package org.bouncycastle.jsse.provider;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.SocketException;
import java.net.UnknownHostException;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import org.bouncycastle.jsse.BCExtendedSSLSession;
import org.bouncycastle.jsse.BCSSLParameters;
import org.bouncycastle.jsse.BCX509Key;
import org.bouncycastle.tls.ProtocolName;
import org.bouncycastle.tls.SecurityParameters;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.TlsProtocol;
import org.bouncycastle.util.Strings;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes5.dex */
public class ProvSSLSocketDirect extends ProvSSLSocketBase implements ProvTlsManager {
    public static final Logger LOG = Logger.getLogger(ProvSSLSocketDirect.class.getName());
    public final AppDataInput appDataIn;
    public final AppDataOutput appDataOut;
    public ProvSSLConnection connection;
    public final ContextData contextData;
    public boolean enableSessionCreation;
    public ProvSSLSessionHandshake handshakeSession;
    public String peerHost;
    public String peerHostSNI;
    public TlsProtocol protocol;
    public final ProvSSLParameters sslParameters;
    public boolean useClientMode;

    /* loaded from: classes5.dex */
    public class AppDataInput extends InputStream {
        public AppDataInput() {
        }

        @Override // java.io.InputStream
        public final int available() throws IOException {
            int i;
            synchronized (ProvSSLSocketDirect.this) {
                TlsProtocol tlsProtocol = ProvSSLSocketDirect.this.protocol;
                i = tlsProtocol == null ? 0 : tlsProtocol.applicationDataQueue.available;
            }
            return i;
        }

        @Override // java.io.InputStream, java.io.Closeable, java.lang.AutoCloseable
        public final void close() throws IOException {
            ProvSSLSocketDirect.this.close();
        }

        @Override // java.io.InputStream
        public final int read() throws IOException {
            ProvSSLSocketDirect.this.handshakeIfNecessary(true);
            byte[] bArr = new byte[1];
            if (ProvSSLSocketDirect.this.protocol.readApplicationData(bArr, 0, 1) < 1) {
                return -1;
            }
            return bArr[0] & 255;
        }

        @Override // java.io.InputStream
        public final int read(byte[] bArr, int i, int i2) throws IOException {
            if (i2 < 1) {
                return 0;
            }
            ProvSSLSocketDirect.this.handshakeIfNecessary(true);
            return ProvSSLSocketDirect.this.protocol.readApplicationData(bArr, i, i2);
        }
    }

    /* loaded from: classes5.dex */
    public class AppDataOutput extends OutputStream {
        public AppDataOutput() {
        }

        @Override // java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
        public final void close() throws IOException {
            ProvSSLSocketDirect.this.close();
        }

        @Override // java.io.OutputStream
        public final void write(int i) throws IOException {
            write(new byte[]{(byte) i}, 0, 1);
        }

        @Override // java.io.OutputStream
        public final void write(byte[] bArr, int i, int i2) throws IOException {
            if (i2 > 0) {
                ProvSSLSocketDirect.this.handshakeIfNecessary(true);
                ProvSSLSocketDirect.this.protocol.writeApplicationData(bArr, i, i2);
            }
        }
    }

    public ProvSSLSocketDirect(ContextData contextData) {
        this.appDataIn = new AppDataInput();
        this.appDataOut = new AppDataOutput();
        this.peerHost = null;
        this.peerHostSNI = null;
        this.enableSessionCreation = true;
        this.useClientMode = true;
        this.protocol = null;
        this.connection = null;
        this.handshakeSession = null;
        this.contextData = contextData;
        this.sslParameters = contextData.context.getDefaultSSLParameters(true);
    }

    public ProvSSLSocketDirect(ContextData contextData, String str, int i) throws IOException, UnknownHostException {
        this.appDataIn = new AppDataInput();
        this.appDataOut = new AppDataOutput();
        this.peerHost = null;
        this.peerHostSNI = null;
        this.enableSessionCreation = true;
        this.useClientMode = true;
        this.protocol = null;
        this.connection = null;
        this.handshakeSession = null;
        this.contextData = contextData;
        this.sslParameters = contextData.context.getDefaultSSLParameters(true);
        this.peerHost = str;
        connect(str == null ? new InetSocketAddress(InetAddress.getByName(null), i) : new InetSocketAddress(str, i), 0);
    }

    public ProvSSLSocketDirect(ContextData contextData, String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        this.appDataIn = new AppDataInput();
        this.appDataOut = new AppDataOutput();
        this.peerHost = null;
        this.peerHostSNI = null;
        this.enableSessionCreation = true;
        this.useClientMode = true;
        this.protocol = null;
        this.connection = null;
        this.handshakeSession = null;
        this.contextData = contextData;
        this.sslParameters = contextData.context.getDefaultSSLParameters(true);
        this.peerHost = str;
        bind(new InetSocketAddress(inetAddress, i2));
        connect(str == null ? new InetSocketAddress(InetAddress.getByName(null), i) : new InetSocketAddress(str, i), 0);
    }

