package org.bouncycastle.jsse.provider;

import com.amazonaws.event.ProgressEvent;
import java.io.IOException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.List;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLException;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.a3;
import org.bouncycastle.tls.p1;
import org.bouncycastle.tls.y2;
import org.bouncycastle.tls.z1;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class a1 extends org.bouncycastle.tls.z implements z0 {
    private static final Logger x = Logger.getLogger(a1.class.getName());
    private static final int y = c0.b("jdk.tls.ephemeralDHKeySize", ProgressEvent.PART_COMPLETED_EVENT_CODE, ProgressEvent.PART_STARTED_EVENT_CODE, 8192);
    private static final boolean z = c0.a("org.bouncycastle.jsse.server.enableTrustedCAKeysExtension", false);
    protected final y0 p;
    protected final l0 q;
    protected final v r;
    protected o0 s;
    protected h.a.b.e t;
    protected Set<String> u;
    protected p1 v;
    protected boolean w;

    /* JADX INFO: Access modifiers changed from: package-private */
    public a1(y0 y0Var, l0 l0Var) throws SSLException {
        super(y0Var.d().d());
        this.r = new v();
        this.s = null;
        this.t = null;
        this.u = null;
        this.v = null;
        this.w = false;
        this.p = y0Var;
        this.q = l0Var.b();
        if (!y0Var.getEnableSessionCreation()) {
            throw new SSLException("Session resumption not implemented yet and session creation is disabled");
        }
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.j2
    public void A(short s, short s2, String str, Throwable th) {
        Level level = s == 1 ? Level.FINE : s2 == 80 ? Level.WARNING : Level.INFO;
        Logger logger = x;
        if (logger.isLoggable(level)) {
            String m = x.m("Server raised", s, s2);
            if (str != null) {
                m = m + ": " + str;
            }
            logger.log(level, m, th);
        }
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.j2
    public void D(short s, short s2) {
        super.D(s, s2);
        Level level = s == 1 ? Level.FINE : Level.INFO;
        Logger logger = x;
        if (logger.isLoggable(level)) {
            logger.log(level, x.m("Server received", s, s2));
        }
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.j2
    public synchronized void J() throws IOException {
        super.J();
        this.w = true;
        y2 j = this.a.j();
        o0 o0Var = this.s;
        if (o0Var == null || o0Var.r() != j) {
            this.s = this.p.d().f().v(this.p.getPeerHost(), this.p.getPeerPort(), j, new w(this.q.h()));
        }
        this.p.b(new i0(this.a, this.s));
    }

    @Override // org.bouncycastle.tls.s2
    public org.bouncycastle.tls.n L() throws IOException {
        if (!t0()) {
            return null;
        }
        d d2 = this.p.d();
        org.bouncycastle.tls.q0 b2 = this.a.b();
        List<SignatureSchemeInfo> a = d2.a(true, this.q, new org.bouncycastle.tls.q0[]{b2}, this.r.a);
        v vVar = this.r;
        vVar.f18232b = a;
        vVar.f18233c = a;
        Vector<org.bouncycastle.tls.c1> o = SignatureSchemeInfo.o(a);
        Vector<org.bouncycastle.asn1.m2.c> q = x.q(d2.i());
        if (!a3.Y0(b2)) {
            return new org.bouncycastle.tls.n(new short[]{64, 1, 2}, o, q);
        }
        byte[] bArr = a3.f18421d;
        v vVar2 = this.r;
        List<SignatureSchemeInfo> list = vVar2.f18232b;
        List<SignatureSchemeInfo> list2 = vVar2.f18233c;
        return new org.bouncycastle.tls.n(bArr, o, list != list2 ? SignatureSchemeInfo.o(list2) : null, q);
    }

