package org.bouncycastle.jsse.provider;

import java.io.IOException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.a3;
import org.bouncycastle.tls.f2;
import org.bouncycastle.tls.f3;
import org.bouncycastle.tls.h3;
import org.bouncycastle.tls.i3;
import org.bouncycastle.tls.v1;
import org.bouncycastle.tls.x1;

/* loaded from: classes3.dex */
public class b1 extends org.bouncycastle.tls.v implements e1 {

    /* renamed from: o, reason: collision with root package name */
    public static final Logger f17983o = Logger.getLogger(b1.class.getName());

    /* renamed from: p, reason: collision with root package name */
    public static final boolean f17984p = e0.b("jdk.tls.client.enableCAExtension", false);

    /* renamed from: q, reason: collision with root package name */
    public static final boolean f17985q = e0.b("org.bouncycastle.jsse.client.enableSessionResumption", true);

    /* renamed from: r, reason: collision with root package name */
    public static final boolean f17986r = e0.b("jdk.tls.client.enableStatusRequestExtension", true);

    /* renamed from: s, reason: collision with root package name */
    public static final boolean f17987s = e0.b("org.bouncycastle.jsse.client.enableTrustedCAKeysExtension", false);

    /* renamed from: t, reason: collision with root package name */
    public static final boolean f17988t = e0.b("jsse.enableSNIExtension", true);

    /* renamed from: j, reason: collision with root package name */
    public final d1 f17989j;

    /* renamed from: k, reason: collision with root package name */
    public final o0 f17990k;

    /* renamed from: l, reason: collision with root package name */
    public final w f17991l;

    /* renamed from: m, reason: collision with root package name */
    public r0 f17992m;

    /* renamed from: n, reason: collision with root package name */
    public boolean f17993n;

    /* loaded from: classes3.dex */
    public class a implements org.bouncycastle.tls.l1 {
        public a() {
        }

        @Override // org.bouncycastle.tls.l1
        public v1 a(org.bouncycastle.tls.n nVar) throws IOException {
            d e10 = b1.this.f17989j.e();
            org.bouncycastle.tls.a1 f10 = b1.this.f18368c.f();
            org.bouncycastle.tls.v0 t10 = f10.t();
            boolean y12 = h3.y1(t10);
            Vector C = f10.C();
            Vector D = f10.D();
            b1.this.f17991l.f18217d = e10.g(C);
            w wVar = b1.this.f17991l;
            wVar.f18218e = C == D ? wVar.f18217d : e10.g(D);
            if (b1.f17983o.isLoggable(Level.FINEST)) {
                b1.f17983o.finest(y.I("Peer signature_algorithms", b1.this.f17991l.f18217d));
                w wVar2 = b1.this.f17991l;
                if (wVar2.f18218e != wVar2.f18217d) {
                    b1.f17983o.finest(y.I("Peer signature_algorithms_cert", b1.this.f17991l.f18218e));
                }
            }
            if (f.f18017a == e10.h()) {
                return null;
            }
            X500Principal[] a02 = y.a0(nVar.c());
            byte[] d10 = nVar.d();
            if (y12 != (d10 != null)) {
                throw new TlsFatalAlert((short) 80);
            }
            short[] e11 = nVar.e();
            if (y12 == (e11 == null)) {
                return y12 ? b1.this.H0(a02, d10) : h3.s1(t10) ? b1.this.G0(a02, e11) : b1.this.I0(a02, e11);
            }
            throw new TlsFatalAlert((short) 80);
        }

        @Override // org.bouncycastle.tls.l1
        public void b(a3 a3Var) throws IOException {
            if (a3Var == null || a3Var.a() == null || a3Var.a().h()) {
                throw new TlsFatalAlert((short) 40);
            }
            X509Certificate[] O = y.O(b1.this.c(), a3Var.a());
            String r10 = y.r(b1.this.f18368c.f().o());
            b1.this.f17991l.f18219f = y.K(a3Var.b());
            b1.this.f17989j.checkServerTrusted(O, r10);
        }
    }

    public b1(d1 d1Var, o0 o0Var) {
        super(d1Var.e().d());
        this.f17991l = new w();
        this.f17992m = null;
        this.f17993n = false;
        this.f17989j = d1Var;
        this.f17990k = o0Var.b();
    }

    @Override // org.bouncycastle.tls.r2
    public int B() {
        return y.B();
    }

