package org.openjsse.sun.security.ssl;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.Security;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.function.BiFunction;
import javax.net.ssl.SSLProtocolException;
import javax.net.ssl.SSLSocket;
import org.conscrypt.BuildConfig;
import org.openjsse.javax.net.ssl.SSLEngine;
import org.openjsse.sun.security.ssl.SSLExtension;
import org.openjsse.sun.security.ssl.SSLHandshake;

/* loaded from: classes.dex */
final class AlpnExtension {
    public static final Charset alpnCharset;
    public static final SSLStringizer alpnStringizer;
    public static final HandshakeProducer chNetworkProducer;
    public static final HandshakeAbsence chOnLoadAbsence;
    public static final SSLExtension.ExtensionConsumer chOnLoadConsumer;
    public static final HandshakeProducer eeNetworkProducer;
    public static final HandshakeAbsence eeOnLoadAbsence;
    public static final SSLExtension.ExtensionConsumer eeOnLoadConsumer;
    public static final HandshakeProducer shNetworkProducer;
    public static final HandshakeAbsence shOnLoadAbsence;
    public static final SSLExtension.ExtensionConsumer shOnLoadConsumer;

    /* loaded from: classes.dex */
    public static final class AlpnSpec implements SSLExtension.SSLExtensionSpec {
        public final List<String> applicationProtocols;

        private AlpnSpec(ByteBuffer byteBuffer) {
            if (byteBuffer.remaining() < 2) {
                StringBuilder y5 = androidx.activity.b.y("Invalid application_layer_protocol_negotiation: insufficient data (length=");
                y5.append(byteBuffer.remaining());
                y5.append(")");
                throw new SSLProtocolException(y5.toString());
            }
            int d5 = d.d(byteBuffer);
            if (d5 < 2 || d5 != byteBuffer.remaining()) {
                throw new SSLProtocolException(androidx.activity.b.n("Invalid application_layer_protocol_negotiation: incorrect list length (length=", d5, ")"));
            }
            LinkedList linkedList = new LinkedList();
            while (byteBuffer.hasRemaining()) {
                byte[] c = d.c(byteBuffer);
                if (c.length == 0) {
                    throw new SSLProtocolException("Invalid application_layer_protocol_negotiation extension: empty application protocol name");
                }
                linkedList.add(new String(c, AlpnExtension.alpnCharset));
            }
            this.applicationProtocols = Collections.unmodifiableList(linkedList);
        }

        private AlpnSpec(String[] strArr) {
            this.applicationProtocols = Collections.unmodifiableList(Arrays.asList(strArr));
        }

        public String toString() {
            return this.applicationProtocols.toString();
        }
    }

    /* loaded from: classes.dex */
    public static final class AlpnStringizer implements SSLStringizer {
        private AlpnStringizer() {
        }

        @Override // org.openjsse.sun.security.ssl.SSLStringizer
        public String toString(ByteBuffer byteBuffer) {
            try {
                return new AlpnSpec(byteBuffer).toString();
            } catch (IOException e5) {
                return e5.getMessage();
            }
        }
    }

    /* loaded from: classes.dex */
    public static final class CHAlpnAbsence implements HandshakeAbsence {
        private CHAlpnAbsence() {
        }

        @Override // org.openjsse.sun.security.ssl.HandshakeAbsence
        public void absent(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) {
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            serverHandshakeContext.applicationProtocol = BuildConfig.FLAVOR;
            serverHandshakeContext.conContext.applicationProtocol = BuildConfig.FLAVOR;
        }
    }

    /* loaded from: classes.dex */
    public static final class CHAlpnConsumer implements SSLExtension.ExtensionConsumer {
        private CHAlpnConsumer() {
        }

