package defpackage;

import java.security.Principal;
import java.security.PrivateKey;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.crypto.h;
import org.bouncycastle.tls.crypto.i;
import org.bouncycastle.tls.i1;
import org.bouncycastle.tls.k1;
import org.bouncycastle.tls.l;
import org.bouncycastle.tls.l0;
import org.bouncycastle.tls.m;
import org.bouncycastle.tls.m2;
import org.bouncycastle.tls.o;
import org.bouncycastle.tls.o0;
import org.bouncycastle.tls.p0;
import org.bouncycastle.tls.r2;
import org.bouncycastle.tls.s;
import org.bouncycastle.tls.t2;
import org.bouncycastle.tls.y0;
import org.bouncycastle.util.c;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class f61 extends s implements i61 {
    private static final Logger k = Logger.getLogger(f61.class.getName());
    private static final boolean l = l51.a("jsse.enableSNIExtension", true);
    protected final h61 g;
    protected final t51 h;
    protected w51 i;
    protected boolean j;

    /* loaded from: classes3.dex */
    class a implements y0 {
        a() {
        }

        @Override // org.bouncycastle.tls.y0
        public i1 a(m mVar) {
            Principal[] principalArr;
            int i = t2.i(((org.bouncycastle.tls.a) f61.this).b.j().c());
            if (i != 1 && i != 3 && i != 5 && i != 17 && i != 19) {
                throw new TlsFatalAlert((short) 80);
            }
            short[] b = mVar.b();
            if (b == null || b.length == 0) {
                return null;
            }
            String[] strArr = new String[b.length];
            for (int i2 = 0; i2 < b.length; i2++) {
                strArr[i2] = h51.b(b[i2]);
            }
            Vector a = mVar.a();
            if (a == null || a.size() <= 0) {
                principalArr = null;
            } else {
                Set<X500Principal> a2 = h51.a((m21[]) a.toArray(new m21[a.size()]));
                principalArr = (Principal[]) a2.toArray(new Principal[a2.size()]);
            }
            String a3 = f61.this.g.a(strArr, principalArr);
            if (a3 == null) {
                return null;
            }
            h d = f61.this.d();
            if (!(d instanceof nc1)) {
                throw new UnsupportedOperationException();
            }
            X509ExtendedKeyManager d2 = f61.this.g.d().d();
            PrivateKey privateKey = d2.getPrivateKey(a3);
            l a4 = h51.a(d, d2.getCertificateChain(a3));
            if (privateKey == null || a4.b()) {
                return null;
            }
            if (i != 1 && i != 3 && i != 5 && i != 17 && i != 19) {
                throw new TlsFatalAlert((short) 80);
            }
            return new kc1(new i(((org.bouncycastle.tls.a) f61.this).b), (nc1) d, privateKey, a4, t2.a(((org.bouncycastle.tls.a) f61.this).b, ((org.bouncycastle.tls.a) f61.this).b.j().f(), a4.a(0).b()));
        }

        @Override // org.bouncycastle.tls.y0
        public void a(m2 m2Var) {
            if (m2Var == null || m2Var.a() == null || m2Var.a().b()) {
                throw new TlsFatalAlert((short) 40);
            }
            f61.this.g.checkServerTrusted(h51.b(f61.this.d(), m2Var.a()), h51.a(t2.i(((org.bouncycastle.tls.a) f61.this).b.j().c())));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public f61(h61 h61Var, t51 t51Var) {
        super(h61Var.d().b());
        this.i = null;
        this.j = false;
        this.g = h61Var;
        this.h = t51Var.b();
    }

    @Override // org.bouncycastle.tls.z0
    public k1 C() {
        return new o51();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.e
    public int[] H() {
        return this.g.a().a(d(), this.h, v());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.e
    public l0[] I() {
        return this.g.a().a(this.h);
    }

    @Override // org.bouncycastle.tls.a
    protected o J() {
        return null;
    }

    @Override // org.bouncycastle.tls.a
    protected Vector L() {
        return h51.a(this.h.d());
    }

    @Override // org.bouncycastle.tls.a
    protected Vector M() {
        String g;
        if (!l) {
            return null;
        }
        List<z31> m = this.h.m();
        if (m == null && (g = this.g.g()) != null && g.indexOf(46) > 0 && !c.a(g)) {
            try {
                m = Collections.singletonList(new x31(g));
            } catch (RuntimeException unused) {
                k.fine("Failed to add peer host as default SNI host_name: " + g);
            }
        }
        if (m == null || m.isEmpty()) {
            return null;
        }
        Vector vector = new Vector(m.size());
        for (z31 z31Var : m) {
            vector.addElement(new p0((short) z31Var.b(), z31Var.a()));
        }
        return vector;
    }

