package ru.CryptoPro.sspiSSL;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import ru.CryptoPro.JCP.tools.CertReader.Extension;
import ru.CryptoPro.JCSP.MSCAPI.MSException;
import ru.CryptoPro.JCSP.MSCAPI.Sspi;
import ru.CryptoPro.ssl.SSLLogger;

/* loaded from: classes4.dex */
public class SSLEngineImpl extends SSLEngine {
    static int a = 64;
    static int b = 128;
    static int d = 256;
    static int e = 512;
    static int g = 1024;
    static int h = 2048;
    static int j = 4096;
    static int k = 8192;
    private cl_13 A;
    private cl_3 B;
    private cl_26 C;
    private boolean D;
    SSLSocketImpl m;
    private boolean n;
    private SSLContextImpl o;
    private Sspi p;
    private SSLSessionImpl q;
    private byte r;
    private boolean s;
    private X509Certificate[] t;
    private X509Certificate[] u;
    private PrivateKey v;
    private X500Principal[] w;
    private boolean x;
    private cl_12 y;
    private cl_4 z;
    static int c = 64 | 128;
    static int f = 256 | 512;
    static int i = 1024 | 2048;
    static int l = 4096 | 8192;

    public SSLEngineImpl(SSLContextImpl sSLContextImpl) {
        this.m = null;
        this.s = true;
        this.t = null;
        this.u = null;
        this.v = null;
        this.w = null;
        this.x = false;
        this.A = cl_13.j;
        this.B = null;
        this.C = null;
        this.D = false;
        a(sSLContextImpl);
    }

    public SSLEngineImpl(SSLContextImpl sSLContextImpl, String str, int i2) {
        super(str, i2);
        this.m = null;
        this.s = true;
        this.t = null;
        this.u = null;
        this.v = null;
        this.w = null;
        this.x = false;
        this.A = cl_13.j;
        this.B = null;
        this.C = null;
        this.D = false;
        a(sSLContextImpl);
    }

    private void a(SSLContextImpl sSLContextImpl) {
        this.o = sSLContextImpl;
        this.q = SSLSessionImpl.a;
        this.z = this.o.b(this.n);
        this.y = this.o.a(this.n);
    }

    private boolean a(int[] iArr, int[] iArr2, boolean z) throws SSLException {
        try {
            this.p.getCipherInfo(iArr, iArr2);
            return true;
        } catch (Exception e2) {
            if (z) {
                return false;
            }
            throw new SSLException(e2);
        }
    }

    private boolean c(boolean z) throws SSLException {
        int i2;
        if (this.B != null && this.A != null) {
            return true;
        }
        int[] iArr = new int[1];
        int[] iArr2 = new int[1];
        if (!a(iArr, iArr2, z) || (i2 = iArr2[0]) == 0 || iArr[0] == 0) {
            return false;
        }
        this.B = cl_3.a(i2);
        this.A = cl_13.a(iArr[0]);
        SSLLogger.fine("Handshake attributes. Protocol: " + this.A + " CipherSuite: " + this.B);
        return true;
    }

    private boolean d(boolean z) throws SSLException {
        if (this.u != null) {
            return true;
        }
        try {
            byte[][] remoteCertificates = this.p.getRemoteCertificates();
            if (remoteCertificates != null) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Remote certificate chain: (length: ").append(remoteCertificates.length).append(Extension.C_BRAKE);
                this.u = new X509Certificate[remoteCertificates.length];
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
                for (int i2 = 0; i2 < remoteCertificates.length; i2++) {
                    this.u[i2] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(remoteCertificates[i2]));
                    stringBuffer.append(this.u[i2].toString());
                }
                SSLLogger.fine(stringBuffer.toString());
                return true;
            }
        } catch (Exception e2) {
            if (!z) {
                throw new SSLException(e2);
            }
        }
        return false;
    }

    private boolean e(boolean z) throws SSLException {
        int[] iArr;
        byte[] sessionInfo;
        if (this.C != null) {
            return true;
        }
        try {
            iArr = new int[1];
            sessionInfo = this.p.getSessionInfo(iArr);
        } catch (Exception e2) {
            if (!z) {
                throw new SSLException(e2);
            }
        }
        if (sessionInfo == null || sessionInfo.length == 0) {
            if (z) {
                return false;
            }
            throw new SSLException("Invalid session info");
        }
        this.C = new cl_26(sessionInfo);
        SSLSessionImpl sSLSessionImpl = this.q;
        if (sSLSessionImpl != null && !sSLSessionImpl.d().equals(this.C)) {
            throw new SSLException("Invalid session ID");
        }
        SSLLogger.fine("Handshake session info. SessionId: " + this.C + " Reconnect: " + iArr[0]);
        return true;
    }

    private void g() throws SSLException {
        String str;
        SSLSessionImpl sSLSessionImpl = new SSLSessionImpl(this.p, this.A, this.B, this.C, this.n ? d() : c(), e());
        this.q = sSLSessionImpl;
        sSLSessionImpl.a(this.v);
        this.q.b(this.t);
        this.q.a(System.currentTimeMillis());
        if (this.q.b()) {
            ((SSLSessionContextImpl) this.o.engineGetClientSessionContext()).a(this.q);
            str = "%% Cached client session: ";
        } else {
            str = "%% Didn't cache non-resumable client session: ";
        }
        SSLLogger.fine(str, this.q);
    }

