package org.bouncycastle.jsse.provider;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import org.bouncycastle.jsse.BCExtendedSSLSession;
import org.bouncycastle.jsse.BCSSLEngine;
import org.bouncycastle.jsse.BCSSLParameters;
import org.bouncycastle.jsse.BCX509Key;
import org.bouncycastle.tls.RecordPreview;
import org.bouncycastle.tls.SecurityParameters;
import org.bouncycastle.tls.TlsClientProtocol;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.TlsProtocol;
import org.bouncycastle.tls.TlsServerProtocol;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes6.dex */
public class ProvSSLEngine extends SSLEngine implements BCSSLEngine, ProvTlsManager {
    private static final Logger LOG = Logger.getLogger(ProvSSLEngine.class.getName());
    protected boolean closedEarly;
    protected ProvSSLConnection connection;
    protected final ContextData contextData;
    protected SSLException deferredException;
    protected boolean enableSessionCreation;
    protected ProvSSLSessionHandshake handshakeSession;
    protected SSLEngineResult.HandshakeStatus handshakeStatus;
    protected boolean initialHandshakeBegun;
    protected TlsProtocol protocol;
    protected ProvTlsPeer protocolPeer;
    protected final ProvSSLParameters sslParameters;
    protected boolean useClientMode;
    protected boolean useClientModeSet;

    /* JADX INFO: Access modifiers changed from: protected */
    public ProvSSLEngine(ContextData contextData) {
        this(contextData, null, -1);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ProvSSLEngine(ContextData contextData, String str, int i2) {
        super(str, i2);
        this.enableSessionCreation = true;
        this.useClientMode = true;
        this.useClientModeSet = false;
        this.closedEarly = false;
        this.initialHandshakeBegun = false;
        this.handshakeStatus = SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING;
        this.protocol = null;
        this.protocolPeer = null;
        this.connection = null;
        this.handshakeSession = null;
        this.deferredException = null;
        this.contextData = contextData;
        this.sslParameters = contextData.getContext().getDefaultSSLParameters(this.useClientMode);
    }

    private RecordPreview getRecordPreview(ByteBuffer byteBuffer) throws IOException {
        if (byteBuffer.remaining() < 5) {
            return null;
        }
        byte[] bArr = new byte[5];
        int position = byteBuffer.position();
        byteBuffer.get(bArr);
        byteBuffer.position(position);
        return this.protocol.previewInputRecord(bArr);
    }

    private int getTotalRemaining(ByteBuffer[] byteBufferArr, int i2, int i3, int i4) {
        int i5 = 0;
        for (int i6 = 0; i6 < i3; i6++) {
            int remaining = byteBufferArr[i2 + i6].remaining();
            if (remaining >= i4 - i5) {
                return i4;
            }
            i5 += remaining;
        }
        return i5;
    }

