package org.openjsse.sun.security.ssl;

import java.security.AccessController;
import java.security.AlgorithmParameters;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.EllipticCurve;
import java.security.spec.RSAPublicKeySpec;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import sun.security.jca.ProviderList;
import sun.security.jca.Providers;
import sun.security.util.ECUtil;
import u.K;

/* loaded from: classes.dex */
final class JsseJce {
    static final boolean ALLOW_ECC = Utilities.getBooleanProperty("com.sun.net.ssl.enableECC", true);
    static final String CIPHER_3DES = "DESede/CBC/NoPadding";
    static final String CIPHER_AES = "AES/CBC/NoPadding";
    static final String CIPHER_AES_GCM = "AES/GCM/NoPadding";
    static final String CIPHER_CHACHA20_POLY1305 = "ChaCha20-Poly1305";
    static final String CIPHER_DES = "DES/CBC/NoPadding";
    static final String CIPHER_RC4 = "RC4";
    static final String CIPHER_RSA_PKCS1 = "RSA/ECB/PKCS1Padding";
    public static double PROVIDER_VER = 1.8d;
    static final String SIGNATURE_DSA = "DSA";
    static final String SIGNATURE_ECDSA = "SHA1withECDSA";
    static final String SIGNATURE_RAWDSA = "RawDSA";
    static final String SIGNATURE_RAWECDSA = "NONEwithECDSA";
    static final String SIGNATURE_RAWRSA = "NONEwithRSA";
    static final String SIGNATURE_SSLRSA = "MD5andSHA1withRSA";
    private static final ProviderList fipsProviderList;

    /* loaded from: classes.dex */
    public static class EcAvailability {
        private static final boolean isAvailable;

        static {
            boolean z2;
            try {
                JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA);
                JsseJce.getSignature(JsseJce.SIGNATURE_RAWECDSA);
                JsseJce.getKeyAgreement("ECDH");
                JsseJce.getKeyFactory("EC");
                JsseJce.getKeyPairGenerator("EC");
                JsseJce.getAlgorithmParameters("EC");
                z2 = true;
            } catch (Exception unused) {
                z2 = false;
            }
            isAvailable = z2;
        }

        private EcAvailability() {
        }
    }

    /* loaded from: classes.dex */
    public static final class SunCertificates extends Provider {
        private static final long serialVersionUID = -3284138292032213752L;

        public SunCertificates(final Provider provider) {
            super("SunCertificates", JsseJce.PROVIDER_VER, "OpenJSSE internal");
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: org.openjsse.sun.security.ssl.JsseJce.SunCertificates.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    for (Map.Entry<Object, Object> entry : provider.entrySet()) {
                        String str = (String) entry.getKey();
                        if (str.startsWith("CertPathValidator.") || str.startsWith("CertPathBuilder.") || str.startsWith("CertStore.") || str.startsWith("CertificateFactory.")) {
                            SunCertificates.this.put(str, entry.getValue());
                        }
                    }
                    return null;
                }
            });
        }
    }

    static {
        if (!OpenJSSE.isFIPS()) {
            fipsProviderList = null;
            return;
        }
        Provider provider = Security.getProvider("SUN");
        if (provider == null) {
            throw new RuntimeException("FIPS mode: SUN provider must be installed");
        }
        fipsProviderList = ProviderList.newList(new Provider[]{OpenJSSE.cryptoProvider, new SunCertificates(provider)});
    }

    private JsseJce() {
    }

    public static Object beginFipsProvider() {
        ProviderList providerList = fipsProviderList;
        if (providerList == null) {
            return null;
        }
        return Providers.beginThreadProviderList(providerList);
    }

    public static ECPoint decodePoint(byte[] bArr, EllipticCurve ellipticCurve) {
        return ECUtil.decodePoint(bArr, ellipticCurve);
    }

    public static byte[] encodePoint(ECPoint eCPoint, EllipticCurve ellipticCurve) {
        return ECUtil.encodePoint(eCPoint, ellipticCurve);
    }

    public static void endFipsProvider(Object obj) {
        if (fipsProviderList != null) {
            Providers.endThreadProviderList((ProviderList) obj);
        }
    }

    public static AlgorithmParameters getAlgorithmParameters(String str) {
        Provider provider = OpenJSSE.cryptoProvider;
        return provider == null ? AlgorithmParameters.getInstance(str) : AlgorithmParameters.getInstance(str, provider);
    }

