package org.bouncycastle.jsse.provider;

import java.math.BigInteger;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.c3;
import org.bouncycastle.tls.d2;
import org.bouncycastle.tls.e3;
import org.bouncycastle.tls.t1;

/* loaded from: classes4.dex */
public class f1 extends org.bouncycastle.tls.a0 implements e1 {
    public static final Logger B = Logger.getLogger(f1.class.getName());
    public static final int C = e0.c("jdk.tls.ephemeralDHKeySize", 2048, 1024, 8192);
    public static final uh0.a[] D = C0();
    public static final boolean E = e0.b("jdk.tls.server.enableCAExtension", true);
    public static final boolean F = e0.b("org.bouncycastle.jsse.server.enableSessionResumption", true);
    public static final boolean G = e0.b("org.bouncycastle.jsse.server.enableTrustedCAKeysExtension", false);
    public boolean A;

    /* renamed from: t, reason: collision with root package name */
    public final d1 f48703t;

    /* renamed from: u, reason: collision with root package name */
    public final o0 f48704u;

    /* renamed from: v, reason: collision with root package name */
    public final w f48705v;

    /* renamed from: w, reason: collision with root package name */
    public r0 f48706w;

    /* renamed from: x, reason: collision with root package name */
    public lg0.e f48707x;

    /* renamed from: y, reason: collision with root package name */
    public Set f48708y;

    /* renamed from: z, reason: collision with root package name */
    public t1 f48709z;

    public f1(d1 d1Var, o0 o0Var) {
        super(d1Var.s().d());
        this.f48705v = new w();
        this.f48706w = null;
        this.f48707x = null;
        this.f48708y = null;
        this.f48709z = null;
        this.A = false;
        this.f48703t = d1Var;
        this.f48704u = o0Var.b();
    }

    /* JADX WARN: Removed duplicated region for block: B:23:0x0094  */
    /* JADX WARN: Removed duplicated region for block: B:29:0x0087 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static uh0.a[] C0() {
        /*
            java.lang.String r0 = "jdk.tls.server.defaultDHEParameters"
            java.lang.String r0 = org.bouncycastle.jsse.provider.e0.h(r0)
            r1 = 0
            if (r0 != 0) goto La
            return r1
        La:
            java.lang.String r0 = org.bouncycastle.jsse.provider.y.S(r0)
            java.lang.String r0 = org.bouncycastle.jsse.provider.y.V(r0)
            int r2 = r0.length()
            r3 = 1
            if (r2 >= r3) goto L1a
            return r1
        L1a:
            java.util.ArrayList r4 = new java.util.ArrayList
            r4.<init>()
            r5 = -1
        L20:
            int r5 = r5 + r3
            if (r5 >= r2) goto L9a
            r6 = 123(0x7b, float:1.72E-43)
            char r7 = r0.charAt(r5)
            if (r6 == r7) goto L2d
            goto L9a
        L2d:
            int r5 = r5 + 1
            r6 = 44
            int r7 = r0.indexOf(r6, r5)
            if (r7 > r5) goto L38
            goto L9a
        L38:
            int r8 = r7 + 1
            r9 = 125(0x7d, float:1.75E-43)
            int r9 = r0.indexOf(r9, r8)
            if (r9 > r8) goto L43
            goto L9a
        L43:
            java.math.BigInteger r5 = G0(r0, r5, r7)     // Catch: java.lang.Exception -> L9a
            java.math.BigInteger r7 = G0(r0, r8, r9)     // Catch: java.lang.Exception -> L9a
            uh0.a r8 = org.bouncycastle.tls.x1.f(r5, r7)     // Catch: java.lang.Exception -> L9a
            if (r8 == 0) goto L55
        L51:
            r4.add(r8)     // Catch: java.lang.Exception -> L9a
            goto L83
        L55:
            r8 = 120(0x78, float:1.68E-43)
            boolean r8 = r5.isProbablePrime(r8)     // Catch: java.lang.Exception -> L9a
            if (r8 != 0) goto L7c
            java.util.logging.Logger r7 = org.bouncycastle.jsse.provider.f1.B     // Catch: java.lang.Exception -> L9a
            java.util.logging.Level r8 = java.util.logging.Level.WARNING     // Catch: java.lang.Exception -> L9a
            java.lang.StringBuilder r10 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L9a
            r10.<init>()     // Catch: java.lang.Exception -> L9a
            java.lang.String r11 = "Non-prime modulus ignored in security property [jdk.tls.server.defaultDHEParameters]: "
            r10.append(r11)     // Catch: java.lang.Exception -> L9a
            r11 = 16
            java.lang.String r5 = r5.toString(r11)     // Catch: java.lang.Exception -> L9a
            r10.append(r5)     // Catch: java.lang.Exception -> L9a
            java.lang.String r5 = r10.toString()     // Catch: java.lang.Exception -> L9a
            r7.log(r8, r5)     // Catch: java.lang.Exception -> L9a
            goto L83
        L7c:
            uh0.a r8 = new uh0.a     // Catch: java.lang.Exception -> L9a
            r10 = 0
            r8.<init>(r5, r1, r7, r10)     // Catch: java.lang.Exception -> L9a
            goto L51
        L83:
            int r5 = r9 + 1
            if (r5 < r2) goto L94
            int r0 = r4.size()
            uh0.a[] r0 = new uh0.a[r0]
            java.lang.Object[] r0 = r4.toArray(r0)
            uh0.a[] r0 = (uh0.a[]) r0
            return r0
        L94:
            char r7 = r0.charAt(r5)
            if (r6 == r7) goto L20
        L9a:
            java.util.logging.Logger r0 = org.bouncycastle.jsse.provider.f1.B
            java.util.logging.Level r2 = java.util.logging.Level.WARNING
            java.lang.String r3 = "Invalid syntax for security property [jdk.tls.server.defaultDHEParameters]"
            r0.log(r2, r3)
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.f1.C0():uh0.a[]");
    }

