package defpackage;

import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLException;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.crypto.h;
import org.bouncycastle.tls.crypto.i;
import org.bouncycastle.tls.i1;
import org.bouncycastle.tls.k0;
import org.bouncycastle.tls.l;
import org.bouncycastle.tls.l0;
import org.bouncycastle.tls.m;
import org.bouncycastle.tls.o0;
import org.bouncycastle.tls.o2;
import org.bouncycastle.tls.r2;
import org.bouncycastle.tls.s1;
import org.bouncycastle.tls.t2;
import org.bouncycastle.tls.x;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class j61 extends x implements i61 {
    private static final Logger v = Logger.getLogger(j61.class.getName());
    private static final int w = l51.a("jdk.tls.ephemeralDHKeySize", 2048, 1024, 8192);
    protected final h61 o;
    protected final t51 p;
    protected w51 q;
    protected z31 r;
    protected Set<String> s;
    protected i1 t;
    protected boolean u;

    /* JADX INFO: Access modifiers changed from: package-private */
    public j61(h61 h61Var, t51 t51Var) {
        super(h61Var.d().b());
        this.q = null;
        this.r = null;
        this.s = null;
        this.t = null;
        this.u = false;
        this.o = h61Var;
        this.p = t51Var.b();
        if (!h61Var.getEnableSessionCreation()) {
            throw new SSLException("Session resumption not implemented yet and session creation is disabled");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.e
    public int[] H() {
        return this.o.a().a(d(), this.p, v());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.e
    public l0[] I() {
        return this.o.a().a(this.p);
    }

    @Override // org.bouncycastle.tls.f
    protected boolean J() {
        return false;
    }

    @Override // org.bouncycastle.tls.f
    protected int N() {
        return v61.a(this.o.a().i(), this.b.j().h());
    }

    @Override // org.bouncycastle.tls.f
    protected int O() {
        int b = v61.b(this.o.a().i(), this.b.j().h());
        if (b >= w) {
            return b;
        }
        return 0;
    }

    @Override // org.bouncycastle.tls.f
    protected Vector P() {
        return h51.a(this.p.d());
    }

    @Override // org.bouncycastle.tls.f
    protected boolean Q() {
        return this.p.o();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.f
    public k0 R() {
        if (this.p.h() == null && this.p.n() == null) {
            return super.R();
        }
        List<String> b = h51.b(this.l);
        String a = this.o.a(Collections.unmodifiableList(b));
        if (a == null) {
            throw new TlsFatalAlert((short) 120);
        }
        if (a.length() < 1) {
            return null;
        }
        if (b.contains(a)) {
            return k0.a(a);
        }
        throw new TlsFatalAlert((short) 120);
    }

    @Override // org.bouncycastle.tls.f
    protected boolean S() {
        return this.p.h() == null && this.p.n() == null;
    }

    @Override // org.bouncycastle.tls.l2
    public void a(l lVar) {
        if (!this.p.i() && !this.p.p()) {
            throw new TlsFatalAlert((short) 80);
        }
        if (lVar != null && !lVar.b()) {
            this.o.checkClientTrusted(h51.b(d(), lVar), h51.a(lVar.a(0).b()));
        } else if (this.p.i()) {
            throw new TlsFatalAlert(t2.d(this.b) ? (short) 116 : (short) 40);
        }
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.c2
    public void a(short s, short s2) {
        super.a(s, s2);
        Level level = s == 1 ? Level.FINE : Level.INFO;
        if (v.isLoggable(level)) {
            v.log(level, h51.a("Server received", s, s2));
        }
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.c2
    public void a(short s, short s2, String str, Throwable th) {
        Level level = s == 1 ? Level.FINE : s2 == 80 ? Level.WARNING : Level.INFO;
        if (v.isLoggable(level)) {
            String a = h51.a("Server raised", s, s2);
            if (str != null) {
                a = a + ": " + str;
            }
            v.log(level, a, th);
        }
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.l2
    public l0 b() {
        l0 b = super.b();
        this.o.a().a(this.p, b);
        String a = r51.a(b);
        v.fine("Server selected protocol version: " + a);
        return b;
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.l2
    public void b(Hashtable hashtable) {
        Logger logger;
        String str;
        super.b(hashtable);
        Vector e = this.b.j().e();
        if (e != null) {
            Collection<y31> l = this.p.l();
            if (l == null || l.isEmpty()) {
                logger = v;
                str = "Server ignored SNI (no matchers specified)";
            } else {
                z31 a = h51.a(e, l);
                this.r = a;
                if (a == null) {
                    throw new TlsFatalAlert((short) 112);
                }
                logger = v;
                str = "Server accepted SNI: " + this.r;
            }
            logger.fine(str);
        }
    }