    @Override // org.bouncycastle.tls.r2
    /* renamed from: C0, reason: merged with bridge method [inline-methods] */
    public qh.h c() {
        return this.f17989j.e().d();
    }

    public String[] D0(short[] sArr) throws IOException {
        String[] strArr = new String[sArr.length];
        for (int i10 = 0; i10 < sArr.length; i10++) {
            strArr[i10] = y.y(sArr[i10]);
        }
        return strArr;
    }

    public org.bouncycastle.tls.g1 E0(r0 r0Var, f3 f3Var) {
        org.bouncycastle.tls.g1 c10;
        if (f3Var == null || !f3Var.b() || (c10 = f3Var.c()) == null || !org.bouncycastle.tls.v0.b(t(), c10.g()) || !org.bouncycastle.util.a.q(x(), c10.c()) || h3.y1(c10.g())) {
            return null;
        }
        String h10 = this.f17990k.h();
        if (h10 != null) {
            String a10 = r0Var.t().a();
            if (!h10.equalsIgnoreCase(a10)) {
                f17983o.finer("Session not resumable - endpoint ID algorithm mismatch; connection: " + h10 + ", session: " + a10);
                return null;
            }
        }
        return c10;
    }

    public final void F0(LinkedHashMap<String, SignatureSchemeInfo> linkedHashMap, String str) {
        for (Map.Entry<String, SignatureSchemeInfo> entry : linkedHashMap.entrySet()) {
            String key = entry.getKey();
            if (key.equals(str)) {
                return;
            }
            Logger logger = f17983o;
            if (logger.isLoggable(Level.FINER)) {
                logger.finer("Client found no credentials for signature scheme '" + entry.getValue() + "' (keyType '" + key + "')");
            }
        }
    }

    public v1 G0(Principal[] principalArr, short[] sArr) throws IOException {
        Logger logger;
        String str;
        short a10;
        LinkedHashMap<String, SignatureSchemeInfo> linkedHashMap = new LinkedHashMap<>();
        for (SignatureSchemeInfo signatureSchemeInfo : this.f17991l.f18217d) {
            String k10 = signatureSchemeInfo.k();
            if (!linkedHashMap.containsKey(k10) && (a10 = org.bouncycastle.tls.h1.a(signatureSchemeInfo.m())) >= 0 && org.bouncycastle.util.a.r(sArr, a10) && this.f17991l.f18215b.contains(signatureSchemeInfo)) {
                linkedHashMap.put(k10, signatureSchemeInfo);
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = f17983o;
            str = "Client (1.2) found no usable signature schemes";
        } else {
            pg.l f10 = this.f17989j.f((String[]) linkedHashMap.keySet().toArray(h3.f18525i), principalArr);
            if (f10 != null) {
                String a11 = f10.a();
                F0(linkedHashMap, a11);
                SignatureSchemeInfo signatureSchemeInfo2 = linkedHashMap.get(a11);
                if (signatureSchemeInfo2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = f17983o;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Client (1.2) selected credentials for signature scheme '" + signatureSchemeInfo2 + "' (keyType '" + a11 + "'), with private key algorithm '" + y.D(f10.getPrivateKey()) + "'");
                }
                return y.k(this.f18368c, c(), f10, signatureSchemeInfo2.n());
            }
            F0(linkedHashMap, null);
            logger = f17983o;
            str = "Client (1.2) did not select any credentials";
        }
        logger.fine(str);
        return null;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.r2
    public void H(short s10, short s11, String str, Throwable th2) {
        super.H(s10, s11, str, th2);
        Level level = s10 == 1 ? Level.FINE : s11 == 80 ? Level.WARNING : Level.INFO;
        Logger logger = f17983o;
        if (logger.isLoggable(level)) {
            String o10 = y.o("Client raised", s10, s11);
            if (str != null) {
                o10 = o10 + ": " + str;
            }
            logger.log(level, o10, th2);
        }
    }

