package org.openeuler.sun.security.ssl;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.openeuler.sun.security.ssl.SSLExtension;
import org.openeuler.sun.security.ssl.SSLHandshake;
import org.openeuler.sun.security.ssl.SignatureAlgorithmsExtension;

/* loaded from: classes6.dex */
final class CertSignAlgsExtension {
    static final HandshakeProducer chNetworkProducer;
    static final SSLExtension.ExtensionConsumer chOnLoadConsumer;
    static final HandshakeConsumer chOnTradeConsumer;
    static final HandshakeProducer crNetworkProducer;
    static final SSLExtension.ExtensionConsumer crOnLoadConsumer;
    static final HandshakeConsumer crOnTradeConsumer;
    static final SSLStringizer ssStringizer;

    /* loaded from: classes6.dex */
    private static final class CHCertSignatureSchemesConsumer implements SSLExtension.ExtensionConsumer {
        private CHCertSignatureSchemesConsumer() {
        }

        @Override // org.openeuler.sun.security.ssl.SSLExtension.ExtensionConsumer
        public void consume(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage, ByteBuffer byteBuffer) throws IOException {
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            SSLConfiguration sSLConfiguration = serverHandshakeContext.sslConfig;
            SSLExtension sSLExtension = SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT;
            if (sSLConfiguration.isAvailable(sSLExtension)) {
                try {
                    serverHandshakeContext.handshakeExtensions.put(sSLExtension, new SignatureAlgorithmsExtension.SignatureSchemesSpec(byteBuffer));
                    return;
                } catch (IOException e) {
                    throw serverHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
                }
            }
            if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                SSLLogger.fine("Ignore unavailable signature_algorithms_cert extension", new Object[0]);
            }
        }
    }

    /* loaded from: classes6.dex */
    private static final class CHCertSignatureSchemesProducer implements HandshakeProducer {
        private CHCertSignatureSchemesProducer() {
        }

        @Override // org.openeuler.sun.security.ssl.HandshakeProducer
        public byte[] produce(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) throws IOException {
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            if (!clientHandshakeContext.sslConfig.isAvailable(SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT)) {
                if (!SSLLogger.isOn || !SSLLogger.isOn("ssl,handshake")) {
                    return null;
                }
                SSLLogger.fine("Ignore unavailable signature_algorithms_cert extension", new Object[0]);
                return null;
            }
            if (clientHandshakeContext.localSupportedSignAlgs == null) {
                clientHandshakeContext.localSupportedSignAlgs = SignatureScheme.getSupportedAlgorithms(clientHandshakeContext.sslConfig, clientHandshakeContext.algorithmConstraints, clientHandshakeContext.activeProtocols);
            }
            int sizeInRecord = SignatureScheme.sizeInRecord() * clientHandshakeContext.localSupportedSignAlgs.size();
            byte[] bArr = new byte[sizeInRecord + 2];
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            C10343.m80852(wrap, sizeInRecord);
            Iterator<SignatureScheme> it = clientHandshakeContext.localSupportedSignAlgs.iterator();
            while (it.hasNext()) {
                C10343.m80852(wrap, it.next().id);
            }
            clientHandshakeContext.handshakeExtensions.put(SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT, new SignatureAlgorithmsExtension.SignatureSchemesSpec(clientHandshakeContext.localSupportedSignAlgs));
            return bArr;
        }
    }

    /* loaded from: classes6.dex */
    private static final class CHCertSignatureSchemesUpdate implements HandshakeConsumer {
        private CHCertSignatureSchemesUpdate() {
        }

        @Override // org.openeuler.sun.security.ssl.HandshakeConsumer
        public void consume(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) throws IOException {
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            SignatureAlgorithmsExtension.SignatureSchemesSpec signatureSchemesSpec = (SignatureAlgorithmsExtension.SignatureSchemesSpec) serverHandshakeContext.handshakeExtensions.get(SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT);
            if (signatureSchemesSpec == null) {
                return;
            }
            List<SignatureScheme> supportedAlgorithms = SignatureScheme.getSupportedAlgorithms(serverHandshakeContext.sslConfig, serverHandshakeContext.algorithmConstraints, serverHandshakeContext.negotiatedProtocol, signatureSchemesSpec.signatureSchemes);
            serverHandshakeContext.peerRequestedCertSignSchemes = supportedAlgorithms;
            serverHandshakeContext.handshakeSession.setPeerSupportedSignatureAlgorithms(supportedAlgorithms);
            if (serverHandshakeContext.isResumption || !serverHandshakeContext.negotiatedProtocol.useTLS13PlusSpec()) {
                return;
            }
            if (serverHandshakeContext.sslConfig.clientAuthType != ClientAuthType.CLIENT_AUTH_NONE) {
                HashMap<Byte, HandshakeProducer> hashMap = serverHandshakeContext.handshakeProducers;
                SSLHandshake sSLHandshake = SSLHandshake.CERTIFICATE_REQUEST;
                hashMap.putIfAbsent(Byte.valueOf(sSLHandshake.id), sSLHandshake);
            }
            HashMap<Byte, HandshakeProducer> hashMap2 = serverHandshakeContext.handshakeProducers;
            SSLHandshake sSLHandshake2 = SSLHandshake.CERTIFICATE;
            hashMap2.put(Byte.valueOf(sSLHandshake2.id), sSLHandshake2);
            HashMap<Byte, HandshakeProducer> hashMap3 = serverHandshakeContext.handshakeProducers;
            SSLHandshake sSLHandshake3 = SSLHandshake.CERTIFICATE_VERIFY;
            hashMap3.putIfAbsent(Byte.valueOf(sSLHandshake3.id), sSLHandshake3);
        }
    }

