package org.bouncycastle.jsse.provider;

import java.math.BigInteger;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.tls.TlsFatalAlert;

/* loaded from: classes2.dex */
public class q2 extends org.bouncycastle.tls.b0 implements p2 {
    public static final boolean A;
    public static final boolean B;
    public static final Logger x = Logger.getLogger(q2.class.getName());
    public static final int y = b1.c("jdk.tls.ephemeralDHKeySize", 2048, 1024, 8192);
    public static final boolean z;
    public final o2 p;
    public final m1 q;
    public final e0 r;
    public p1 s;
    public org.bouncycastle.jsse.e t;
    public Set u;
    public org.bouncycastle.tls.z1 v;
    public boolean w;

    static {
        C0();
        z = b1.b("jdk.tls.server.enableCAExtension", true);
        A = b1.b("org.bouncycastle.jsse.server.enableSessionResumption", true);
        B = b1.b("org.bouncycastle.jsse.server.enableTrustedCAKeysExtension", false);
    }

    public q2(o2 o2Var, m1 m1Var) {
        super(o2Var.r().d());
        this.r = new e0();
        this.s = null;
        this.t = null;
        this.u = null;
        this.v = null;
        this.w = false;
        this.p = o2Var;
        this.q = m1Var.b();
    }

    /* JADX WARN: Removed duplicated region for block: B:23:0x0094  */
    /* JADX WARN: Removed duplicated region for block: B:29:0x0087 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static org.bouncycastle.tls.crypto.a[] C0() {
        /*
            java.lang.String r0 = "jdk.tls.server.defaultDHEParameters"
            java.lang.String r0 = org.bouncycastle.jsse.provider.b1.h(r0)
            r1 = 0
            if (r0 != 0) goto La
            return r1
        La:
            java.lang.String r0 = org.bouncycastle.jsse.provider.h0.S(r0)
            java.lang.String r0 = org.bouncycastle.jsse.provider.h0.V(r0)
            int r2 = r0.length()
            r3 = 1
            if (r2 >= r3) goto L1a
            return r1
        L1a:
            java.util.ArrayList r4 = new java.util.ArrayList
            r4.<init>()
            r5 = -1
        L20:
            int r5 = r5 + r3
            if (r5 >= r2) goto L9a
            r6 = 123(0x7b, float:1.72E-43)
            char r7 = r0.charAt(r5)
            if (r6 == r7) goto L2d
            goto L9a
        L2d:
            int r5 = r5 + 1
            r6 = 44
            int r7 = r0.indexOf(r6, r5)
            if (r7 > r5) goto L38
            goto L9a
        L38:
            int r8 = r7 + 1
            r9 = 125(0x7d, float:1.75E-43)
            int r9 = r0.indexOf(r9, r8)
            if (r9 > r8) goto L43
            goto L9a
        L43:
            java.math.BigInteger r5 = G0(r0, r5, r7)     // Catch: java.lang.Exception -> L9a
            java.math.BigInteger r7 = G0(r0, r8, r9)     // Catch: java.lang.Exception -> L9a
            org.bouncycastle.tls.crypto.a r8 = org.bouncycastle.tls.d2.f(r5, r7)     // Catch: java.lang.Exception -> L9a
            if (r8 == 0) goto L55
        L51:
            r4.add(r8)     // Catch: java.lang.Exception -> L9a
            goto L83
        L55:
            r8 = 120(0x78, float:1.68E-43)
            boolean r8 = r5.isProbablePrime(r8)     // Catch: java.lang.Exception -> L9a
            if (r8 != 0) goto L7c
            java.util.logging.Logger r7 = org.bouncycastle.jsse.provider.q2.x     // Catch: java.lang.Exception -> L9a
            java.util.logging.Level r8 = java.util.logging.Level.WARNING     // Catch: java.lang.Exception -> L9a
            java.lang.StringBuilder r10 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L9a
            r10.<init>()     // Catch: java.lang.Exception -> L9a
            java.lang.String r11 = "Non-prime modulus ignored in security property [jdk.tls.server.defaultDHEParameters]: "
            r10.append(r11)     // Catch: java.lang.Exception -> L9a
            r11 = 16
            java.lang.String r5 = r5.toString(r11)     // Catch: java.lang.Exception -> L9a
            r10.append(r5)     // Catch: java.lang.Exception -> L9a
            java.lang.String r5 = r10.toString()     // Catch: java.lang.Exception -> L9a
            r7.log(r8, r5)     // Catch: java.lang.Exception -> L9a
            goto L83
        L7c:
            org.bouncycastle.tls.crypto.a r8 = new org.bouncycastle.tls.crypto.a     // Catch: java.lang.Exception -> L9a
            r10 = 0
            r8.<init>(r5, r1, r7, r10)     // Catch: java.lang.Exception -> L9a
            goto L51
        L83:
            int r5 = r9 + 1
            if (r5 < r2) goto L94
            int r0 = r4.size()
            org.bouncycastle.tls.crypto.a[] r0 = new org.bouncycastle.tls.crypto.a[r0]
            java.lang.Object[] r0 = r4.toArray(r0)
            org.bouncycastle.tls.crypto.a[] r0 = (org.bouncycastle.tls.crypto.a[]) r0
            return r0
        L94:
            char r7 = r0.charAt(r5)
            if (r6 == r7) goto L20
        L9a:
            java.util.logging.Logger r0 = org.bouncycastle.jsse.provider.q2.x
            java.util.logging.Level r2 = java.util.logging.Level.WARNING
            java.lang.String r3 = "Invalid syntax for security property [jdk.tls.server.defaultDHEParameters]"
            r0.log(r2, r3)
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.q2.C0():org.bouncycastle.tls.crypto.a[]");
    }

