package org.bouncycastle.jsse.provider;

import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.a3;
import org.bouncycastle.tls.f2;
import org.bouncycastle.tls.f3;
import org.bouncycastle.tls.h3;
import org.bouncycastle.tls.i3;

/* loaded from: classes2.dex */
public class f1 extends org.bouncycastle.tls.v implements i1 {
    public static final Logger o = Logger.getLogger(f1.class.getName());
    public static final boolean p = h0.b("jdk.tls.client.enableCAExtension", false);
    public static final boolean q = h0.b("org.bouncycastle.jsse.client.enableSessionResumption", true);
    public static final boolean r = h0.b("jdk.tls.client.enableStatusRequestExtension", true);
    public static final boolean s = h0.b("org.bouncycastle.jsse.client.enableTrustedCAKeysExtension", false);
    public static final boolean t = h0.b("jsse.enableSNIExtension", true);
    public final h1 j;
    public final r0 k;
    public final y l;
    public u0 m;
    public boolean n;

    /* loaded from: classes2.dex */
    public class a implements org.bouncycastle.tls.l1 {
        public a() {
        }

        @Override // org.bouncycastle.tls.l1
        public org.bouncycastle.tls.v1 a(org.bouncycastle.tls.n nVar) {
            e h = f1.this.j.h();
            org.bouncycastle.tls.a1 k = f1.this.c.k();
            org.bouncycastle.tls.v0 t = k.t();
            boolean y1 = h3.y1(t);
            Vector C = k.C();
            Vector D = k.D();
            f1.this.l.d = h.g(C);
            y yVar = f1.this.l;
            yVar.e = C == D ? yVar.d : h.g(D);
            if (f1.o.isLoggable(Level.FINEST)) {
                f1.o.finest(a0.I("Peer signature_algorithms", f1.this.l.d));
                y yVar2 = f1.this.l;
                if (yVar2.e != yVar2.d) {
                    f1.o.finest(a0.I("Peer signature_algorithms_cert", f1.this.l.e));
                }
            }
            if (h.a == h.h()) {
                return null;
            }
            X500Principal[] a0 = a0.a0(nVar.c());
            byte[] d = nVar.d();
            if (y1 != (d != null)) {
                throw new TlsFatalAlert((short) 80);
            }
            short[] e = nVar.e();
            if (y1 == (e == null)) {
                return y1 ? f1.this.J0(a0, d) : h3.s1(t) ? f1.this.I0(a0, e) : f1.this.K0(a0, e);
            }
            throw new TlsFatalAlert((short) 80);
        }

        @Override // org.bouncycastle.tls.l1
        public void b(a3 a3Var) {
            if (a3Var == null || a3Var.a() == null || a3Var.a().h()) {
                throw new TlsFatalAlert((short) 40);
            }
            X509Certificate[] O = a0.O(f1.this.e(), a3Var.a());
            String r = a0.r(f1.this.c.k().o());
            f1.this.l.f = a0.K(a3Var.c());
            f1.this.j.checkServerTrusted(O, r);
        }
    }

    public f1(h1 h1Var, r0 r0Var) {
        super(h1Var.h().d());
        this.l = new y();
        this.m = null;
        this.n = false;
        this.j = h1Var;
        this.k = r0Var.b();
    }

    @Override // org.bouncycastle.tls.m1
    public void A(byte[] bArr) {
        u0 u0Var;
        if ((h3.l1(bArr) || (u0Var = this.m) == null || !org.bouncycastle.util.a.d(bArr, u0Var.getId())) ? false : true) {
            o.fine("Server resumed session: " + org.bouncycastle.util.encoders.d.e(bArr));
        } else {
            this.m = null;
            if (h3.l1(bArr)) {
                o.fine("Server did not specify a session ID");
            } else {
                o.fine("Server specified new session: " + org.bouncycastle.util.encoders.d.e(bArr));
            }
            a0.c(this.j);
        }
        h1 h1Var = this.j;
        h1Var.f(h1Var.h().b(), this.c.k(), this.l, this.m);
    }