    @Override // org.bouncycastle.tls.a
    protected Vector N() {
        return h51.a(d());
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.z0
    public void a(int i) {
        this.g.a().a(this.h, i);
        String a2 = r51.a(i);
        k.fine("Client notified of selected cipher suite: " + a2);
        super.a(i);
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.c2
    public void a(short s, short s2) {
        super.a(s, s2);
        Level level = s == 1 ? Level.FINE : Level.INFO;
        if (k.isLoggable(level)) {
            k.log(level, h51.a("Client received", s, s2));
        }
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.c2
    public void a(short s, short s2, String str, Throwable th) {
        super.a(s, s2, str, th);
        Level level = s == 1 ? Level.FINE : s2 == 80 ? Level.WARNING : Level.INFO;
        if (k.isLoggable(level)) {
            String a2 = h51.a("Client raised", s, s2);
            if (str != null) {
                a2 = a2 + ": " + str;
            }
            k.log(level, a2, th);
        }
    }

    @Override // org.bouncycastle.tls.z0
    public void a(byte[] bArr) {
        w51 w51Var;
        boolean z = bArr != null && bArr.length > 0 && (w51Var = this.i) != null && org.bouncycastle.util.a.a(bArr, w51Var.getId());
        if (z) {
            k.fine("Server resumed session: " + org.bouncycastle.util.encoders.a.b(bArr));
        } else {
            if (bArr == null || bArr.length < 1) {
                k.fine("Server did not specify a session ID");
            } else {
                k.fine("Server specified new session: " + org.bouncycastle.util.encoders.a.b(bArr));
            }
            if (!this.g.getEnableSessionCreation()) {
                throw new IllegalStateException("Server did not resume session and session creation is disabled");
            }
        }
        y51 a2 = this.g.d().a();
        String peerHost = this.g.getPeerHost();
        int peerPort = this.g.getPeerPort();
        o0 j = this.b.j();
        this.g.a(!z ? new z51(a2, peerHost, peerPort, j) : new a61(a2, peerHost, peerPort, j, this.i.j(), this.i.i()));
    }

    protected boolean a(w51 w51Var) {
        g51 i = w51Var.i();
        String g = this.h.g();
        if (g == null) {
            return true;
        }
        String a2 = i.a();
        if (g.equalsIgnoreCase(a2)) {
            return true;
        }
        k.finest("Session not resumed - endpoint ID algorithm mismatch; requested: " + g + ", session: " + a2);
        return false;
    }

    @Override // org.bouncycastle.tls.a, org.bouncycastle.tls.z0
    public void b(l0 l0Var) {
        this.g.a().a(this.h, l0Var);
        String a2 = r51.a(l0Var);
        k.fine("Client notified of selected protocol version: " + a2);
        super.b(l0Var);
    }

    @Override // org.bouncycastle.tls.c2
    public void b(boolean z) {
        if (!z && !l51.a("sun.security.ssl.allowLegacyHelloMessages", true)) {
            throw new TlsFatalAlert((short) 40);
        }
    }

    @Override // org.bouncycastle.tls.a
    protected Vector c(Vector vector) {
        return v61.a(d(), this.g.a().i(), vector);
    }

    @Override // defpackage.i61
    public synchronized boolean j() {
        return this.j;
    }

    @Override // org.bouncycastle.tls.z0
    public r2 m() {
        r2 j;
        w51 a2 = this.g.d().a().a(this.g.getPeerHost(), this.g.getPeerPort());
        if (a2 != null && (j = a2.j()) != null && a(a2)) {
            this.i = a2;
            return j;
        }
        if (this.g.getEnableSessionCreation()) {
            return null;
        }
        throw new IllegalStateException("No resumable sessions and session creation is disabled");
    }

    @Override // org.bouncycastle.tls.e, org.bouncycastle.tls.c2
    public synchronized void n() {
        super.n();
        this.j = true;
        r2 f = this.b.f();
        if (this.i == null || this.i.j() != f) {
            this.i = this.g.d().a().a(this.g.getPeerHost(), this.g.getPeerPort(), f, new g51(this.h.g()));
        }
        this.g.a(new q51(this.b, this.i));
    }

    @Override // org.bouncycastle.tls.z0
    public y0 o() {
        return new a();
    }
}
