package org.bouncycastle.jsse.provider;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import org.bouncycastle.jsse.BCExtendedSSLSession;
import org.bouncycastle.jsse.BCSSLEngine;
import org.bouncycastle.jsse.BCSSLParameters;
import org.bouncycastle.jsse.BCX509Key;
import org.bouncycastle.jsse.provider.JsseUtils_8;
import org.bouncycastle.tls.AbstractTlsPeer;
import org.bouncycastle.tls.ProtocolName;
import org.bouncycastle.tls.RecordPreview;
import org.bouncycastle.tls.SecurityParameters;
import org.bouncycastle.tls.TlsClientProtocol;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.TlsProtocol;
import org.bouncycastle.tls.TlsServerProtocol;
import org.bouncycastle.util.Strings;

/* loaded from: classes3.dex */
class ProvSSLEngine extends SSLEngine implements BCSSLEngine, ProvTlsManager {
    public static final Logger o = Logger.getLogger(ProvSSLEngine.class.getName());
    public final ContextData b;
    public final ProvSSLParameters c;
    public boolean d;
    public boolean e;
    public boolean f;
    public boolean g;
    public boolean h;
    public SSLEngineResult.HandshakeStatus i;
    public TlsProtocol j;
    public AbstractTlsPeer k;
    public ProvSSLConnection l;
    public ProvSSLSessionHandshake m;
    public SSLException n;

    public ProvSSLEngine(ContextData contextData) {
        this(contextData, null, -1);
    }

    public ProvSSLEngine(ContextData contextData, String str, int i) {
        super(str, i);
        this.d = true;
        this.e = true;
        this.f = false;
        this.g = false;
        this.h = false;
        this.i = SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING;
        this.j = null;
        this.k = null;
        this.l = null;
        this.m = null;
        this.n = null;
        this.b = contextData;
        this.c = contextData.a.i(true);
    }

    @Override // org.bouncycastle.jsse.BCSSLEngine
    public final synchronized BCExtendedSSLSession a() {
        return this.m;
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized void b(ProvSSLConnection provSSLConnection) {
        ProvSSLSessionHandshake provSSLSessionHandshake = this.m;
        if (provSSLSessionHandshake != null) {
            if (!provSSLSessionHandshake.isValid()) {
                provSSLConnection.b.invalidate();
            }
            JsseSecurityParameters jsseSecurityParameters = this.m.k;
            jsseSecurityParameters.a = null;
            jsseSecurityParameters.b = null;
            jsseSecurityParameters.c = null;
            jsseSecurityParameters.d = null;
            jsseSecurityParameters.e = null;
            jsseSecurityParameters.f = null;
            jsseSecurityParameters.g = null;
        }
        this.m = null;
        this.l = provSSLConnection;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void beginHandshake() throws SSLException {
        SSLEngineResult.HandshakeStatus handshakeStatus;
        if (!this.f) {
            throw new IllegalStateException("Client/Server mode must be set before the handshake can begin");
        }
        if (this.g) {
            throw new SSLException("Connection is already closed");
        }
        if (this.h) {
            throw new UnsupportedOperationException("Renegotiation not supported");
        }
        this.h = true;
        try {
            if (this.e) {
                TlsClientProtocol tlsClientProtocol = new TlsClientProtocol();
                this.j = tlsClientProtocol;
                ProvTlsClient provTlsClient = new ProvTlsClient(this, this.c);
                this.k = provTlsClient;
                tlsClientProtocol.e0(provTlsClient);
                handshakeStatus = SSLEngineResult.HandshakeStatus.NEED_WRAP;
            } else {
                TlsServerProtocol tlsServerProtocol = new TlsServerProtocol();
                this.j = tlsServerProtocol;
                ProvTlsServer provTlsServer = new ProvTlsServer(this, this.c);
                this.k = provTlsServer;
                tlsServerProtocol.e0(provTlsServer);
                handshakeStatus = SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
            }
            this.i = handshakeStatus;
        } catch (SSLException e) {
            throw e;
        } catch (IOException e2) {
            throw new SSLException(e2);
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final BCX509Key c(String[] strArr, Principal[] principalArr) {
        return this.b.c.c(strArr, (Principal[]) JsseUtils.b(principalArr), this);
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws IOException {
        try {
            this.b.d.c((X509Certificate[]) x509CertificateArr.clone(), str, this);
        } catch (CertificateException e) {
            throw new TlsFatalAlert((short) 46, null, e);
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws IOException {
        try {
            this.b.d.e((X509Certificate[]) x509CertificateArr.clone(), str, this);
        } catch (CertificateException e) {
            throw new TlsFatalAlert((short) 46, null, e);
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void closeInbound() throws SSLException {
        if (!this.g) {
            TlsProtocol tlsProtocol = this.j;
            if (tlsProtocol == null) {
                this.g = true;
            } else {
                try {
                    tlsProtocol.g();
                } catch (IOException e) {
                    throw new SSLException(e);
                }
            }
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void closeOutbound() {
        if (!this.g) {
            TlsProtocol tlsProtocol = this.j;
            if (tlsProtocol == null) {
                this.g = true;
            } else {
                try {
                    tlsProtocol.t(true);
                } catch (IOException e) {
                    o.log(Level.WARNING, "Failed to close outbound", (Throwable) e);
                }
            }
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final ContextData d() {
        return this.b;
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final BCX509Key e(String[] strArr, Principal[] principalArr) {
        return this.b.c.b(strArr, (Principal[]) JsseUtils.b(principalArr), this);
    }