    public static BigInteger G0(String str, int i11, int i12) {
        return new BigInteger(str.substring(i11, i12), 16);
    }

    @Override // org.bouncycastle.tls.n2
    public int A() {
        return y.B();
    }

    @Override // org.bouncycastle.tls.f
    public boolean A0() {
        return this.f48704u.i() == null && this.f48704u.p() == null;
    }

    @Override // org.bouncycastle.tls.n2
    /* renamed from: B0, reason: merged with bridge method [inline-methods] */
    public wh0.h c() {
        return this.f48703t.s().d();
    }

    public final void D0(LinkedHashMap linkedHashMap, String str) {
        for (Map.Entry entry : linkedHashMap.entrySet()) {
            String str2 = (String) entry.getKey();
            if (str2.equals(str)) {
                return;
            }
            this.f48708y.add(str2);
            Logger logger = B;
            if (logger.isLoggable(Level.FINER)) {
                logger.finer("Server found no credentials for signature scheme '" + ((SignatureSchemeInfo) entry.getValue()) + "' (keyType '" + str2 + "')");
            }
        }
    }

    public boolean E0() {
        return this.f48704u.j() || this.f48704u.r();
    }

    public boolean F0(r0 r0Var, c3 c3Var) {
        if (c3Var != null && c3Var.b()) {
            org.bouncycastle.tls.y0 f11 = this.f49123c.f();
            org.bouncycastle.tls.e1 c11 = c3Var.c();
            if (c11 == null || !f11.s().d(c11.g()) || !yh0.a.y(x(), c11.c()) || !yh0.a.y(this.f49126f, c11.c()) || !c11.i() || e3.h1(c11.g())) {
                return false;
            }
            x q11 = r0Var.q();
            lg0.e eVar = this.f48707x;
            lg0.e b11 = q11.b();
            if (y.m(eVar, b11)) {
                return true;
            }
            B.finest("Session not resumable - SNI mismatch; connection: " + eVar + ", session: " + b11);
            return false;
        }
        return false;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.n2
    public void G(short s11, short s12, String str, Throwable th2) {
        Level level = s11 == 1 ? Level.FINE : s12 == 80 ? Level.WARNING : Level.INFO;
        Logger logger = B;
        if (logger.isLoggable(level)) {
            String o11 = y.o("Server raised", s11, s12);
            if (str != null) {
                o11 = o11 + ": " + str;
            }
            logger.log(level, o11, th2);
        }
    }

    @Override // org.bouncycastle.tls.w2
    public byte[] H() {
        if (!F || e3.i1(this.f49123c)) {
            return null;
        }
        return this.f49123c.i().a(32);
    }

    public t1 H0(Principal[] principalArr, int i11) {
        int u02 = e3.u0(i11);
        if (u02 == 0) {
            return J0(principalArr, e3.f49118e);
        }
        if (u02 == 1 || u02 == 3 || u02 == 5 || u02 == 17 || u02 == 19) {
            return (1 == u02 || !e3.b1(this.f49123c.b())) ? K0(principalArr, u02) : I0(principalArr, u02);
        }
        return null;
    }