    public v1 H0(Principal[] principalArr, byte[] bArr) throws IOException {
        Logger logger;
        String str;
        LinkedHashMap<String, SignatureSchemeInfo> linkedHashMap = new LinkedHashMap<>();
        for (SignatureSchemeInfo signatureSchemeInfo : this.f17991l.f18217d) {
            if (signatureSchemeInfo.A() && this.f17991l.f18215b.contains(signatureSchemeInfo)) {
                String l10 = signatureSchemeInfo.l();
                if (!linkedHashMap.containsKey(l10)) {
                    linkedHashMap.put(l10, signatureSchemeInfo);
                }
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = f17983o;
            str = "Client (1.3) found no usable signature schemes";
        } else {
            pg.l f10 = this.f17989j.f((String[]) linkedHashMap.keySet().toArray(h3.f18525i), principalArr);
            if (f10 != null) {
                String a10 = f10.a();
                F0(linkedHashMap, a10);
                SignatureSchemeInfo signatureSchemeInfo2 = linkedHashMap.get(a10);
                if (signatureSchemeInfo2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = f17983o;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Client (1.3) selected credentials for signature scheme '" + signatureSchemeInfo2 + "' (keyType '" + a10 + "'), with private key algorithm '" + y.D(f10.getPrivateKey()) + "'");
                }
                return y.l(this.f18368c, c(), f10, signatureSchemeInfo2.n(), bArr);
            }
            F0(linkedHashMap, null);
            logger = f17983o;
            str = "Client (1.3) did not select any credentials";
        }
        logger.fine(str);
        return null;
    }

    public v1 I0(Principal[] principalArr, short[] sArr) throws IOException {
        pg.l f10;
        String[] D0 = D0(sArr);
        if (D0.length >= 1 && (f10 = this.f17989j.f(D0, principalArr)) != null) {
            return y.k(this.f18368c, c(), f10, null);
        }
        return null;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.r2
    public void M(short s10, short s11) {
        super.M(s10, s11);
        Level level = s10 == 1 ? Level.FINE : Level.INFO;
        Logger logger = f17983o;
        if (logger.isLoggable(level)) {
            logger.log(level, y.o("Client received", s10, s11));
        }
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.e, org.bouncycastle.tls.r2
    public void N() throws IOException {
        super.N();
        d e10 = this.f17989j.e();
        org.bouncycastle.tls.v0[] t10 = t();
        this.f17991l.f18214a = e10.e(this.f17990k, t10);
    }

    @Override // org.bouncycastle.tls.m1
    public f3 Q() {
        f3 u10;
        org.bouncycastle.tls.g1 E0;
        if (f17985q) {
            r0 o10 = this.f17990k.o();
            if (o10 == null) {
                o10 = this.f17989j.e().b().g(this.f17989j.getPeerHost(), this.f17989j.getPeerPort());
            }
            if (o10 != null && (E0 = E0(o10, (u10 = o10.u()))) != null) {
                this.f17992m = o10;
                if (!this.f17989j.getEnableSessionCreation()) {
                    this.f18370e = new int[]{E0.c()};
                }
                return u10;
            }
        }
        y.c(this.f17989j);
        return null;
    }

    @Override // org.bouncycastle.tls.m1
    public void R(byte[] bArr) {
        r0 r0Var;
        if ((h3.l1(bArr) || (r0Var = this.f17992m) == null || !org.bouncycastle.util.a.d(bArr, r0Var.getId())) ? false : true) {
            f17983o.fine("Server resumed session: " + sh.d.e(bArr));
        } else {
            this.f17992m = null;
            if (h3.l1(bArr)) {
                f17983o.fine("Server did not specify a session ID");
            } else {
                f17983o.fine("Server specified new session: " + sh.d.e(bArr));
            }
            y.c(this.f17989j);
        }
        d1 d1Var = this.f17989j;
        d1Var.g(d1Var.e().b(), this.f18368c.f(), this.f17991l, this.f17992m);
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.r2
    public synchronized void S() throws IOException {
        super.S();
        boolean z10 = true;
        this.f17993n = true;
        f3 h10 = this.f18368c.h();
        r0 r0Var = this.f17992m;
        if (r0Var == null || r0Var.u() != h10) {
            ProvSSLSessionContext b10 = this.f17989j.e().b();
            String peerHost = this.f17989j.getPeerHost();
            int peerPort = this.f17989j.getPeerPort();
            x xVar = new x(this.f17990k.h(), null);
            if (!f17985q || h3.z1(this.f18368c)) {
                z10 = false;
            }
            this.f17992m = b10.v(peerHost, peerPort, h10, xVar, z10);
        }
        this.f17989j.c(new k0(this.f18368c, this.f17992m));
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.m1
    public void U(int i10) {
        String P = this.f17989j.e().c().P(this.f17990k, i10);
        f17983o.fine("Client notified of selected cipher suite: " + P);
        super.U(i10);
    }

    @Override // org.bouncycastle.tls.r2
    public boolean V() {
        return !y.a();
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.m1
    public void X(org.bouncycastle.tls.v0 v0Var) throws IOException {
        String Q = this.f17989j.e().c().Q(this.f17990k, v0Var);
        f17983o.fine("Client notified of selected protocol version: " + Q);
        super.X(v0Var);
    }