    @Override // org.bouncycastle.tls.a
    public Vector A0() {
        Vector s2;
        if (!s || (s2 = a0.s(this.j.h().i())) == null) {
            return null;
        }
        Vector vector = new Vector(s2.size());
        Iterator it = s2.iterator();
        while (it.hasNext()) {
            vector.add(new i3((short) 2, (org.bouncycastle.asn1.x500.c) it.next()));
        }
        return vector;
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.m1
    public void B(Hashtable hashtable) {
        super.B(hashtable);
        if (this.c.k().h() != null) {
            boolean B0 = f2.B0(hashtable);
            o.finer("Server accepted SNI?: " + B0);
        }
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.r2
    public synchronized void C() {
        super.C();
        boolean z = true;
        this.n = true;
        f3 g = this.c.g();
        u0 u0Var = this.m;
        if (u0Var == null || u0Var.u() != g) {
            w0 b = this.j.h().b();
            String peerHost = this.j.getPeerHost();
            int peerPort = this.j.getPeerPort();
            z zVar = new z(this.k.h(), null);
            if (!q || h3.z1(this.c)) {
                z = false;
            }
            this.m = b.v(peerHost, peerPort, g, zVar, z);
        }
        this.j.b(new n0(this.c, this.m));
    }

    @Override // org.bouncycastle.tls.m1
    public org.bouncycastle.tls.l1 D() {
        return new a();
    }

    @Override // org.bouncycastle.tls.r2
    /* renamed from: E0, reason: merged with bridge method [inline-methods] */
    public org.bouncycastle.tls.crypto.impl.jcajce.h e() {
        return this.j.h().d();
    }

    public String[] F0(short[] sArr) {
        String[] strArr = new String[sArr.length];
        for (int i = 0; i < sArr.length; i++) {
            strArr[i] = a0.y(sArr[i]);
        }
        return strArr;
    }

    public org.bouncycastle.tls.g1 G0(u0 u0Var, f3 f3Var) {
        org.bouncycastle.tls.g1 c;
        if (f3Var == null || !f3Var.b() || (c = f3Var.c()) == null || !org.bouncycastle.tls.v0.b(L(), c.g()) || !org.bouncycastle.util.a.q(S(), c.c()) || h3.y1(c.g())) {
            return null;
        }
        String h = this.k.h();
        if (h != null) {
            String a2 = u0Var.t().a();
            if (!h.equalsIgnoreCase(a2)) {
                o.finer("Session not resumable - endpoint ID algorithm mismatch; connection: " + h + ", session: " + a2);
                return null;
            }
        }
        return c;
    }

    public final void H0(LinkedHashMap linkedHashMap, String str) {
        for (Map.Entry entry : linkedHashMap.entrySet()) {
            String str2 = (String) entry.getKey();
            if (str2.equals(str)) {
                return;
            }
            Logger logger = o;
            if (logger.isLoggable(Level.FINER)) {
                logger.finer("Client found no credentials for signature scheme '" + ((v1) entry.getValue()) + "' (keyType '" + str2 + "')");
            }
        }
    }

    public org.bouncycastle.tls.v1 I0(Principal[] principalArr, short[] sArr) {
        Logger logger;
        String str;
        short a2;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (v1 v1Var : this.l.d) {
            String k = v1Var.k();
            if (!linkedHashMap.containsKey(k) && (a2 = org.bouncycastle.tls.h1.a(v1Var.m())) >= 0 && org.bouncycastle.util.a.r(sArr, a2) && this.l.b.contains(v1Var)) {
                linkedHashMap.put(k, v1Var);
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = o;
            str = "Client (1.2) found no usable signature schemes";
        } else {
            org.bouncycastle.jsse.l p2 = this.j.p((String[]) linkedHashMap.keySet().toArray(h3.i), principalArr);
            if (p2 != null) {
                String a3 = p2.a();
                H0(linkedHashMap, a3);
                v1 v1Var2 = (v1) linkedHashMap.get(a3);
                if (v1Var2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = o;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Client (1.2) selected credentials for signature scheme '" + v1Var2 + "' (keyType '" + a3 + "'), with private key algorithm '" + a0.D(p2.c()) + "'");
                }
                return a0.k(this.c, e(), p2, v1Var2.n());
            }
            H0(linkedHashMap, null);
            logger = o;
            str = "Client (1.2) did not select any credentials";
        }
        logger.fine(str);
        return null;
    }

