package org.conscrypt;

import io.grpc.netty.shaded.io.netty.handler.codec.http.multipart.DefaultHttpDataFactory;
import java.io.FileDescriptor;
import java.io.IOException;
import java.net.SocketException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import org.conscrypt.NativeCrypto;
import org.conscrypt.T;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes7.dex */
public final class NativeSsl {

    /* renamed from: a, reason: collision with root package name */
    private final T f64844a;

    /* renamed from: b, reason: collision with root package name */
    private final NativeCrypto.SSLHandshakeCallbacks f64845b;

    /* renamed from: c, reason: collision with root package name */
    private final T.a f64846c;

    /* renamed from: d, reason: collision with root package name */
    private final T.b f64847d;

    /* renamed from: e, reason: collision with root package name */
    private X509Certificate[] f64848e;

    /* renamed from: f, reason: collision with root package name */
    private final ReadWriteLock f64849f = new ReentrantReadWriteLock();

    /* renamed from: g, reason: collision with root package name */
    private volatile long f64850g;

    /* loaded from: classes7.dex */
    final class b {

        /* renamed from: a, reason: collision with root package name */
        private volatile long f64851a;

        private b() throws SSLException {
            this.f64851a = NativeCrypto.SSL_BIO_new(NativeSsl.this.f64850g, NativeSsl.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public void a() {
            long j10 = this.f64851a;
            this.f64851a = 0L;
            NativeCrypto.BIO_free_all(j10);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public int b() {
            if (this.f64851a != 0) {
                return NativeCrypto.SSL_pending_written_bytes_in_BIO(this.f64851a);
            }
            return 0;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public int c(long j10, int i10) throws IOException {
            return NativeCrypto.ENGINE_SSL_read_BIO_direct(NativeSsl.this.f64850g, NativeSsl.this, this.f64851a, j10, i10, NativeSsl.this.f64845b);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public int d(long j10, int i10) throws IOException {
            return NativeCrypto.ENGINE_SSL_write_BIO_direct(NativeSsl.this.f64850g, NativeSsl.this, this.f64851a, j10, i10, NativeSsl.this.f64845b);
        }
    }

    private NativeSsl(long j10, T t10, NativeCrypto.SSLHandshakeCallbacks sSLHandshakeCallbacks, T.a aVar, T.b bVar) {
        this.f64850g = j10;
        this.f64844a = t10;
        this.f64845b = sSLHandshakeCallbacks;
        this.f64846c = aVar;
        this.f64847d = bVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NativeSsl A(T t10, NativeCrypto.SSLHandshakeCallbacks sSLHandshakeCallbacks, T.a aVar, T.b bVar) throws SSLException {
        AbstractSessionContext A10 = t10.A();
        return new NativeSsl(NativeCrypto.SSL_new(A10.f64800c, A10), t10, sSLHandshakeCallbacks, aVar, bVar);
    }

    private void D() throws SSLException {
        if (x()) {
            return;
        }
        if (this.f64844a.v()) {
            NativeCrypto.SSL_set_verify(this.f64850g, this, 3);
        } else {
            if (!this.f64844a.E()) {
                NativeCrypto.SSL_set_verify(this.f64850g, this, 0);
                return;
            }
            NativeCrypto.SSL_set_verify(this.f64850g, this, 1);
        }
        X509Certificate[] acceptedIssuers = this.f64844a.F().getAcceptedIssuers();
        if (acceptedIssuers == null || acceptedIssuers.length == 0) {
            return;
        }
        try {
            NativeCrypto.SSL_set_client_CA_list(this.f64850g, this, U.g(acceptedIssuers));
        } catch (CertificateEncodingException e10) {
            throw new SSLException("Problem encoding principals", e10);
        }
    }

    private void F(H h10) throws SSLException {
        T t10 = this.f64844a;
        if (t10.f64890x) {
            if (!t10.C()) {
                NativeCrypto.SSL_enable_tls_channel_id(this.f64850g, this);
            } else {
                if (h10 == null) {
                    throw new SSLHandshakeException("Invalid TLS channel ID key specified");
                }
                NativeCrypto.SSL_set1_tls_channel_id(this.f64850g, this, h10.a());
            }
        }
    }

    private void f() throws SSLException {
        Wd.k y10 = this.f64844a.y();
        if (y10 != null) {
            for (String str : this.f64844a.f64874h) {
                if (str != null && str.contains("PSK")) {
                    if (x()) {
                        NativeCrypto.set_SSL_psk_client_callback_enabled(this.f64850g, this, true);
                        return;
                    }
                    NativeCrypto.set_SSL_psk_server_callback_enabled(this.f64850g, this, true);
                    NativeCrypto.SSL_use_psk_identity_hint(this.f64850g, this, this.f64847d.a(y10));
                    return;
                }
            }
        }
    }