    public static BigInteger G0(String str, int i, int i2) {
        return new BigInteger(str.substring(i, i2), 16);
    }

    @Override // org.bouncycastle.tls.f
    public boolean A0() {
        return this.q.i() == null && this.q.p() == null;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.t2
    public synchronized void B() {
        super.B();
        boolean z2 = true;
        this.w = true;
        org.bouncycastle.tls.i3 g = this.a.g();
        p1 p1Var = this.s;
        if (p1Var == null || p1Var.r() != g) {
            v1 f = this.p.r().f();
            String peerHost = this.p.getPeerHost();
            int peerPort = this.p.getPeerPort();
            f0 f0Var = new f0(null, this.t);
            if (!A || org.bouncycastle.tls.k3.i1(this.a) || !this.a.k().O()) {
                z2 = false;
            }
            this.s = f.v(peerHost, peerPort, g, f0Var, z2);
        }
        this.p.c(new h1(this.a, this.s));
    }

    @Override // org.bouncycastle.tls.t2
    /* renamed from: B0, reason: merged with bridge method [inline-methods] */
    public org.bouncycastle.tls.crypto.impl.jcajce.j e() {
        return this.p.r().d();
    }

    @Override // org.bouncycastle.tls.c3
    public org.bouncycastle.tls.o D() {
        if (!E0()) {
            return null;
        }
        e r = this.p.r();
        org.bouncycastle.tls.v0 b = this.a.b();
        List a = r.a(true, this.q, new org.bouncycastle.tls.v0[]{b}, this.r.a);
        e0 e0Var = this.r;
        e0Var.b = a;
        e0Var.c = a;
        Vector p = x3.p(a);
        Vector s = z ? h0.s(r.i()) : null;
        if (!org.bouncycastle.tls.k3.h1(b)) {
            return new org.bouncycastle.tls.o(new short[]{64, 1, 2}, p, s);
        }
        byte[] bArr = org.bouncycastle.tls.k3.d;
        e0 e0Var2 = this.r;
        List list = e0Var2.b;
        List list2 = e0Var2.c;
        return new org.bouncycastle.tls.o(bArr, p, list != list2 ? x3.p(list2) : null, s);
    }

    public final void D0(LinkedHashMap linkedHashMap, String str) {
        for (Map.Entry entry : linkedHashMap.entrySet()) {
            String str2 = (String) entry.getKey();
            if (str2.equals(str)) {
                return;
            }
            this.u.add(str2);
            Logger logger = x;
            if (logger.isLoggable(Level.FINER)) {
                logger.finer("Server found no credentials for signature scheme '" + ((x3) entry.getValue()) + "' (keyType '" + str2 + "')");
            }
        }
    }

    public boolean E0() {
        return this.q.j() || this.q.r();
    }

    @Override // org.bouncycastle.tls.c3
    public org.bouncycastle.tls.z1 F() {
        return this.v;
    }

