public org.bouncycastle.tls.e1 B0(r0 r0Var, c3 c3Var) {
        org.bouncycastle.tls.e1 c11;
        if (c3Var == null || !c3Var.b() || (c11 = c3Var.c()) == null || !org.bouncycastle.tls.u0.b(t(), c11.g()) || !yh0.a.y(x(), c11.c()) || e3.h1(c11.g())) {
            return null;
        }
        String h11 = this.f48668k.h();
        if (h11 != null) {
            String a11 = r0Var.q().a();
            if (!h11.equalsIgnoreCase(a11)) {
                f48661o.finer("Session not resumable - endpoint ID algorithm mismatch; connection: " + h11 + ", session: " + a11);
                return null;
            }
        }
        return c11;
    }

    public final void C0(LinkedHashMap linkedHashMap, String str) {
        for (Map.Entry entry : linkedHashMap.entrySet()) {
            String str2 = (String) entry.getKey();
            if (str2.equals(str)) {
                return;
            }
            Logger logger = f48661o;
            if (logger.isLoggable(Level.FINER)) {
                logger.finer("Client found no credentials for signature scheme '" + ((SignatureSchemeInfo) entry.getValue()) + "' (keyType '" + str2 + "')");
            }
        }
    }

    public t1 D0(Principal[] principalArr, short[] sArr) {
        Logger logger;
        String str;
        short a11;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (SignatureSchemeInfo signatureSchemeInfo : this.f48669l.f48881d) {
            String k11 = signatureSchemeInfo.k();
            if (!linkedHashMap.containsKey(k11) && (a11 = org.bouncycastle.tls.f1.a(signatureSchemeInfo.m())) >= 0 && yh0.a.z(sArr, a11) && this.f48669l.f48879b.contains(signatureSchemeInfo)) {
                linkedHashMap.put(k11, signatureSchemeInfo);
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = f48661o;
            str = "Client (1.2) found no usable signature schemes";
        } else {
            lg0.l u11 = this.f48667j.u((String[]) linkedHashMap.keySet().toArray(e3.f49122i), principalArr);
            if (u11 != null) {
                String a12 = u11.a();
                C0(linkedHashMap, a12);
                SignatureSchemeInfo signatureSchemeInfo2 = (SignatureSchemeInfo) linkedHashMap.get(a12);
                if (signatureSchemeInfo2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = f48661o;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Client (1.2) selected credentials for signature scheme '" + signatureSchemeInfo2 + "' (keyType '" + a12 + "'), with private key algorithm '" + y.D(u11.c()) + "'");
                }
                return y.k(this.f49020c, c(), u11, signatureSchemeInfo2.n());
            }
            C0(linkedHashMap, null);
            logger = f48661o;
            str = "Client (1.2) did not select any credentials";
        }
        logger.fine(str);
        return null;
    }

    public t1 E0(Principal[] principalArr, byte[] bArr) {
        Logger logger;
        String str;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (SignatureSchemeInfo signatureSchemeInfo : this.f48669l.f48881d) {
            if (signatureSchemeInfo.A() && this.f48669l.f48879b.contains(signatureSchemeInfo)) {
                String l11 = signatureSchemeInfo.l();
                if (!linkedHashMap.containsKey(l11)) {
                    linkedHashMap.put(l11, signatureSchemeInfo);
                }
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = f48661o;
            str = "Client (1.3) found no usable signature schemes";
        } else {
            lg0.l u11 = this.f48667j.u((String[]) linkedHashMap.keySet().toArray(e3.f49122i), principalArr);
            if (u11 != null) {
                String a11 = u11.a();
                C0(linkedHashMap, a11);
                SignatureSchemeInfo signatureSchemeInfo2 = (SignatureSchemeInfo) linkedHashMap.get(a11);
                if (signatureSchemeInfo2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = f48661o;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Client (1.3) selected credentials for signature scheme '" + signatureSchemeInfo2 + "' (keyType '" + a11 + "'), with private key algorithm '" + y.D(u11.c()) + "'");
                }
                return y.l(this.f49020c, c(), u11, signatureSchemeInfo2.n(), bArr);
            }
            C0(linkedHashMap, null);
            logger = f48661o;
            str = "Client (1.3) did not select any credentials";
        }
        logger.fine(str);
        return null;
    }