    private boolean x() {
        return this.f64844a.C();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int B(FileDescriptor fileDescriptor, byte[] bArr, int i10, int i11, int i12) throws IOException {
        this.f64849f.readLock().lock();
        try {
        } catch (Throwable th) {
            th = th;
        }
        try {
            if (y() || fileDescriptor == null || !fileDescriptor.valid()) {
                throw new SocketException("Socket is closed");
            }
            int SSL_read = NativeCrypto.SSL_read(this.f64850g, this, fileDescriptor, this.f64845b, bArr, i10, i11, i12);
            this.f64849f.readLock().unlock();
            return SSL_read;
        } catch (Throwable th2) {
            th = th2;
            Throwable th3 = th;
            this.f64849f.readLock().unlock();
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int C(long j10, int i10) throws IOException, CertificateException {
        NativeSsl nativeSsl;
        this.f64849f.readLock().lock();
        try {
            nativeSsl = this;
        } catch (Throwable th) {
            th = th;
            nativeSsl = this;
        }
        try {
            int ENGINE_SSL_read_direct = NativeCrypto.ENGINE_SSL_read_direct(this.f64850g, nativeSsl, j10, i10, this.f64845b);
            nativeSsl.f64849f.readLock().unlock();
            return ENGINE_SSL_read_direct;
        } catch (Throwable th2) {
            th = th2;
            Throwable th3 = th;
            nativeSsl.f64849f.readLock().unlock();
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void E(long j10) {
        NativeCrypto.SSL_set_timeout(this.f64850g, this, j10);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void G() throws IOException {
        this.f64849f.readLock().lock();
        try {
            NativeCrypto.ENGINE_SSL_shutdown(this.f64850g, this, this.f64845b);
        } finally {
            this.f64849f.readLock().unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void H(FileDescriptor fileDescriptor) throws IOException {
        NativeCrypto.SSL_shutdown(this.f64850g, this, fileDescriptor, this.f64845b);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean I() {
        this.f64849f.readLock().lock();
        try {
            return (NativeCrypto.SSL_get_shutdown(this.f64850g, this) & 2) != 0;
        } finally {
            this.f64849f.readLock().unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean J() {
        this.f64849f.readLock().lock();
        try {
            return (NativeCrypto.SSL_get_shutdown(this.f64850g, this) & 1) != 0;
        } finally {
            this.f64849f.readLock().unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void K(FileDescriptor fileDescriptor, byte[] bArr, int i10, int i11, int i12) throws IOException {
        this.f64849f.readLock().lock();
        try {
        } catch (Throwable th) {
            th = th;
        }
        try {
            if (y() || fileDescriptor == null || !fileDescriptor.valid()) {
                throw new SocketException("Socket is closed");
            }
            NativeCrypto.SSL_write(this.f64850g, this, fileDescriptor, this.f64845b, bArr, i10, i11, i12);
            this.f64849f.readLock().unlock();
        } catch (Throwable th2) {
            th = th2;
            Throwable th3 = th;
            this.f64849f.readLock().unlock();
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int L(long j10, int i10) throws IOException {
        NativeSsl nativeSsl;
        this.f64849f.readLock().lock();
        try {
            nativeSsl = this;
        } catch (Throwable th) {
            th = th;
            nativeSsl = this;
        }
        try {
            int ENGINE_SSL_write_direct = NativeCrypto.ENGINE_SSL_write_direct(this.f64850g, nativeSsl, j10, i10, this.f64845b);
            nativeSsl.f64849f.readLock().unlock();
            return ENGINE_SSL_write_direct;
        } catch (Throwable th2) {
            th = th2;
            Throwable th3 = th;
            nativeSsl.f64849f.readLock().unlock();
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void c() {
        this.f64849f.writeLock().lock();
        try {
            if (!y()) {
                long j10 = this.f64850g;
                this.f64850g = 0L;
                NativeCrypto.SSL_free(j10, this);
            }
        } finally {
            this.f64849f.writeLock().unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int d() throws IOException {
        this.f64849f.readLock().lock();
        try {
            return NativeCrypto.ENGINE_SSL_do_handshake(this.f64850g, this, this.f64845b);
        } finally {
            this.f64849f.readLock().unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void e(FileDescriptor fileDescriptor, int i10) throws CertificateException, IOException {
        this.f64849f.readLock().lock();
        try {
            try {
                if (y() || fileDescriptor == null || !fileDescriptor.valid()) {
                    throw new SocketException("Socket is closed");
                }
                NativeCrypto.SSL_do_handshake(this.f64850g, this, fileDescriptor, this.f64845b, i10);
                this.f64849f.readLock().unlock();
            } catch (Throwable th) {
                th = th;
                Throwable th2 = th;
                this.f64849f.readLock().unlock();
                throw th2;
            }
        } catch (Throwable th3) {
            th = th3;
        }
    }