    public ProvSSLSocketDirect(ContextData contextData, InetAddress inetAddress, int i) throws IOException {
        this.appDataIn = new AppDataInput();
        this.appDataOut = new AppDataOutput();
        this.peerHost = null;
        this.peerHostSNI = null;
        this.enableSessionCreation = true;
        this.useClientMode = true;
        this.protocol = null;
        this.connection = null;
        this.handshakeSession = null;
        this.contextData = contextData;
        this.sslParameters = contextData.context.getDefaultSSLParameters(true);
        connect(new InetSocketAddress(inetAddress, i), 0);
    }

    public ProvSSLSocketDirect(ContextData contextData, InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        this.appDataIn = new AppDataInput();
        this.appDataOut = new AppDataOutput();
        this.peerHost = null;
        this.peerHostSNI = null;
        this.enableSessionCreation = true;
        this.useClientMode = true;
        this.protocol = null;
        this.connection = null;
        this.handshakeSession = null;
        this.contextData = contextData;
        this.sslParameters = contextData.context.getDefaultSSLParameters(true);
        bind(new InetSocketAddress(inetAddress2, i2));
        connect(new InetSocketAddress(inetAddress, i), 0);
    }

    public ProvSSLSocketDirect(ContextData contextData, boolean z, boolean z2, ProvSSLParameters provSSLParameters) {
        this.appDataIn = new AppDataInput();
        this.appDataOut = new AppDataOutput();
        this.peerHost = null;
        this.peerHostSNI = null;
        this.protocol = null;
        this.connection = null;
        this.handshakeSession = null;
        this.contextData = contextData;
        this.enableSessionCreation = z;
        this.useClientMode = z2;
        this.sslParameters = provSSLParameters;
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final void checkClientTrusted(X509Certificate[] x509CertificateArr) throws IOException {
        try {
            this.contextData.x509TrustManager.checkClientTrusted((X509Certificate[]) x509CertificateArr.clone(), this);
        } catch (CertificateException e) {
            throw new TlsFatalAlert((short) 46, (Throwable) e);
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws IOException {
        try {
            this.contextData.x509TrustManager.checkServerTrusted((X509Certificate[]) x509CertificateArr.clone(), str, this);
        } catch (CertificateException e) {
            throw new TlsFatalAlert((short) 46, (Throwable) e);
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final BCX509Key chooseClientKey(String[] strArr, Principal[] principalArr) {
        return this.contextData.x509KeyManager.chooseClientKeyBC(strArr, (Principal[]) JsseUtils.clone(principalArr), this);
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final BCX509Key chooseServerKey(String[] strArr, Principal[] principalArr) {
        return this.contextData.x509KeyManager.chooseServerKeyBC(strArr, (Principal[]) JsseUtils.clone(principalArr), this);
    }

    @Override // java.net.Socket, java.io.Closeable, java.lang.AutoCloseable
    public final synchronized void close() throws IOException {
        TlsProtocol tlsProtocol = this.protocol;
        if (tlsProtocol == null) {
            closeSocket();
        } else {
            tlsProtocol.handleClose(true);
        }
    }

    @Override // java.net.Socket
    public final void connect(SocketAddress socketAddress, int i) throws IOException {
        if (!(socketAddress instanceof InetSocketAddress)) {
            throw new SocketException("Only InetSocketAddress is supported.");
        }
        super.connect(socketAddress, i);
        notifyConnected();
    }

    public final void finalize() throws Throwable {
        try {
            try {
                try {
                    close();
                } catch (IOException unused) {
                    super.close();
                }
            } catch (IOException unused2) {
            }
        } finally {
            super.finalize();
        }
    }

    @Override // javax.net.ssl.SSLSocket, org.bouncycastle.jsse.BCSSLSocket
    public final synchronized String getApplicationProtocol() {
        String str;
        ProvSSLConnection provSSLConnection = this.connection;
        str = null;
        if (provSSLConnection != null) {
            SecurityParameters securityParametersConnection = provSSLConnection.tlsContext.getSecurityParametersConnection();
            boolean z = JsseUtils.provTlsAllowLegacyMasterSecret;
            if (securityParametersConnection != null && securityParametersConnection.applicationProtocolSet) {
                ProtocolName protocolName = securityParametersConnection.applicationProtocol;
                str = protocolName == null ? "" : Strings.fromUTF8ByteArray(protocolName.bytes);
            }
        }
        return str;
    }