    public t1 F0(Principal[] principalArr, short[] sArr) {
        lg0.l u11;
        String[] A0 = A0(sArr);
        if (A0.length >= 1 && (u11 = this.f48667j.u(A0, principalArr)) != null) {
            return y.k(this.f49020c, c(), u11, null);
        }
        return null;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.n2
    public void G(short s11, short s12, String str, Throwable th2) {
        super.G(s11, s12, str, th2);
        Level level = s11 == 1 ? Level.FINE : s12 == 80 ? Level.WARNING : Level.INFO;
        Logger logger = f48661o;
        if (logger.isLoggable(level)) {
            String o11 = y.o("Client raised", s11, s12);
            if (str != null) {
                o11 = o11 + ": " + str;
            }
            logger.log(level, o11, th2);
        }
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.n2
    public void K(short s11, short s12) {
        super.K(s11, s12);
        Level level = s11 == 1 ? Level.FINE : Level.INFO;
        Logger logger = f48661o;
        if (logger.isLoggable(level)) {
            logger.log(level, y.o("Client received", s11, s12));
        }
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.e, org.bouncycastle.tls.n2
    public void L() {
        super.L();
        d s11 = this.f48667j.s();
        org.bouncycastle.tls.u0[] t11 = t();
        this.f48669l.f48878a = s11.e(this.f48668k, t11);
    }

    @Override // org.bouncycastle.tls.k1
    public c3 O() {
        c3 r11;
        org.bouncycastle.tls.e1 B0;
        if (f48663q) {
            r0 o11 = this.f48668k.o();
            if (o11 == null) {
                o11 = this.f48667j.s().b().g(this.f48667j.getPeerHost(), this.f48667j.getPeerPort());
            }
            if (o11 != null && (B0 = B0(o11, (r11 = o11.r()))) != null) {
                this.f48670m = o11;
                if (!this.f48667j.getEnableSessionCreation()) {
                    this.f49022e = new int[]{B0.c()};
                }
                return r11;
            }
        }
        y.c(this.f48667j);
        return null;
    }

    @Override // org.bouncycastle.tls.k1
    public void P(byte[] bArr) {
        r0 r0Var;
        if ((e3.V0(bArr) || (r0Var = this.f48670m) == null || !yh0.a.e(bArr, r0Var.getId())) ? false : true) {
            f48661o.fine("Server resumed session: " + zh0.d.f(bArr));
        } else {
            this.f48670m = null;
            if (e3.V0(bArr)) {
                f48661o.fine("Server did not specify a session ID");
            } else {
                f48661o.fine("Server specified new session: " + zh0.d.f(bArr));
            }
            y.c(this.f48667j);
        }
        d1 d1Var = this.f48667j;
        d1Var.v(d1Var.s().b(), this.f49020c.f(), this.f48669l, this.f48670m);
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.n2
    public synchronized void Q() {
        super.Q();
        boolean z11 = true;
        this.f48671n = true;
        c3 a11 = this.f49020c.a();
        r0 r0Var = this.f48670m;
        if (r0Var == null || r0Var.r() != a11) {
            ProvSSLSessionContext b11 = this.f48667j.s().b();
            String peerHost = this.f48667j.getPeerHost();
            int peerPort = this.f48667j.getPeerPort();
            x xVar = new x(this.f48668k.h(), null);
            if (!f48663q || e3.i1(this.f49020c)) {
                z11 = false;
            }
            this.f48670m = b11.v(peerHost, peerPort, a11, xVar, z11);
        }
        this.f48667j.f(new k0(this.f49020c, this.f48670m));
    }

    @Override // org.bouncycastle.tls.k1
    public org.bouncycastle.tls.j1 R() {
        return new a();
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.k1
    public void T(int i11) {
        String P = this.f48667j.s().c().P(this.f48668k, i11);
        f48661o.fine("Client notified of selected cipher suite: " + P);
        super.T(i11);
    }

    @Override // org.bouncycastle.tls.n2
    public boolean U() {
        return !y.a();
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.k1
    public void W(org.bouncycastle.tls.u0 u0Var) {
        String Q = this.f48667j.s().c().Q(this.f48668k, u0Var);
        f48661o.fine("Client notified of selected protocol version: " + Q);
        super.W(u0Var);
    }

    @Override // org.bouncycastle.tls.n2
    public boolean b0() {
        return y.b();
    }

    @Override // org.bouncycastle.tls.k1
    public v1 c0() {
        return new i0();
    }

