package org.intellicastle.jsse.provider;

import java.util.ArrayList;
import java.util.Comparator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import java.util.Vector;
import org.intellicastle.jsse.BCX509ExtendedKeyManager;
import org.intellicastle.jsse.BCX509ExtendedTrustManager;
import org.intellicastle.jsse.java.security.BCAlgorithmConstraints;
import org.intellicastle.jsse.java.security.BCCryptoPrimitive;
import org.intellicastle.jsse.provider.NamedGroupInfo;
import org.intellicastle.jsse.provider.SignatureSchemeInfo;
import org.intellicastle.tls.ProtocolVersion;
import org.intellicastle.tls.SignatureAndHashAlgorithm;
import org.intellicastle.tls.TlsUtils;
import org.intellicastle.tls.crypto.impl.jcajce.JcaTlsCrypto;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/intellicastle/jsse/provider/ContextData.class */
public final class ContextData {
    private static final Set<BCCryptoPrimitive> TLS_CRYPTO_PRIMITIVES_BC = JsseUtils.KEY_AGREEMENT_CRYPTO_PRIMITIVES_BC;
    private final boolean fipsMode;
    private final JcaTlsCrypto crypto;
    private final BCX509ExtendedKeyManager x509KeyManager;
    private final BCX509ExtendedTrustManager x509TrustManager;
    private final Map<String, CipherSuiteInfo> supportedCipherSuites;
    private final Map<String, ProtocolVersion> supportedProtocols;
    private final String[] defaultCipherSuitesClient;
    private final String[] defaultCipherSuitesServer;
    private final String[] defaultProtocolsClient;
    private final String[] defaultProtocolsServer;
    private final ProvSSLSessionContext clientSessionContext = new ProvSSLSessionContext(this);
    private final ProvSSLSessionContext serverSessionContext = new ProvSSLSessionContext(this);
    private final NamedGroupInfo.PerContext namedGroups;
    private final SignatureSchemeInfo.PerContext signatureSchemes;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ContextData(boolean z, JcaTlsCrypto jcaTlsCrypto, BCX509ExtendedKeyManager bCX509ExtendedKeyManager, BCX509ExtendedTrustManager bCX509ExtendedTrustManager, Map<String, CipherSuiteInfo> map, Map<String, ProtocolVersion> map2, String[] strArr, String[] strArr2, String[] strArr3, String[] strArr4) {
        this.fipsMode = z;
        this.crypto = jcaTlsCrypto;
        this.x509KeyManager = bCX509ExtendedKeyManager;
        this.x509TrustManager = bCX509ExtendedTrustManager;
        this.supportedCipherSuites = map;
        this.supportedProtocols = map2;
        this.defaultCipherSuitesClient = strArr;
        this.defaultCipherSuitesServer = strArr2;
        this.defaultProtocolsClient = strArr3;
        this.defaultProtocolsServer = strArr4;
        this.namedGroups = NamedGroupInfo.createPerContext(z, jcaTlsCrypto);
        this.signatureSchemes = SignatureSchemeInfo.createPerContext(z, jcaTlsCrypto, this.namedGroups);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Removed duplicated region for block: B:15:0x0096  */
    /* JADX WARN: Removed duplicated region for block: B:18:0x00a3 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public int[] getActiveCipherSuites(org.intellicastle.tls.crypto.impl.jcajce.JcaTlsCrypto r6, org.intellicastle.jsse.provider.ProvSSLParameters r7, org.intellicastle.tls.ProtocolVersion[] r8) {
        /*
            r5 = this;
            r0 = r7
            java.lang.String[] r0 = r0.getCipherSuitesArray()
            r9 = r0
            r0 = r7
            org.intellicastle.jsse.java.security.BCAlgorithmConstraints r0 = r0.getAlgorithmConstraints()
            r10 = r0
            r0 = r8
            org.intellicastle.tls.ProtocolVersion r0 = org.intellicastle.tls.ProtocolVersion.getLatestTLS(r0)
            r11 = r0
            r0 = r8
            org.intellicastle.tls.ProtocolVersion r0 = org.intellicastle.tls.ProtocolVersion.getEarliestTLS(r0)
            r12 = r0
            r0 = r11
            boolean r0 = org.intellicastle.tls.TlsUtils.isTLSv13(r0)
            r13 = r0
            r0 = r12
            boolean r0 = org.intellicastle.tls.TlsUtils.isTLSv13(r0)
            if (r0 != 0) goto L2b
            r0 = 1
            goto L2c
        L2b:
            r0 = 0
        L2c:
            r14 = r0
            r0 = r9
            int r0 = r0.length
            int[] r0 = new int[r0]
            r15 = r0
            r0 = 0
            r16 = r0
            r0 = r9
            r17 = r0
            r0 = r17
            int r0 = r0.length
            r18 = r0
            r0 = 0
            r19 = r0
        L44:
            r0 = r19
            r1 = r18
            if (r0 >= r1) goto La9
            r0 = r17
            r1 = r19
            r0 = r0[r1]
            r20 = r0
            r0 = r5
            java.util.Map<java.lang.String, org.intellicastle.jsse.provider.CipherSuiteInfo> r0 = r0.supportedCipherSuites