    public boolean F0(p1 p1Var, org.bouncycastle.tls.i3 i3Var) {
        if (i3Var != null && i3Var.b()) {
            org.bouncycastle.tls.c1 k = this.a.k();
            org.bouncycastle.tls.k1 c = i3Var.c();
            if (c == null || !k.s().d(c.g()) || !org.bouncycastle.util.b.q(Q(), c.c()) || !org.bouncycastle.util.b.q(this.d, c.c()) || !c.i() || org.bouncycastle.tls.k3.h1(c.g())) {
                return false;
            }
            f0 q = p1Var.q();
            org.bouncycastle.jsse.e eVar = this.t;
            org.bouncycastle.jsse.e b = q.b();
            if (h0.m(eVar, b)) {
                return true;
            }
            x.finest("Session not resumable - SNI mismatch; connection: " + eVar + ", session: " + b);
            return false;
        }
        return false;
    }

    public org.bouncycastle.tls.z1 H0(Principal[] principalArr, int i) {
        int u0 = org.bouncycastle.tls.k3.u0(i);
        if (u0 == 0) {
            return J0(principalArr, org.bouncycastle.tls.k3.d);
        }
        if (u0 == 1 || u0 == 3 || u0 == 5 || u0 == 17 || u0 == 19) {
            return (1 == u0 || !org.bouncycastle.tls.k3.b1(this.a.b())) ? K0(principalArr, u0) : I0(principalArr, u0);
        }
        return null;
    }

    @Override // org.bouncycastle.tls.t2
    public boolean I() {
        return h0.a0();
    }

    public org.bouncycastle.tls.z1 I0(Principal[] principalArr, int i) {
        Logger logger;
        StringBuilder sb;
        String str;
        org.bouncycastle.jsse.java.security.a d = this.q.d();
        short x0 = org.bouncycastle.tls.k3.x0(i);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (x3 x3Var : this.r.d) {
            if (org.bouncycastle.tls.k3.o1(x3Var.q(), i)) {
                String z2 = x0 == x3Var.m() ? h0.z(i) : x3Var.k();
                if (!this.u.contains(z2) && !linkedHashMap.containsKey(z2) && x3Var.t(d, false, true, this.r.a)) {
                    linkedHashMap.put(z2, x3Var);
                }
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = x;
            sb = new StringBuilder();
            str = "Server (1.2) has no key types to try for KeyExchangeAlgorithm ";
        } else {
            org.bouncycastle.jsse.l f = this.p.f((String[]) linkedHashMap.keySet().toArray(org.bouncycastle.tls.k3.f), principalArr);
            if (f != null) {
                String a = f.a();
                D0(linkedHashMap, a);
                x3 x3Var2 = (x3) linkedHashMap.get(a);
                if (x3Var2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = x;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Server (1.2) selected credentials for signature scheme '" + x3Var2 + "' (keyType '" + a + "'), with private key algorithm '" + h0.D(f.c()) + "'");
                }
                return h0.k(this.a, e(), f, x3Var2.n());
            }
            D0(linkedHashMap, null);
            logger = x;
            sb = new StringBuilder();
            str = "Server (1.2) did not select any credentials for KeyExchangeAlgorithm ";
        }
        sb.append(str);
        sb.append(i);
        logger.fine(sb.toString());
        return null;
    }

    public org.bouncycastle.tls.z1 J0(Principal[] principalArr, byte[] bArr) {
        Logger logger;
        String str;
        org.bouncycastle.jsse.java.security.a d = this.q.d();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (x3 x3Var : this.r.d) {
            String l = x3Var.l();
            if (!this.u.contains(l) && !linkedHashMap.containsKey(l) && x3Var.t(d, true, false, this.r.a)) {
                linkedHashMap.put(l, x3Var);
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = x;
            str = "Server (1.3) found no usable signature schemes";
        } else {
            org.bouncycastle.jsse.l f = this.p.f((String[]) linkedHashMap.keySet().toArray(org.bouncycastle.tls.k3.f), principalArr);
            if (f != null) {
                String a = f.a();
                D0(linkedHashMap, a);
                x3 x3Var2 = (x3) linkedHashMap.get(a);
                if (x3Var2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = x;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Server (1.3) selected credentials for signature scheme '" + x3Var2 + "' (keyType '" + a + "'), with private key algorithm '" + h0.D(f.c()) + "'");
                }
                return h0.l(this.a, e(), f, x3Var2.n(), bArr);
            }
            D0(linkedHashMap, null);
            logger = x;
            str = "Server (1.3) did not select any credentials";
        }
        logger.fine(str);
        return null;
    }

