package ru.CryptoPro.sspiSSL;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.nio.ReadOnlyBufferException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.LinkedList;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLProtocolException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import kotlin.jvm.internal.ByteCompanionObject;
import ru.CryptoPro.JCP.tools.Array;
import ru.CryptoPro.JCP.tools.CertReader.Extension;
import ru.CryptoPro.JCSP.MSCAPI.Sspi;
import ru.CryptoPro.ssl.ByteBufferInputStream;
import ru.CryptoPro.ssl.EngineArgs;
import ru.CryptoPro.ssl.SSLLogger;
import ru.CryptoPro.ssl.cl_88;

/* loaded from: classes5.dex */
public class SSLEngineImpl extends SSLEngine {
    static final byte a = 21;
    static final byte b = 22;
    static final byte c = 23;
    static int d = 64;
    static int e = 128;
    static int g = 256;
    static int h = 512;
    static int j = 1024;
    static int k = 2048;
    static int m = 4096;
    static int n = 8192;
    static final /* synthetic */ boolean s = true;
    private static final int u = 0;
    private static final int v = 1;
    private static final int w = 2;
    private static final int x = 3;
    private static final int y = 4;
    private static final int z = 6;
    private Object A;
    private Object B;
    private boolean C;
    private SSLContextImpl D;
    private long[] E;
    private long[] F;
    private SSLSessionImpl G;
    private byte H;
    private boolean I;
    private X509Certificate[] J;
    private X509Certificate[] K;
    private PrivateKey L;
    private X500Principal[] M;
    private boolean N;
    private LinkedList O;
    private cl_12 P;
    private cl_4 Q;
    private cl_13 R;
    private byte[] S;
    private byte[] T;
    private cl_3 U;
    private cl_26 V;
    private boolean W;
    private boolean X;
    boolean p;
    SSLSocketImpl q;
    boolean r;
    private int t;
    static int f = 64 | 128;
    static int i = 256 | 512;
    static int l = 1024 | 2048;
    static int o = 4096 | 8192;

    public SSLEngineImpl(SSLContextImpl sSLContextImpl) {
        this.E = null;
        this.F = null;
        this.p = false;
        this.q = null;
        this.I = true;
        this.J = null;
        this.K = null;
        this.L = null;
        this.M = null;
        this.N = false;
        this.r = true;
        this.R = cl_13.j;
        this.S = new byte[cl_88.o];
        this.T = new byte[cl_88.o];
        this.U = null;
        this.V = null;
        this.W = false;
        this.X = false;
        a(sSLContextImpl);
    }

    public SSLEngineImpl(SSLContextImpl sSLContextImpl, String str, int i2) {
        super(str, i2);
        this.E = null;
        this.F = null;
        this.p = false;
        this.q = null;
        this.I = true;
        this.J = null;
        this.K = null;
        this.L = null;
        this.M = null;
        this.N = false;
        this.r = true;
        this.R = cl_13.j;
        this.S = new byte[cl_88.o];
        this.T = new byte[cl_88.o];
        this.U = null;
        this.V = null;
        this.W = false;
        this.X = false;
        a(sSLContextImpl);
    }

    public SSLEngineImpl(SSLContextImpl sSLContextImpl, boolean z2) {
        this.E = null;
        this.F = null;
        this.p = false;
        this.q = null;
        this.I = true;
        this.J = null;
        this.K = null;
        this.L = null;
        this.M = null;
        this.N = false;
        this.r = true;
        this.R = cl_13.j;
        this.S = new byte[cl_88.o];
        this.T = new byte[cl_88.o];
        this.U = null;
        this.V = null;
        this.W = false;
        this.X = false;
        this.C = z2;
        a(sSLContextImpl);
    }

    private int a(InputStream inputStream, byte[] bArr, int i2, int i3) throws IOException {
        int i4 = 0;
        while (i4 < i3) {
            int i5 = i2 + i4;
            int read = inputStream.read(bArr, i5, i3 - i4);
            if (read < 0) {
                return i4 > 0 ? i4 : read;
            }
            if (SSLLogger.isAllEnabled()) {
                ByteBuffer wrap = ByteBuffer.wrap(bArr, i5, read);
                SSLLogger.dump("[Raw read]: length = ", Integer.valueOf(wrap.remaining()), wrap);
            }
            i4 += read;
        }
        return i4;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int a(cl_13 cl_13Var) {
        int i2 = cl_13.f.n <= cl_13Var.n ? f : 0;
        if (cl_13.g.n <= cl_13Var.n) {
            i2 |= i;
        }
        if (cl_13.h.n <= cl_13Var.n) {
            i2 |= l;
        }
        return cl_13.i.n <= cl_13Var.n ? i2 | o : i2;
    }

    private SSLEngineResult.HandshakeStatus a(SSLEngineResult.HandshakeStatus handshakeStatus) {
        if (handshakeStatus != null) {
            return handshakeStatus;
        }
        synchronized (this) {
            if (b()) {
                return SSLEngineResult.HandshakeStatus.NEED_WRAP;
            }
            int i2 = this.t;
            if (i2 == 1) {
                return SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
            }
            if (i2 != 6 || isInboundDone()) {
                return SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING;
            }
            return SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
        }
    }

