package org.bouncycastle.jsse.provider;

import java.io.IOException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.jsse.provider.v1;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.a2;
import org.bouncycastle.tls.d3;
import org.bouncycastle.tls.i2;
import org.bouncycastle.tls.i3;
import org.bouncycastle.tls.k3;
import org.bouncycastle.tls.l3;

/* loaded from: classes2.dex */
public class f1 extends org.bouncycastle.tls.x implements i1 {

    /* renamed from: p, reason: collision with root package name */
    public static final Logger f9242p = Logger.getLogger(f1.class.getName());

    /* renamed from: q, reason: collision with root package name */
    public static final boolean f9243q = h0.b("jdk.tls.client.enableCAExtension", false);

    /* renamed from: r, reason: collision with root package name */
    public static final boolean f9244r = h0.b("org.bouncycastle.jsse.client.enableSessionResumption", true);

    /* renamed from: s, reason: collision with root package name */
    public static final boolean f9245s = h0.b("jdk.tls.client.enableStatusRequestExtension", true);

    /* renamed from: t, reason: collision with root package name */
    public static final boolean f9246t = h0.b("org.bouncycastle.jsse.client.enableTrustedCAKeysExtension", false);

    /* renamed from: u, reason: collision with root package name */
    public static final boolean f9247u = h0.b("jsse.enableSNIExtension", true);

    /* renamed from: j, reason: collision with root package name */
    public final String f9248j;

    /* renamed from: k, reason: collision with root package name */
    public final h1 f9249k;

    /* renamed from: l, reason: collision with root package name */
    public final r0 f9250l;

    /* renamed from: m, reason: collision with root package name */
    public final x f9251m;

    /* renamed from: n, reason: collision with root package name */
    public u0 f9252n;

    /* renamed from: o, reason: collision with root package name */
    public boolean f9253o;

    /* loaded from: classes2.dex */
    public class a implements org.bouncycastle.tls.o1 {
        public a() {
        }

        @Override // org.bouncycastle.tls.o1
        public org.bouncycastle.tls.y1 a(org.bouncycastle.tls.n nVar) throws IOException {
            d f10 = f1.this.f9249k.f();
            org.bouncycastle.tls.d1 g10 = f1.this.f9594c.g();
            org.bouncycastle.tls.y0 v10 = g10.v();
            boolean C1 = k3.C1(v10);
            Vector F = g10.F();
            Vector G = g10.G();
            List<v1> g11 = f10.g(F);
            List<v1> g12 = G != F ? f10.g(G) : null;
            f1.this.f9251m.f9510b.k(g11, g12);
            if (f1.f9242p.isLoggable(Level.FINEST)) {
                f1.f9242p.finest(z.L(f1.this.f9248j + " peer signature_algorithms", g11));
                if (g12 != null) {
                    f1.f9242p.finest(z.L(f1.this.f9248j + " peer signature_algorithms_cert", g12));
                }
            }
            if (g.f9255a == f10.j()) {
                return null;
            }
            X500Principal[] d02 = z.d0(nVar.c());
            byte[] d10 = nVar.d();
            if (C1 != (d10 != null)) {
                throw new TlsFatalAlert((short) 80);
            }
            short[] e10 = nVar.e();
            if (C1 == (e10 == null)) {
                return C1 ? f1.this.Q0(d02, d10) : k3.w1(v10) ? f1.this.P0(d02, e10) : f1.this.R0(d02, e10);
            }
            throw new TlsFatalAlert((short) 80);
        }

        @Override // org.bouncycastle.tls.o1
        public void b(d3 d3Var) throws IOException {
            if (d3Var == null || d3Var.getCertificate() == null || d3Var.getCertificate().h()) {
                throw new TlsFatalAlert((short) 40);
            }
            X509Certificate[] R = z.R(f1.this.d(), d3Var.getCertificate());
            String s10 = z.s(f1.this.f9594c.g().q());
            f1.this.f9251m.f9511c = z.N(d3Var.c());
            f1.this.f9249k.checkServerTrusted(R, s10);
        }
    }

    public f1(h1 h1Var, r0 r0Var) {
        super(h1Var.f().c());
        this.f9251m = new x();
        this.f9252n = null;
        this.f9253o = false;
        this.f9248j = z.E("client", h1Var);
        this.f9249k = h1Var;
        this.f9250l = r0Var.b();
    }