    public org.bouncycastle.tls.z1 K0(Principal[] principalArr, int i) {
        String z2 = h0.z(i);
        if (this.u.contains(z2)) {
            return null;
        }
        org.bouncycastle.jsse.l f = this.p.f(new String[]{z2}, principalArr);
        if (f != null) {
            return 1 == i ? h0.j(e(), f) : h0.k(this.a, e(), f, null);
        }
        this.u.add(z2);
        return null;
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.c3
    public void M(Hashtable hashtable) {
        Logger logger;
        String str;
        super.M(hashtable);
        Vector h = this.a.k().h();
        if (h != null) {
            Collection m = this.q.m();
            if (m == null || m.isEmpty()) {
                logger = x;
                str = "Server ignored SNI (no matchers specified)";
            } else {
                org.bouncycastle.jsse.e n = h0.n(h, m);
                this.t = n;
                if (n == null) {
                    throw new TlsFatalAlert((short) 112);
                }
                logger = x;
                str = "Server accepted SNI: " + this.t;
            }
            logger.fine(str);
        }
        if (org.bouncycastle.tls.k3.i1(this.a)) {
            this.r.g = h0.Z(org.bouncycastle.tls.j2.Z(hashtable));
        } else if (B) {
            this.r.g = h0.L(this.k);
        }
    }

    @Override // org.bouncycastle.tls.t2
    public boolean N() {
        return !h0.a();
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.c3
    public int P() {
        e r = this.p.r();
        org.bouncycastle.tls.c1 k = this.a.k();
        x0.C(this.r.a, k.k());
        Vector i = k.i();
        Vector j = k.j();
        this.r.d = r.g(i);
        e0 e0Var = this.r;
        e0Var.e = i == j ? e0Var.d : r.g(j);
        if (n.a == r.h()) {
            throw new TlsFatalAlert((short) 40);
        }
        this.u = new HashSet();
        int P = super.P();
        this.u = null;
        String P2 = this.p.r().c().P(this.q, P);
        x.fine("Server selected cipher suite: " + P2);
        return P;
    }

    @Override // org.bouncycastle.tls.t2
    public void S(boolean z2) {
        if (!z2 && !b1.b("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    @Override // org.bouncycastle.tls.c3
    public int[] V() {
        this.r.a = this.p.r().e(this.q, new org.bouncycastle.tls.v0[]{this.a.b()});
        return x0.u(this.r.a);
    }

    @Override // org.bouncycastle.tls.c3
    public void W(org.bouncycastle.tls.i3 i3Var) {
        Logger logger;
        String str;
        byte[] a = i3Var.a();
        p1 p1Var = this.s;
        if (p1Var != null && p1Var.r() == i3Var) {
            x.fine("Server resumed session: " + org.bouncycastle.util.encoders.d.e(a));
        } else {
            this.s = null;
            if (org.bouncycastle.tls.k3.V0(a)) {
                logger = x;
                str = "Server did not specify a session ID";
            } else {
                logger = x;
                str = "Server specified new session: " + org.bouncycastle.util.encoders.d.e(a);
            }
            logger.fine(str);
            h0.c(this.p);
        }
        o2 o2Var = this.p;
        o2Var.n(o2Var.r().f(), this.a.k(), this.r, this.s);
    }

    @Override // org.bouncycastle.tls.t2
    public boolean Y() {
        return h0.b();
    }

    @Override // org.bouncycastle.tls.t2
    public int Z() {
        return h0.B();
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.c3
    public org.bouncycastle.tls.v0 b() {
        org.bouncycastle.tls.v0 b = super.b();
        String Q = this.p.r().c().Q(this.q, b);
        x.fine("Server selected protocol version: " + Q);
        return b;
    }

    @Override // org.bouncycastle.tls.c3
    public org.bouncycastle.tls.p c() {
        return null;
    }

    @Override // org.bouncycastle.tls.c3
    public void d0(org.bouncycastle.tls.m mVar) {
        if (!E0()) {
            throw new TlsFatalAlert((short) 80);
        }
        if (mVar == null || mVar.h()) {
            if (this.q.j()) {
                throw new TlsFatalAlert(org.bouncycastle.tls.k3.i1(this.a) ? (short) 116 : (short) 40);
            }
            return;
        }
        X509Certificate[] N = h0.N(e(), mVar);
        org.bouncycastle.tls.crypto.f d = mVar.d(0);
        short c = d.a((short) 7) ? (short) 7 : d.a((short) 8) ? (short) 8 : d.c();
        if (c < 0) {
            throw new TlsFatalAlert((short) 43);
        }
        this.p.checkClientTrusted(N, h0.q(c));
    }

