package org.openeuler.sun.security.ssl;

import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.util.AbstractMap;
import java.util.List;
import java.util.Map;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.security.auth.x500.X500Principal;
import org.openeuler.gm.GMConstants;
import org.openeuler.sun.security.ssl.SupportedGroupsExtension;

/* loaded from: classes6.dex */
enum GMX509Authentication implements SSLAuthentication {
    SM2(GMConstants.SM2, new SSLPossessionGenerator(new String[]{GMConstants.SM2}) { // from class: org.openeuler.sun.security.ssl.GMX509Authentication.GMX509PossessionGenerator
        private final String[] keyTypes;

        {
            this.keyTypes = r1;
        }

        private SSLPossession createClientPossession(ClientHandshakeContext clientHandshakeContext, String str) {
            X509ExtendedKeyManager x509KeyManager = clientHandshakeContext.sslContext.getX509KeyManager();
            X500Principal[] x500PrincipalArr = clientHandshakeContext.peerSupportedAuthorities;
            String[] clientAliases = x509KeyManager.getClientAliases(str, x500PrincipalArr == null ? null : (Principal[]) x500PrincipalArr.clone());
            if (clientAliases != null && clientAliases.length >= 2) {
                return createGMX509Possession(str, clientAliases, x509KeyManager, clientHandshakeContext, true);
            }
            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                SSLLogger.finest("No X.509 cert selected for " + str, new Object[0]);
            }
            return null;
        }

        /* JADX WARN: Code restructure failed: missing block: B:25:0x0077, code lost:
        
            if (isValidNamedGroup(r12, r5, r20) == false) goto L40;
         */
        /* JADX WARN: Code restructure failed: missing block: B:35:0x00f7, code lost:
        
            if (r6 == 0) goto L67;
         */
        /* JADX WARN: Code restructure failed: missing block: B:37:0x00fe, code lost:
        
            return new org.openeuler.sun.security.ssl.GMX509Authentication.GMX509Possession(r10, r8, r11, r9);
         */
        /* JADX WARN: Code restructure failed: missing block: B:39:?, code lost:
        
            return null;
         */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        private org.openeuler.sun.security.ssl.GMX509Authentication.GMX509Possession createGMX509Possession(java.lang.String r17, java.lang.String[] r18, javax.net.ssl.X509ExtendedKeyManager r19, org.openeuler.sun.security.ssl.HandshakeContext r20, boolean r21) {
            /*
                Method dump skipped, instructions count: 255
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: org.openeuler.sun.security.ssl.GMX509Authentication.GMX509PossessionGenerator.createGMX509Possession(java.lang.String, java.lang.String[], javax.net.ssl.X509ExtendedKeyManager, org.openeuler.sun.security.ssl.HandshakeContext, boolean):org.openeuler.sun.security.ssl.GMX509Authentication$GMX509Possession");
        }

        private SSLPossession createServerPossession(ServerHandshakeContext serverHandshakeContext, String str) {
            X509ExtendedKeyManager x509KeyManager = serverHandshakeContext.sslContext.getX509KeyManager();
            X500Principal[] x500PrincipalArr = serverHandshakeContext.peerSupportedAuthorities;
            String[] serverAliases = x509KeyManager.getServerAliases(str, x500PrincipalArr == null ? null : (Principal[]) x500PrincipalArr.clone());
            if (serverAliases != null && serverAliases.length >= 2) {
                return createGMX509Possession(str, serverAliases, x509KeyManager, serverHandshakeContext, false);
            }
            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                SSLLogger.finest("No X.509 cert selected for " + str, new Object[0]);
            }
            return null;
        }

        private boolean isValidDoubleCertificate(X509Certificate[] x509CertificateArr, X509Certificate[] x509CertificateArr2) {
            return (x509CertificateArr == null || x509CertificateArr2 == null) ? false : true;
        }

        private boolean isValidNamedGroup(String str, PublicKey publicKey, HandshakeContext handshakeContext) {
            List<SupportedGroupsExtension.NamedGroup> list;
            if (!(publicKey instanceof ECPublicKey)) {
                if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                    SSLLogger.warning(str + " public key is not an instance of ECPublicKey", new Object[0]);
                }
                return false;
            }
            SupportedGroupsExtension.NamedGroup valueOf = SupportedGroupsExtension.NamedGroup.valueOf(((ECPublicKey) publicKey).getParams());
            if (valueOf != null && SupportedGroupsExtension.SupportedGroups.isSupported(valueOf) && valueOf.isAvailable(handshakeContext.negotiatedProtocol) && ((list = handshakeContext.clientRequestedNamedGroups) == null || list.contains(valueOf))) {
                return true;
            }
            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                SSLLogger.warning("Unsupported named group (" + valueOf + ") used in the " + str + " certificate", new Object[0]);
            }
            return false;
        }