    public t1 I0(Principal[] principalArr, int i11) {
        Logger logger;
        StringBuilder sb2;
        String str;
        mg0.a d11 = this.f48704u.d();
        short x02 = e3.x0(i11);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (SignatureSchemeInfo signatureSchemeInfo : this.f48705v.f48881d) {
            if (e3.o1(signatureSchemeInfo.q(), i11)) {
                String z11 = x02 == signatureSchemeInfo.m() ? y.z(i11) : signatureSchemeInfo.k();
                if (!this.f48708y.contains(z11) && !linkedHashMap.containsKey(z11) && signatureSchemeInfo.t(d11, false, true, this.f48705v.f48878a)) {
                    linkedHashMap.put(z11, signatureSchemeInfo);
                }
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = B;
            sb2 = new StringBuilder();
            str = "Server (1.2) has no key types to try for KeyExchangeAlgorithm ";
        } else {
            lg0.l r11 = this.f48703t.r((String[]) linkedHashMap.keySet().toArray(e3.f49122i), principalArr);
            if (r11 != null) {
                String a11 = r11.a();
                D0(linkedHashMap, a11);
                SignatureSchemeInfo signatureSchemeInfo2 = (SignatureSchemeInfo) linkedHashMap.get(a11);
                if (signatureSchemeInfo2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = B;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Server (1.2) selected credentials for signature scheme '" + signatureSchemeInfo2 + "' (keyType '" + a11 + "'), with private key algorithm '" + y.D(r11.c()) + "'");
                }
                return y.k(this.f49123c, c(), r11, signatureSchemeInfo2.n());
            }
            D0(linkedHashMap, null);
            logger = B;
            sb2 = new StringBuilder();
            str = "Server (1.2) did not select any credentials for KeyExchangeAlgorithm ";
        }
        sb2.append(str);
        sb2.append(i11);
        logger.fine(sb2.toString());
        return null;
    }

    public t1 J0(Principal[] principalArr, byte[] bArr) {
        Logger logger;
        String str;
        mg0.a d11 = this.f48704u.d();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (SignatureSchemeInfo signatureSchemeInfo : this.f48705v.f48881d) {
            String l11 = signatureSchemeInfo.l();
            if (!this.f48708y.contains(l11) && !linkedHashMap.containsKey(l11) && signatureSchemeInfo.t(d11, true, false, this.f48705v.f48878a)) {
                linkedHashMap.put(l11, signatureSchemeInfo);
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = B;
            str = "Server (1.3) found no usable signature schemes";
        } else {
            lg0.l r11 = this.f48703t.r((String[]) linkedHashMap.keySet().toArray(e3.f49122i), principalArr);
            if (r11 != null) {
                String a11 = r11.a();
                D0(linkedHashMap, a11);
                SignatureSchemeInfo signatureSchemeInfo2 = (SignatureSchemeInfo) linkedHashMap.get(a11);
                if (signatureSchemeInfo2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = B;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Server (1.3) selected credentials for signature scheme '" + signatureSchemeInfo2 + "' (keyType '" + a11 + "'), with private key algorithm '" + y.D(r11.c()) + "'");
                }
                return y.l(this.f49123c, c(), r11, signatureSchemeInfo2.n(), bArr);
            }
            D0(linkedHashMap, null);
            logger = B;
            str = "Server (1.3) did not select any credentials";
        }
        logger.fine(str);
        return null;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.n2
    public void K(short s11, short s12) {
        super.K(s11, s12);
        Level level = s11 == 1 ? Level.FINE : Level.INFO;
        Logger logger = B;
        if (logger.isLoggable(level)) {
            logger.log(level, y.o("Server received", s11, s12));
        }
    }

    public t1 K0(Principal[] principalArr, int i11) {
        String z11 = y.z(i11);
        if (this.f48708y.contains(z11)) {
            return null;
        }
        lg0.l r11 = this.f48703t.r(new String[]{z11}, principalArr);
        if (r11 != null) {
            return 1 == i11 ? y.j(c(), r11) : y.k(this.f49123c, c(), r11, null);
        }
        this.f48708y.add(z11);
        return null;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.n2
    public synchronized void Q() {
        super.Q();
        boolean z11 = true;
        this.A = true;
        c3 a11 = this.f49123c.a();
        r0 r0Var = this.f48706w;
        if (r0Var == null || r0Var.r() != a11) {
            ProvSSLSessionContext f11 = this.f48703t.s().f();
            String peerHost = this.f48703t.getPeerHost();
            int peerPort = this.f48703t.getPeerPort();
            x xVar = new x(null, this.f48707x);
            if (!F || e3.i1(this.f49123c) || !this.f49123c.f().O()) {
                z11 = false;
            }
            this.f48706w = f11.v(peerHost, peerPort, a11, xVar, z11);
        }
        this.f48703t.f(new k0(this.f49123c, this.f48706w));
    }