    public org.bouncycastle.tls.v1 J0(Principal[] principalArr, byte[] bArr) {
        Logger logger;
        String str;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (v1 v1Var : this.l.d) {
            if (v1Var.A() && this.l.b.contains(v1Var)) {
                String l = v1Var.l();
                if (!linkedHashMap.containsKey(l)) {
                    linkedHashMap.put(l, v1Var);
                }
            }
        }
        if (linkedHashMap.isEmpty()) {
            logger = o;
            str = "Client (1.3) found no usable signature schemes";
        } else {
            org.bouncycastle.jsse.l p2 = this.j.p((String[]) linkedHashMap.keySet().toArray(h3.i), principalArr);
            if (p2 != null) {
                String a2 = p2.a();
                H0(linkedHashMap, a2);
                v1 v1Var2 = (v1) linkedHashMap.get(a2);
                if (v1Var2 == null) {
                    throw new TlsFatalAlert((short) 80, "Key manager returned invalid key type");
                }
                Logger logger2 = o;
                if (logger2.isLoggable(Level.FINE)) {
                    logger2.fine("Client (1.3) selected credentials for signature scheme '" + v1Var2 + "' (keyType '" + a2 + "'), with private key algorithm '" + a0.D(p2.c()) + "'");
                }
                return a0.l(this.c, e(), p2, v1Var2.n(), bArr);
            }
            H0(linkedHashMap, null);
            logger = o;
            str = "Client (1.3) did not select any credentials";
        }
        logger.fine(str);
        return null;
    }

    @Override // org.bouncycastle.tls.r2
    public boolean K() {
        return a0.b0();
    }

    public org.bouncycastle.tls.v1 K0(Principal[] principalArr, short[] sArr) {
        org.bouncycastle.jsse.l p2;
        String[] F0 = F0(sArr);
        if (F0.length >= 1 && (p2 = this.j.p(F0, principalArr)) != null) {
            return a0.k(this.c, e(), p2, null);
        }
        return null;
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.m1
    public void N(int i) {
        String P = this.j.h().c().P(this.k, i);
        o.fine("Client notified of selected cipher suite: " + P);
        super.N(i);
    }

    @Override // org.bouncycastle.tls.r2
    public boolean P() {
        return !a0.a();
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.m1
    public void Q(f3 f3Var) {
        if (f3Var == null) {
            a0.c(this.j);
        }
        super.Q(f3Var);
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.m1
    public void T(org.bouncycastle.tls.v0 v0Var) {
        String Q = this.j.h().c().Q(this.k, v0Var);
        o.fine("Client notified of selected protocol version: " + Q);
        super.T(v0Var);
    }

    @Override // org.bouncycastle.tls.r2
    public void U(boolean z) {
        if (!z && !h0.b("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    @Override // org.bouncycastle.tls.r2
    public boolean b0() {
        return a0.b();
    }

    @Override // org.bouncycastle.tls.r2
    public int c0() {
        return a0.B();
    }

    @Override // org.bouncycastle.tls.m1
    public org.bouncycastle.tls.x1 d0() {
        return new l0();
    }

    @Override // org.bouncycastle.tls.r2
    public boolean j() {
        return a0.U();
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.r2
    public void l(short s2, short s3, String str, Throwable th) {
        super.l(s2, s3, str, th);
        Level level = s2 == 1 ? Level.FINE : s3 == 80 ? Level.WARNING : Level.INFO;
        Logger logger = o;
        if (logger.isLoggable(level)) {
            String o2 = a0.o("Client raised", s2, s3);
            if (str != null) {
                o2 = o2 + ": " + str;
            }
            logger.log(level, o2, th);
        }
    }