    @Override // org.bouncycastle.tls.u2
    public void A(boolean z10) throws IOException {
        if (!z10 && !h0.b("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.x0> C0() {
        return z.I(this.f9250l.e());
    }

    @Override // org.bouncycastle.tls.u2
    public int D() {
        return z.C();
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.f1> D0() {
        String k10;
        if (!f9247u) {
            return null;
        }
        List<l8.e> q10 = this.f9250l.q();
        if (q10 == null && (k10 = this.f9249k.k()) != null && k10.indexOf(46) > 0 && !org.bouncycastle.util.f.d(k10)) {
            try {
                q10 = Collections.singletonList(new l8.c(k10));
            } catch (RuntimeException unused) {
                f9242p.fine(this.f9248j + ": Failed to add peer host as default SNI host_name: " + k10);
            }
        }
        if (q10 == null || q10.isEmpty()) {
            return null;
        }
        Vector<org.bouncycastle.tls.f1> vector = new Vector<>(q10.size());
        for (l8.e eVar : q10) {
            vector.add(new org.bouncycastle.tls.f1((short) eVar.b(), eVar.a()));
        }
        return vector;
    }

    @Override // org.bouncycastle.tls.a
    public Vector<Integer> E0(Vector vector) {
        return e0.u(this.f9251m.f9509a);
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.l1> F0() {
        return this.f9251m.f9510b.d();
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.l1> G0() {
        return null;
    }

    @Override // org.bouncycastle.jsse.provider.i1
    public org.bouncycastle.tls.u1 H() {
        return this.f9594c;
    }

    @Override // org.bouncycastle.tls.a
    public Vector<l3> H0() {
        Vector<l7.c> t10;
        if (!f9246t || (t10 = z.t(this.f9249k.f().k())) == null) {
            return null;
        }
        Vector<l3> vector = new Vector<>(t10.size());
        Iterator<l7.c> it = t10.iterator();
        while (it.hasNext()) {
            vector.add(new l3((short) 2, it.next()));
        }
        return vector;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.u2
    public void K(short s10, short s11, String str, Throwable th) {
        super.K(s10, s11, str, th);
        Level level = s10 == 1 ? Level.FINE : s11 == 80 ? Level.WARNING : Level.INFO;
        Logger logger = f9242p;
        if (logger.isLoggable(level)) {
            String p10 = z.p(this.f9248j, s10, s11);
            if (str != null) {
                p10 = p10 + ": " + str;
            }
            logger.log(level, p10, th);
        }
    }

    @Override // org.bouncycastle.tls.u2
    /* renamed from: L0, reason: merged with bridge method [inline-methods] */
    public ma.j d() {
        return this.f9249k.f().c();
    }

    public String[] M0(short[] sArr) throws IOException {
        String[] strArr = new String[sArr.length];
        for (int i10 = 0; i10 < sArr.length; i10++) {
            strArr[i10] = z.z(sArr[i10]);
        }
        return strArr;
    }

    public org.bouncycastle.tls.j1 N0(u0 u0Var, i3 i3Var) {
        org.bouncycastle.tls.j1 c10;
        if (i3Var == null || !i3Var.b() || (c10 = i3Var.c()) == null || !org.bouncycastle.util.a.s(z(), c10.c())) {
            return null;
        }
        org.bouncycastle.tls.y0 f10 = c10.f();
        if (!org.bouncycastle.tls.y0.b(v(), f10) || k3.C1(f10)) {
            return null;
        }
        String i10 = this.f9250l.i();
        if (i10 != null) {
            String a10 = u0Var.t().a();
            if (!i10.equalsIgnoreCase(a10)) {
                Logger logger = f9242p;
                if (logger.isLoggable(Level.FINER)) {
                    logger.finer(this.f9248j + ": Session not resumable - endpoint ID algorithm mismatch; connection: " + i10 + ", session: " + a10);
                }
                return null;
            }
        }
        return c10;
    }