    public final RecordPreview f(ByteBuffer byteBuffer) throws IOException {
        if (byteBuffer.remaining() < 5) {
            return null;
        }
        byte[] bArr = new byte[5];
        int position = byteBuffer.position();
        byteBuffer.get(bArr);
        byteBuffer.position(position);
        TlsProtocol tlsProtocol = this.j;
        if (tlsProtocol.A) {
            throw new IllegalStateException("Cannot use previewInputRecord() in blocking mode!");
        }
        if (tlsProtocol.B.available() != 0) {
            throw new IllegalStateException("Can only use previewInputRecord() for record-aligned input.");
        }
        if (tlsProtocol.h) {
            throw new IOException("Connection is closed, cannot accept any more input");
        }
        return tlsProtocol.R(bArr);
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized void g(ProvSSLSessionContext provSSLSessionContext, SecurityParameters securityParameters, JsseSecurityParameters jsseSecurityParameters, ProvSSLSession provSSLSession) {
        String peerHost = getPeerHost();
        int peerPort = getPeerPort();
        if (provSSLSession != null) {
            this.m = new ProvSSLSessionResumed(provSSLSessionContext, peerHost, peerPort, securityParameters, jsseSecurityParameters, provSSLSession.j);
        } else {
            this.m = new ProvSSLSessionHandshake(provSSLSessionContext, peerHost, peerPort, securityParameters, jsseSecurityParameters);
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized String getApplicationProtocol() {
        String str;
        ProvSSLConnection provSSLConnection = this.l;
        str = null;
        if (provSSLConnection != null) {
            SecurityParameters b = provSSLConnection.a.b();
            boolean z = JsseUtils.a;
            if (b != null && b.B) {
                ProtocolName protocolName = b.A;
                str = protocolName == null ? "" : Strings.b(protocolName.a);
            }
        }
        return str;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized Runnable getDelegatedTask() {
        return null;
    }

    @Override // javax.net.ssl.SSLEngine, org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized boolean getEnableSessionCreation() {
        return this.d;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized String[] getEnabledCipherSuites() {
        return this.c.c();
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized String[] getEnabledProtocols() {
        return this.c.d();
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized String getHandshakeApplicationProtocol() {
        String str;
        ProvSSLSessionHandshake provSSLSessionHandshake = this.m;
        str = null;
        if (provSSLSessionHandshake != null) {
            boolean z = JsseUtils.a;
            SecurityParameters securityParameters = provSSLSessionHandshake.j;
            if (securityParameters != null && securityParameters.B) {
                ProtocolName protocolName = securityParameters.A;
                str = protocolName == null ? "" : Strings.b(protocolName.a);
            }
        }
        return str;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized SSLSession getHandshakeSession() {
        ProvSSLSessionHandshake provSSLSessionHandshake;
        provSSLSessionHandshake = this.m;
        return provSSLSessionHandshake == null ? null : provSSLSessionHandshake.h;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized SSLEngineResult.HandshakeStatus getHandshakeStatus() {
        return this.i;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized boolean getNeedClientAuth() {
        return this.c.d;
    }