        @Override // org.openjsse.sun.security.ssl.SSLExtension.ExtensionConsumer
        public void consume(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage, ByteBuffer byteBuffer) {
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            SSLConfiguration sSLConfiguration = serverHandshakeContext.sslConfig;
            SSLExtension sSLExtension = SSLExtension.CH_ALPN;
            boolean z5 = false;
            if (!sSLConfiguration.isAvailable(sSLExtension)) {
                serverHandshakeContext.applicationProtocol = BuildConfig.FLAVOR;
                serverHandshakeContext.conContext.applicationProtocol = BuildConfig.FLAVOR;
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    StringBuilder y5 = androidx.activity.b.y("Ignore server unavailable extension: ");
                    y5.append(sSLExtension.name);
                    SSLLogger.info(y5.toString(), new Object[0]);
                    return;
                }
                return;
            }
            TransportContext transportContext = serverHandshakeContext.conContext;
            boolean z6 = !(transportContext.transport instanceof SSLEngine) ? serverHandshakeContext.sslConfig.socketAPSelector != null : serverHandshakeContext.sslConfig.engineAPSelector != null;
            String[] strArr = serverHandshakeContext.sslConfig.applicationProtocols;
            boolean z7 = strArr == null || strArr.length == 0;
            if (z6 && z7) {
                serverHandshakeContext.applicationProtocol = BuildConfig.FLAVOR;
                transportContext.applicationProtocol = BuildConfig.FLAVOR;
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    StringBuilder y6 = androidx.activity.b.y("Ignore server unenabled extension: ");
                    y6.append(sSLExtension.name);
                    SSLLogger.fine(y6.toString(), new Object[0]);
                    return;
                }
                return;
            }
            try {
                AlpnSpec alpnSpec = new AlpnSpec(byteBuffer);
                if (z6) {
                    List<String> list = alpnSpec.applicationProtocols;
                    String[] strArr2 = serverHandshakeContext.sslConfig.applicationProtocols;
                    int length = strArr2.length;
                    int i5 = 0;
                    while (true) {
                        if (i5 >= length) {
                            break;
                        }
                        String str = strArr2[i5];
                        if (list.contains(str)) {
                            serverHandshakeContext.applicationProtocol = str;
                            serverHandshakeContext.conContext.applicationProtocol = str;
                            z5 = true;
                            break;
                        }
                        i5++;
                    }
                    if (!z5) {
                        throw serverHandshakeContext.conContext.fatal(Alert.NO_APPLICATION_PROTOCOL, "No matching application layer protocol values");
                    }
                }
                serverHandshakeContext.handshakeExtensions.put(SSLExtension.CH_ALPN, alpnSpec);
            } catch (IOException e5) {
                throw serverHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, e5);
            }
        }
    }

    /* loaded from: classes.dex */
    public static final class CHAlpnProducer implements HandshakeProducer {
        public static final int MAX_AP_LENGTH = 255;
        public static final int MAX_AP_LIST_LENGTH = 65535;

        private CHAlpnProducer() {
        }

        @Override // org.openjsse.sun.security.ssl.HandshakeProducer
        public byte[] produce(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) {
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            SSLConfiguration sSLConfiguration = clientHandshakeContext.sslConfig;
            SSLExtension sSLExtension = SSLExtension.CH_ALPN;
            if (!sSLConfiguration.isAvailable(sSLExtension)) {
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    StringBuilder y5 = androidx.activity.b.y("Ignore client unavailable extension: ");
                    y5.append(sSLExtension.name);
                    SSLLogger.info(y5.toString(), new Object[0]);
                }
                clientHandshakeContext.applicationProtocol = BuildConfig.FLAVOR;
                clientHandshakeContext.conContext.applicationProtocol = BuildConfig.FLAVOR;
                return null;
            }
            String[] strArr = clientHandshakeContext.sslConfig.applicationProtocols;
            if (strArr == null || strArr.length == 0) {
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    SSLLogger.info("No available application protocols", new Object[0]);
                }
                return null;
            }
            int i5 = 0;
            for (String str : strArr) {
                int length = str.getBytes(AlpnExtension.alpnCharset).length;
                if (length == 0) {
                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                        SSLLogger.severe("Application protocol name cannot be empty", new Object[0]);
                    }
                    throw clientHandshakeContext.conContext.fatal(Alert.ILLEGAL_PARAMETER, "Application protocol name cannot be empty");
                }
                if (length > 255) {
                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                        SSLLogger.severe("Application protocol name (" + str + ") exceeds the size limit (" + MAX_AP_LENGTH + " bytes)", new Object[0]);
                    }
                    throw clientHandshakeContext.conContext.fatal(Alert.ILLEGAL_PARAMETER, "Application protocol name (" + str + ") exceeds the size limit (" + MAX_AP_LENGTH + " bytes)");
                }
                i5 += length + 1;
                if (i5 > 65535) {
                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                        StringBuilder y6 = androidx.activity.b.y("The configured application protocols (");
                        y6.append(Arrays.toString(strArr));
                        y6.append(") exceed the size limit (");
                        y6.append(65535);
                        y6.append(" bytes)");
                        SSLLogger.severe(y6.toString(), new Object[0]);
                    }
                    TransportContext transportContext = clientHandshakeContext.conContext;
                    Alert alert = Alert.ILLEGAL_PARAMETER;
                    StringBuilder y7 = androidx.activity.b.y("The configured application protocols (");
                    y7.append(Arrays.toString(strArr));
                    y7.append(") exceed the size limit (");
                    y7.append(65535);
                    y7.append(" bytes)");
                    throw transportContext.fatal(alert, y7.toString());
                }
            }
            byte[] bArr = new byte[i5 + 2];
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            d.k(wrap, i5);
            for (String str2 : strArr) {
                d.j(wrap, str2.getBytes(AlpnExtension.alpnCharset));
            }
            clientHandshakeContext.handshakeExtensions.put(SSLExtension.CH_ALPN, new AlpnSpec(clientHandshakeContext.sslConfig.applicationProtocols));
            return bArr;
        }
    }