    private boolean hasInsufficientSpace(ByteBuffer[] byteBufferArr, int i2, int i3, int i4) {
        return getTotalRemaining(byteBufferArr, i2, i3, i4) < i4;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void beginHandshake() throws SSLException {
        SSLEngineResult.HandshakeStatus handshakeStatus;
        try {
            if (!this.useClientModeSet) {
                throw new IllegalStateException("Client/Server mode must be set before the handshake can begin");
            }
            if (this.closedEarly) {
                throw new SSLException("Connection is already closed");
            }
            if (this.initialHandshakeBegun) {
                throw new UnsupportedOperationException("Renegotiation not supported");
            }
            this.initialHandshakeBegun = true;
            try {
                if (this.useClientMode) {
                    TlsClientProtocol tlsClientProtocol = new TlsClientProtocol();
                    this.protocol = tlsClientProtocol;
                    ProvTlsClient provTlsClient = new ProvTlsClient(this, this.sslParameters);
                    this.protocolPeer = provTlsClient;
                    tlsClientProtocol.connect(provTlsClient);
                    handshakeStatus = SSLEngineResult.HandshakeStatus.NEED_WRAP;
                } else {
                    TlsServerProtocol tlsServerProtocol = new TlsServerProtocol();
                    this.protocol = tlsServerProtocol;
                    ProvTlsServer provTlsServer = new ProvTlsServer(this, this.sslParameters);
                    this.protocolPeer = provTlsServer;
                    tlsServerProtocol.accept(provTlsServer);
                    handshakeStatus = SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
                }
                this.handshakeStatus = handshakeStatus;
            } catch (SSLException e2) {
                throw e2;
            } catch (IOException e3) {
                throw new SSLException(e3);
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws IOException {
        try {
            this.contextData.getX509TrustManager().checkClientTrusted((X509Certificate[]) x509CertificateArr.clone(), str, this);
        } catch (CertificateException e2) {
            throw new TlsFatalAlert((short) 46, (Throwable) e2);
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws IOException {
        try {
            this.contextData.getX509TrustManager().checkServerTrusted((X509Certificate[]) x509CertificateArr.clone(), str, this);
        } catch (CertificateException e2) {
            throw new TlsFatalAlert((short) 46, (Throwable) e2);
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public BCX509Key chooseClientKey(String[] strArr, Principal[] principalArr) {
        return getContextData().getX509KeyManager().chooseEngineClientKeyBC(strArr, (Principal[]) JsseUtils.clone(principalArr), this);
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public BCX509Key chooseServerKey(String[] strArr, Principal[] principalArr) {
        return getContextData().getX509KeyManager().chooseEngineServerKeyBC(strArr, (Principal[]) JsseUtils.clone(principalArr), this);
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void closeInbound() throws SSLException {
        if (!this.closedEarly) {
            TlsProtocol tlsProtocol = this.protocol;
            if (tlsProtocol == null) {
                this.closedEarly = true;
            } else {
                try {
                    tlsProtocol.closeInput();
                } catch (IOException e2) {
                    throw new SSLException(e2);
                }
            }
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void closeOutbound() {
        if (!this.closedEarly) {
            TlsProtocol tlsProtocol = this.protocol;
            if (tlsProtocol == null) {
                this.closedEarly = true;
            } else {
                try {
                    tlsProtocol.close();
                } catch (IOException e2) {
                    LOG.log(Level.WARNING, "Failed to close outbound", (Throwable) e2);
                }
            }
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String getApplicationProtocol() {
        ProvSSLConnection provSSLConnection;
        provSSLConnection = this.connection;
        return provSSLConnection == null ? null : provSSLConnection.getApplicationProtocol();
    }

    @Override // org.bouncycastle.jsse.BCSSLEngine
    public synchronized BCExtendedSSLSession getBCHandshakeSession() {
        return this.handshakeSession;
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public ContextData getContextData() {
        return this.contextData;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized Runnable getDelegatedTask() {
        return null;
    }

    @Override // javax.net.ssl.SSLEngine, org.bouncycastle.jsse.provider.ProvTlsManager
    public synchronized boolean getEnableSessionCreation() {
        return this.enableSessionCreation;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String[] getEnabledCipherSuites() {
        return this.sslParameters.getCipherSuites();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String[] getEnabledProtocols() {
        return this.sslParameters.getProtocols();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String getHandshakeApplicationProtocol() {
        ProvSSLSessionHandshake provSSLSessionHandshake;
        provSSLSessionHandshake = this.handshakeSession;
        return provSSLSessionHandshake == null ? null : provSSLSessionHandshake.getApplicationProtocol();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized SSLSession getHandshakeSession() {
        ProvSSLSessionHandshake provSSLSessionHandshake;
        provSSLSessionHandshake = this.handshakeSession;
        return provSSLSessionHandshake == null ? null : provSSLSessionHandshake.getExportSSLSession();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized SSLEngineResult.HandshakeStatus getHandshakeStatus() {
        return this.handshakeStatus;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized boolean getNeedClientAuth() {
        return this.sslParameters.getNeedClientAuth();
    }