    @Override // org.bouncycastle.tls.p1
    public boolean O() {
        return z.e0();
    }

    public final void O0(LinkedHashMap<String, v1> linkedHashMap, String str) {
        for (Map.Entry<String, v1> entry : linkedHashMap.entrySet()) {
            String key = entry.getKey();
            if (key.equals(str)) {
                return;
            }
            Logger logger = f9242p;
            if (logger.isLoggable(Level.FINER)) {
                logger.finer(this.f9248j + " found no credentials for signature scheme '" + entry.getValue() + "' (keyType '" + key + "')");
            }
        }
    }

    public org.bouncycastle.tls.y1 P0(Principal[] principalArr, short[] sArr) throws IOException {
        short a10;
        v1.b bVar = this.f9251m.f9510b;
        LinkedHashMap<String, v1> linkedHashMap = new LinkedHashMap<>();
        for (v1 v1Var : bVar.i()) {
            String n10 = v1Var.n();
            if (!linkedHashMap.containsKey(n10) && (a10 = org.bouncycastle.tls.k1.a(v1Var.p())) >= 0 && org.bouncycastle.util.a.t(sArr, a10) && bVar.j(v1Var)) {
                linkedHashMap.put(n10, v1Var);
            }
        }
        if (linkedHashMap.isEmpty()) {
            Logger logger = f9242p;
            if (logger.isLoggable(Level.FINE)) {
                logger.fine(this.f9248j + " (1.2) found no usable signature schemes");
            }
            return null;
        }
        l8.l g10 = this.f9249k.g((String[]) linkedHashMap.keySet().toArray(k3.EMPTY_STRINGS), principalArr);
        if (g10 == null) {
            O0(linkedHashMap, null);
            Logger logger2 = f9242p;
            if (logger2.isLoggable(Level.FINE)) {
                logger2.fine(this.f9248j + " (1.2) did not select any credentials");
            }
            return null;
        }
        String a11 = g10.a();
        O0(linkedHashMap, a11);
        v1 v1Var2 = linkedHashMap.get(a11);
        if (v1Var2 == null) {
            throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
        }
        Logger logger3 = f9242p;
        if (logger3.isLoggable(Level.FINE)) {
            logger3.fine(this.f9248j + " (1.2) selected credentials for signature scheme '" + v1Var2 + "' (keyType '" + a11 + "'), with private key algorithm '" + z.G(g10.c()) + "'");
        }
        return z.l(this.f9594c, d(), g10, v1Var2.q());
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.u2
    public void Q(short s10, short s11) {
        super.Q(s10, s11);
        Level level = s10 == 1 ? Level.FINE : Level.INFO;
        Logger logger = f9242p;
        if (logger.isLoggable(level)) {
            logger.log(level, z.q(this.f9248j, s10, s11));
        }
    }