    private SSLEngineResult a(EngineArgs engineArgs) throws IOException {
        int[] iArr;
        int i2;
        SSLEngineResult.HandshakeStatus a2 = a((SSLEngineResult.HandshakeStatus) null);
        if (isInboundDone()) {
            return new SSLEngineResult(SSLEngineResult.Status.CLOSED, a2, 0, 0);
        }
        Array.clear(this.S);
        synchronized (this) {
            if (p() == 0 && !this.C) {
                return new SSLEngineResult(SSLEngineResult.Status.OK, a2, 0, 0);
            }
            if ((p() == 0 || p() == 1) && (a2 = a((SSLEngineResult.HandshakeStatus) null)) == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                return new SSLEngineResult(SSLEngineResult.Status.OK, a2, 0, 0);
            }
            int c2 = c(engineArgs.netData);
            SSLSessionImpl sSLSessionImpl = this.G;
            if (sSLSessionImpl != null && c2 > sSLSessionImpl.getPacketBufferSize()) {
                if (c2 > 33305) {
                    throw new SSLProtocolException("Input SSL/TLS record too big: max = 33305 len = " + c2);
                }
                this.G.j();
            }
            if (c2 - 5 > engineArgs.getAppRemaining()) {
                return new SSLEngineResult(SSLEngineResult.Status.BUFFER_OVERFLOW, a2, 0, 0);
            }
            if (c2 != -1 && engineArgs.netData.remaining() >= c2) {
                if (p() != 0 && p() != 1) {
                    if (engineArgs.netData.remaining() != 0 && engineArgs.netData.remaining() != engineArgs.netData.capacity()) {
                        ByteBufferInputStream byteBufferInputStream = new ByteBufferInputStream(engineArgs.netData);
                        int a3 = a(byteBufferInputStream, this.S, 0, c2);
                        byteBufferInputStream.close();
                        if (this.S[0] != 21) {
                            int[] iArr2 = {a3};
                            do {
                                Array.clear(this.T);
                                byte[] bArr = this.T;
                                iArr = new int[]{bArr.length};
                                int decryptMessage = Sspi.decryptMessage(this.F, this.S, iArr2, bArr, iArr);
                                if (decryptMessage != 0) {
                                    throw new SSLException("Invalid result 0x" + Integer.toHexString(decryptMessage));
                                }
                                i2 = iArr[0];
                                if (i2 != 0) {
                                    break;
                                }
                            } while (iArr2[0] != 0);
                            if (i2 != 0) {
                                if (SSLLogger.isAllEnabled()) {
                                    SSLLogger.dump("[Raw write decrypted]: length = ", Integer.valueOf(iArr[0]), ByteBuffer.wrap(this.T, 0, iArr[0]));
                                }
                                engineArgs.scatter(this.T, 0, iArr[0]);
                            }
                            return new SSLEngineResult(isInboundDone() ? SSLEngineResult.Status.CLOSED : SSLEngineResult.Status.OK, a(a2), engineArgs.deltaNet(), engineArgs.deltaApp());
                        }
                        m();
                    }
                    return new SSLEngineResult(SSLEngineResult.Status.OK, a(a2), 0, 0);
                }
                if (engineArgs.netData.remaining() != 0 && engineArgs.netData.remaining() != engineArgs.netData.capacity()) {
                    ByteBufferInputStream byteBufferInputStream2 = new ByteBufferInputStream(engineArgs.netData);
                    int a4 = a(byteBufferInputStream2, this.S, 0, c2);
                    byteBufferInputStream2.close();
                    initHandshake();
                    doHandshakeStep(this.S, a4);
                    a2 = a((SSLEngineResult.HandshakeStatus) null);
                    if (a2 == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                        return new SSLEngineResult(SSLEngineResult.Status.OK, a2, 0, 0);
                    }
                }
                return new SSLEngineResult(SSLEngineResult.Status.OK, a(a2), 0, 0);
            }
            return new SSLEngineResult(SSLEngineResult.Status.BUFFER_UNDERFLOW, a2, 0, 0);
        }
    }

    private synchronized void a(int i2) {
        this.t = i2;
    }

    private static void a(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i2, int i3, boolean z2) {
        if (byteBuffer == null || byteBufferArr == null) {
            throw new IllegalArgumentException("src/dst is null");
        }
        if (i2 < 0 || i3 < 0 || i2 > byteBufferArr.length - i3) {
            throw new IndexOutOfBoundsException();
        }
        if (z2 && byteBuffer.isReadOnly()) {
            throw new ReadOnlyBufferException();
        }
        for (int i4 = i2; i4 < i2 + i3; i4++) {
            ByteBuffer byteBuffer2 = byteBufferArr[i4];
            if (byteBuffer2 == null) {
                throw new IllegalArgumentException("appData[" + i4 + "] == null");
            }
            if (!z2 && byteBuffer2.isReadOnly()) {
                throw new ReadOnlyBufferException();
            }
        }
    }

    private void a(SSLContextImpl sSLContextImpl) {
        this.D = sSLContextImpl;
        this.G = SSLSessionImpl.a;
        this.Q = this.D.b(this.C);
        this.P = this.D.a(this.C);
        this.t = 0;
        this.A = new Object();
        this.B = new Object();
        this.O = new LinkedList();
        this.r = false;
    }

    static void a(cl_13 cl_13Var, boolean z2) throws SSLException {
        if (cl_13Var.n < cl_13.k.n || (cl_13Var.o & 255) > (cl_13.l.o & 255)) {
            if (z2 && cl_13Var.n == cl_13.d.n) {
                return;
            }
            throw new SSLException("Unsupported record version " + cl_13Var);
        }
    }

    private boolean a(int[] iArr, int[] iArr2, boolean z2) throws SSLException {
        try {
            Sspi.getCipherInfo(this.F, iArr, iArr2);
            return true;
        } catch (Exception e2) {
            if (z2) {
                return false;
            }
            throw new SSLException(e2);
        }
    }