    @Override // org.bouncycastle.jsse.BCSSLEngine
    public synchronized BCSSLParameters getParameters() {
        return SSLParametersUtil.getParameters(this.sslParameters);
    }

    @Override // javax.net.ssl.SSLEngine, org.bouncycastle.jsse.provider.ProvTlsManager
    public String getPeerHost() {
        return super.getPeerHost();
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public String getPeerHostSNI() {
        return super.getPeerHost();
    }

    @Override // javax.net.ssl.SSLEngine, org.bouncycastle.jsse.provider.ProvTlsManager
    public int getPeerPort() {
        return super.getPeerPort();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized SSLParameters getSSLParameters() {
        return SSLParametersUtil.getSSLParameters(this.sslParameters);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLSession getSession() {
        return getSessionImpl().getExportSSLSession();
    }

    ProvSSLSession getSessionImpl() {
        ProvSSLConnection provSSLConnection = this.connection;
        return provSSLConnection == null ? ProvSSLSession.NULL_SESSION : provSSLConnection.getSession();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String[] getSupportedCipherSuites() {
        return this.contextData.getContext().getSupportedCipherSuites();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized String[] getSupportedProtocols() {
        return this.contextData.getContext().getSupportedProtocols();
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized boolean getUseClientMode() {
        return this.useClientMode;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized boolean getWantClientAuth() {
        return this.sslParameters.getWantClientAuth();
    }

    /* JADX WARN: Code restructure failed: missing block: B:8:0x000d, code lost:
    
        if (r0.isClosed() != false) goto L13;
     */
    @Override // javax.net.ssl.SSLEngine
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized boolean isInboundDone() {
        /*
            r1 = this;
            monitor-enter(r1)
            boolean r0 = r1.closedEarly     // Catch: java.lang.Throwable -> L10
            if (r0 != 0) goto L14
            org.bouncycastle.tls.TlsProtocol r0 = r1.protocol     // Catch: java.lang.Throwable -> L10
            if (r0 == 0) goto L12
            boolean r0 = r0.isClosed()     // Catch: java.lang.Throwable -> L10
            if (r0 == 0) goto L12
            goto L14
        L10:
            r0 = move-exception
            goto L17
        L12:
            r0 = 0
            goto L15
        L14:
            r0 = 1
        L15:
            monitor-exit(r1)
            return r0
        L17:
            monitor-exit(r1)     // Catch: java.lang.Throwable -> L10
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.ProvSSLEngine.isInboundDone():boolean");
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x0016, code lost:
    