    @Override // org.bouncycastle.tls.w2
    public org.bouncycastle.tls.n S() {
        if (!E0()) {
            return null;
        }
        d s11 = this.f48703t.s();
        org.bouncycastle.tls.u0 b11 = this.f49123c.b();
        List a11 = s11.a(true, this.f48704u, new org.bouncycastle.tls.u0[]{b11}, this.f48705v.f48878a);
        w wVar = this.f48705v;
        wVar.f48879b = a11;
        wVar.f48880c = a11;
        Vector p11 = SignatureSchemeInfo.p(a11);
        Vector s12 = E ? y.s(s11.i()) : null;
        if (!e3.h1(b11)) {
            return new org.bouncycastle.tls.n(new short[]{64, 1, 2}, p11, s12);
        }
        byte[] bArr = e3.f49118e;
        w wVar2 = this.f48705v;
        List list = wVar2.f48879b;
        List list2 = wVar2.f48880c;
        return new org.bouncycastle.tls.n(bArr, p11, list != list2 ? SignatureSchemeInfo.p(list2) : null, s12);
    }

    @Override // org.bouncycastle.tls.n2
    public boolean U() {
        return !y.a();
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.w2
    public int V() {
        d s11 = this.f48703t.s();
        org.bouncycastle.tls.y0 f11 = this.f49123c.f();
        NamedGroupInfo.C(this.f48705v.f48878a, f11.k());
        Vector i11 = f11.i();
        Vector j11 = f11.j();
        this.f48705v.f48881d = s11.g(i11);
        w wVar = this.f48705v;
        wVar.f48882e = i11 == j11 ? wVar.f48881d : s11.g(j11);
        if (f.f48695a == s11.h()) {
            throw new TlsFatalAlert((short) 40);
        }
        this.f48708y = new HashSet();
        int V = super.V();
        this.f48708y = null;
        String P = this.f48703t.s().c().P(this.f48704u, V);
        B.fine("Server selected cipher suite: " + P);
        return V;
    }

    @Override // org.bouncycastle.tls.w2
    public int[] Y() {
        org.bouncycastle.tls.u0[] u0VarArr = {this.f49123c.b()};
        this.f48705v.f48878a = this.f48703t.s().e(this.f48704u, u0VarArr);
        return NamedGroupInfo.u(this.f48705v.f48878a);
    }

    @Override // org.bouncycastle.tls.w2
    public void Z(c3 c3Var) {
        Logger logger;
        String str;
        byte[] a11 = c3Var.a();
        r0 r0Var = this.f48706w;
        if (r0Var != null && r0Var.r() == c3Var) {
            B.fine("Server resumed session: " + zh0.d.f(a11));
        } else {
            this.f48706w = null;
            if (e3.V0(a11)) {
                logger = B;
                str = "Server did not specify a session ID";
            } else {
                logger = B;
                str = "Server specified new session: " + zh0.d.f(a11);
            }
            logger.fine(str);
            y.c(this.f48703t);
        }
        d1 d1Var = this.f48703t;
        d1Var.v(d1Var.s().f(), this.f49123c.f(), this.f48705v, this.f48706w);
    }

    @Override // org.bouncycastle.tls.w2
    public org.bouncycastle.tls.o a() {
        return null;
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.w2
    public org.bouncycastle.tls.u0 b() {
        org.bouncycastle.tls.u0 b11 = super.b();
        String Q = this.f48703t.s().c().Q(this.f48704u, b11);
        B.fine("Server selected protocol version: " + Q);
        return b11;
    }

    @Override // org.bouncycastle.tls.n2
    public boolean b0() {
        return y.b();
    }

    @Override // org.bouncycastle.tls.n2
    public boolean f() {
        return y.T();
    }

    @Override // org.bouncycastle.tls.w2
    public void f0(org.bouncycastle.tls.l lVar) {
        if (!E0()) {
            throw new TlsFatalAlert((short) 80);
        }
        if (lVar == null || lVar.h()) {
            if (this.f48704u.j()) {
                throw new TlsFatalAlert(e3.i1(this.f49123c) ? (short) 116 : (short) 40);
            }
            return;
        }
        X509Certificate[] N = y.N(c(), lVar);
        uh0.f d11 = lVar.d(0);
        short s11 = 7;
        if (!d11.a((short) 7)) {
            s11 = 8;
            if (!d11.a((short) 8)) {
                s11 = d11.c();
            }
        }
        if (s11 < 0) {
            throw new TlsFatalAlert((short) 43);
        }
        this.f48703t.checkClientTrusted(N, y.q(s11));
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.w2
    public Hashtable h() {
        super.h();
        if (this.f48707x != null) {
            d2.m(this.f49138r);
        }
        return this.f49138r;
    }