    private void h() throws SSLException {
        if (this.x) {
            return;
        }
        if (this.u == null) {
            a(new CertificateException("Empty server certificate chain"));
        }
        String c2 = this.q.g().c();
        X509TrustManager b2 = this.o.b();
        try {
            if (!(b2 instanceof X509ExtendedTrustManager)) {
                throw new CertificateException("Improper X509TrustManager implementation");
            }
            ((X509ExtendedTrustManager) b2).checkServerTrusted((X509Certificate[]) this.u.clone(), c2, this);
            this.x = true;
        } catch (CertificateException e2) {
            a(e2);
        }
    }

    private void i() throws SSLException {
        String str;
        try {
            byte[][] issuers = this.p.getIssuers();
            if (issuers != null) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Certificate issuers list: (count: ").append(issuers.length).append(Extension.C_BRAKE);
                this.w = new X500Principal[issuers.length];
                for (int i2 = 0; i2 < issuers.length; i2++) {
                    this.w[i2] = new X500Principal(issuers[i2]);
                    stringBuffer.append("   \n").append(this.w[i2].toString());
                }
                str = stringBuffer.toString();
            } else {
                str = "Issuers list is empty";
            }
            SSLLogger.fine(str);
        } catch (Exception e2) {
            throw new SSLException(e2);
        }
    }

    private static String j() {
        return Thread.currentThread().getName();
    }

    int a() {
        int i2 = cl_13.f.l <= this.A.l ? 0 | c : 0;
        if (cl_13.g.l <= this.A.l) {
            i2 |= f;
        }
        if (cl_13.h.l <= this.A.l) {
            i2 |= i;
        }
        return cl_13.i.l <= this.A.l ? i2 | l : i2;
    }

    int a(boolean z) throws SSLException {
        return 0;
    }

    /* JADX WARN: Code restructure failed: missing block: B:65:0x01bf, code lost:
    
        i();
        b(false);
     */
    /* JADX WARN: Code restructure failed: missing block: B:72:0x0167, code lost:
    
        if (ru.CryptoPro.ssl.SSLLogger.isAllEnabled() == false) goto L75;
     */
    /* JADX WARN: Code restructure failed: missing block: B:73:0x0169, code lost:
    
        ru.CryptoPro.ssl.SSLLogger.dump("Client send: length = ", java.lang.Integer.valueOf(r5.length), java.nio.ByteBuffer.wrap(r5));
     */
    /* JADX WARN: Code restructure failed: missing block: B:74:0x0177, code lost:
    
        r22.m.getSockOutput().write(r5);
        r22.m.getSockOutput().flush();
     */
    /* JADX WARN: Removed duplicated region for block: B:58:0x01b8 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:67:0x01b4 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    int a(boolean r23, byte[] r24) throws javax.net.ssl.SSLException {
        /*
            Method dump skipped, instructions count: 479
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ru.CryptoPro.sspiSSL.SSLEngineImpl.a(boolean, byte[]):int");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void a(Throwable th) throws SSLException {
        SSLLogger.fatal(j() + ", fatal error: " + th);
        this.D = true;
        SSLSessionImpl sSLSessionImpl = this.q;
        if (sSLSessionImpl != null) {
            sSLSessionImpl.invalidate();
        }
        b();
        if (!(th instanceof SSLException)) {
            throw new SSLException(th.getCause());
        }
        throw ((SSLException) th);
    }

    void b() {
        Sspi sspi = this.p;
        if (sspi != null) {
            try {
                sspi.close();
            } catch (MSException e2) {
                SSLLogger.warning("Error during closing sspi: " + e2.getMessage());
            }
        }
        this.p = null;
    }