    /* loaded from: classes.dex */
    public static final class SHAlpnAbsence implements HandshakeAbsence {
        private SHAlpnAbsence() {
        }

        @Override // org.openjsse.sun.security.ssl.HandshakeAbsence
        public void absent(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) {
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            clientHandshakeContext.applicationProtocol = BuildConfig.FLAVOR;
            clientHandshakeContext.conContext.applicationProtocol = BuildConfig.FLAVOR;
        }
    }

    /* loaded from: classes.dex */
    public static final class SHAlpnConsumer implements SSLExtension.ExtensionConsumer {
        private SHAlpnConsumer() {
        }

        @Override // org.openjsse.sun.security.ssl.SSLExtension.ExtensionConsumer
        public void consume(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage, ByteBuffer byteBuffer) {
            List<String> list;
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            Map<SSLExtension, SSLExtension.SSLExtensionSpec> map = clientHandshakeContext.handshakeExtensions;
            SSLExtension sSLExtension = SSLExtension.CH_ALPN;
            AlpnSpec alpnSpec = (AlpnSpec) map.get(sSLExtension);
            if (alpnSpec == null || (list = alpnSpec.applicationProtocols) == null || list.isEmpty()) {
                throw clientHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, androidx.activity.b.v(androidx.activity.b.y("Unexpected "), sSLExtension.name, " extension"));
            }
            try {
                AlpnSpec alpnSpec2 = new AlpnSpec(byteBuffer);
                if (alpnSpec2.applicationProtocols.size() != 1) {
                    throw clientHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, androidx.activity.b.v(androidx.activity.b.y("Invalid "), sSLExtension.name, " extension: Only one application protocol name is allowed in ServerHello message"));
                }
                if (!alpnSpec.applicationProtocols.containsAll(alpnSpec2.applicationProtocols)) {
                    throw clientHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, androidx.activity.b.v(androidx.activity.b.y("Invalid "), sSLExtension.name, " extension: Only client specified application protocol is allowed in ServerHello message"));
                }
                String str = alpnSpec2.applicationProtocols.get(0);
                clientHandshakeContext.applicationProtocol = str;
                clientHandshakeContext.conContext.applicationProtocol = str;
                clientHandshakeContext.handshakeExtensions.remove(sSLExtension);
            } catch (IOException e5) {
                throw clientHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, e5);
            }
        }
    }

    /* loaded from: classes.dex */
    public static final class SHAlpnProducer implements HandshakeProducer {
        private SHAlpnProducer() {
        }