    @Override // org.bouncycastle.jsse.provider.e1
    public synchronized boolean j() {
        return this.A;
    }

    @Override // org.bouncycastle.tls.e
    public int[] j0() {
        return this.f48703t.s().c().j(c(), this.f48704u, t());
    }

    @Override // org.bouncycastle.tls.w2
    public c3 k(byte[] bArr) {
        r0 h11;
        ProvSSLSessionContext f11 = this.f48703t.s().f();
        if (F && (h11 = f11.h(bArr)) != null) {
            c3 r11 = h11.r();
            if (F0(h11, r11)) {
                this.f48706w = h11;
                return r11;
            }
        }
        y.c(this.f48703t);
        return null;
    }

    @Override // org.bouncycastle.tls.e
    public org.bouncycastle.tls.u0[] k0() {
        return this.f48703t.s().c().k(this.f48704u);
    }

    @Override // org.bouncycastle.tls.n2
    public int l() {
        return y.A();
    }

    @Override // org.bouncycastle.tls.f
    public boolean l0() {
        return false;
    }

    @Override // org.bouncycastle.tls.f
    public boolean n0() {
        return false;
    }

    @Override // org.bouncycastle.tls.w2
    public t1 p() {
        return this.f48709z;
    }

    @Override // org.bouncycastle.tls.f
    public boolean p0() {
        return this.f48705v.f48884g != null;
    }

    @Override // org.bouncycastle.tls.f
    public int q0() {
        return NamedGroupInfo.n(this.f48705v.f48878a);
    }

    @Override // org.bouncycastle.tls.f
    public int r0() {
        int o11 = NamedGroupInfo.o(this.f48705v.f48878a);
        if (o11 >= C) {
            return o11;
        }
        return 0;
    }

    @Override // org.bouncycastle.tls.n2
    public boolean s() {
        return y.a0();
    }

    @Override // org.bouncycastle.tls.f
    public Vector s0() {
        return y.F(this.f48704u.e());
    }

    @Override // org.bouncycastle.tls.f
    public boolean u0() {
        return this.f48704u.q();
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.w2
    public void v(Hashtable hashtable) {
        Logger logger;
        String str;
        super.v(hashtable);
        Vector h11 = this.f49123c.f().h();
        if (h11 != null) {
            Collection m11 = this.f48704u.m();
            if (m11 == null || m11.isEmpty()) {
                logger = B;
                str = "Server ignored SNI (no matchers specified)";
            } else {
                lg0.e n11 = y.n(h11, m11);
                this.f48707x = n11;
                if (n11 == null) {
                    throw new TlsFatalAlert((short) 112);
                }
                logger = B;
                str = "Server accepted SNI: " + this.f48707x;
            }
            logger.fine(str);
        }
        if (e3.i1(this.f49123c)) {
            this.f48705v.f48884g = y.Z(d2.Z(hashtable));
        } else if (G) {
            this.f48705v.f48884g = y.L(this.f49134n);
        }
    }

    @Override // org.bouncycastle.tls.f
    public boolean v0(int i11) {
        t1 H0 = H0(this.f48705v.f48884g, i11);
        if (H0 != null) {
            boolean v02 = super.v0(i11);
            if (v02) {
                this.f48709z = H0;
            }
            return v02;
        }
        String n11 = l0.n(i11);
        B.finer("Server found no credentials for cipher suite: " + n11);
        return false;
    }

    @Override // org.bouncycastle.tls.f
    public int w0(int i11) {
        return NamedGroupInfo.E(this.f48705v.f48878a, Math.max(i11, C));
    }

    @Override // org.bouncycastle.tls.f
    public int x0(int i11) {
        return NamedGroupInfo.D(this.f48705v.f48878a, i11);
    }

    @Override // org.bouncycastle.tls.n2
    public void y(boolean z11) {
        if (!z11 && !e0.b("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    @Override // org.bouncycastle.tls.f
    public org.bouncycastle.tls.t0 y0() {
        if (this.f48704u.i() == null && this.f48704u.p() == null) {
            return super.y0();
        }
        List E2 = y.E(this.f49136p);
        String w11 = this.f48703t.w(Collections.unmodifiableList(E2));
        if (w11 == null) {
            throw new TlsFatalAlert((short) 120);
        }
        if (w11.length() < 1) {
            return null;
        }
        if (E2.contains(w11)) {
            return org.bouncycastle.tls.t0.a(w11);
        }
        throw new TlsFatalAlert((short) 120);
    }
}