    @Override // org.bouncycastle.jsse.BCSSLSocket
    public final synchronized BCExtendedSSLSession getBCHandshakeSession() {
        return this.handshakeSession;
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final ContextData getContextData() {
        return this.contextData;
    }

    @Override // javax.net.ssl.SSLSocket, org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized boolean getEnableSessionCreation() {
        return this.enableSessionCreation;
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized String[] getEnabledCipherSuites() {
        return this.sslParameters.getCipherSuites();
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized String[] getEnabledProtocols() {
        return this.sslParameters.getProtocols();
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized String getHandshakeApplicationProtocol() {
        String str;
        ProvSSLSessionHandshake provSSLSessionHandshake = this.handshakeSession;
        str = null;
        if (provSSLSessionHandshake != null) {
            SecurityParameters securityParameters = provSSLSessionHandshake.securityParameters;
            boolean z = JsseUtils.provTlsAllowLegacyMasterSecret;
            if (securityParameters != null && securityParameters.applicationProtocolSet) {
                ProtocolName protocolName = securityParameters.applicationProtocol;
                str = protocolName == null ? "" : Strings.fromUTF8ByteArray(protocolName.bytes);
            }
        }
        return str;
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized SSLSession getHandshakeSession() {
        ProvSSLSessionHandshake provSSLSessionHandshake;
        provSSLSessionHandshake = this.handshakeSession;
        return provSSLSessionHandshake == null ? null : provSSLSessionHandshake.exportSSLSession;
    }

    @Override // java.net.Socket
    public final InputStream getInputStream() throws IOException {
        return this.appDataIn;
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized boolean getNeedClientAuth() {
        return this.sslParameters.needClientAuth;
    }

    @Override // java.net.Socket
    public final OutputStream getOutputStream() throws IOException {
        return this.appDataOut;
    }

    @Override // org.bouncycastle.jsse.BCSSLSocket
    public final synchronized BCSSLParameters getParameters() {
        return SSLParametersUtil.getParameters(this.sslParameters);
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized String getPeerHost() {
        return this.peerHost;
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized String getPeerHostSNI() {
        return this.peerHostSNI;
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final int getPeerPort() {
        return getPort();
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized SSLParameters getSSLParameters() {
        return SSLParametersUtil.getSSLParameters(this.sslParameters);
    }

    @Override // javax.net.ssl.SSLSocket
    public final SSLSession getSession() {
        ProvSSLConnection provSSLConnection;
        synchronized (this) {
            synchronized (this) {
                try {
                    handshakeIfNecessary(false);
                } catch (IOException e) {
                    LOG.log(Level.FINE, "Failed to establish connection", (Throwable) e);
                }
                provSSLConnection = this.connection;
            }
            return (provSSLConnection == null ? ProvSSLSession.NULL_SESSION : provSSLConnection.session).exportSSLSession;
        }
        return (provSSLConnection == null ? ProvSSLSession.NULL_SESSION : provSSLConnection.session).exportSSLSession;
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized String[] getSupportedCipherSuites() {
        return this.contextData.context.getSupportedCipherSuites();
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized String[] getSupportedProtocols() {
        Set<String> keySet;
        keySet = this.contextData.context.supportedProtocols.keySet();
        return (String[]) keySet.toArray(new String[keySet.size()]);
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized boolean getUseClientMode() {
        return this.useClientMode;
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized boolean getWantClientAuth() {
        return this.sslParameters.wantClientAuth;
    }

    public final synchronized void handshakeIfNecessary(boolean z) throws IOException {
        TlsProtocol tlsProtocol = this.protocol;
        if (tlsProtocol == null || tlsProtocol.isHandshaking()) {
            startHandshake(z);
        }
    }