    @Override // org.bouncycastle.tls.n2
    public boolean f() {
        return y.T();
    }

    @Override // org.bouncycastle.jsse.provider.e1
    public synchronized boolean j() {
        return this.f48671n;
    }

    @Override // org.bouncycastle.tls.e
    public int[] j0() {
        return this.f48667j.s().c().j(c(), this.f48668k, t());
    }

    @Override // org.bouncycastle.tls.e
    public org.bouncycastle.tls.u0[] k0() {
        return this.f48667j.s().c().k(this.f48668k);
    }

    @Override // org.bouncycastle.tls.n2
    public int l() {
        return y.A();
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.k1
    public void n(Hashtable hashtable) {
        super.n(hashtable);
        if (this.f49020c.f().h() != null) {
            boolean s02 = d2.s0(hashtable);
            f48661o.finer("Server accepted SNI?: " + s02);
        }
    }

    @Override // org.bouncycastle.tls.a
    public Vector n0() {
        if (f48662p) {
            return y.s(this.f48667j.s().i());
        }
        return null;
    }

    @Override // org.bouncycastle.tls.a
    public org.bouncycastle.tls.p o0() {
        if (f48664r) {
            return new org.bouncycastle.tls.p((short) 1, new org.bouncycastle.tls.r0(null, null));
        }
        return null;
    }

    @Override // org.bouncycastle.tls.a
    public Vector p0() {
        if (!f48664r) {
            return null;
        }
        org.bouncycastle.tls.r0 r0Var = new org.bouncycastle.tls.r0(null, null);
        Vector vector = new Vector(2);
        vector.add(new org.bouncycastle.tls.q((short) 2, r0Var));
        vector.add(new org.bouncycastle.tls.q((short) 1, r0Var));
        return vector;
    }

    @Override // org.bouncycastle.tls.a
    public Vector r0() {
        return y.F(this.f48668k.e());
    }

    @Override // org.bouncycastle.tls.n2
    public boolean s() {
        return y.a0();
    }

    @Override // org.bouncycastle.tls.a
    public Vector s0() {
        String y11;
        if (!f48666t) {
            return null;
        }
        List<lg0.e> n11 = this.f48668k.n();
        if (n11 == null && (y11 = this.f48667j.y()) != null && y11.indexOf(46) > 0 && !yh0.e.a(y11)) {
            try {
                n11 = Collections.singletonList(new lg0.c(y11));
            } catch (RuntimeException unused) {
                f48661o.fine("Failed to add peer host as default SNI host_name: " + y11);
            }
        }
        if (n11 == null || n11.isEmpty()) {
            return null;
        }
        Vector vector = new Vector(n11.size());
        for (lg0.e eVar : n11) {
            vector.add(new org.bouncycastle.tls.a1((short) eVar.b(), eVar.a()));
        }
        return vector;
    }

    @Override // org.bouncycastle.tls.a
    public Vector t0(Vector vector) {
        return NamedGroupInfo.t(this.f48669l.f48878a);
    }

    @Override // org.bouncycastle.tls.a
    public Vector u0() {
        List a11 = this.f48667j.s().a(false, this.f48668k, t(), this.f48669l.f48878a);
        w wVar = this.f48669l;
        wVar.f48879b = a11;
        wVar.f48880c = a11;
        return SignatureSchemeInfo.p(a11);
    }

    @Override // org.bouncycastle.tls.a
    public Vector v0() {
        return null;
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.k1
    public void w(c3 c3Var) {
        if (c3Var == null) {
            y.c(this.f48667j);
        }
        super.w(c3Var);
    }

    @Override // org.bouncycastle.tls.a
    public Vector w0() {
        Vector s11;
        if (!f48665s || (s11 = y.s(this.f48667j.s().i())) == null) {
            return null;
        }
        Vector vector = new Vector(s11.size());
        Iterator it = s11.iterator();
        while (it.hasNext()) {
            vector.add(new f3((short) 2, (ye0.c) it.next()));
        }
        return vector;
    }

    @Override // org.bouncycastle.tls.n2
    public void y(boolean z11) {
        if (!z11 && !e0.b("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    @Override // org.bouncycastle.tls.n2
    /* renamed from: z0, reason: merged with bridge method [inline-methods] */
    public wh0.h c() {
        return this.f48667j.s().d();
    }
}
