package org.openeuler.sun.security.ssl;

import java.io.IOException;
import java.nio.ByteBuffer;
import javax.net.ssl.SSLProtocolException;
import org.openeuler.sun.security.ssl.SSLExtension;
import org.openeuler.sun.security.ssl.SSLHandshake;

/* loaded from: classes6.dex */
final class ExtendedMasterSecretExtension {
    static final HandshakeProducer chNetworkProducer;
    static final HandshakeAbsence chOnLoadAbsence;
    static final SSLExtension.ExtensionConsumer chOnLoadConsumer;
    static final SSLStringizer emsStringizer;
    static final HandshakeProducer shNetworkProducer;
    static final HandshakeAbsence shOnLoadAbsence;
    static final SSLExtension.ExtensionConsumer shOnLoadConsumer;

    /* loaded from: classes6.dex */
    private static final class CHExtendedMasterSecretAbsence implements HandshakeAbsence {
        private CHExtendedMasterSecretAbsence() {
        }

        @Override // org.openeuler.sun.security.ssl.HandshakeAbsence
        public void absent(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) throws IOException {
            SSLSessionImpl sSLSessionImpl;
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            SSLConfiguration sSLConfiguration = serverHandshakeContext.sslConfig;
            SSLExtension sSLExtension = SSLExtension.CH_EXTENDED_MASTER_SECRET;
            if (!sSLConfiguration.isAvailable(sSLExtension) || !SSLConfiguration.useExtendedMasterSecret) {
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    SSLLogger.fine("Ignore unavailable extension: " + sSLExtension.name, new Object[0]);
                    return;
                }
                return;
            }
            if (serverHandshakeContext.negotiatedProtocol.useTLS10PlusSpec() && !SSLConfiguration.allowLegacyMasterSecret) {
                throw serverHandshakeContext.conContext.fatal(Alert.HANDSHAKE_FAILURE, "Extended Master Secret extension is required");
            }
            if (!serverHandshakeContext.isResumption || (sSLSessionImpl = serverHandshakeContext.resumingSession) == null) {
                return;
            }
            if (sSLSessionImpl.useExtendedMasterSecret) {
                throw serverHandshakeContext.conContext.fatal(Alert.HANDSHAKE_FAILURE, "Missing Extended Master Secret extension on session resumption");
            }
            if (!SSLConfiguration.allowLegacyResumption) {
                throw serverHandshakeContext.conContext.fatal(Alert.HANDSHAKE_FAILURE, "Missing Extended Master Secret extension on session resumption");
            }
            serverHandshakeContext.isResumption = false;
            serverHandshakeContext.resumingSession = null;
            if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                SSLLogger.fine("abort session resumption, missing Extended Master Secret extension", new Object[0]);
            }
        }
    }

    /* loaded from: classes6.dex */
    private static final class CHExtendedMasterSecretConsumer implements SSLExtension.ExtensionConsumer {
        private CHExtendedMasterSecretConsumer() {
        }

        @Override // org.openeuler.sun.security.ssl.SSLExtension.ExtensionConsumer
        public void consume(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage, ByteBuffer byteBuffer) throws IOException {
            SSLSessionImpl sSLSessionImpl;
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            SSLConfiguration sSLConfiguration = serverHandshakeContext.sslConfig;
            SSLExtension sSLExtension = SSLExtension.CH_EXTENDED_MASTER_SECRET;
            if (!sSLConfiguration.isAvailable(sSLExtension) || !SSLConfiguration.useExtendedMasterSecret || !serverHandshakeContext.negotiatedProtocol.useTLS10PlusSpec()) {
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    SSLLogger.fine("Ignore unavailable extension: " + sSLExtension.name, new Object[0]);
                    return;
                }
                return;
            }
            try {
                new ExtendedMasterSecretSpec(byteBuffer);
                if (serverHandshakeContext.isResumption && (sSLSessionImpl = serverHandshakeContext.resumingSession) != null && !sSLSessionImpl.useExtendedMasterSecret) {
                    serverHandshakeContext.isResumption = false;
                    serverHandshakeContext.resumingSession = null;
                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                        SSLLogger.fine("abort session resumption which did not use Extended Master Secret extension", new Object[0]);
                    }
                }
                serverHandshakeContext.handshakeExtensions.put(sSLExtension, ExtendedMasterSecretSpec.NOMINAL);
            } catch (IOException e) {
                throw serverHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
            }
        }
    }

    /* loaded from: classes6.dex */
    private static final class CHExtendedMasterSecretProducer implements HandshakeProducer {
        private CHExtendedMasterSecretProducer() {
        }

        @Override // org.openeuler.sun.security.ssl.HandshakeProducer
        public byte[] produce(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) throws IOException {
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            SSLConfiguration sSLConfiguration = clientHandshakeContext.sslConfig;
            SSLExtension sSLExtension = SSLExtension.CH_EXTENDED_MASTER_SECRET;
            if (!sSLConfiguration.isAvailable(sSLExtension) || !SSLConfiguration.useExtendedMasterSecret || !clientHandshakeContext.conContext.protocolVersion.useTLS10PlusSpec()) {
                if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                    SSLLogger.fine("Ignore unavailable extended_master_secret extension", new Object[0]);
                }
                return null;
            }
            SSLSessionImpl sSLSessionImpl = clientHandshakeContext.handshakeSession;
            if (sSLSessionImpl != null && !sSLSessionImpl.useExtendedMasterSecret) {
                return null;
            }
            byte[] bArr = new byte[0];
            clientHandshakeContext.handshakeExtensions.put(sSLExtension, ExtendedMasterSecretSpec.NOMINAL);
            return bArr;
        }
    }