            r1 = r20
            java.lang.Object r0 = r0.get(r1)
            org.intellicastle.jsse.provider.CipherSuiteInfo r0 = (org.intellicastle.jsse.provider.CipherSuiteInfo) r0
            r21 = r0
            r0 = 0
            r1 = r21
            if (r0 != r1) goto L6b
            goto La3
        L6b:
            r0 = r21
            boolean r0 = r0.isTLSv13()
            if (r0 == 0) goto L7b
            r0 = r13
            if (r0 != 0) goto L83
            goto La3
        L7b:
            r0 = r14
            if (r0 != 0) goto L83
            goto La3
        L83:
            r0 = r10
            java.util.Set<org.intellicastle.jsse.java.security.BCCryptoPrimitive> r1 = org.intellicastle.jsse.provider.ContextData.TLS_CRYPTO_PRIMITIVES_BC
            r2 = r20
            r3 = 0
            boolean r0 = r0.permits(r1, r2, r3)
            if (r0 != 0) goto L96
            goto La3
        L96:
            r0 = r15
            r1 = r16
            int r16 = r16 + 1
            r2 = r21
            int r2 = r2.getCipherSuite()
            r0[r1] = r2
        La3:
            int r19 = r19 + 1
            goto L44
        La9:
            r0 = r6
            r1 = r15
            r2 = 0
            r3 = r16
            int[] r0 = org.intellicastle.tls.TlsUtils.getSupportedCipherSuites(r0, r1, r2, r3)
            r17 = r0
            r0 = r17
            int r0 = r0.length
            r1 = 1
            if (r0 >= r1) goto Lc5
            java.lang.IllegalStateException r0 = new java.lang.IllegalStateException
            r1 = r0
            java.lang.String r2 = "No usable cipher suites enabled"
            r1.<init>(r2)
            throw r0
        Lc5:
            r0 = r17
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.intellicastle.jsse.provider.ContextData.getActiveCipherSuites(org.intellicastle.tls.crypto.impl.jcajce.JcaTlsCrypto, org.intellicastle.jsse.provider.ProvSSLParameters, org.intellicastle.tls.ProtocolVersion[]):int[]");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProtocolVersion[] getActiveProtocolVersions(ProvSSLParameters provSSLParameters) {
        String[] protocolsArray = provSSLParameters.getProtocolsArray();
        BCAlgorithmConstraints algorithmConstraints = provSSLParameters.getAlgorithmConstraints();
        TreeSet treeSet = new TreeSet(new Comparator<ProtocolVersion>() { // from class: org.intellicastle.jsse.provider.ContextData.1
            @Override // java.util.Comparator
            public int compare(ProtocolVersion protocolVersion, ProtocolVersion protocolVersion2) {
                if (protocolVersion.isLaterVersionOf(protocolVersion2)) {
                    return -1;
                }
                return protocolVersion2.isLaterVersionOf(protocolVersion) ? 1 : 0;
            }
        });
        for (String str : protocolsArray) {
            ProtocolVersion protocolVersion = this.supportedProtocols.get(str);
            if (null != protocolVersion && algorithmConstraints.permits(TLS_CRYPTO_PRIMITIVES_BC, str, null)) {
                treeSet.add(protocolVersion);
            }
        }
        if (treeSet.isEmpty()) {
            throw new IllegalStateException("No usable protocols enabled");
        }
        return (ProtocolVersion[]) treeSet.toArray(new ProtocolVersion[treeSet.size()]);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProvSSLSessionContext getClientSessionContext() {
        return this.clientSessionContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JcaTlsCrypto getCrypto() {
        return this.crypto;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getDefaultCipherSuites(boolean z) {
        return (String[]) implGetDefaultCipherSuites(z).clone();
    }

    String[] getDefaultProtocols(boolean z) {
        return (String[]) implGetDefaultProtocols(z).clone();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProvSSLParameters getDefaultSSLParameters(boolean z) {
        return new ProvSSLParameters(this, implGetDefaultCipherSuites(z), implGetDefaultProtocols(z));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProvSSLParameters getSupportedSSLParameters(boolean z) {
        return new ProvSSLParameters(this, getSupportedCipherSuites(), getSupportedProtocols());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public NamedGroupInfo.PerConnection getNamedGroupsClient(ProvSSLParameters provSSLParameters, ProtocolVersion[] protocolVersionArr) {
        return NamedGroupInfo.createPerConnectionClient(this.namedGroups, provSSLParameters, protocolVersionArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public NamedGroupInfo.PerConnection getNamedGroupsServer(ProvSSLParameters provSSLParameters, ProtocolVersion protocolVersion) {