    @Override // org.bouncycastle.tls.e
    public int[] n0() {
        return this.j.h().c().j(e(), this.k, L());
    }

    @Override // org.bouncycastle.tls.e
    public org.bouncycastle.tls.v0[] o0() {
        return this.j.h().c().k(this.k);
    }

    @Override // org.bouncycastle.jsse.provider.i1
    public synchronized boolean q() {
        return this.n;
    }

    @Override // org.bouncycastle.tls.a
    public Vector r0() {
        if (p) {
            return a0.s(this.j.h().i());
        }
        return null;
    }

    @Override // org.bouncycastle.tls.a
    public org.bouncycastle.tls.p s0() {
        if (r) {
            return new org.bouncycastle.tls.p((short) 1, new org.bouncycastle.tls.r0(null, null));
        }
        return null;
    }

    @Override // org.bouncycastle.tls.r2
    public int t() {
        return a0.A();
    }

    @Override // org.bouncycastle.tls.a
    public Vector t0() {
        if (!r) {
            return null;
        }
        org.bouncycastle.tls.r0 r0Var = new org.bouncycastle.tls.r0(null, null);
        Vector vector = new Vector(2);
        vector.add(new org.bouncycastle.tls.q((short) 2, r0Var));
        vector.add(new org.bouncycastle.tls.q((short) 1, r0Var));
        return vector;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.r2
    public void v(short s2, short s3) {
        super.v(s2, s3);
        Level level = s2 == 1 ? Level.FINE : Level.INFO;
        Logger logger = o;
        if (logger.isLoggable(level)) {
            logger.log(level, a0.o("Client received", s2, s3));
        }
    }

    @Override // org.bouncycastle.tls.a
    public Vector v0() {
        return a0.F(this.k.e());
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.e, org.bouncycastle.tls.r2
    public void w() {
        super.w();
        e h = this.j.h();
        org.bouncycastle.tls.v0[] L = L();
        this.l.a = h.e(this.k, L);
    }

    @Override // org.bouncycastle.tls.a
    public Vector w0() {
        String x;
        if (!t) {
            return null;
        }
        List<org.bouncycastle.jsse.e> n = this.k.n();
        if (n == null && (x = this.j.x()) != null && x.indexOf(46) > 0 && !org.bouncycastle.util.d.a(x)) {
            try {
                n = Collections.singletonList(new org.bouncycastle.jsse.c(x));
            } catch (RuntimeException unused) {
                o.fine("Failed to add peer host as default SNI host_name: " + x);
            }
        }
        if (n == null || n.isEmpty()) {
            return null;
        }
        Vector vector = new Vector(n.size());
        for (org.bouncycastle.jsse.e eVar : n) {
            vector.add(new org.bouncycastle.tls.c1((short) eVar.b(), eVar.a()));
        }
        return vector;
    }

    @Override // org.bouncycastle.tls.a
    public Vector x0(Vector vector) {
        return f0.t(this.l.a);
    }

    @Override // org.bouncycastle.tls.a
    public Vector y0() {
        List a2 = this.j.h().a(false, this.k, L(), this.l.a);
        y yVar = this.l;
        yVar.b = a2;
        yVar.c = a2;
        return v1.p(a2);
    }

    @Override // org.bouncycastle.tls.m1
    public f3 z() {
        f3 u;
        org.bouncycastle.tls.g1 G0;
        if (q) {
            u0 o2 = this.k.o();
            if (o2 == null) {
                o2 = this.j.h().b().g(this.j.getPeerHost(), this.j.getPeerPort());
            }
            if (o2 != null && (G0 = G0(o2, (u = o2.u()))) != null) {
                this.m = o2;
                if (!this.j.getEnableSessionCreation()) {
                    this.e = new int[]{G0.c()};
                }
                return u;
            }
        }
        a0.c(this.j);
        return null;
    }

    @Override // org.bouncycastle.tls.a
    public Vector z0() {
        return null;
    }
}