        if (r2.protocol.getAvailableOutputBytes() < 1) goto L15;
     */
    @Override // javax.net.ssl.SSLEngine
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized boolean isOutboundDone() {
        /*
            r2 = this;
            monitor-enter(r2)
            boolean r0 = r2.closedEarly     // Catch: java.lang.Throwable -> L19
            r1 = 1
            if (r0 != 0) goto L1c
            org.bouncycastle.tls.TlsProtocol r0 = r2.protocol     // Catch: java.lang.Throwable -> L19
            if (r0 == 0) goto L1b
            boolean r0 = r0.isClosed()     // Catch: java.lang.Throwable -> L19
            if (r0 == 0) goto L1b
            org.bouncycastle.tls.TlsProtocol r0 = r2.protocol     // Catch: java.lang.Throwable -> L19
            int r0 = r0.getAvailableOutputBytes()     // Catch: java.lang.Throwable -> L19
            if (r0 >= r1) goto L1b
            goto L1c
        L19:
            r0 = move-exception
            goto L1e
        L1b:
            r1 = 0
        L1c:
            monitor-exit(r2)
            return r1
        L1e:
            monitor-exit(r2)     // Catch: java.lang.Throwable -> L19
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.ProvSSLEngine.isOutboundDone():boolean");
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public synchronized void notifyHandshakeComplete(ProvSSLConnection provSSLConnection) {
        try {
            ProvSSLSessionHandshake provSSLSessionHandshake = this.handshakeSession;
            if (provSSLSessionHandshake != null) {
                if (!provSSLSessionHandshake.isValid()) {
                    provSSLConnection.getSession().invalidate();
                }
                this.handshakeSession.getJsseSecurityParameters().clear();
            }
            this.handshakeSession = null;
            this.connection = provSSLConnection;
        } catch (Throwable th) {
            throw th;
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public synchronized void notifyHandshakeSession(ProvSSLSessionContext provSSLSessionContext, SecurityParameters securityParameters, JsseSecurityParameters jsseSecurityParameters, ProvSSLSession provSSLSession) {
        try {
            String peerHost = getPeerHost();
            int peerPort = getPeerPort();
            if (provSSLSession != null) {
                this.handshakeSession = new ProvSSLSessionResumed(provSSLSessionContext, peerHost, peerPort, securityParameters, jsseSecurityParameters, provSSLSession.getTlsSession(), provSSLSession.getJsseSessionParameters());
            } else {
                this.handshakeSession = new ProvSSLSessionHandshake(provSSLSessionContext, peerHost, peerPort, securityParameters, jsseSecurityParameters);
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public synchronized String selectApplicationProtocol(List<String> list) {
        return this.sslParameters.getEngineAPSelector().select(this, list);
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void setEnableSessionCreation(boolean z2) {
        this.enableSessionCreation = z2;
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void setEnabledCipherSuites(String[] strArr) {
        this.sslParameters.setCipherSuites(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void setEnabledProtocols(String[] strArr) {
        this.sslParameters.setProtocols(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void setNeedClientAuth(boolean z2) {
        this.sslParameters.setNeedClientAuth(z2);
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void setSSLParameters(SSLParameters sSLParameters) {
        SSLParametersUtil.setSSLParameters(this.sslParameters, sSLParameters);
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void setUseClientMode(boolean z2) {
        try {
            if (this.initialHandshakeBegun) {
                throw new IllegalArgumentException("Client/Server mode cannot be changed after the handshake has begun");
            }
            if (this.useClientMode != z2) {
                this.contextData.getContext().updateDefaultSSLParameters(this.sslParameters, z2);
                this.useClientMode = z2;
            }
            this.useClientModeSet = true;
        } catch (Throwable th) {
            throw th;
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public synchronized void setWantClientAuth(boolean z2) {
        this.sslParameters.setWantClientAuth(z2);
    }

    /* JADX WARN: Removed duplicated region for block: B:55:0x00c7 A[Catch: all -> 0x0009, TryCatch #2 {all -> 0x0009, blocks: (B:3:0x0001, B:5:0x0005, B:6:0x000c, B:8:0x0017, B:10:0x008d, B:12:0x0093, B:14:0x009b, B:15:0x009d, B:16:0x00a0, B:18:0x00a8, B:19:0x00af, B:21:0x00b7, B:22:0x00ba, B:27:0x001c, B:29:0x0022, B:32:0x002d, B:34:0x0037, B:37:0x003f, B:39:0x004d, B:45:0x005b, B:47:0x0067, B:49:0x0077, B:53:0x00c1, B:55:0x00c7, B:57:0x00cb, B:58:0x00d2, B:61:0x00df, B:62:0x00e4, B:66:0x007e, B:67:0x0085, B:74:0x0089), top: B:2:0x0001 }] */
    /* JADX WARN: Removed duplicated region for block: B:61:0x00df A[Catch: all -> 0x0009, TRY_ENTER, TryCatch #2 {all -> 0x0009, blocks: (B:3:0x0001, B:5:0x0005, B:6:0x000c, B:8:0x0017, B:10:0x008d, B:12:0x0093, B:14:0x009b, B:15:0x009d, B:16:0x00a0, B:18:0x00a8, B:19:0x00af, B:21:0x00b7, B:22:0x00ba, B:27:0x001c, B:29:0x0022, B:32:0x002d, B:34:0x0037, B:37:0x003f, B:39:0x004d, B:45:0x005b, B:47:0x0067, B:49:0x0077, B:53:0x00c1, B:55:0x00c7, B:57:0x00cb, B:58:0x00d2, B:61:0x00df, B:62:0x00e4, B:66:0x007e, B:67:0x0085, B:74:0x0089), top: B:2:0x0001 }] */
    @Override // javax.net.ssl.SSLEngine
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer r10, java.nio.ByteBuffer[] r11, int r12, int r13) throws javax.net.ssl.SSLException {
        /*
            Method dump skipped, instructions count: 231
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.ProvSSLEngine.unwrap(java.nio.ByteBuffer, java.nio.ByteBuffer[], int, int):javax.net.ssl.SSLEngineResult");
    }