    /* JADX WARN: Removed duplicated region for block: B:25:0x00f9 A[Catch: Exception -> 0x017b, TryCatch #0 {Exception -> 0x017b, blocks: (B:14:0x0042, B:17:0x005b, B:18:0x00e8, B:20:0x00ec, B:23:0x00f1, B:25:0x00f9, B:27:0x0118, B:28:0x014b, B:29:0x0156, B:31:0x015a, B:32:0x0161, B:33:0x0162, B:35:0x0169, B:37:0x016f, B:38:0x0060, B:42:0x0068, B:44:0x006c, B:46:0x008a, B:48:0x008d, B:51:0x00af, B:53:0x00e4), top: B:13:0x0042 }] */
    /* JADX WARN: Removed duplicated region for block: B:31:0x015a A[Catch: Exception -> 0x017b, TryCatch #0 {Exception -> 0x017b, blocks: (B:14:0x0042, B:17:0x005b, B:18:0x00e8, B:20:0x00ec, B:23:0x00f1, B:25:0x00f9, B:27:0x0118, B:28:0x014b, B:29:0x0156, B:31:0x015a, B:32:0x0161, B:33:0x0162, B:35:0x0169, B:37:0x016f, B:38:0x0060, B:42:0x0068, B:44:0x006c, B:46:0x008a, B:48:0x008d, B:51:0x00af, B:53:0x00e4), top: B:13:0x0042 }] */
    /* JADX WARN: Removed duplicated region for block: B:35:0x0169 A[Catch: Exception -> 0x017b, TryCatch #0 {Exception -> 0x017b, blocks: (B:14:0x0042, B:17:0x005b, B:18:0x00e8, B:20:0x00ec, B:23:0x00f1, B:25:0x00f9, B:27:0x0118, B:28:0x014b, B:29:0x0156, B:31:0x015a, B:32:0x0161, B:33:0x0162, B:35:0x0169, B:37:0x016f, B:38:0x0060, B:42:0x0068, B:44:0x006c, B:46:0x008a, B:48:0x008d, B:51:0x00af, B:53:0x00e4), top: B:13:0x0042 }] */
    /* JADX WARN: Removed duplicated region for block: B:37:0x016f A[Catch: Exception -> 0x017b, TRY_LEAVE, TryCatch #0 {Exception -> 0x017b, blocks: (B:14:0x0042, B:17:0x005b, B:18:0x00e8, B:20:0x00ec, B:23:0x00f1, B:25:0x00f9, B:27:0x0118, B:28:0x014b, B:29:0x0156, B:31:0x015a, B:32:0x0161, B:33:0x0162, B:35:0x0169, B:37:0x016f, B:38:0x0060, B:42:0x0068, B:44:0x006c, B:46:0x008a, B:48:0x008d, B:51:0x00af, B:53:0x00e4), top: B:13:0x0042 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    void b(boolean r12) throws javax.net.ssl.SSLException {
        /*
            Method dump skipped, instructions count: 384
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ru.CryptoPro.sspiSSL.SSLEngineImpl.b(boolean):void");
    }

    @Override // javax.net.ssl.SSLEngine
    public void beginHandshake() throws SSLException {
        if (this.n) {
            a(false);
        } else {
            a(false, null);
        }
    }

    String c() {
        SSLSocketImpl sSLSocketImpl = this.m;
        return sSLSocketImpl != null ? sSLSocketImpl.d() : getPeerHost();
    }

    @Override // javax.net.ssl.SSLEngine
    public void closeInbound() throws SSLException {
        try {
            if (this.D) {
                return;
            }
            this.p.deleteSecurityContext();
            this.D = true;
        } catch (MSException e2) {
            throw new SSLException(e2);
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public void closeOutbound() {
    }

    String d() {
        SSLSocketImpl sSLSocketImpl = this.m;
        return sSLSocketImpl != null ? sSLSocketImpl.getInetAddress().getHostAddress() : getPeerHost();
    }

    int e() {
        SSLSocketImpl sSLSocketImpl = this.m;
        return sSLSocketImpl != null ? sSLSocketImpl.getPort() : getPeerPort();
    }

    int f() {
        SSLSocketImpl sSLSocketImpl = this.m;
        if (sSLSocketImpl != null) {
            return sSLSocketImpl.getLocalPort();
        }
        return -1;
    }

    @Override // javax.net.ssl.SSLEngine
    public Runnable getDelegatedTask() {
        return null;
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getEnableSessionCreation() {
        return this.s;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String[] getEnabledCipherSuites() {
        return this.z.d();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getEnabledProtocols() {
        return this.y.b();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized SSLSession getHandshakeSession() {
        return this.q;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult.HandshakeStatus getHandshakeStatus() {
        return null;
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getNeedClientAuth() {
        return this.r == 2;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLSession getSession() {
        return this.q;
    }

    public SSLSocketImpl getSocketImpl() {
        return this.m;
    }

    public Sspi getSspi() {
        return this.p;
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getSupportedCipherSuites() {
        return this.o.g().d();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getSupportedProtocols() {
        return this.o.f().b();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getUseClientMode() {
        return !this.n;
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getWantClientAuth() {
        return true;
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean isInboundDone() {
        return this.D;
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean isOutboundDone() {
        return false;
    }

    public int renegotiation(byte[] bArr) throws SSLException {
        return this.n ? a(true) : a(true, bArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnableSessionCreation(boolean z) {
        this.s = z;
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnabledCipherSuites(String[] strArr) {
        this.z = new cl_4(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnabledProtocols(String[] strArr) {
        this.y = new cl_12(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setNeedClientAuth(boolean z) {
        this.r = z ? (byte) 2 : (byte) 0;
    }

    public void setSocketImpl(SSLSocketImpl sSLSocketImpl) throws IOException {
        this.m = sSLSocketImpl;
    }

    @Override // javax.net.ssl.SSLEngine
    public void setUseClientMode(boolean z) {
        this.n = !z;
    }

    @Override // javax.net.ssl.SSLEngine
    public void setWantClientAuth(boolean z) {
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i2, int i3) throws SSLException {
        return null;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult wrap(ByteBuffer[] byteBufferArr, int i2, int i3, ByteBuffer byteBuffer) throws SSLException {
        return null;
    }
}
