package org.openeuler.sun.security.ssl;

import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.util.AbstractMap;
import java.util.Map;
import javax.net.ssl.X509ExtendedKeyManager;
import org.openeuler.gm.GMConstants;
import org.openeuler.sun.security.ssl.SupportedGroupsExtension;

/* loaded from: input_file:org/openeuler/sun/security/ssl/GMX509Authentication.class */
enum GMX509Authentication implements SSLAuthentication {
    SM2(GMConstants.SM2, new SSLPossessionGenerator(new String[]{GMConstants.SM2}) { // from class: org.openeuler.sun.security.ssl.GMX509Authentication.GMX509PossessionGenerator
        private final String[] keyTypes;

        {
            this.keyTypes = r4;
        }

        @Override // org.openeuler.sun.security.ssl.SSLPossessionGenerator
        public SSLPossession createPossession(HandshakeContext handshakeContext) {
            if (handshakeContext.sslConfig.isClientMode) {
                for (String str : this.keyTypes) {
                    SSLPossession createClientPossession = createClientPossession((ClientHandshakeContext) handshakeContext, str);
                    if (createClientPossession != null) {
                        return createClientPossession;
                    }
                }
                return null;
            }
            for (String str2 : this.keyTypes) {
                SSLPossession createServerPossession = createServerPossession((ServerHandshakeContext) handshakeContext, str2);
                if (createServerPossession != null) {
                    return createServerPossession;
                }
            }
            return null;
        }

        private SSLPossession createClientPossession(ClientHandshakeContext clientHandshakeContext, String str) {
            X509ExtendedKeyManager x509KeyManager = clientHandshakeContext.sslContext.getX509KeyManager();
            String[] clientAliases = x509KeyManager.getClientAliases(str, clientHandshakeContext.peerSupportedAuthorities == null ? null : (Principal[]) clientHandshakeContext.peerSupportedAuthorities.clone());
            if (clientAliases != null && clientAliases.length >= 2) {
                return createGMX509Possession(str, clientAliases, x509KeyManager, clientHandshakeContext, true);
            }
            if (!SSLLogger.isOn || !SSLLogger.isOn("ssl")) {
                return null;
            }
            SSLLogger.finest("No X.509 cert selected for " + str, new Object[0]);
            return null;
        }

        private SSLPossession createServerPossession(ServerHandshakeContext serverHandshakeContext, String str) {
            X509ExtendedKeyManager x509KeyManager = serverHandshakeContext.sslContext.getX509KeyManager();
            String[] serverAliases = x509KeyManager.getServerAliases(str, serverHandshakeContext.peerSupportedAuthorities == null ? null : (Principal[]) serverHandshakeContext.peerSupportedAuthorities.clone());
            if (serverAliases != null && serverAliases.length >= 2) {
                return createGMX509Possession(str, serverAliases, x509KeyManager, serverHandshakeContext, false);
            }
            if (!SSLLogger.isOn || !SSLLogger.isOn("ssl")) {
                return null;
            }
            SSLLogger.finest("No X.509 cert selected for " + str, new Object[0]);
            return null;
        }

        /* JADX WARN: Code restructure failed: missing block: B:55:0x00ce, code lost:
        
            if (org.openeuler.sun.security.ssl.SSLLogger.isOn == false) goto L73;
         */
        /* JADX WARN: Code restructure failed: missing block: B:57:0x00d6, code lost:
        
            if (org.openeuler.sun.security.ssl.SSLLogger.isOn("ssl") == false) goto L74;
         */
        /* JADX WARN: Code restructure failed: missing block: B:58:0x00d9, code lost:
        
            org.openeuler.sun.security.ssl.SSLLogger.fine(r0 + " private or public key is not of " + r10 + " algorithm", new java.lang.Object[0]);
         */
        /* JADX WARN: Code restructure failed: missing block: B:59:0x00fd, code lost:
        
            return null;
         */
        /* JADX WARN: Code restructure failed: missing block: B:60:?, code lost:
        
            return null;
         */
        /* JADX WARN: Code restructure failed: missing block: B:61:?, code lost:
        