    @Override // org.bouncycastle.tls.j2
    public boolean N() {
        return !x.a();
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.s2
    public int O() throws IOException {
        d d2 = this.p.d();
        org.bouncycastle.tls.u0 h2 = this.a.h();
        ProvSSLSessionContext f2 = d2.f();
        String peerHost = this.p.getPeerHost();
        int peerPort = this.p.getPeerPort();
        o0 o0Var = this.s;
        this.p.c(o0Var == null ? new q0(f2, peerHost, peerPort, h2, this.r) : new r0(f2, peerHost, peerPort, h2, this.r, o0Var.r(), this.s.q()));
        this.r.a = d2.e(this.q, new org.bouncycastle.tls.q0[]{this.a.b()});
        NamedGroupInfo.y(this.r.a, h2.i());
        Vector g2 = h2.g();
        Vector h3 = h2.h();
        this.r.f18234d = d2.g(g2);
        v vVar = this.r;
        vVar.f18235e = g2 == h3 ? vVar.f18234d : d2.g(h3);
        if (f.a == d2.h()) {
            throw new TlsFatalAlert((short) 40);
        }
        this.u = new HashSet();
        int O = super.O();
        this.u = null;
        String M = this.p.d().c().M(this.q, O);
        x.fine("Server selected cipher suite: " + M);
        return O;
    }

    @Override // org.bouncycastle.tls.j2
    public boolean S() {
        return x.b();
    }

    @Override // org.bouncycastle.tls.s2
    public void V(org.bouncycastle.tls.l lVar) throws IOException {
        if (!t0()) {
            throw new TlsFatalAlert((short) 80);
        }
        if (lVar == null || lVar.h()) {
            if (this.q.j()) {
                throw new TlsFatalAlert(a3.Z0(this.a) ? (short) 116 : (short) 40);
            }
            return;
        }
        X509Certificate[] I = x.I(e(), lVar);
        org.bouncycastle.tls.crypto.f d2 = lVar.d(0);
        short d3 = d2.a((short) 7) ? (short) 7 : d2.a((short) 8) ? (short) 8 : d2.d();
        if (d3 < 0) {
            throw new TlsFatalAlert((short) 43);
        }
        this.p.checkClientTrusted(I, x.o(d3));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.e
    public int[] Z() {
        return this.p.d().c().i(e(), this.q, q());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.e
    public org.bouncycastle.tls.q0[] a0() {
        return this.p.d().c().j(this.q);
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.s2
    public org.bouncycastle.tls.q0 b() throws IOException {
        org.bouncycastle.tls.q0 b2 = super.b();
        String N = this.p.d().c().N(this.q, b2);
        x.fine("Server selected protocol version: " + N);
        return b2;
    }

    @Override // org.bouncycastle.tls.f
    protected boolean b0() {
        return false;
    }

    @Override // org.bouncycastle.tls.s2
    public org.bouncycastle.tls.o c() throws IOException {
        return null;
    }

    @Override // org.bouncycastle.tls.f
    protected boolean d0() {
        return false;
    }

    @Override // org.bouncycastle.tls.f
    protected boolean f0() {
        return this.r.f18237g != null;
    }

    @Override // org.bouncycastle.tls.s2
    public p1 getCredentials() throws IOException {
        return this.v;
    }

    @Override // org.bouncycastle.tls.f
    protected int h0() {
        return NamedGroupInfo.l(this.r.a);
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.s2
    public Hashtable<Integer, byte[]> i() throws IOException {
        super.i();
        if (this.t != null) {
            z1.k(g0());
        }
        return this.o;
    }

    @Override // org.bouncycastle.tls.f
    protected int i0() {
        int m = NamedGroupInfo.m(this.r.a);
        if (m >= y) {
            return m;
        }
        return 0;
    }

    @Override // org.bouncycastle.tls.f
    protected Vector<org.bouncycastle.tls.p0> j0() {
        return x.A(this.q.e());
    }

    @Override // org.bouncycastle.jsse.provider.z0
    public synchronized boolean k() {
        return this.w;
    }

    @Override // org.bouncycastle.tls.f
    protected boolean l0() {
        return this.q.q();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.f
    public boolean m0(int i2) throws IOException {
        p1 u0 = u0(this.r.f18237g, i2);
        if (u0 != null) {
            boolean m0 = super.m0(i2);
            if (m0) {
                this.v = u0;
            }
            return m0;
        }
        String m = j0.m(i2);
        x.finer("Server found no credentials for cipher suite: " + m);
        return false;
    }