    public static Cipher getCipher(String str) {
        try {
            Provider provider = OpenJSSE.cryptoProvider;
            return provider == null ? Cipher.getInstance(str) : Cipher.getInstance(str, provider);
        } catch (NoSuchPaddingException e5) {
            throw new NoSuchAlgorithmException(e5);
        }
    }

    public static ECParameterSpec getECParameterSpec(String str) {
        return ECUtil.getECParameterSpec(OpenJSSE.cryptoProvider, str);
    }

    public static KeyAgreement getKeyAgreement(String str) {
        Provider provider = OpenJSSE.cryptoProvider;
        return provider == null ? KeyAgreement.getInstance(str) : KeyAgreement.getInstance(str, provider);
    }

    public static KeyFactory getKeyFactory(String str) {
        Provider provider = OpenJSSE.cryptoProvider;
        return provider == null ? KeyFactory.getInstance(str) : KeyFactory.getInstance(str, provider);
    }

    public static KeyGenerator getKeyGenerator(String str) {
        Provider provider = OpenJSSE.cryptoProvider;
        return provider == null ? KeyGenerator.getInstance(str) : KeyGenerator.getInstance(str, provider);
    }

    public static KeyPairGenerator getKeyPairGenerator(String str) {
        Provider provider = OpenJSSE.cryptoProvider;
        return provider == null ? KeyPairGenerator.getInstance(str) : KeyPairGenerator.getInstance(str, provider);
    }

    public static MessageDigest getMD5() {
        return getMessageDigest("MD5");
    }

    public static Mac getMac(String str) {
        Provider provider = OpenJSSE.cryptoProvider;
        return provider == null ? Mac.getInstance(str) : Mac.getInstance(str, provider);
    }

    public static MessageDigest getMessageDigest(String str) {
        try {
            Provider provider = OpenJSSE.cryptoProvider;
            return provider == null ? MessageDigest.getInstance(str) : MessageDigest.getInstance(str, provider);
        } catch (NoSuchAlgorithmException e5) {
            throw new RuntimeException(K.b("Algorithm ", str, " not available"), e5);
        }
    }

    public static String getNamedCurveOid(ECParameterSpec eCParameterSpec) {
        return ECUtil.getCurveName(OpenJSSE.cryptoProvider, eCParameterSpec);
    }

    public static int getRSAKeyLength(PublicKey publicKey) {
        return (publicKey instanceof RSAPublicKey ? ((RSAPublicKey) publicKey).getModulus() : getRSAPublicKeySpec(publicKey).getModulus()).bitLength();
    }

    public static RSAPublicKeySpec getRSAPublicKeySpec(PublicKey publicKey) {
        if (publicKey instanceof RSAPublicKey) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            return new RSAPublicKeySpec(rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent());
        }
        try {
            return (RSAPublicKeySpec) getKeyFactory("RSA").getKeySpec(publicKey, RSAPublicKeySpec.class);
        } catch (Exception e5) {
            throw new RuntimeException(e5);
        }
    }

    public static MessageDigest getSHA() {
        return getMessageDigest("SHA");
    }

    public static SecureRandom getSecureRandom() {
        Provider provider = OpenJSSE.cryptoProvider;
        if (provider == null) {
            return new SecureRandom();
        }
        try {
            return SecureRandom.getInstance("PKCS11", provider);
        } catch (NoSuchAlgorithmException unused) {
            Iterator<Provider.Service> it = OpenJSSE.cryptoProvider.getServices().iterator();
            while (it.hasNext()) {
                Provider.Service next = it.next();
                if (next.getType().equals("SecureRandom")) {
                    try {
                        return SecureRandom.getInstance(next.getAlgorithm(), OpenJSSE.cryptoProvider);
                    } catch (NoSuchAlgorithmException unused2) {
                        continue;
                    }
                }
            }
            throw new KeyManagementException("FIPS mode: no SecureRandom  implementation found in provider " + OpenJSSE.cryptoProvider.getName());
        }
    }

    public static Signature getSignature(String str) {
        Provider provider = OpenJSSE.cryptoProvider;
        if (provider == null) {
            return Signature.getInstance(str);
        }
        if (str != SIGNATURE_SSLRSA || provider.getService("Signature", str) != null) {
            return Signature.getInstance(str, OpenJSSE.cryptoProvider);
        }
        try {
            return Signature.getInstance(str, "OpenJSSE");
        } catch (NoSuchProviderException e5) {
            throw new NoSuchAlgorithmException(e5);
        }
    }

    public static boolean isEcAvailable() {
        return EcAvailability.isAvailable;
    }
}