    /* loaded from: classes6.dex */
    static final class ExtendedMasterSecretSpec implements SSLExtension.SSLExtensionSpec {
        static final ExtendedMasterSecretSpec NOMINAL = new ExtendedMasterSecretSpec();

        private ExtendedMasterSecretSpec() {
        }

        private ExtendedMasterSecretSpec(ByteBuffer byteBuffer) throws IOException {
            if (byteBuffer.hasRemaining()) {
                throw new SSLProtocolException("Invalid extended_master_secret extension data: not empty");
            }
        }

        public String toString() {
            return "<empty>";
        }
    }

    /* loaded from: classes6.dex */
    private static final class ExtendedMasterSecretStringizer implements SSLStringizer {
        private ExtendedMasterSecretStringizer() {
        }

        @Override // org.openeuler.sun.security.ssl.SSLStringizer
        public String toString(ByteBuffer byteBuffer) {
            try {
                return new ExtendedMasterSecretSpec(byteBuffer).toString();
            } catch (IOException e) {
                return e.getMessage();
            }
        }
    }

    /* loaded from: classes6.dex */
    private static final class SHExtendedMasterSecretAbsence implements HandshakeAbsence {
        private SHExtendedMasterSecretAbsence() {
        }

        @Override // org.openeuler.sun.security.ssl.HandshakeAbsence
        public void absent(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) throws IOException {
            SSLSessionImpl sSLSessionImpl;
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            boolean z = SSLConfiguration.useExtendedMasterSecret;
            if (z && !SSLConfiguration.allowLegacyMasterSecret) {
                throw clientHandshakeContext.conContext.fatal(Alert.HANDSHAKE_FAILURE, "Extended Master Secret extension is required");
            }
            if (!clientHandshakeContext.isResumption || (sSLSessionImpl = clientHandshakeContext.resumingSession) == null) {
                return;
            }
            if (sSLSessionImpl.useExtendedMasterSecret) {
                throw clientHandshakeContext.conContext.fatal(Alert.HANDSHAKE_FAILURE, "Missing Extended Master Secret extension on session resumption");
            }
            if (z && !SSLConfiguration.allowLegacyResumption && clientHandshakeContext.negotiatedProtocol.useTLS10PlusSpec()) {
                throw clientHandshakeContext.conContext.fatal(Alert.HANDSHAKE_FAILURE, "Extended Master Secret extension is required");
            }
        }
    }

    /* loaded from: classes6.dex */
    private static final class SHExtendedMasterSecretConsumer implements SSLExtension.ExtensionConsumer {
        private SHExtendedMasterSecretConsumer() {
        }

        @Override // org.openeuler.sun.security.ssl.SSLExtension.ExtensionConsumer
        public void consume(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage, ByteBuffer byteBuffer) throws IOException {
            SSLSessionImpl sSLSessionImpl;
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            if (((ExtendedMasterSecretSpec) clientHandshakeContext.handshakeExtensions.get(SSLExtension.CH_EXTENDED_MASTER_SECRET)) == null) {
                throw clientHandshakeContext.conContext.fatal(Alert.UNSUPPORTED_EXTENSION, "Server sent the extended_master_secret extension improperly");
            }
            try {
                new ExtendedMasterSecretSpec(byteBuffer);
                if (clientHandshakeContext.isResumption && (sSLSessionImpl = clientHandshakeContext.resumingSession) != null && !sSLSessionImpl.useExtendedMasterSecret) {
                    throw clientHandshakeContext.conContext.fatal(Alert.UNSUPPORTED_EXTENSION, "Server sent an unexpected extended_master_secret extension on session resumption");
                }
                clientHandshakeContext.handshakeExtensions.put(SSLExtension.SH_EXTENDED_MASTER_SECRET, ExtendedMasterSecretSpec.NOMINAL);
            } catch (IOException e) {
                throw clientHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
            }
        }
    }

    /* loaded from: classes6.dex */
    private static final class SHExtendedMasterSecretProducer implements HandshakeProducer {
        private SHExtendedMasterSecretProducer() {
        }

        @Override // org.openeuler.sun.security.ssl.HandshakeProducer
        public byte[] produce(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) throws IOException {
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            if (!serverHandshakeContext.handshakeSession.useExtendedMasterSecret) {
                return null;
            }
            byte[] bArr = new byte[0];
            serverHandshakeContext.handshakeExtensions.put(SSLExtension.SH_EXTENDED_MASTER_SECRET, ExtendedMasterSecretSpec.NOMINAL);
            return bArr;
        }
    }

    static {
        chNetworkProducer = new CHExtendedMasterSecretProducer();
        chOnLoadConsumer = new CHExtendedMasterSecretConsumer();
        chOnLoadAbsence = new CHExtendedMasterSecretAbsence();
        shNetworkProducer = new SHExtendedMasterSecretProducer();
        shOnLoadConsumer = new SHExtendedMasterSecretConsumer();
        shOnLoadAbsence = new SHExtendedMasterSecretAbsence();
        emsStringizer = new ExtendedMasterSecretStringizer();
    }

    ExtendedMasterSecretExtension() {
    }
}