    private SSLEngineResult b(EngineArgs engineArgs) throws IOException {
        SSLEngineResult.HandshakeStatus a2 = a((SSLEngineResult.HandshakeStatus) null);
        if (isOutboundDone()) {
            return new SSLEngineResult(SSLEngineResult.Status.CLOSED, a2, 0, 0);
        }
        Array.clear(this.S);
        synchronized (this) {
            if (p() == 0) {
                if (this.C) {
                    return new SSLEngineResult(SSLEngineResult.Status.OK, a2, 0, 0);
                }
                initHandshake();
                doHandshakeStep(null, 0);
                a2 = a((SSLEngineResult.HandshakeStatus) null);
                if (a2 == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                    return new SSLEngineResult(SSLEngineResult.Status.OK, a2, 0, 0);
                }
            }
            if (p() == 1 && engineArgs.netData.remaining() != 0 && engineArgs.netData.remaining() != engineArgs.netData.capacity()) {
                ByteBufferInputStream byteBufferInputStream = new ByteBufferInputStream(engineArgs.netData);
                byte[] bArr = this.S;
                int a3 = a(byteBufferInputStream, bArr, 0, bArr.length);
                byteBufferInputStream.close();
                doHandshakeStep(this.S, a3);
                a2 = a((SSLEngineResult.HandshakeStatus) null);
                if (a2 == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                    return new SSLEngineResult(SSLEngineResult.Status.OK, a2, 0, 0);
                }
            }
            if (n()) {
                return new SSLEngineResult(SSLEngineResult.Status.OK, a(d(engineArgs.netData)), 0, 0);
            }
            if (p() != 2) {
                return new SSLEngineResult(SSLEngineResult.Status.OK, a(a2), 0, 0);
            }
            if (engineArgs.getAppRemaining() == 0) {
                return new SSLEngineResult(SSLEngineResult.Status.OK, a2, 0, 0);
            }
            int min = Math.min(engineArgs.getAppRemaining(), 16384);
            ByteBuffer byteBuffer = engineArgs.netData;
            int position = byteBuffer.position();
            byteBuffer.limit();
            engineArgs.gather(min);
            byteBuffer.limit(byteBuffer.position());
            byteBuffer.position(position);
            if (byteBuffer.remaining() == 0 || byteBuffer.remaining() == byteBuffer.capacity()) {
                return new SSLEngineResult(SSLEngineResult.Status.OK, a(a2), 0, 0);
            }
            ByteBufferInputStream byteBufferInputStream2 = new ByteBufferInputStream(byteBuffer);
            byte[] bArr2 = this.S;
            int a4 = a(byteBufferInputStream2, bArr2, 0, bArr2.length);
            byteBufferInputStream2.close();
            Array.clear(this.T);
            byte[] bArr3 = this.T;
            int[] iArr = {bArr3.length};
            int encryptMessage = Sspi.encryptMessage(this.F, this.S, new int[1], new int[]{a4}, bArr3, iArr);
            if (encryptMessage != 0) {
                throw new SSLException("Invalid result 0x" + Integer.toHexString(encryptMessage));
            }
            if (iArr[0] != 0 && SSLLogger.isAllEnabled()) {
                SSLLogger.dump("[Raw write encrypted]: length = ", Integer.valueOf(iArr[0]), ByteBuffer.wrap(this.T, 0, iArr[0]));
            }
            byteBuffer.limit(iArr[0]);
            byteBuffer.position(0);
            byteBuffer.put(this.T, 0, iArr[0]);
            byteBuffer.limit(iArr[0]);
            return new SSLEngineResult(isOutboundDone() ? SSLEngineResult.Status.CLOSED : SSLEngineResult.Status.OK, a(a2), engineArgs.deltaApp(), engineArgs.deltaNet());
        }
    }

    private SSLEngineResult.HandshakeStatus d(ByteBuffer byteBuffer) throws SSLException {
        Object removeFirst = this.O.removeFirst();
        if (removeFirst == SSLEngineResult.HandshakeStatus.FINISHED) {
            return SSLEngineResult.HandshakeStatus.FINISHED;
        }
        boolean z2 = s;
        if (!z2 && !(removeFirst instanceof ByteBuffer)) {
            throw new AssertionError();
        }
        ByteBuffer byteBuffer2 = (ByteBuffer) removeFirst;
        if (!z2 && byteBuffer.remaining() < byteBuffer2.remaining()) {
            throw new AssertionError();
        }
        if (byteBuffer2.get(0) == 21) {
            m();
        }
        byteBuffer.limit(byteBuffer.position() + byteBuffer2.remaining());
        byteBuffer.put(byteBuffer2);
        if (!n()) {
            return null;
        }
        if (this.O.getFirst() != SSLEngineResult.HandshakeStatus.FINISHED) {
            return SSLEngineResult.HandshakeStatus.NEED_WRAP;
        }
        this.O.removeFirst();
        return SSLEngineResult.HandshakeStatus.FINISHED;
    }

    private boolean d(boolean z2) throws SSLException {
        int i2;
        if (this.U != null && this.R != null) {
            return true;
        }
        int[] iArr = new int[1];
        int[] iArr2 = new int[1];
        if (!a(iArr, iArr2, z2) || (i2 = iArr2[0]) == 0 || iArr[0] == 0) {
            return false;
        }
        this.U = cl_3.a(i2);
        this.R = cl_13.a(iArr[0]);
        SSLLogger.fine("Handshake attributes. Protocol: " + this.R + " CipherSuite: " + this.U);
        return true;
    }

    private boolean e(boolean z2) throws SSLException {
        if (this.K != null) {
            return true;
        }
        try {
            ArrayList arrayList = new ArrayList();
            Sspi.getRemoteCertificates(this.F, arrayList);
            if (!arrayList.isEmpty()) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Remote certificate chain: (length: ").append(arrayList.size()).append(Extension.C_BRAKE).append("\n");
                this.K = new X509Certificate[arrayList.size()];
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
                for (int i2 = 0; i2 < arrayList.size(); i2++) {
                    this.K[i2] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream((byte[]) arrayList.get(i2)));
                    stringBuffer.append(this.K[i2].toString());
                }
                SSLLogger.fine(stringBuffer.toString());
                return true;
            }
        } catch (Exception e2) {
            if (!z2) {
                throw new SSLException(e2);
            }
        }
        return false;
    }