    @Override // org.bouncycastle.tls.r2
    public boolean c0() {
        return y.b();
    }

    @Override // org.bouncycastle.tls.m1
    public x1 d0() {
        return new i0();
    }

    @Override // org.bouncycastle.tls.r2
    public boolean f() {
        return y.U();
    }

    @Override // org.bouncycastle.tls.m1
    public org.bouncycastle.tls.l1 getAuthentication() throws IOException {
        return new a();
    }

    @Override // org.bouncycastle.jsse.provider.e1
    public synchronized boolean j() {
        return this.f17993n;
    }

    @Override // org.bouncycastle.tls.r2
    public int l() {
        return y.A();
    }

    @Override // org.bouncycastle.tls.e
    public int[] l0() {
        return this.f17989j.e().c().j(c(), this.f17990k, t());
    }

    @Override // org.bouncycastle.tls.e
    public org.bouncycastle.tls.v0[] m0() {
        return this.f17989j.e().c().k(this.f17990k);
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.m1
    public void n(Hashtable hashtable) throws IOException {
        super.n(hashtable);
        if (this.f18368c.f().h() != null) {
            boolean B0 = f2.B0(hashtable);
            f17983o.finer("Server accepted SNI?: " + B0);
        }
    }

    @Override // org.bouncycastle.tls.a
    public Vector<xf.c> p0() {
        if (f17984p) {
            return y.s(this.f17989j.e().i());
        }
        return null;
    }

    @Override // org.bouncycastle.tls.a
    public org.bouncycastle.tls.p q0() {
        if (f17986r) {
            return new org.bouncycastle.tls.p((short) 1, new org.bouncycastle.tls.r0(null, null));
        }
        return null;
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.q> r0() {
        if (!f17986r) {
            return null;
        }
        org.bouncycastle.tls.r0 r0Var = new org.bouncycastle.tls.r0(null, null);
        Vector<org.bouncycastle.tls.q> vector = new Vector<>(2);
        vector.add(new org.bouncycastle.tls.q((short) 2, r0Var));
        vector.add(new org.bouncycastle.tls.q((short) 1, r0Var));
        return vector;
    }

    @Override // org.bouncycastle.tls.r2
    public boolean s() {
        return y.b0();
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.u0> t0() {
        return y.F(this.f17990k.e());
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.c1> u0() {
        String k10;
        if (!f17988t) {
            return null;
        }
        List<pg.e> n10 = this.f17990k.n();
        if (n10 == null && (k10 = this.f17989j.k()) != null && k10.indexOf(46) > 0 && !org.bouncycastle.util.d.a(k10)) {
            try {
                n10 = Collections.singletonList(new pg.c(k10));
            } catch (RuntimeException unused) {
                f17983o.fine("Failed to add peer host as default SNI host_name: " + k10);
            }
        }
        if (n10 == null || n10.isEmpty()) {
            return null;
        }
        Vector<org.bouncycastle.tls.c1> vector = new Vector<>(n10.size());
        for (pg.e eVar : n10) {
            vector.add(new org.bouncycastle.tls.c1((short) eVar.b(), eVar.a()));
        }
        return vector;
    }

    @Override // org.bouncycastle.tls.a
    public Vector<Integer> v0(Vector vector) {
        return NamedGroupInfo.t(this.f17991l.f18214a);
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.m1
    public void w(f3 f3Var) {
        if (f3Var == null) {
            y.c(this.f17989j);
        }
        super.w(f3Var);
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.i1> w0() {
        List<SignatureSchemeInfo> a10 = this.f17989j.e().a(false, this.f17990k, t(), this.f17991l.f18214a);
        w wVar = this.f17991l;
        wVar.f18215b = a10;
        wVar.f18216c = a10;
        return SignatureSchemeInfo.p(a10);
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.i1> x0() {
        return null;
    }

    @Override // org.bouncycastle.tls.r2
    public void y(boolean z10) throws IOException {
        if (!z10 && !e0.b("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    @Override // org.bouncycastle.tls.a
    public Vector<i3> y0() {
        Vector<xf.c> s10;
        if (!f17987s || (s10 = y.s(this.f17989j.e().i())) == null) {
            return null;
        }
        Vector<i3> vector = new Vector<>(s10.size());
        Iterator<xf.c> it2 = s10.iterator();
        while (it2.hasNext()) {
            vector.add(new i3((short) 2, it2.next()));
        }
        return vector;
    }
}