        @Override // org.openjsse.sun.security.ssl.HandshakeProducer
        public byte[] produce(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) {
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            Map<SSLExtension, SSLExtension.SSLExtensionSpec> map = serverHandshakeContext.handshakeExtensions;
            SSLExtension sSLExtension = SSLExtension.CH_ALPN;
            AlpnSpec alpnSpec = (AlpnSpec) map.get(sSLExtension);
            if (alpnSpec == null) {
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    StringBuilder y5 = androidx.activity.b.y("Ignore unavailable extension: ");
                    y5.append(SSLExtension.SH_ALPN.name);
                    SSLLogger.fine(y5.toString(), new Object[0]);
                }
                serverHandshakeContext.applicationProtocol = BuildConfig.FLAVOR;
                serverHandshakeContext.conContext.applicationProtocol = BuildConfig.FLAVOR;
                return null;
            }
            List<String> list = alpnSpec.applicationProtocols;
            Object obj = serverHandshakeContext.conContext.transport;
            if (obj instanceof SSLEngine) {
                BiFunction<javax.net.ssl.SSLEngine, List<String>, String> biFunction = serverHandshakeContext.sslConfig.engineAPSelector;
                if (biFunction != null) {
                    String apply = biFunction.apply((SSLEngine) obj, list);
                    serverHandshakeContext.applicationProtocol = apply;
                    if (apply == null || (!apply.isEmpty() && !list.contains(serverHandshakeContext.applicationProtocol))) {
                        throw serverHandshakeContext.conContext.fatal(Alert.NO_APPLICATION_PROTOCOL, "No matching application layer protocol values");
                    }
                }
            } else {
                BiFunction<SSLSocket, List<String>, String> biFunction2 = serverHandshakeContext.sslConfig.socketAPSelector;
                if (biFunction2 != null) {
                    String apply2 = biFunction2.apply((org.openjsse.javax.net.ssl.SSLSocket) obj, list);
                    serverHandshakeContext.applicationProtocol = apply2;
                    if (apply2 == null || (!apply2.isEmpty() && !list.contains(serverHandshakeContext.applicationProtocol))) {
                        throw serverHandshakeContext.conContext.fatal(Alert.NO_APPLICATION_PROTOCOL, "No matching application layer protocol values");
                    }
                }
            }
            String str = serverHandshakeContext.applicationProtocol;
            if (str == null || str.isEmpty()) {
                serverHandshakeContext.applicationProtocol = BuildConfig.FLAVOR;
                serverHandshakeContext.conContext.applicationProtocol = BuildConfig.FLAVOR;
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    SSLLogger.warning("Ignore, no negotiated application layer protocol", new Object[0]);
                }
                return null;
            }
            byte[] bytes = serverHandshakeContext.applicationProtocol.getBytes(AlpnExtension.alpnCharset);
            int length = bytes.length + 1;
            byte[] bArr = new byte[length + 2];
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            d.k(wrap, length);
            d.j(wrap, bytes);
            serverHandshakeContext.conContext.applicationProtocol = serverHandshakeContext.applicationProtocol;
            serverHandshakeContext.handshakeExtensions.remove(sSLExtension);
            return bArr;
        }
    }

    static {
        chNetworkProducer = new CHAlpnProducer();
        chOnLoadConsumer = new CHAlpnConsumer();
        chOnLoadAbsence = new CHAlpnAbsence();
        shNetworkProducer = new SHAlpnProducer();
        shOnLoadConsumer = new SHAlpnConsumer();
        shOnLoadAbsence = new SHAlpnAbsence();
        eeNetworkProducer = new SHAlpnProducer();
        eeOnLoadConsumer = new SHAlpnConsumer();
        eeOnLoadAbsence = new SHAlpnAbsence();
        alpnStringizer = new AlpnStringizer();
        String str = (String) AccessController.doPrivileged(new PrivilegedAction() { // from class: org.openjsse.sun.security.ssl.a
            @Override // java.security.PrivilegedAction
            public final Object run() {
                String lambda$static$0;
                lambda$static$0 = AlpnExtension.lambda$static$0();
                return lambda$static$0;
            }
        });
        if (str == null || str.length() == 0) {
            str = "ISO_8859_1";
        }
        alpnCharset = Charset.forName(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ String lambda$static$0() {
        return Security.getProperty("jdk.tls.alpnCharset");
    }
}
