package net.luminis.tls.engine.impl;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.function.Function;
import net.luminis.tls.ProtectionKeysType;
import net.luminis.tls.TlsConstants;
import net.luminis.tls.TlsProtocolException;
import net.luminis.tls.alert.DecryptErrorAlert;
import net.luminis.tls.alert.UnexpectedMessageAlert;
import net.luminis.tls.engine.ServerMessageProcessor;
import net.luminis.tls.engine.ServerMessageSender;
import net.luminis.tls.engine.TlsServerEngine;
import net.luminis.tls.engine.TlsSessionRegistry;
import net.luminis.tls.engine.TlsStatusEventHandler;
import net.luminis.tls.extension.ClientHelloPreSharedKeyExtension;
import net.luminis.tls.extension.Extension;
import net.luminis.tls.handshake.CertificateMessage;
import net.luminis.tls.handshake.CertificateRequestMessage;
import net.luminis.tls.handshake.CertificateVerifyMessage;
import net.luminis.tls.handshake.ClientHello;
import net.luminis.tls.handshake.EncryptedExtensions;
import net.luminis.tls.handshake.FinishedMessage;
import net.luminis.tls.handshake.NewSessionTicketMessage;
import net.luminis.tls.handshake.ServerHello;

/* loaded from: classes4.dex */
public class TlsServerEngineImpl extends TlsEngineImpl implements TlsServerEngine, ServerMessageProcessor {
    public final Set<TlsConstants.CipherSuite> e;
    public final ArrayList<Extension> f;
    public ServerMessageSender g;
    public TlsStatusEventHandler h;
    public List<X509Certificate> j;
    public PrivateKey k;
    public TranscriptHash l;
    public TlsConstants.CipherSuite m;
    public List<Extension> n;
    public List<TlsConstants.PskKeyExchangeMode> o;
    public TlsSessionRegistry p;
    public String r;
    public byte[] t;
    public Function<ByteBuffer, Boolean> u;
    public Status i = Status.Start;
    public byte q = 0;
    public Long s = 4294967295L;

    /* loaded from: classes4.dex */
    public enum Status {
        Start,
        ReceivedClientHello,
        Negotiated,
        WaitFinished,
        Connected
    }

    public TlsServerEngineImpl(List<X509Certificate> list, PrivateKey privateKey, ServerMessageSender serverMessageSender, TlsStatusEventHandler tlsStatusEventHandler, TlsSessionRegistry tlsSessionRegistry) {
        this.j = list;
        this.k = privateKey;
        this.g = serverMessageSender;
        this.h = tlsStatusEventHandler;
        HashSet hashSet = new HashSet();
        this.e = hashSet;
        hashSet.add(TlsConstants.CipherSuite.TLS_AES_128_GCM_SHA256);
        this.f = new ArrayList<>();
        this.n = new ArrayList();
        this.o = new ArrayList();
        this.p = tlsSessionRegistry;
    }

    public static TlsConstants.SignatureScheme H(X509Certificate x509Certificate) throws TlsProtocolException {
        String sigAlgName = x509Certificate.getSigAlgName();
        sigAlgName.hashCode();
        char c = 65535;
        switch (sigAlgName.hashCode()) {
            case -840266709:
                if (sigAlgName.equals("SHA384WITHECDSA")) {
                    c = 0;
                    break;
                }
                break;
            case -794853417:
                if (sigAlgName.equals("SHA384withRSA")) {
                    c = 1;
                    break;
                }
                break;
            case -611254448:
                if (sigAlgName.equals("SHA512withRSA")) {
                    c = 2;
                    break;
                }
                break;
            case -495316636:
                if (sigAlgName.equals("SHA512WITHECDSA")) {
                    c = 3;
                    break;
                }
                break;
            case -280290445:
                if (sigAlgName.equals("SHA256withRSA")) {
                    c = 4;
                    break;
                }
                break;
            case -266489657:
                if (sigAlgName.equals("SHA256WITHECDSA")) {
                    c = 5;
                    break;
                }
                break;
            case -76838953:
                if (sigAlgName.equals("SHA384WITHRSA")) {
                    c = 6;
                    break;
                }
                break;
            case 106760016:
                if (sigAlgName.equals("SHA512WITHRSA")) {
                    c = 7;
                    break;
                }
                break;
            case 437724019:
                if (sigAlgName.equals("SHA256WITHRSA")) {
                    c = '\b';
                    break;
                }
                break;
            case 637568043:
                if (sigAlgName.equals("SHA384withECDSA")) {
                    c = '\t';
                    break;
                }
                break;
            case 982518116:
                if (sigAlgName.equals("SHA512withECDSA")) {
                    c = '\n';
                    break;
                }
                break;
            case 1211345095:
                if (sigAlgName.equals("SHA256withECDSA")) {
                    c = 11;
                    break;
                }
                break;
        }
        switch (c) {
            case 0:
            case '\t':
                return TlsConstants.SignatureScheme.ecdsa_secp384r1_sha384;
            case 1:
            case 6:
                return TlsConstants.SignatureScheme.rsa_pss_rsae_sha384;
            case 2:
            case 7:
                return TlsConstants.SignatureScheme.rsa_pss_rsae_sha512;
            case 3:
            case '\n':
                return TlsConstants.SignatureScheme.ecdsa_secp521r1_sha512;
            case 4:
            case '\b':
                return TlsConstants.SignatureScheme.rsa_pss_rsae_sha256;
            case 5:
            case 11:
                return TlsConstants.SignatureScheme.ecdsa_secp256r1_sha256;
            default:
                throw new TlsProtocolException("Unknown or unsupported certificate type " + x509Certificate.getSigAlgName());
        }
    }