    private boolean f(boolean z2) throws SSLException {
        SSLSessionImpl sSLSessionImpl;
        if (this.V != null) {
            return true;
        }
        try {
            int[] iArr = new int[1];
            int[] iArr2 = new int[1];
            byte[] bArr = new byte[32];
            Sspi.getSessionInfo(this.F, iArr, bArr, iArr2);
            if (iArr2[0] != 0 || !z2) {
                this.V = new cl_26(bArr, 0, iArr2[0]);
                SSLLogger.fine("Handshake session info. SessionID: " + Array.toHexString(this.V.b()) + " Reconnect: " + iArr[0]);
                if (!this.C && (sSLSessionImpl = this.G) != null) {
                    if (sSLSessionImpl.d().equals(this.V)) {
                        SSLLogger.fine("Session " + this.G + " is reused");
                    } else {
                        SSLLogger.fine("Client received new SessionID.");
                        SSLLogger.fine("Remove session " + this.G + " with old SessionID " + Array.toHexString(this.G.d().b()) + " from cache");
                        ((SSLSessionContextImpl) this.D.engineGetClientSessionContext()).a(this.G.d());
                        this.G = null;
                        this.N = false;
                        this.K = null;
                    }
                }
                return true;
            }
        } catch (Exception e2) {
            if (!z2) {
                throw new SSLException(e2);
            }
        }
        return false;
    }

    private void h() throws SSLException {
        String str;
        if (this.C) {
            SSLSessionImpl sSLSessionImpl = new SSLSessionImpl(this.R, this.U, this.V, d(), e());
            this.G = sSLSessionImpl;
            sSLSessionImpl.a(this.D.getLocalPrivateKey());
            this.G.b(this.D.getLocalCerts());
            this.G.a(System.currentTimeMillis());
            return;
        }
        SSLSessionImpl sSLSessionImpl2 = new SSLSessionImpl(this.E, this.R, this.U, this.V, c(), e());
        this.G = sSLSessionImpl2;
        sSLSessionImpl2.a(this.L);
        this.G.b(this.J);
        this.G.a(System.currentTimeMillis());
        if (this.G.b()) {
            ((SSLSessionContextImpl) this.D.engineGetClientSessionContext()).a(this.G);
            str = "%% Cached client session: ";
        } else {
            str = "%% Didn't cache non-resumable client session: ";
        }
        SSLLogger.fine(str, this.G);
    }

    private void i() throws SSLException {
        if (this.N) {
            return;
        }
        if (this.K == null) {
            a(new CertificateException("Empty server certificate chain"));
        }
        String c2 = this.G.g().c();
        X509TrustManager e2 = this.D.e();
        try {
            if (!(e2 instanceof X509ExtendedTrustManager)) {
                throw new CertificateException("Improper X509TrustManager implementation");
            }
            ((X509ExtendedTrustManager) e2).checkServerTrusted((X509Certificate[]) this.K.clone(), c2, this);
            this.N = true;
        } catch (CertificateException e3) {
            a(e3);
        }
    }

    private void j() throws SSLException {
        if (this.N) {
            return;
        }
        if (this.K == null) {
            a(new CertificateException("Empty client certificate chain"));
        }
        String c2 = this.G.g().c();
        X509TrustManager e2 = this.D.e();
        try {
            if (!(e2 instanceof X509ExtendedTrustManager)) {
                throw new CertificateException("Improper X509TrustManager implementation");
            }
            ((X509ExtendedTrustManager) e2).checkClientTrusted((X509Certificate[]) this.K.clone(), c2, this);
            this.N = true;
        } catch (CertificateException e3) {
            a(e3);
        }
    }

    private void k() throws SSLException {
        String str;
        try {
            ArrayList arrayList = new ArrayList();
            Sspi.getIssuers(this.F, arrayList);
            if (arrayList.isEmpty()) {
                str = "Issuers list is empty";
            } else {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Certificate issuers list: (count: ").append(arrayList.size()).append(Extension.C_BRAKE).append("\n");
                this.M = new X500Principal[arrayList.size()];
                for (int i2 = 0; i2 < arrayList.size(); i2++) {
                    this.M[i2] = new X500Principal((byte[]) arrayList.get(i2));
                    stringBuffer.append("   \n").append(this.M[i2].toString());
                }
                str = stringBuffer.toString();
            }
            SSLLogger.fine(str);
        } catch (Exception e2) {
            throw new SSLException(e2);
        }
    }

    private static String l() {
        return Thread.currentThread().getName();
    }

    private void m() throws SSLException {
        SSLSessionImpl sSLSessionImpl;
        SSLLogger.fine(l() + " closeInboundInternal()");
        if (this.W) {
            return;
        }
        o();
        this.W = true;
        long[] jArr = this.F;
        if (jArr != null) {
            Sspi.deleteSecurityContext(jArr);
            this.F = null;
        }
        if (this.C && (sSLSessionImpl = this.G) != null) {
            sSLSessionImpl.invalidate();
        }
        this.G = SSLSessionImpl.a;
        this.t = 6;
    }

    private boolean n() {
        return this.O.size() != 0;
    }

    private void o() {
        SSLLogger.fine(l() + " closeOutboundInternal()");
        if (isOutboundDone()) {
            return;
        }
        int i2 = this.t;
        if (i2 == 0) {
            this.X = true;
            this.W = true;
        } else if (i2 != 4 && i2 != 6) {
            c(true);
            this.X = true;
        }
        this.t = 6;
    }