    /* loaded from: classes6.dex */
    private static final class CRCertSignatureSchemesConsumer implements SSLExtension.ExtensionConsumer {
        private CRCertSignatureSchemesConsumer() {
        }

        @Override // org.openeuler.sun.security.ssl.SSLExtension.ExtensionConsumer
        public void consume(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage, ByteBuffer byteBuffer) throws IOException {
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            if (clientHandshakeContext.sslConfig.isAvailable(SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT)) {
                try {
                    clientHandshakeContext.handshakeExtensions.put(SSLExtension.CR_SIGNATURE_ALGORITHMS_CERT, new SignatureAlgorithmsExtension.SignatureSchemesSpec(byteBuffer));
                    return;
                } catch (IOException e) {
                    throw clientHandshakeContext.conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
                }
            }
            if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                SSLLogger.fine("Ignore unavailable signature_algorithms_cert extension", new Object[0]);
            }
        }
    }

    /* loaded from: classes6.dex */
    private static final class CRCertSignatureSchemesProducer implements HandshakeProducer {
        private CRCertSignatureSchemesProducer() {
        }

        @Override // org.openeuler.sun.security.ssl.HandshakeProducer
        public byte[] produce(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) throws IOException {
            ServerHandshakeContext serverHandshakeContext = (ServerHandshakeContext) connectionContext;
            if (!serverHandshakeContext.sslConfig.isAvailable(SSLExtension.CH_SIGNATURE_ALGORITHMS_CERT)) {
                if (!SSLLogger.isOn || !SSLLogger.isOn("ssl,handshake")) {
                    return null;
                }
                SSLLogger.fine("Ignore unavailable signature_algorithms_cert extension", new Object[0]);
                return null;
            }
            List<SignatureScheme> supportedAlgorithms = SignatureScheme.getSupportedAlgorithms(serverHandshakeContext.sslConfig, serverHandshakeContext.algorithmConstraints, Collections.unmodifiableList(Arrays.asList(serverHandshakeContext.negotiatedProtocol)));
            int sizeInRecord = SignatureScheme.sizeInRecord() * supportedAlgorithms.size();
            byte[] bArr = new byte[sizeInRecord + 2];
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            C10343.m80852(wrap, sizeInRecord);
            Iterator<SignatureScheme> it = supportedAlgorithms.iterator();
            while (it.hasNext()) {
                C10343.m80852(wrap, it.next().id);
            }
            serverHandshakeContext.handshakeExtensions.put(SSLExtension.CR_SIGNATURE_ALGORITHMS_CERT, new SignatureAlgorithmsExtension.SignatureSchemesSpec(serverHandshakeContext.localSupportedSignAlgs));
            return bArr;
        }
    }

    /* loaded from: classes6.dex */
    private static final class CRCertSignatureSchemesUpdate implements HandshakeConsumer {
        private CRCertSignatureSchemesUpdate() {
        }

        @Override // org.openeuler.sun.security.ssl.HandshakeConsumer
        public void consume(ConnectionContext connectionContext, SSLHandshake.HandshakeMessage handshakeMessage) throws IOException {
            ClientHandshakeContext clientHandshakeContext = (ClientHandshakeContext) connectionContext;
            SignatureAlgorithmsExtension.SignatureSchemesSpec signatureSchemesSpec = (SignatureAlgorithmsExtension.SignatureSchemesSpec) clientHandshakeContext.handshakeExtensions.get(SSLExtension.CR_SIGNATURE_ALGORITHMS_CERT);
            if (signatureSchemesSpec == null) {
                return;
            }
            List<SignatureScheme> supportedAlgorithms = SignatureScheme.getSupportedAlgorithms(clientHandshakeContext.sslConfig, clientHandshakeContext.algorithmConstraints, clientHandshakeContext.negotiatedProtocol, signatureSchemesSpec.signatureSchemes);
            clientHandshakeContext.peerRequestedCertSignSchemes = supportedAlgorithms;
            clientHandshakeContext.handshakeSession.setPeerSupportedSignatureAlgorithms(supportedAlgorithms);
        }
    }

    /* loaded from: classes6.dex */
    private static final class CertSignatureSchemesStringizer implements SSLStringizer {
        private CertSignatureSchemesStringizer() {
        }

        @Override // org.openeuler.sun.security.ssl.SSLStringizer
        public String toString(ByteBuffer byteBuffer) {
            try {
                return new SignatureAlgorithmsExtension.SignatureSchemesSpec(byteBuffer).toString();
            } catch (IOException e) {
                return e.getMessage();
            }
        }
    }

    static {
        chNetworkProducer = new CHCertSignatureSchemesProducer();
        chOnLoadConsumer = new CHCertSignatureSchemesConsumer();
        chOnTradeConsumer = new CHCertSignatureSchemesUpdate();
        crNetworkProducer = new CRCertSignatureSchemesProducer();
        crOnLoadConsumer = new CRCertSignatureSchemesConsumer();
        crOnTradeConsumer = new CRCertSignatureSchemesUpdate();
        ssStringizer = new CertSignatureSchemesStringizer();
    }

    CertSignAlgsExtension() {
    }
}