        @Override // org.openeuler.sun.security.ssl.SSLPossessionGenerator
        public SSLPossession createPossession(HandshakeContext handshakeContext) {
            int i = 0;
            if (handshakeContext.sslConfig.isClientMode) {
                String[] strArr = this.keyTypes;
                int length = strArr.length;
                while (i < length) {
                    SSLPossession createClientPossession = createClientPossession((ClientHandshakeContext) handshakeContext, strArr[i]);
                    if (createClientPossession != null) {
                        return createClientPossession;
                    }
                    i++;
                }
                return null;
            }
            String[] strArr2 = this.keyTypes;
            int length2 = strArr2.length;
            while (i < length2) {
                SSLPossession createServerPossession = createServerPossession((ServerHandshakeContext) handshakeContext, strArr2[i]);
                if (createServerPossession != null) {
                    return createServerPossession;
                }
                i++;
            }
            return null;
        }
    });

    final String keyType;
    final SSLPossessionGenerator possessionGenerator;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes6.dex */
    public static final class GMX509Credentials implements SSLCredentials {
        final X509Certificate[] popEncCerts;
        final PublicKey popEncPublicKey;
        final X509Certificate[] popSignCerts;
        final PublicKey popSignPublicKey;

        public GMX509Credentials(PublicKey publicKey, X509Certificate[] x509CertificateArr, PublicKey publicKey2, X509Certificate[] x509CertificateArr2) {
            this.popSignPublicKey = publicKey;
            this.popSignCerts = x509CertificateArr;
            this.popEncPublicKey = publicKey2;
            this.popEncCerts = x509CertificateArr2;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes6.dex */
    public static final class GMX509Possession implements SSLPossession {
        final X509Certificate[] popEncCerts;
        final PrivateKey popEncPrivateKey;
        final X509Certificate[] popSignCerts;
        final PrivateKey popSignPrivateKey;

        /* JADX INFO: Access modifiers changed from: package-private */
        public GMX509Possession(PrivateKey privateKey, X509Certificate[] x509CertificateArr, PrivateKey privateKey2, X509Certificate[] x509CertificateArr2) {
            this.popSignCerts = x509CertificateArr;
            this.popSignPrivateKey = privateKey;
            this.popEncCerts = x509CertificateArr2;
            this.popEncPrivateKey = privateKey2;
        }

        @Override // org.openeuler.sun.security.ssl.SSLPossession
        public /* synthetic */ byte[] encode() {
            return C10339.$default$encode(this);
        }
    }

    GMX509Authentication(String str, SSLPossessionGenerator sSLPossessionGenerator) {
        this.keyType = str;
        this.possessionGenerator = sSLPossessionGenerator;
    }

    @Override // org.openeuler.sun.security.ssl.SSLPossessionGenerator
    public SSLPossession createPossession(HandshakeContext handshakeContext) {
        return this.possessionGenerator.createPossession(handshakeContext);
    }

    @Override // org.openeuler.sun.security.ssl.SSLHandshakeBinding
    public /* synthetic */ Map.Entry[] getHandshakeConsumers(HandshakeContext handshakeContext) {
        return C10341.$default$getHandshakeConsumers(this, handshakeContext);
    }

    @Override // org.openeuler.sun.security.ssl.SSLHandshakeBinding
    public Map.Entry<Byte, HandshakeProducer>[] getHandshakeProducers(HandshakeContext handshakeContext) {
        SSLHandshake sSLHandshake = SSLHandshake.CERTIFICATE;
        return new Map.Entry[]{new AbstractMap.SimpleImmutableEntry(Byte.valueOf(sSLHandshake.id), sSLHandshake)};
    }

    @Override // org.openeuler.sun.security.ssl.SSLHandshakeBinding
    public SSLHandshake[] getRelatedHandshakers(HandshakeContext handshakeContext) {
        return new SSLHandshake[]{SSLHandshake.CERTIFICATE, SSLHandshake.CERTIFICATE_REQUEST};
    }
}