    private synchronized int p() {
        return this.t;
    }

    /* JADX WARN: Removed duplicated region for block: B:48:0x0154  */
    /* JADX WARN: Removed duplicated region for block: B:57:0x0152 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    int a(boolean r24, byte[] r25) throws javax.net.ssl.SSLException {
        /*
            Method dump skipped, instructions count: 371
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ru.CryptoPro.sspiSSL.SSLEngineImpl.a(boolean, byte[]):int");
    }

    int a(byte[] bArr, int i2) throws SSLException {
        boolean z2;
        X509Certificate[] x509CertificateArr;
        int i3 = i2;
        try {
            if (SSLLogger.isAllEnabled() && i3 != 0) {
                SSLLogger.dump("Client send: length = ", Integer.valueOf(i2), ByteBuffer.wrap(bArr, 0, i3));
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            long j2 = 590610;
            while (j2 == 590610) {
                int[] iArr = {i3};
                if (this.F == null) {
                    this.F = new long[2];
                }
                Array.clear(this.T);
                int[] iArr2 = {this.T.length};
                long acceptSecurityContext = Sspi.acceptSecurityContext(this.D.b(), this.F, getNeedClientAuth(), false, bArr, iArr, this.T, iArr2);
                i3 = iArr[0];
                if (acceptSecurityContext != 590610 && acceptSecurityContext != 0) {
                    z2 = true;
                    if (acceptSecurityContext != -2146893032 && acceptSecurityContext != 590624) {
                        j2 = acceptSecurityContext;
                    }
                    j2 = 590610;
                    break;
                }
                if (iArr2[0] != 0) {
                    if (SSLLogger.isAllEnabled()) {
                        SSLLogger.dump("Server send: length = ", Integer.valueOf(iArr2[0]), ByteBuffer.wrap(this.T, 0, iArr2[0]));
                    }
                    byteArrayOutputStream.write(this.T, 0, iArr2[0]);
                }
                z2 = true;
                if (f(true) && d(true) && this.G == null) {
                    h();
                }
                e(true);
                SSLSessionImpl sSLSessionImpl = this.G;
                if (sSLSessionImpl != null && (x509CertificateArr = this.K) != null) {
                    sSLSessionImpl.a(x509CertificateArr);
                    j();
                }
                if (acceptSecurityContext != -2146893032) {
                    j2 = acceptSecurityContext;
                }
                j2 = 590610;
            }
            z2 = true;
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            byteArrayOutputStream.close();
            if (j2 != 590610 && j2 != 0) {
                throw new SSLException("Error due server handshake step 0x" + Integer.toHexString((int) j2));
            }
            if (byteArray.length != 0) {
                a((ByteBuffer) ByteBuffer.allocate(byteArray.length).put(byteArray).flip());
            }
            if (j2 == 0) {
                SSLLogger.fine("Handshake was successful");
                f(false);
                d(false);
                e(getNeedClientAuth() ^ z2);
                if (this.G == null) {
                    h();
                }
                if (getNeedClientAuth()) {
                    this.G.a(this.K);
                    j();
                }
                this.t = 2;
                this.O.addLast(SSLEngineResult.HandshakeStatus.FINISHED);
            }
        } catch (Exception e2) {
            try {
                a(e2);
            } finally {
                this.G = SSLSessionImpl.a;
            }
        }
        return i3;
    }

    void a() throws SSLException {
        long[] jArr = this.F;
        if (jArr != null) {
            Sspi.deleteSecurityContext(jArr);
            this.F = null;
        }
        this.G = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void a(Throwable th) throws SSLException {
        SSLLogger.fatal(l() + ", fatal error: " + th);
        this.W = true;
        long[] jArr = this.F;
        if (jArr != null) {
            Sspi.deleteSecurityContext(jArr);
            this.F = null;
        }
        SSLSessionImpl sSLSessionImpl = this.G;
        if (sSLSessionImpl != null) {
            sSLSessionImpl.invalidate();
        }
        this.G = SSLSessionImpl.a;
        if (th instanceof SSLException) {
            throw ((SSLException) th);
        }
        SSLException sSLException = new SSLException(th.getMessage());
        sSLException.initCause(th);
        throw sSLException;
    }