    public org.bouncycastle.tls.y1 Q0(Principal[] principalArr, byte[] bArr) throws IOException {
        v1.b bVar = this.f9251m.f9510b;
        LinkedHashMap<String, v1> linkedHashMap = new LinkedHashMap<>();
        for (v1 v1Var : bVar.i()) {
            if (v1Var.D() && bVar.j(v1Var)) {
                String o10 = v1Var.o();
                if (!linkedHashMap.containsKey(o10)) {
                    linkedHashMap.put(o10, v1Var);
                }
            }
        }
        if (linkedHashMap.isEmpty()) {
            Logger logger = f9242p;
            if (logger.isLoggable(Level.FINE)) {
                logger.fine(this.f9248j + " (1.3) found no usable signature schemes");
            }
            return null;
        }
        l8.l g10 = this.f9249k.g((String[]) linkedHashMap.keySet().toArray(k3.EMPTY_STRINGS), principalArr);
        if (g10 == null) {
            O0(linkedHashMap, null);
            Logger logger2 = f9242p;
            if (logger2.isLoggable(Level.FINE)) {
                logger2.fine(this.f9248j + " (1.3) did not select any credentials");
            }
            return null;
        }
        String a10 = g10.a();
        O0(linkedHashMap, a10);
        v1 v1Var2 = linkedHashMap.get(a10);
        if (v1Var2 == null) {
            throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
        }
        Logger logger3 = f9242p;
        if (logger3.isLoggable(Level.FINE)) {
            logger3.fine(this.f9248j + " (1.3) selected credentials for signature scheme '" + v1Var2 + "' (keyType '" + a10 + "'), with private key algorithm '" + z.G(g10.c()) + "'");
        }
        return z.m(this.f9594c, d(), g10, v1Var2.q(), bArr);
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.e, org.bouncycastle.tls.u2
    public void R() throws IOException {
        super.R();
        Logger logger = f9242p;
        if (logger.isLoggable(Level.INFO)) {
            logger.info(this.f9248j + " opening connection to " + z.F(this.f9249k));
        }
        d f10 = this.f9249k.f();
        org.bouncycastle.tls.y0[] v10 = v();
        this.f9251m.f9509a = f10.d(this.f9250l, v10);
        x xVar = this.f9251m;
        xVar.f9510b = f10.h(this.f9250l, v10, xVar.f9509a);
    }

    public org.bouncycastle.tls.y1 R0(Principal[] principalArr, short[] sArr) throws IOException {
        l8.l g10;
        String[] M0 = M0(sArr);
        if (M0.length >= 1 && (g10 = this.f9249k.g(M0, principalArr)) != null) {
            return z.l(this.f9594c, d(), g10, null);
        }
        return null;
    }

    @Override // org.bouncycastle.tls.p1
    public i3 U() {
        i3 u10;
        org.bouncycastle.tls.j1 N0;
        if (f9244r) {
            u0 r10 = this.f9250l.r();
            if (r10 == null) {
                r10 = this.f9249k.f().a().g(this.f9249k.getPeerHost(), this.f9249k.getPeerPort());
            }
            if (r10 != null && (N0 = N0(r10, (u10 = r10.u()))) != null) {
                this.f9252n = r10;
                if (!this.f9249k.getEnableSessionCreation()) {
                    this.f9596e = new int[]{N0.c()};
                }
                return u10;
            }
        }
        z.d(this.f9249k);
        return null;
    }

    @Override // org.bouncycastle.tls.p1
    public void V(byte[] bArr) {
        String str;
        u0 u0Var;
        if ((k3.p1(bArr) || (u0Var = this.f9252n) == null || !org.bouncycastle.util.a.d(bArr, u0Var.getId())) ? false : true) {
            Logger logger = f9242p;
            if (logger.isLoggable(Level.FINE)) {
                logger.fine(this.f9248j + ": Server resumed session: " + oa.d.f(bArr));
            }
        } else {
            this.f9252n = null;
            Logger logger2 = f9242p;
            if (logger2.isLoggable(Level.FINE)) {
                if (k3.p1(bArr)) {
                    str = this.f9248j + ": Server did not specify a session ID";
                } else {
                    str = this.f9248j + ": Server specified new session: " + oa.d.f(bArr);
                }
                logger2.fine(str);
            }
            z.d(this.f9249k);
        }
        h1 h1Var = this.f9249k;
        h1Var.h(h1Var.f().a(), this.f9594c.g(), this.f9251m, this.f9252n);
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.u2
    public synchronized void W() throws IOException {
        super.W();
        boolean z10 = true;
        this.f9253o = true;
        Logger logger = f9242p;
        if (logger.isLoggable(Level.INFO)) {
            logger.info(this.f9248j + " established connection with " + z.F(this.f9249k));
        }
        i3 a10 = this.f9594c.a();
        u0 u0Var = this.f9252n;
        if (u0Var == null || u0Var.u() != a10) {
            w0 a11 = this.f9249k.f().a();
            String peerHost = this.f9249k.getPeerHost();
            int peerPort = this.f9249k.getPeerPort();
            y yVar = new y(this.f9250l.i(), null);
            if (!f9244r || k3.D1(this.f9594c)) {
                z10 = false;
            }
            this.f9252n = a11.v(peerHost, peerPort, a10, yVar, z10);
        }
        this.f9249k.b(new n0(this));
    }