    protected final void finalize() throws Throwable {
        try {
            c();
        } finally {
            super.finalize();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void g() throws IOException {
        this.f64849f.readLock().lock();
        try {
            NativeCrypto.ENGINE_SSL_force_read(this.f64850g, this, this.f64845b);
        } finally {
            this.f64849f.readLock().unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] h() {
        return NativeCrypto.getApplicationProtocol(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String i() {
        return NativeCrypto.e(NativeCrypto.SSL_get_current_cipher(this.f64850g, this));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int j(int i10) {
        return NativeCrypto.SSL_get_error(this.f64850g, this, i10);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public X509Certificate[] k() {
        return this.f64848e;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int l() {
        return NativeCrypto.SSL_max_seal_overhead(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] m() {
        return NativeCrypto.SSL_get_ocsp_response(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public X509Certificate[] n() throws CertificateException {
        byte[][] SSL_get0_peer_certificates = NativeCrypto.SSL_get0_peer_certificates(this.f64850g, this);
        if (SSL_get0_peer_certificates == null) {
            return null;
        }
        return U.e(SSL_get0_peer_certificates);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] o() {
        return NativeCrypto.SSL_get_signed_cert_timestamp_list(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int p() {
        this.f64849f.readLock().lock();
        try {
            if (!y()) {
                return NativeCrypto.SSL_pending_readable_bytes(this.f64850g, this);
            }
            this.f64849f.readLock().unlock();
            return 0;
        } finally {
            this.f64849f.readLock().unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String q() {
        return NativeCrypto.SSL_get_servername(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] r() {
        return NativeCrypto.SSL_session_id(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long s() {
        return NativeCrypto.SSL_get_time(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long t() {
        return NativeCrypto.SSL_get_timeout(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String u() {
        return NativeCrypto.SSL_get_version(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void v(String str, H h10) throws IOException {
        if (!this.f64844a.r()) {
            NativeCrypto.SSL_set_session_creation_enabled(this.f64850g, this, false);
        }
        NativeCrypto.SSL_accept_renegotiations(this.f64850g, this);
        if (x()) {
            NativeCrypto.SSL_set_connect_state(this.f64850g, this);
            NativeCrypto.SSL_enable_ocsp_stapling(this.f64850g, this);
            if (this.f64844a.G(str)) {
                NativeCrypto.SSL_enable_signed_cert_timestamps(this.f64850g, this);
            }
        } else {
            NativeCrypto.SSL_set_accept_state(this.f64850g, this);
            if (this.f64844a.w() != null) {
                NativeCrypto.SSL_enable_ocsp_stapling(this.f64850g, this);
            }
        }
        if (this.f64844a.t().length == 0 && this.f64844a.f64873g) {
            throw new SSLHandshakeException("No enabled protocols; SSLv3 is no longer supported and was filtered from the list");
        }
        NativeCrypto.k(this.f64850g, this, this.f64844a.f64872f);
        long j10 = this.f64850g;
        T t10 = this.f64844a;
        NativeCrypto.j(j10, this, t10.f64874h, t10.f64872f);
        if (this.f64844a.f64886t.length > 0) {
            NativeCrypto.setApplicationProtocols(this.f64850g, this, x(), this.f64844a.f64886t);
        }
        if (!x() && this.f64844a.f64887u != null) {
            NativeCrypto.setHasApplicationProtocolSelector(this.f64850g, this, true);
        }
        if (!x()) {
            NativeCrypto.SSL_set_options(this.f64850g, this, 4194304L);
            if (this.f64844a.f64884r != null) {
                NativeCrypto.SSL_set_signed_cert_timestamp_list(this.f64850g, this, this.f64844a.f64884r);
            }
            if (this.f64844a.f64885s != null) {
                NativeCrypto.SSL_set_ocsp_response(this.f64850g, this, this.f64844a.f64885s);
            }
        }
        f();
        if (this.f64844a.f64888v) {
            NativeCrypto.SSL_clear_options(this.f64850g, this, DefaultHttpDataFactory.MINSIZE);
        } else {
            NativeCrypto.SSL_set_options(this.f64850g, this, NativeCrypto.SSL_get_options(this.f64850g, this) | DefaultHttpDataFactory.MINSIZE);
        }
        if (this.f64844a.D() && C6552d.b(str)) {
            NativeCrypto.SSL_set_tlsext_host_name(this.f64850g, this, str);
        }
        NativeCrypto.SSL_set_mode(this.f64850g, this, 256L);
        D();
        F(h10);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void w() {
        NativeCrypto.SSL_interrupt(this.f64850g, this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean y() {
        return this.f64850g == 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public b z() {
        try {
            return new b();
        } catch (SSLException e10) {
            throw new RuntimeException(e10);
        }
    }
}