    void a(ByteBuffer byteBuffer) {
        this.O.addLast(byteBuffer);
    }

    /* JADX WARN: Removed duplicated region for block: B:25:0x00f1 A[Catch: Exception -> 0x017a, TryCatch #0 {Exception -> 0x017a, blocks: (B:14:0x0042, B:17:0x005f, B:18:0x00e0, B:20:0x00e4, B:23:0x00e9, B:25:0x00f1, B:27:0x0110, B:28:0x013b, B:30:0x0151, B:31:0x0158, B:32:0x0159, B:34:0x0165, B:36:0x016b, B:38:0x0064, B:42:0x006c, B:44:0x0070, B:46:0x008c, B:48:0x008f, B:51:0x00ae, B:53:0x00dd), top: B:13:0x0042 }] */
    /* JADX WARN: Removed duplicated region for block: B:30:0x0151 A[Catch: Exception -> 0x017a, TryCatch #0 {Exception -> 0x017a, blocks: (B:14:0x0042, B:17:0x005f, B:18:0x00e0, B:20:0x00e4, B:23:0x00e9, B:25:0x00f1, B:27:0x0110, B:28:0x013b, B:30:0x0151, B:31:0x0158, B:32:0x0159, B:34:0x0165, B:36:0x016b, B:38:0x0064, B:42:0x006c, B:44:0x0070, B:46:0x008c, B:48:0x008f, B:51:0x00ae, B:53:0x00dd), top: B:13:0x0042 }] */
    /* JADX WARN: Removed duplicated region for block: B:34:0x0165 A[Catch: Exception -> 0x017a, TryCatch #0 {Exception -> 0x017a, blocks: (B:14:0x0042, B:17:0x005f, B:18:0x00e0, B:20:0x00e4, B:23:0x00e9, B:25:0x00f1, B:27:0x0110, B:28:0x013b, B:30:0x0151, B:31:0x0158, B:32:0x0159, B:34:0x0165, B:36:0x016b, B:38:0x0064, B:42:0x006c, B:44:0x0070, B:46:0x008c, B:48:0x008f, B:51:0x00ae, B:53:0x00dd), top: B:13:0x0042 }] */
    /* JADX WARN: Removed duplicated region for block: B:36:0x016b A[Catch: Exception -> 0x017a, TRY_LEAVE, TryCatch #0 {Exception -> 0x017a, blocks: (B:14:0x0042, B:17:0x005f, B:18:0x00e0, B:20:0x00e4, B:23:0x00e9, B:25:0x00f1, B:27:0x0110, B:28:0x013b, B:30:0x0151, B:31:0x0158, B:32:0x0159, B:34:0x0165, B:36:0x016b, B:38:0x0064, B:42:0x006c, B:44:0x0070, B:46:0x008c, B:48:0x008f, B:51:0x00ae, B:53:0x00dd), top: B:13:0x0042 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    void a(boolean r12) throws javax.net.ssl.SSLException {
        /*
            Method dump skipped, instructions count: 383
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ru.CryptoPro.sspiSSL.SSLEngineImpl.a(boolean):void");
    }

    int b(boolean z2, byte[] bArr) throws SSLException {
        X509Certificate[] x509CertificateArr;
        b(z2);
        if (this.q == null) {
            return 0;
        }
        try {
            Array.clear(this.S);
            boolean z3 = false;
            int i2 = 0;
            boolean z4 = false;
            long j2 = 590610;
            while (true) {
                if (j2 != 590610 && j2 != -2146893032) {
                    if (j2 != 0) {
                        throw new SSLException("Error due client handshake 0x" + Integer.toHexString((int) j2));
                    }
                    SSLLogger.fine("Handshake was successful");
                    f(false);
                    d(false);
                    e(false);
                    if (this.G == null) {
                        h();
                    }
                    this.G.a(this.K);
                    i();
                    if (i2 != 0 && z2) {
                        Array.copy(this.S, 0, bArr, 0, i2);
                    }
                    this.t = 2;
                    return i2;
                }
                if (z3) {
                    int read = this.q.getSockInput().read(this.S, i2, 16921 - i2);
                    if (read < 0) {
                        throw new SSLException("Unexpected end of communication or no connectivity to server");
                    }
                    i2 += read;
                    z3 = false;
                }
                int[] iArr = {i2};
                if (SSLLogger.isAllEnabled() && i2 != 0) {
                    SSLLogger.dump("Server send: length = ", Integer.valueOf(i2), ByteBuffer.wrap(this.S, 0, i2));
                }
                if (this.F == null) {
                    this.F = new long[2];
                }
                Array.clear(this.T);
                int[] iArr2 = {this.T.length};
                long initializeSecurityContext = Sspi.initializeSecurityContext(this.E, this.F, c(), false, z4, this.S, iArr, this.T, iArr2);
                if (initializeSecurityContext == 590610 || initializeSecurityContext == 0) {
                    if (iArr2[0] != 0) {
                        if (SSLLogger.isAllEnabled()) {
                            SSLLogger.dump("Client send: length = ", Integer.valueOf(iArr2[0]), ByteBuffer.wrap(this.T, 0, iArr2[0]));
                        }
                        this.q.getSockOutput().write(this.T, 0, iArr2[0]);
                        this.q.getSockOutput().flush();
                    }
                    int i3 = iArr[0];
                    if (f(true) && d(true) && this.G == null) {
                        h();
                    }
                    e(true);
                    SSLSessionImpl sSLSessionImpl = this.G;
                    if (sSLSessionImpl != null && (x509CertificateArr = this.K) != null) {
                        sSLSessionImpl.a(x509CertificateArr);
                        i();
                    }
                    i2 = i3;
                }
                if (initializeSecurityContext == -2146893032) {
                    j2 = initializeSecurityContext;
                    z3 = true;
                } else if (initializeSecurityContext == 590624) {
                    k();
                    a(false);
                    z3 = false;
                    j2 = 590610;
                    z4 = true;
                } else {
                    j2 = initializeSecurityContext;
                }
            }
        } catch (Exception e2) {
            try {
                a(e2);
                this.G = SSLSessionImpl.a;
                return -1;
            } catch (Throwable th) {
                this.G = SSLSessionImpl.a;
                throw th;
            }
        }
    }