    @Override // org.bouncycastle.tls.p1
    public org.bouncycastle.tls.o1 X() throws IOException {
        return new a();
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.p1
    public void Z(int i10) {
        String P = this.f9249k.f().b().P(this.f9250l, i10);
        Logger logger = f9242p;
        if (logger.isLoggable(Level.FINE)) {
            logger.fine(this.f9248j + " notified of selected cipher suite: " + P);
        }
        super.Z(i10);
    }

    @Override // org.bouncycastle.jsse.provider.i1
    public u0 a() {
        return this.f9252n;
    }

    @Override // org.bouncycastle.tls.u2
    public boolean a0() {
        return !z.a();
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.u2
    public void b0() {
        super.b0();
        Logger logger = f9242p;
        if (logger.isLoggable(Level.INFO)) {
            logger.info(this.f9248j + " disconnected from " + z.F(this.f9249k));
        }
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.p1
    public void d0(org.bouncycastle.tls.y0 y0Var) throws IOException {
        String Q = this.f9249k.f().b().Q(this.f9250l, y0Var);
        Logger logger = f9242p;
        if (logger.isLoggable(Level.FINE)) {
            logger.fine(this.f9248j + " notified of selected protocol version: " + Q);
        }
        super.d0(y0Var);
    }

    @Override // org.bouncycastle.tls.u2
    public boolean g() {
        return z.X();
    }

    @Override // org.bouncycastle.tls.u2
    public boolean i0() {
        return z.b();
    }

    @Override // org.bouncycastle.tls.p1
    public a2 j0() {
        return new l0();
    }

    @Override // org.bouncycastle.jsse.provider.i1
    public synchronized boolean k() {
        return this.f9253o;
    }

    @Override // org.bouncycastle.tls.u2
    public int m() {
        return z.B();
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.p1
    public void o(Hashtable hashtable) throws IOException {
        super.o(hashtable);
        if (this.f9594c.g().i() != null) {
            boolean N0 = i2.N0(hashtable);
            Logger logger = f9242p;
            if (logger.isLoggable(Level.FINER)) {
                logger.finer(this.f9248j + ": Server accepted SNI?: " + N0);
            }
        }
    }

    @Override // org.bouncycastle.tls.e
    public int[] r0() {
        return this.f9249k.f().b().j(d(), this.f9250l, v());
    }

    @Override // org.bouncycastle.tls.e
    public org.bouncycastle.tls.y0[] s0() {
        return this.f9249k.f().b().k(this.f9250l);
    }

    @Override // org.bouncycastle.tls.u2
    public boolean u() {
        return z.f0();
    }

    @Override // org.bouncycastle.tls.a
    public Vector<l7.c> x0() {
        if (f9243q) {
            return z.t(this.f9249k.f().k());
        }
        return null;
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.p1
    public void y(i3 i3Var) {
        if (i3Var == null) {
            z.d(this.f9249k);
        }
        super.y(i3Var);
    }

    @Override // org.bouncycastle.tls.a
    public org.bouncycastle.tls.p y0() {
        if (f9245s) {
            return new org.bouncycastle.tls.p((short) 1, new org.bouncycastle.tls.u0(null, null));
        }
        return null;
    }

    @Override // org.bouncycastle.tls.a
    public Vector<org.bouncycastle.tls.q> z0() {
        if (!f9245s) {
            return null;
        }
        org.bouncycastle.tls.u0 u0Var = new org.bouncycastle.tls.u0(null, null);
        Vector<org.bouncycastle.tls.q> vector = new Vector<>(2);
        vector.add(new org.bouncycastle.tls.q((short) 2, u0Var));
        vector.add(new org.bouncycastle.tls.q((short) 1, u0Var));
        return vector;
    }
}