    public final boolean I(byte[] bArr) {
        Function<ByteBuffer, Boolean> function = this.u;
        if (function == null || bArr == null) {
            return true;
        }
        return function.apply(ByteBuffer.wrap(bArr)).booleanValue();
    }

    public boolean J(ClientHelloPreSharedKeyExtension.PskBinderEntry pskBinderEntry, int i, ClientHello clientHello) {
        return Arrays.equals(pskBinderEntry.a(), this.c.a(Arrays.copyOfRange(clientHello.b(), 0, clientHello.k() + i)));
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void a(List<TlsConstants.CipherSuite> list) {
        this.e.addAll(list);
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public TlsConstants.CipherSuite b() {
        return this.m;
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void c(EncryptedExtensions encryptedExtensions, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void e(FinishedMessage finishedMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
        if (this.i != Status.WaitFinished) {
            return;
        }
        if (protectionKeysType != ProtectionKeysType.Handshake) {
            throw new UnexpectedMessageAlert("incorrect protection level");
        }
        this.l.i(finishedMessage);
        if (!Arrays.equals(finishedMessage.g(), A(this.l.g(TlsConstants.HandshakeType.finished), this.c.l()))) {
            throw new DecryptErrorAlert("incorrect finished message");
        }
        this.c.h();
        this.h.b();
        this.i = Status.Connected;
        if (this.p == null || !this.o.contains(TlsConstants.PskKeyExchangeMode.psk_dhe_ke)) {
            return;
        }
        TlsSessionRegistry tlsSessionRegistry = this.p;
        byte b = this.q;
        this.q = (byte) (b + 1);
        this.g.d(tlsSessionRegistry.d(b, this.m, this.c, this.r, this.s, this.t));
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void f(CertificateMessage certificateMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void g(Extension extension) {
        this.n.add(extension);
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void h(CertificateRequestMessage certificateRequestMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void i(ServerHello serverHello, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void m(CertificateVerifyMessage certificateVerifyMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void n(Function<ByteBuffer, Boolean> function) {
        this.u = function;
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void p(byte[] bArr) {
        this.t = bArr;
    }

    /* JADX WARN: Removed duplicated region for block: B:102:0x026b  */
    /* JADX WARN: Removed duplicated region for block: B:105:0x02a2  */
    /* JADX WARN: Removed duplicated region for block: B:108:0x02bf  */
    /* JADX WARN: Removed duplicated region for block: B:111:0x022e  */
    /* JADX WARN: Removed duplicated region for block: B:99:0x020b  */
    @Override // net.luminis.tls.engine.MessageProcessor
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void t(net.luminis.tls.handshake.ClientHello r12, net.luminis.tls.ProtectionKeysType r13) throws net.luminis.tls.TlsProtocolException, java.io.IOException {
        /*
            Method dump skipped, instructions count: 886
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.luminis.tls.engine.impl.TlsServerEngineImpl.t(net.luminis.tls.handshake.ClientHello, net.luminis.tls.ProtectionKeysType):void");
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void u(NewSessionTicketMessage newSessionTicketMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void y(String str) {
        if (str == null) {
            throw new IllegalArgumentException();
        }
        this.r = str;
    }
}