    int b(byte[] bArr, int i2) throws SSLException {
        int i3;
        long j2;
        X509Certificate[] x509CertificateArr;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            i3 = i2;
            loop0: while (true) {
                j2 = 590610;
                while (true) {
                    if (j2 != 590610) {
                        break loop0;
                    }
                    try {
                        int[] iArr = {i3};
                        if (this.F == null) {
                            this.F = new long[2];
                        }
                        Array.clear(this.T);
                        int[] iArr2 = {this.T.length};
                        long initializeSecurityContext = Sspi.initializeSecurityContext(this.E, this.F, c(), false, false, bArr, iArr, this.T, iArr2);
                        i3 = iArr[0];
                        if (iArr2[0] != 0) {
                            if (SSLLogger.isAllEnabled()) {
                                SSLLogger.dump("Server send: length = ", Integer.valueOf(iArr2[0]), ByteBuffer.wrap(this.T, 0, iArr2[0]));
                            }
                            byteArrayOutputStream.write(this.T, 0, iArr2[0]);
                        }
                        if (f(true) && d(true) && this.G == null) {
                            h();
                        }
                        e(true);
                        SSLSessionImpl sSLSessionImpl = this.G;
                        if (sSLSessionImpl != null && (x509CertificateArr = this.K) != null) {
                            sSLSessionImpl.a(x509CertificateArr);
                            i();
                        }
                        if (initializeSecurityContext == -2146893032) {
                            j2 = 590610;
                            break loop0;
                        }
                        if (initializeSecurityContext == 590624) {
                            break;
                        }
                        j2 = initializeSecurityContext;
                    } catch (Exception e2) {
                        e = e2;
                        try {
                            a(e);
                            return i3;
                        } finally {
                            this.G = SSLSessionImpl.a;
                        }
                    }
                }
                k();
                a(false);
            }
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            byteArrayOutputStream.close();
            if (j2 != 590610 && j2 != 0) {
                throw new SSLException("Error due client handshake step 0x" + Integer.toHexString((int) j2));
            }
            if (byteArray.length != 0) {
                a((ByteBuffer) ByteBuffer.allocate(byteArray.length).put(byteArray).flip());
            }
            if (j2 == 0) {
                SSLLogger.fine("Handshake was successful");
                f(false);
                d(false);
                e(false);
                if (this.G == null) {
                    h();
                }
                this.G.a(this.K);
                i();
                this.t = 2;
                this.O.addLast(SSLEngineResult.HandshakeStatus.FINISHED);
            }
        } catch (Exception e3) {
            e = e3;
            i3 = i2;
        }
        return i3;
    }

    synchronized void b(ByteBuffer byteBuffer) throws IOException {
        if (this.X) {
            throw new IOException("Write side already closed");
        }
        this.O.addLast(byteBuffer);
    }

    void b(boolean z2) throws SSLException {
        String str;
        if (z2) {
            if (this.E == null) {
                throw new SSLException("Renegotiation on non-established connection");
            }
            return;
        }
        SSLSessionImpl a2 = ((SSLSessionContextImpl) this.D.engineGetClientSessionContext()).a(c(), e());
        this.G = a2;
        if (a2 != null) {
            StringBuilder sb = new StringBuilder("%% Client cached ");
            sb.append(this.G);
            sb.append(" ");
            sb.append(this.G.b() ? "" : " (not rejoinable)");
            str = sb.toString();
        } else {
            str = "%% No cached client session";
        }
        SSLLogger.finer(str);
        SSLSessionImpl sSLSessionImpl = this.G;
        if (sSLSessionImpl != null && !sSLSessionImpl.b()) {
            this.G = null;
        }
        X509TrustManager e2 = this.D.e();
        if ((e2 instanceof cl_28) && ((cl_28) e2).a().equalsIgnoreCase(ru.CryptoPro.sspiSSL.pc_3.cl_5.j)) {
            this.p = true;
        }
        SSLSessionImpl sSLSessionImpl2 = this.G;
        if (sSLSessionImpl2 != null) {
            this.E = sSLSessionImpl2.a();
            this.R = this.G.i();
            this.K = (X509Certificate[]) this.G.getPeerCertificates();
            this.N = true;
        }
        if (this.G == null) {
            a(true);
        }
    }

    synchronized boolean b() {
        return n();
    }

    @Override // javax.net.ssl.SSLEngine
    public void beginHandshake() throws SSLException {
        if (this.t == 0) {
            this.t = 1;
            if (this.C) {
                if (this.q != null) {
                    a(false, (byte[]) null);
                    return;
                } else {
                    a();
                    return;
                }
            }
            if (this.q != null) {
                b(false, (byte[]) null);
            } else {
                b(false);
                doHandshakeStep(null, 0);
            }
        }
    }

    int c(ByteBuffer byteBuffer) throws SSLException {
        if (byteBuffer.remaining() < 5) {
            return -1;
        }
        int position = byteBuffer.position();
        byte b2 = byteBuffer.get(position);
        if (this.r || b2 == 22 || b2 == 21) {
            a(cl_13.a(byteBuffer.get(position + 1), byteBuffer.get(position + 2)), false);
            this.r = true;
            return 5 + ((byteBuffer.get(position + 3) & 255) << 8) + (byteBuffer.get(position + 4) & 255);
        }
        boolean z2 = (b2 & 128) != 0;
        if (z2) {
            int i2 = position + 2;
            if (byteBuffer.get(i2) == 1 || byteBuffer.get(i2) == 4) {
                a(cl_13.a(byteBuffer.get(position + 3), byteBuffer.get(position + 4)), true);
                return (((z2 ? ByteCompanionObject.MAX_VALUE : (byte) 63) & b2) << 8) + (byteBuffer.get(position + 1) & 255) + (z2 ? 2 : 3);
            }
        }
        throw new SSLException("Unrecognized SSL message, plaintext connection?");
    }