    @Override // org.bouncycastle.jsse.BCSSLEngine
    public final synchronized BCSSLParameters getParameters() {
        return SSLParametersUtil.a(this.c);
    }

    @Override // javax.net.ssl.SSLEngine, org.bouncycastle.jsse.provider.ProvTlsManager
    public final String getPeerHost() {
        return super.getPeerHost();
    }

    @Override // javax.net.ssl.SSLEngine, org.bouncycastle.jsse.provider.ProvTlsManager
    public final int getPeerPort() {
        return super.getPeerPort();
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized SSLParameters getSSLParameters() {
        return SSLParametersUtil.b(this.c);
    }

    @Override // javax.net.ssl.SSLEngine
    public final SSLSession getSession() {
        ProvSSLConnection provSSLConnection = this.l;
        return (provSSLConnection == null ? ProvSSLSession.m : provSSLConnection.b).h;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized String[] getSupportedCipherSuites() {
        return this.b.a.k();
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized String[] getSupportedProtocols() {
        Set<String> keySet;
        keySet = this.b.a.d.keySet();
        return (String[]) keySet.toArray(new String[keySet.size()]);
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized boolean getUseClientMode() {
        return this.e;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized boolean getWantClientAuth() {
        return this.c.e;
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized String i(List<String> list) {
        return ((JsseUtils_8.ImportAPSelector) this.c.l).a.apply(this, list);
    }

    /* JADX WARN: Code restructure failed: missing block: B:8:0x000b, code lost:
    
        if (r0.h != false) goto L11;
     */
    @Override // javax.net.ssl.SSLEngine
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final synchronized boolean isInboundDone() {
        /*
            r1 = this;
            monitor-enter(r1)
            boolean r0 = r1.g     // Catch: java.lang.Throwable -> L13
            if (r0 != 0) goto L10
            org.bouncycastle.tls.TlsProtocol r0 = r1.j     // Catch: java.lang.Throwable -> L13
            if (r0 == 0) goto Le
            boolean r0 = r0.h     // Catch: java.lang.Throwable -> L13
            if (r0 == 0) goto Le
            goto L10
        Le:
            r0 = 0
            goto L11
        L10:
            r0 = 1
        L11:
            monitor-exit(r1)
            return r0
        L13:
            r0 = move-exception
            monitor-exit(r1)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.ProvSSLEngine.isInboundDone():boolean");
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x0014, code lost:
    
        if (r2.j.n() < 1) goto L13;
     */
    @Override // javax.net.ssl.SSLEngine
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final synchronized boolean isOutboundDone() {
        /*
            r2 = this;
            monitor-enter(r2)
            boolean r0 = r2.g     // Catch: java.lang.Throwable -> L1a
            r1 = 1
            if (r0 != 0) goto L18
            org.bouncycastle.tls.TlsProtocol r0 = r2.j     // Catch: java.lang.Throwable -> L1a
            if (r0 == 0) goto L17
            boolean r0 = r0.h     // Catch: java.lang.Throwable -> L1a
            if (r0 == 0) goto L17
            org.bouncycastle.tls.TlsProtocol r0 = r2.j     // Catch: java.lang.Throwable -> L1a
            int r0 = r0.n()     // Catch: java.lang.Throwable -> L1a
            if (r0 >= r1) goto L17
            goto L18
        L17:
            r1 = 0
        L18:
            monitor-exit(r2)
            return r1
        L1a:
            r0 = move-exception
            monitor-exit(r2)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.ProvSSLEngine.isOutboundDone():boolean");
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final String k() {
        return super.getPeerHost();
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void setEnableSessionCreation(boolean z) {
        this.d = z;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void setEnabledCipherSuites(String[] strArr) {
        this.c.e(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void setEnabledProtocols(String[] strArr) {
        this.c.g(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void setNeedClientAuth(boolean z) {
        this.c.f(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void setSSLParameters(SSLParameters sSLParameters) {
        SSLParametersUtil.f(this.c, sSLParameters);
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void setUseClientMode(boolean z) {
        if (this.h) {
            throw new IllegalArgumentException("Client/Server mode cannot be changed after the handshake has begun");
        }
        if (this.e != z) {
            this.b.a.m(this.c, z);
            this.e = z;
        }
        this.f = true;
    }