        return NamedGroupInfo.createPerConnectionServer(this.namedGroups, provSSLParameters, protocolVersion);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProvSSLSessionContext getServerSessionContext() {
        return this.serverSessionContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignatureSchemeInfo.PerConnection getSignatureSchemesClient(ProvSSLParameters provSSLParameters, ProtocolVersion[] protocolVersionArr, NamedGroupInfo.PerConnection perConnection) {
        return SignatureSchemeInfo.createPerConnectionClient(this.signatureSchemes, provSSLParameters, protocolVersionArr, perConnection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignatureSchemeInfo.PerConnection getSignatureSchemesServer(ProvSSLParameters provSSLParameters, ProtocolVersion protocolVersion, NamedGroupInfo.PerConnection perConnection) {
        return SignatureSchemeInfo.createPerConnectionServer(this.signatureSchemes, provSSLParameters, protocolVersion, perConnection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<SignatureSchemeInfo> getSignatureSchemes(Vector<SignatureAndHashAlgorithm> vector) {
        return SignatureSchemeInfo.getSignatureSchemes(this.signatureSchemes, vector);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getSupportedCipherSuites() {
        return JsseUtils.getKeysArray(this.supportedCipherSuites);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getSupportedCipherSuites(String[] strArr) {
        if (null == strArr) {
            throw new NullPointerException("'cipherSuites' cannot be null");
        }
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            if (TlsUtils.isNullOrEmpty(str)) {
                throw new IllegalArgumentException("'cipherSuites' cannot contain null or empty string elements");
            }
            if (this.supportedCipherSuites.containsKey(str)) {
                arrayList.add(str);
            }
        }
        return JsseUtils.getArray(arrayList);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getSupportedProtocols() {
        return JsseUtils.getKeysArray(this.supportedProtocols);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BCX509ExtendedKeyManager getX509KeyManager() {
        return this.x509KeyManager;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BCX509ExtendedTrustManager getX509TrustManager() {
        return this.x509TrustManager;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isFipsMode() {
        return this.fipsMode;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isSupportedProtocols(String[] strArr) {
        if (strArr == null) {
            return false;
        }
        for (String str : strArr) {
            if (str == null || !this.supportedProtocols.containsKey(str)) {
                return false;
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateDefaultSSLParameters(ProvSSLParameters provSSLParameters, boolean z) {
        if (provSSLParameters.getCipherSuitesArray() == implGetDefaultCipherSuites(!z)) {
            provSSLParameters.setCipherSuitesArray(implGetDefaultCipherSuites(z));
        }
        if (provSSLParameters.getProtocolsArray() == implGetDefaultProtocols(!z)) {
            provSSLParameters.setProtocolsArray(implGetDefaultProtocols(z));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String validateNegotiatedCipherSuite(ProvSSLParameters provSSLParameters, int i) {
        String cipherSuiteName = ProvSSLContextSpi.getCipherSuiteName(i);
        if (null != cipherSuiteName && JsseUtils.contains(provSSLParameters.getCipherSuitesArray(), cipherSuiteName) && provSSLParameters.getAlgorithmConstraints().permits(TLS_CRYPTO_PRIMITIVES_BC, cipherSuiteName, null) && this.supportedCipherSuites.containsKey(cipherSuiteName)) {
            return cipherSuiteName;
        }
        throw new IllegalStateException("SSL connection negotiated unsupported ciphersuite: " + i);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String validateNegotiatedProtocol(ProvSSLParameters provSSLParameters, ProtocolVersion protocolVersion) {
        String protocolVersionName = ProvSSLContextSpi.getProtocolVersionName(protocolVersion);
        if (null != protocolVersionName && JsseUtils.contains(provSSLParameters.getProtocolsArray(), protocolVersionName) && provSSLParameters.getAlgorithmConstraints().permits(TLS_CRYPTO_PRIMITIVES_BC, protocolVersionName, null) && this.supportedProtocols.containsKey(protocolVersionName)) {
            return protocolVersionName;
        }
        throw new IllegalStateException("SSL connection negotiated unsupported protocol: " + protocolVersion);
    }

    private String[] implGetDefaultCipherSuites(boolean z) {
        return z ? this.defaultCipherSuitesClient : this.defaultCipherSuitesServer;
    }

    private String[] implGetDefaultProtocols(boolean z) {
        return z ? this.defaultProtocolsClient : this.defaultProtocolsServer;
    }
}