    @Override // org.bouncycastle.tls.f
    protected int n0(int i2) {
        return NamedGroupInfo.A(this.r.a, Math.max(i2, y));
    }

    @Override // org.bouncycastle.tls.f
    protected int o0(int i2) {
        return NamedGroupInfo.z(this.r.a, i2);
    }

    @Override // org.bouncycastle.tls.j2
    public boolean p() {
        return x.U();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.f
    public org.bouncycastle.tls.p0 p0() throws IOException {
        if (this.q.i() == null && this.q.p() == null) {
            return super.p0();
        }
        List<String> z2 = x.z(this.m);
        String g2 = this.p.g(Collections.unmodifiableList(z2));
        if (g2 == null) {
            throw new TlsFatalAlert((short) 120);
        }
        if (g2.length() < 1) {
            return null;
        }
        if (z2.contains(g2)) {
            return org.bouncycastle.tls.p0.a(g2);
        }
        throw new TlsFatalAlert((short) 120);
    }

    @Override // org.bouncycastle.tls.f
    protected boolean r0() {
        return this.q.i() == null && this.q.p() == null;
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.s2
    public void s(Hashtable hashtable) throws IOException {
        Logger logger;
        String str;
        super.s(hashtable);
        Vector f2 = this.a.h().f();
        if (f2 != null) {
            Collection<h.a.b.d> m = this.q.m();
            if (m == null || m.isEmpty()) {
                logger = x;
                str = "Server ignored SNI (no matchers specified)";
            } else {
                h.a.b.e l = x.l(f2, m);
                this.t = l;
                if (l == null) {
                    throw new TlsFatalAlert((short) 112);
                }
                logger = x;
                str = "Server accepted SNI: " + this.t;
            }
            logger.fine(str);
        }
        if (z) {
            this.r.f18237g = x.G(this.k);
        }
    }

    @Override // org.bouncycastle.tls.j2
    /* renamed from: s0, reason: merged with bridge method [inline-methods] */
    public org.bouncycastle.tls.crypto.impl.jcajce.h e() {
        return this.p.d().d();
    }

    protected boolean t0() {
        return this.q.j() || this.q.r();
    }

    @Override // org.bouncycastle.tls.j2
    public void u(boolean z2) throws IOException {
        if (!z2 && !c0.a("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    protected p1 u0(Principal[] principalArr, int i2) throws IOException {
        int q0 = a3.q0(i2);
        if (q0 == 0 || q0 == 1 || q0 == 3 || q0 == 5 || q0 == 17 || q0 == 19) {
            return (1 == q0 || !a3.R0(this.a.b())) ? w0(principalArr, q0) : v0(principalArr, q0);
        }
        return null;
    }

    protected p1 v0(Principal[] principalArr, int i2) throws IOException {
        org.bouncycastle.jsse.java.security.a d2 = this.q.d();
        boolean Z0 = a3.Z0(this.a);
        boolean z2 = !Z0;
        short t0 = a3.t0(i2);
        for (SignatureSchemeInfo signatureSchemeInfo : this.r.f18234d) {
            if (a3.f1(signatureSchemeInfo.p(), i2)) {
                short l = signatureSchemeInfo.l();
                String x2 = t0 == l ? x.x(i2) : x.v(signatureSchemeInfo);
                if (!this.u.contains(x2) && signatureSchemeInfo.t(d2, z2, Z0, this.r.a)) {
                    d1 f2 = this.p.f(x2, principalArr);
                    if (f2 != null && x.M(l, f2.c())) {
                        return x.j(this.a, e(), f2, signatureSchemeInfo.m());
                    }
                    this.u.add(x2);
                }
            }
        }
        return null;
    }

    protected p1 w0(Principal[] principalArr, int i2) throws IOException {
        String x2 = x.x(i2);
        if (this.u.contains(x2)) {
            return null;
        }
        d1 f2 = this.p.f(x2, principalArr);
        if (f2 != null && x.N(i2, f2.c())) {
            return 1 == i2 ? x.i(e(), f2) : x.j(this.a, e(), f2, null);
        }
        this.u.add(x2);
        return null;
    }
}