    @Override // org.bouncycastle.tls.t2
    public boolean j() {
        return h0.T();
    }

    @Override // org.bouncycastle.tls.e
    public int[] j0() {
        return this.p.r().c().j(e(), this.q, J());
    }

    @Override // org.bouncycastle.tls.e
    public org.bouncycastle.tls.v0[] k0() {
        return this.p.r().c().k(this.q);
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.t2
    public void l(short s, short s2, String str, Throwable th) {
        Level level = s == 1 ? Level.FINE : s2 == 80 ? Level.WARNING : Level.INFO;
        Logger logger = x;
        if (logger.isLoggable(level)) {
            String o = h0.o("Server raised", s, s2);
            if (str != null) {
                o = o + ": " + str;
            }
            logger.log(level, o, th);
        }
    }

    @Override // org.bouncycastle.tls.f
    public boolean l0() {
        return false;
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.c3
    public Hashtable m() {
        super.m();
        if (this.t != null) {
            org.bouncycastle.tls.j2.m(this.o);
        }
        return this.o;
    }

    @Override // org.bouncycastle.tls.c3
    public byte[] n() {
        if (!A || org.bouncycastle.tls.k3.i1(this.a)) {
            return null;
        }
        return this.a.i().a(32);
    }

    @Override // org.bouncycastle.tls.f
    public boolean n0() {
        return false;
    }

    @Override // org.bouncycastle.jsse.provider.p2
    public synchronized boolean p() {
        return this.w;
    }

    @Override // org.bouncycastle.tls.f
    public boolean p0() {
        return this.r.g != null;
    }

    @Override // org.bouncycastle.tls.f
    public int q0() {
        return x0.n(this.r.a);
    }

    @Override // org.bouncycastle.tls.c3
    public org.bouncycastle.tls.i3 r(byte[] bArr) {
        p1 h;
        v1 f = this.p.r().f();
        if (A && (h = f.h(bArr)) != null) {
            org.bouncycastle.tls.i3 r = h.r();
            if (F0(h, r)) {
                this.s = h;
                return r;
            }
        }
        h0.c(this.p);
        return null;
    }

    @Override // org.bouncycastle.tls.f
    public int r0() {
        int o = x0.o(this.r.a);
        if (o >= y) {
            return o;
        }
        return 0;
    }

    @Override // org.bouncycastle.tls.t2
    public int s() {
        return h0.A();
    }

    @Override // org.bouncycastle.tls.f
    public Vector s0() {
        return h0.F(this.q.e());
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.t2
    public void u(short s, short s2) {
        super.u(s, s2);
        Level level = s == 1 ? Level.FINE : Level.INFO;
        Logger logger = x;
        if (logger.isLoggable(level)) {
            logger.log(level, h0.o("Server received", s, s2));
        }
    }

    @Override // org.bouncycastle.tls.f
    public boolean u0() {
        return this.q.q();
    }

    @Override // org.bouncycastle.tls.f
    public boolean v0(int i) {
        org.bouncycastle.tls.z1 H0 = H0(this.r.g, i);
        if (H0 != null) {
            boolean v0 = super.v0(i);
            if (v0) {
                this.v = H0;
            }
            return v0;
        }
        String n = j1.n(i);
        x.finer("Server found no credentials for cipher suite: " + n);
        return false;
    }

    @Override // org.bouncycastle.tls.f
    public int w0(int i) {
        return x0.E(this.r.a, Math.max(i, y));
    }

    @Override // org.bouncycastle.tls.f
    public int x0(int i) {
        return x0.D(this.r.a, i);
    }

    @Override // org.bouncycastle.tls.f
    public org.bouncycastle.tls.u0 y0() {
        if (this.q.i() == null && this.q.p() == null) {
            return super.y0();
        }
        List E = h0.E(this.m);
        String x2 = this.p.x(Collections.unmodifiableList(E));
        if (x2 == null) {
            throw new TlsFatalAlert((short) 120);
        }
        if (x2.length() < 1) {
            return null;
        }
        if (E.contains(x2)) {
            return org.bouncycastle.tls.u0.a(x2);
        }
        throw new TlsFatalAlert((short) 120);
    }
}