    @Override // org.bouncycastle.tls.c2
    public void b(boolean z) {
        if (!z && !l51.a("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.f
    public boolean b(int i) {
        if (e(i)) {
            this.o.a().a(this.p, i);
            return super.b(i);
        }
        String a = r51.a(i);
        v.finer("Server found no credentials for cipher suite: " + a);
        return false;
    }

    @Override // org.bouncycastle.tls.f
    protected int c(int i) {
        int max = Math.max(i, w);
        int[] h = this.b.j().h();
        return h == null ? f(max) : v61.b(d(), this.o.a().i(), max, h);
    }

    @Override // org.bouncycastle.tls.f
    protected int d(int i) {
        int[] h = this.b.j().h();
        return h == null ? g(i) : v61.a(d(), this.o.a().i(), i, h);
    }

    protected boolean e(int i) {
        i1 ld1Var;
        this.t = null;
        int i2 = t2.i(i);
        if (i2 != 1 && i2 != 3 && i2 != 5) {
            if (i2 != 11) {
                if (i2 != 17 && i2 != 19) {
                    if (i2 != 20) {
                        return false;
                    }
                }
            }
            return true;
        }
        String a = h51.a(i2);
        if (this.s.contains(a)) {
            return false;
        }
        String a2 = this.o.a(a, (Principal[]) null);
        if (a2 != null) {
            h d = d();
            if (!(d instanceof nc1)) {
                throw new UnsupportedOperationException();
            }
            X509ExtendedKeyManager d2 = this.o.d().d();
            PrivateKey privateKey = d2.getPrivateKey(a2);
            l a3 = h51.a(d, d2.getCertificateChain(a2));
            if (privateKey != null && h51.a(i2, privateKey) && !a3.b()) {
                if (i2 == 1) {
                    ld1Var = new ld1((nc1) d, a3, privateKey);
                } else {
                    if (i2 != 3 && i2 != 5 && i2 != 17 && i2 != 19) {
                        return false;
                    }
                    short j = t2.j(i2);
                    o2 o2Var = this.b;
                    ld1Var = new kc1(new i(this.b), (nc1) d, privateKey, a3, t2.a(o2Var, o2Var.j().f(), j));
                }
                this.t = ld1Var;
                return true;
            }
        }
        this.s.add(a);
        return false;
    }

    protected int f(int i) {
        return v61.a(this.o.a().i(), i);
    }

    protected int g(int i) {
        return v61.b(this.o.a().i(), i);
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.l2
    public Hashtable h() {
        super.h();
        if (this.r != null) {
            s1.c(M());
        }
        return this.n;
    }

    @Override // defpackage.i61
    public synchronized boolean j() {
        return this.u;
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.c2
    public synchronized void n() {
        super.n();
        this.u = true;
        r2 f = this.b.f();
        if (this.q == null || this.q.j() != f) {
            this.q = this.o.d().c().a(this.o.getPeerHost(), this.o.getPeerPort(), f, new g51(this.p.g()));
        }
        this.o.a(new q51(this.b, this.q));
    }

    @Override // org.bouncycastle.tls.l2
    public m p() {
        Vector vector = null;
        if (!(this.p.i() || this.p.p())) {
            return null;
        }
        short[] sArr = {1, 2, 64};
        Vector a = t2.b(this.b.b()) ? h51.a(d()) : null;
        HashSet hashSet = new HashSet();
        for (X509Certificate x509Certificate : this.o.d().e().getAcceptedIssuers()) {
            hashSet.add(x509Certificate.getSubjectX500Principal());
        }
        if (!hashSet.isEmpty()) {
            vector = new Vector(hashSet.size());
            Iterator it2 = hashSet.iterator();
            while (it2.hasNext()) {
                vector.addElement(m21.a(((X500Principal) it2.next()).getEncoded()));
            }
        }
        return new m(sArr, a, vector);
    }

    @Override // org.bouncycastle.tls.l2
    public i1 r() {
        return this.t;
    }

    @Override // org.bouncycastle.tls.f, org.bouncycastle.tls.l2
    public int x() {
        y51 c = this.o.d().c();
        String peerHost = this.o.getPeerHost();
        int peerPort = this.o.getPeerPort();
        o0 j = this.b.j();
        w51 w51Var = this.q;
        this.o.a(w51Var == null ? new z51(c, peerHost, peerPort, j) : new a61(c, peerHost, peerPort, j, w51Var.j(), this.q.i()));
        this.s = new HashSet();
        int x = super.x();
        String a = r51.a(x);
        v.fine("Server selected cipher suite: " + a);
        this.s = null;
        return x;
    }
}