    @Override // javax.net.ssl.SSLEngine
    public final synchronized void setWantClientAuth(boolean z) {
        this.c.h(z);
    }

    /* JADX WARN: Type inference failed for: r11v10, types: [org.bouncycastle.jsse.provider.ProvTlsPeer, org.bouncycastle.tls.AbstractTlsPeer] */
    @Override // javax.net.ssl.SSLEngine
    public final synchronized SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i, int i2) throws SSLException {
        int i3;
        SSLEngineResult.Status status;
        int i4;
        SSLEngineResult.Status status2;
        if (!this.h) {
            beginHandshake();
        }
        SSLEngineResult.Status status3 = SSLEngineResult.Status.OK;
        int i5 = 0;
        if (this.j.h) {
            status2 = SSLEngineResult.Status.CLOSED;
            i4 = 0;
        } else {
            try {
                RecordPreview f = f(byteBuffer);
                if (f != null && byteBuffer.remaining() >= f.a) {
                    int i6 = f.b;
                    int i7 = 0;
                    int i8 = 0;
                    while (true) {
                        if (i7 >= i2) {
                            break;
                        }
                        int remaining = byteBufferArr[i + i7].remaining();
                        if (remaining >= i6 - i8) {
                            i8 = i6;
                            break;
                        }
                        i8 += remaining;
                        i7++;
                    }
                    if (i8 < i6) {
                        status = SSLEngineResult.Status.BUFFER_OVERFLOW;
                        status3 = status;
                        i4 = 0;
                        status2 = status3;
                    } else {
                        int i9 = f.a;
                        byte[] bArr = new byte[i9];
                        byteBuffer.get(bArr);
                        this.j.C(bArr, i9);
                        int i10 = i9 + 0;
                        try {
                            TlsProtocol tlsProtocol = this.j;
                            if (tlsProtocol.A) {
                                throw new IllegalStateException("Cannot use getAvailableInputBytes() in blocking mode! Use getInputStream().available() instead.");
                            }
                            int i11 = tlsProtocol.a.c;
                            i4 = 0;
                            while (i5 < i2 && i11 > 0) {
                                try {
                                    ByteBuffer byteBuffer2 = byteBufferArr[i + i5];
                                    int min = Math.min(byteBuffer2.remaining(), i11);
                                    if (min > 0) {
                                        byte[] bArr2 = new byte[min];
                                        this.j.N(bArr2, min);
                                        byteBuffer2.put(bArr2);
                                        i4 += min;
                                        i11 -= min;
                                    }
                                    i5++;
                                } catch (IOException e) {
                                    e = e;
                                    i5 = i4;
                                    i3 = i5;
                                    i5 = i10;
                                    if (this.i != SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                                        throw new SSLException(e);
                                    }
                                    if (this.n == null) {
                                        this.n = new SSLException(e);
                                    }
                                    this.i = SSLEngineResult.HandshakeStatus.NEED_WRAP;
                                    return new SSLEngineResult(SSLEngineResult.Status.OK, SSLEngineResult.HandshakeStatus.NEED_WRAP, i5, i3);
                                }
                            }
                            if (i11 != 0) {
                                throw new TlsFatalAlert((short) 22, null, null);
                            }
                            i5 = i10;
                            status2 = status3;
                        } catch (IOException e2) {
                            e = e2;
                        }
                    }
                }
                status = SSLEngineResult.Status.BUFFER_UNDERFLOW;
                status3 = status;
                i4 = 0;
                status2 = status3;
            } catch (IOException e3) {
                e = e3;
                i3 = 0;
            }
        }
        SSLEngineResult.HandshakeStatus handshakeStatus = this.i;
        if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
            if (this.j.n() > 0) {
                handshakeStatus = SSLEngineResult.HandshakeStatus.NEED_WRAP;
            } else if (this.k.d()) {
                this.i = SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING;
                handshakeStatus = SSLEngineResult.HandshakeStatus.FINISHED;
            } else if (this.j.h) {
                handshakeStatus = SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING;
            }
            this.i = handshakeStatus;
        }
        return new SSLEngineResult(status2, handshakeStatus, i5, i4);
    }