    public final synchronized void notifyConnected() {
        if (JsseUtils.isNameSpecified(this.peerHost)) {
            this.peerHostSNI = this.peerHost;
            return;
        }
        InetAddress inetAddress = getInetAddress();
        if (inetAddress == null) {
            return;
        }
        boolean z = this.useClientMode;
        if (!z || !ProvSSLSocketBase.provAssumeOriginalHostName) {
            this.peerHost = (z && ProvSSLSocketBase.provJdkTlsTrustNameService) ? inetAddress.getHostName() : inetAddress.getHostAddress();
            this.peerHostSNI = null;
        } else {
            String hostName = inetAddress.getHostName();
            this.peerHost = hostName;
            this.peerHostSNI = hostName;
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized void notifyHandshakeComplete(ProvSSLConnection provSSLConnection) {
        ProvSSLSessionHandshake provSSLSessionHandshake = this.handshakeSession;
        if (provSSLSessionHandshake != null) {
            if (!provSSLSessionHandshake.isValid()) {
                provSSLConnection.session.invalidate();
            }
            JsseSecurityParameters jsseSecurityParameters = this.handshakeSession.jsseSecurityParameters;
            jsseSecurityParameters.namedGroups = null;
            jsseSecurityParameters.localSigSchemes = null;
            jsseSecurityParameters.localSigSchemesCert = null;
            jsseSecurityParameters.peerSigSchemes = null;
            jsseSecurityParameters.peerSigSchemesCert = null;
            jsseSecurityParameters.statusResponses = null;
            jsseSecurityParameters.trustedIssuers = null;
        }
        this.handshakeSession = null;
        this.connection = provSSLConnection;
        notifyHandshakeCompletedListeners(provSSLConnection.session.exportSSLSession);
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized void notifyHandshakeSession(ProvSSLSessionContext provSSLSessionContext, SecurityParameters securityParameters, JsseSecurityParameters jsseSecurityParameters, ProvSSLSession provSSLSession) {
        String peerHost = getPeerHost();
        int peerPort = getPeerPort();
        if (provSSLSession != null) {
            this.handshakeSession = new ProvSSLSessionResumed(provSSLSessionContext, peerHost, peerPort, securityParameters, jsseSecurityParameters, provSSLSession.tlsSession);
        } else {
            this.handshakeSession = new ProvSSLSessionHandshake(provSSLSessionContext, peerHost, peerPort, securityParameters, jsseSecurityParameters);
        }
    }

    @Override // org.bouncycastle.jsse.provider.ProvTlsManager
    public final synchronized String selectApplicationProtocol(List<String> list) {
        return this.sslParameters.socketAPSelector.select(this, list);
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized void setEnableSessionCreation(boolean z) {
        this.enableSessionCreation = z;
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized void setEnabledCipherSuites(String[] strArr) {
        this.sslParameters.setCipherSuites(strArr);
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized void setEnabledProtocols(String[] strArr) {
        this.sslParameters.setProtocols(strArr);
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized void setNeedClientAuth(boolean z) {
        this.sslParameters.setNeedClientAuth(z);
    }

    @Override // org.bouncycastle.jsse.BCSSLSocket
    public final synchronized void setParameters(BCSSLParameters bCSSLParameters) {
        SSLParametersUtil.setParameters(this.sslParameters, bCSSLParameters);
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized void setSSLParameters(SSLParameters sSLParameters) {
        SSLParametersUtil.setSSLParameters(this.sslParameters, sSLParameters);
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized void setUseClientMode(boolean z) {
        if (this.protocol != null) {
            throw new IllegalArgumentException("Mode cannot be changed after the initial handshake has begun");
        }
        if (this.useClientMode != z) {
            this.contextData.context.updateDefaultSSLParameters(this.sslParameters, z);
            this.useClientMode = z;
        }
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized void setWantClientAuth(boolean z) {
        this.sslParameters.setWantClientAuth(z);
    }

    @Override // java.net.Socket
    public final void shutdownInput() throws IOException {
        throw new UnsupportedOperationException("shutdownInput() not supported in TLS");
    }

    @Override // java.net.Socket
    public final void shutdownOutput() throws IOException {
        throw new UnsupportedOperationException("shutdownOutput() not supported in TLS");
    }

    @Override // javax.net.ssl.SSLSocket
    public final synchronized void startHandshake() throws IOException {
        startHandshake(true);
    }

    public final void startHandshake(boolean z) throws IOException {
        TlsProtocol tlsProtocol = this.protocol;
        if (tlsProtocol != null) {
            if (!tlsProtocol.isHandshaking()) {
                throw new UnsupportedOperationException("Renegotiation not supported");
            }
            this.protocol.resumableHandshake = z;
            this.protocol.resumeHandshake();
            return;
        }
        InputStream inputStream = super.getInputStream();
        OutputStream outputStream = super.getOutputStream();
        if (this.useClientMode) {
            ProvTlsClientProtocol provTlsClientProtocol = new ProvTlsClientProtocol(inputStream, outputStream, this.socketCloser);
            provTlsClientProtocol.resumableHandshake = z;
            this.protocol = provTlsClientProtocol;
            provTlsClientProtocol.connect(new ProvTlsClient(this, this.sslParameters));
            return;
        }
        ProvTlsServerProtocol provTlsServerProtocol = new ProvTlsServerProtocol(inputStream, outputStream, this.socketCloser);
        provTlsServerProtocol.resumableHandshake = z;
        this.protocol = provTlsServerProtocol;
        provTlsServerProtocol.accept(new ProvTlsServer(this, this.sslParameters));
    }
}