    /* JADX WARN: Removed duplicated region for block: B:34:0x0086 A[Catch: all -> 0x000d, TryCatch #1 {all -> 0x000d, blocks: (B:3:0x0001, B:5:0x0005, B:7:0x0009, B:8:0x0010, B:10:0x0019, B:12:0x0021, B:13:0x0025, B:16:0x002e, B:18:0x003a, B:20:0x004e, B:21:0x0053, B:24:0x005b, B:26:0x006b, B:28:0x006f, B:31:0x0072, B:32:0x007e, B:34:0x0086, B:36:0x0090, B:37:0x009d, B:38:0x009f, B:42:0x00a8, B:44:0x00b0, B:45:0x00b7, B:47:0x00bf, B:48:0x00c1, B:49:0x00c4, B:50:0x00c7, B:57:0x0078, B:58:0x007d, B:61:0x00cf, B:62:0x00d1), top: B:2:0x0001, inners: #0 }] */
    /* JADX WARN: Removed duplicated region for block: B:44:0x00b0 A[Catch: all -> 0x000d, TryCatch #1 {all -> 0x000d, blocks: (B:3:0x0001, B:5:0x0005, B:7:0x0009, B:8:0x0010, B:10:0x0019, B:12:0x0021, B:13:0x0025, B:16:0x002e, B:18:0x003a, B:20:0x004e, B:21:0x0053, B:24:0x005b, B:26:0x006b, B:28:0x006f, B:31:0x0072, B:32:0x007e, B:34:0x0086, B:36:0x0090, B:37:0x009d, B:38:0x009f, B:42:0x00a8, B:44:0x00b0, B:45:0x00b7, B:47:0x00bf, B:48:0x00c1, B:49:0x00c4, B:50:0x00c7, B:57:0x0078, B:58:0x007d, B:61:0x00cf, B:62:0x00d1), top: B:2:0x0001, inners: #0 }] */
    /* JADX WARN: Removed duplicated region for block: B:45:0x00b7 A[Catch: all -> 0x000d, TryCatch #1 {all -> 0x000d, blocks: (B:3:0x0001, B:5:0x0005, B:7:0x0009, B:8:0x0010, B:10:0x0019, B:12:0x0021, B:13:0x0025, B:16:0x002e, B:18:0x003a, B:20:0x004e, B:21:0x0053, B:24:0x005b, B:26:0x006b, B:28:0x006f, B:31:0x0072, B:32:0x007e, B:34:0x0086, B:36:0x0090, B:37:0x009d, B:38:0x009f, B:42:0x00a8, B:44:0x00b0, B:45:0x00b7, B:47:0x00bf, B:48:0x00c1, B:49:0x00c4, B:50:0x00c7, B:57:0x0078, B:58:0x007d, B:61:0x00cf, B:62:0x00d1), top: B:2:0x0001, inners: #0 }] */
    @Override // javax.net.ssl.SSLEngine
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized javax.net.ssl.SSLEngineResult wrap(java.nio.ByteBuffer[] r10, int r11, int r12, java.nio.ByteBuffer r13) throws javax.net.ssl.SSLException {
        /*
            Method dump skipped, instructions count: 212
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.ProvSSLEngine.wrap(java.nio.ByteBuffer[], int, int, java.nio.ByteBuffer):javax.net.ssl.SSLEngineResult");
    }
}