    /* JADX WARN: Removed duplicated region for block: B:40:0x008f A[Catch: all -> 0x00f6, TryCatch #1 {, blocks: (B:3:0x0001, B:5:0x0005, B:7:0x0009, B:8:0x000c, B:10:0x0015, B:12:0x001b, B:13:0x001f, B:16:0x0028, B:18:0x0032, B:24:0x0048, B:26:0x0058, B:27:0x005b, B:30:0x0063, B:32:0x0073, B:34:0x0077, B:37:0x007a, B:38:0x0087, B:40:0x008f, B:42:0x0099, B:44:0x00a1, B:45:0x00ba, B:46:0x00c1, B:48:0x00c2, B:49:0x00c4, B:53:0x00cd, B:55:0x00d5, B:56:0x00dc, B:58:0x00e2, B:60:0x00e9, B:61:0x00e6, B:62:0x00eb, B:20:0x003f, B:70:0x0080, B:71:0x0085, B:74:0x00f3, B:75:0x00f5), top: B:2:0x0001, inners: #0 }] */
    /* JADX WARN: Removed duplicated region for block: B:55:0x00d5 A[Catch: all -> 0x00f6, TryCatch #1 {, blocks: (B:3:0x0001, B:5:0x0005, B:7:0x0009, B:8:0x000c, B:10:0x0015, B:12:0x001b, B:13:0x001f, B:16:0x0028, B:18:0x0032, B:24:0x0048, B:26:0x0058, B:27:0x005b, B:30:0x0063, B:32:0x0073, B:34:0x0077, B:37:0x007a, B:38:0x0087, B:40:0x008f, B:42:0x0099, B:44:0x00a1, B:45:0x00ba, B:46:0x00c1, B:48:0x00c2, B:49:0x00c4, B:53:0x00cd, B:55:0x00d5, B:56:0x00dc, B:58:0x00e2, B:60:0x00e9, B:61:0x00e6, B:62:0x00eb, B:20:0x003f, B:70:0x0080, B:71:0x0085, B:74:0x00f3, B:75:0x00f5), top: B:2:0x0001, inners: #0 }] */
    /* JADX WARN: Removed duplicated region for block: B:56:0x00dc A[Catch: all -> 0x00f6, TryCatch #1 {, blocks: (B:3:0x0001, B:5:0x0005, B:7:0x0009, B:8:0x000c, B:10:0x0015, B:12:0x001b, B:13:0x001f, B:16:0x0028, B:18:0x0032, B:24:0x0048, B:26:0x0058, B:27:0x005b, B:30:0x0063, B:32:0x0073, B:34:0x0077, B:37:0x007a, B:38:0x0087, B:40:0x008f, B:42:0x0099, B:44:0x00a1, B:45:0x00ba, B:46:0x00c1, B:48:0x00c2, B:49:0x00c4, B:53:0x00cd, B:55:0x00d5, B:56:0x00dc, B:58:0x00e2, B:60:0x00e9, B:61:0x00e6, B:62:0x00eb, B:20:0x003f, B:70:0x0080, B:71:0x0085, B:74:0x00f3, B:75:0x00f5), top: B:2:0x0001, inners: #0 }] */
    /* JADX WARN: Type inference failed for: r10v7, types: [org.bouncycastle.jsse.provider.ProvTlsPeer, org.bouncycastle.tls.AbstractTlsPeer] */
    @Override // javax.net.ssl.SSLEngine
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final synchronized javax.net.ssl.SSLEngineResult wrap(java.nio.ByteBuffer[] r10, int r11, int r12, java.nio.ByteBuffer r13) throws javax.net.ssl.SSLException {
        /*
            Method dump skipped, instructions count: 249
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.ProvSSLEngine.wrap(java.nio.ByteBuffer[], int, int, java.nio.ByteBuffer):javax.net.ssl.SSLEngineResult");
    }
}