    String c() {
        SSLSocketImpl sSLSocketImpl = this.q;
        return sSLSocketImpl != null ? sSLSocketImpl.d() : getPeerHost();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void c(boolean z2) {
        int i2 = this.t;
        if (i2 >= 6) {
            return;
        }
        if (i2 == 1 && this.F == null) {
            return;
        }
        try {
            if (this.F == null) {
                this.F = new long[2];
            }
            Array.clear(this.T);
            int[] iArr = {this.T.length};
            long acceptSecurityContext = this.C ? Sspi.acceptSecurityContext(this.D.b(), this.F, getNeedClientAuth(), true, null, null, this.T, iArr) : Sspi.initializeSecurityContext(this.E, this.F, c(), true, false, null, null, this.T, iArr);
            if (acceptSecurityContext != 0) {
                throw new SSLException("Error due send close notify 0x" + Integer.toHexString((int) acceptSecurityContext));
            }
            SSLLogger.fine(this.C ? "Server" : "Client  close_notify was successful");
            if (iArr[0] != 0) {
                if (SSLLogger.isAllEnabled()) {
                    SSLLogger.dump("Send close notify: length = ", Integer.valueOf(iArr[0]), ByteBuffer.wrap(this.T, 0, iArr[0]));
                }
                if (z2) {
                    a((ByteBuffer) ByteBuffer.allocate(iArr[0]).put(this.T, 0, iArr[0]).flip());
                } else {
                    this.q.getSockOutput().write(this.T, 0, iArr[0]);
                    this.q.getSockOutput().flush();
                }
            }
        } catch (Exception e2) {
            SSLLogger.thrown(e2);
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public void closeInbound() throws SSLException {
        SSLLogger.fine(l() + " called closeInbound()");
        m();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void closeOutbound() {
        SSLLogger.fine(l() + " called closeOutbound()");
        o();
    }

    String d() {
        SSLSocketImpl sSLSocketImpl = this.q;
        return sSLSocketImpl != null ? sSLSocketImpl.getInetAddress().getHostAddress() : getPeerHost();
    }

    public int doHandshakeStep(byte[] bArr, int i2) throws SSLException {
        return this.C ? a(bArr, i2) : b(bArr, i2);
    }

    int e() {
        SSLSocketImpl sSLSocketImpl = this.q;
        return sSLSocketImpl != null ? sSLSocketImpl.getPort() : getPeerPort();
    }

    int f() {
        SSLSocketImpl sSLSocketImpl = this.q;
        if (sSLSocketImpl != null) {
            return sSLSocketImpl.getLocalPort();
        }
        return -1;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long[] g() {
        return this.F;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String getApplicationProtocol() {
        return null;
    }

    @Override // javax.net.ssl.SSLEngine
    public Runnable getDelegatedTask() {
        return null;
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getEnableSessionCreation() {
        return this.I;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String[] getEnabledCipherSuites() {
        return this.Q.d();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getEnabledProtocols() {
        return this.P.b();
    }

    @Override // javax.net.ssl.SSLEngine
    public String getHandshakeApplicationProtocol() {
        return null;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized SSLSession getHandshakeSession() {
        return this.G;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult.HandshakeStatus getHandshakeStatus() {
        return a((SSLEngineResult.HandshakeStatus) null);
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getNeedClientAuth() {
        return this.H == 2;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLSession getSession() {
        return this.G;
    }

    public SSLSocketImpl getSocketImpl() {
        return this.q;
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getSupportedCipherSuites() {
        return this.D.j().d();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getSupportedProtocols() {
        return this.D.i().b();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getUseClientMode() {
        return !this.C;
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getWantClientAuth() {
        return this.H == 1;
    }

    public int handshake(byte[] bArr) throws SSLException {
        if (this.q == null || this.t != 0) {
            return 0;
        }
        this.t = 1;
        return this.C ? a(false, bArr) : b(false, bArr);
    }

    public void initHandshake() throws SSLException {
        if (this.t == 0) {
            if (this.C) {
                a();
            } else {
                b(false);
            }
            this.t = 1;
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean isInboundDone() {
        return this.W;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized boolean isOutboundDone() {
        boolean z2;
        if (this.X) {
            z2 = n() ? false : true;
        }
        return z2;
    }

    public int renegotiation(byte[] bArr) throws SSLException {
        this.t = 3;
        return this.C ? a(true, bArr) : b(true, bArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnableSessionCreation(boolean z2) {
        this.I = z2;
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnabledCipherSuites(String[] strArr) {
        this.Q = new cl_4(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnabledProtocols(String[] strArr) {
        this.P = new cl_12(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setNeedClientAuth(boolean z2) {
        this.H = z2 ? (byte) 2 : (byte) 0;
    }

    public void setSocketImpl(SSLSocketImpl sSLSocketImpl) throws IOException {
        this.q = sSLSocketImpl;
    }

    @Override // javax.net.ssl.SSLEngine
    public void setUseClientMode(boolean z2) {
        this.C = !z2;
    }

    @Override // javax.net.ssl.SSLEngine
    public void setWantClientAuth(boolean z2) {
        this.H = z2 ? (byte) 1 : (byte) 0;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i2, int i3) throws SSLException {
        SSLEngineResult a2;
        a(byteBuffer, byteBufferArr, i2, i3, false);
        EngineArgs engineArgs = new EngineArgs(byteBuffer, byteBufferArr, i2, i3);
        try {
            try {
                synchronized (this.B) {
                    a2 = a(engineArgs);
                }
                return a2;
            } catch (Exception e2) {
                a(e2);
                engineArgs.resetLim();
                return null;
            }
        } finally {
            engineArgs.resetLim();
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult wrap(ByteBuffer[] byteBufferArr, int i2, int i3, ByteBuffer byteBuffer) throws SSLException {
        SSLEngineResult b2;
        a(byteBuffer, byteBufferArr, i2, i3, true);
        EngineArgs engineArgs = new EngineArgs(byteBufferArr, i2, i3, byteBuffer);
        if (byteBuffer.remaining() < 16921) {
            return new SSLEngineResult(SSLEngineResult.Status.BUFFER_OVERFLOW, a((SSLEngineResult.HandshakeStatus) null), 0, 0);
        }
        try {
            synchronized (this.A) {
                b2 = b(engineArgs);
            }
            return b2;
        } catch (Exception e2) {
            engineArgs.resetPos();
            a(e2);
            return null;
        } finally {
            engineArgs.resetLim();
        }
    }
}