            return null;
         */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        private org.openeuler.sun.security.ssl.GMX509Authentication.GMX509Possession createGMX509Possession(java.lang.String r10, java.lang.String[] r11, javax.net.ssl.X509ExtendedKeyManager r12, org.openeuler.sun.security.ssl.HandshakeContext r13, boolean r14) {
            /*
                Method dump skipped, instructions count: 394
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: org.openeuler.sun.security.ssl.GMX509Authentication.GMX509PossessionGenerator.createGMX509Possession(java.lang.String, java.lang.String[], javax.net.ssl.X509ExtendedKeyManager, org.openeuler.sun.security.ssl.HandshakeContext, boolean):org.openeuler.sun.security.ssl.GMX509Authentication$GMX509Possession");
        }

        private boolean isValidNamedGroup(String str, PublicKey publicKey, HandshakeContext handshakeContext) {
            if (!(publicKey instanceof ECPublicKey)) {
                if (!SSLLogger.isOn || !SSLLogger.isOn("ssl")) {
                    return false;
                }
                SSLLogger.warning(str + " public key is not an instance of ECPublicKey", new Object[0]);
                return false;
            }
            SupportedGroupsExtension.NamedGroup valueOf = SupportedGroupsExtension.NamedGroup.valueOf(((ECPublicKey) publicKey).getParams());
            if (valueOf != null && SupportedGroupsExtension.SupportedGroups.isSupported(valueOf) && valueOf.isAvailable(handshakeContext.negotiatedProtocol) && (handshakeContext.clientRequestedNamedGroups == null || handshakeContext.clientRequestedNamedGroups.contains(valueOf))) {
                return true;
            }
            if (!SSLLogger.isOn || !SSLLogger.isOn("ssl")) {
                return false;
            }
            SSLLogger.warning("Unsupported named group (" + valueOf + ") used in the " + str + " certificate", new Object[0]);
            return false;
        }

        private boolean isValidDoubleCertificate(X509Certificate[] x509CertificateArr, X509Certificate[] x509CertificateArr2) {
            return (x509CertificateArr == null || x509CertificateArr2 == null) ? false : true;
        }
    });

    final String keyType;
    final SSLPossessionGenerator possessionGenerator;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/openeuler/sun/security/ssl/GMX509Authentication$GMX509Credentials.class */
    public static final class GMX509Credentials implements SSLCredentials {
        final PublicKey popSignPublicKey;
        final X509Certificate[] popSignCerts;
        final PublicKey popEncPublicKey;
        final X509Certificate[] popEncCerts;

        public GMX509Credentials(PublicKey publicKey, X509Certificate[] x509CertificateArr, PublicKey publicKey2, X509Certificate[] x509CertificateArr2) {
            this.popSignPublicKey = publicKey;
            this.popSignCerts = x509CertificateArr;
            this.popEncPublicKey = publicKey2;
            this.popEncCerts = x509CertificateArr2;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/openeuler/sun/security/ssl/GMX509Authentication$GMX509Possession.class */
    public static final class GMX509Possession implements SSLPossession {
        final PrivateKey popSignPrivateKey;
        final PublicKey popSignPublicKey;
        final X509Certificate[] popSignCerts;
        final PrivateKey popEncPrivateKey;
        final PublicKey popEncPublicKey;
        final X509Certificate[] popEncCerts;

        /* JADX INFO: Access modifiers changed from: package-private */
        public GMX509Possession(PrivateKey privateKey, PublicKey publicKey, X509Certificate[] x509CertificateArr, PrivateKey privateKey2, PublicKey publicKey2, X509Certificate[] x509CertificateArr2) {
            this.popSignPrivateKey = privateKey;
            this.popSignPublicKey = publicKey;
            this.popSignCerts = x509CertificateArr;
            this.popEncPrivateKey = privateKey2;
            this.popEncPublicKey = publicKey2;
            this.popEncCerts = x509CertificateArr2;
        }
    }

    GMX509Authentication(String str, SSLPossessionGenerator sSLPossessionGenerator) {
        this.keyType = str;
        this.possessionGenerator = sSLPossessionGenerator;
    }

    @Override // org.openeuler.sun.security.ssl.SSLHandshakeBinding
    public SSLHandshake[] getRelatedHandshakers(HandshakeContext handshakeContext) {
        return new SSLHandshake[]{SSLHandshake.CERTIFICATE, SSLHandshake.CERTIFICATE_REQUEST};
    }

    @Override // org.openeuler.sun.security.ssl.SSLHandshakeBinding
    public Map.Entry<Byte, HandshakeProducer>[] getHandshakeProducers(HandshakeContext handshakeContext) {
        return new Map.Entry[]{new AbstractMap.SimpleImmutableEntry(Byte.valueOf(SSLHandshake.CERTIFICATE.id), SSLHandshake.CERTIFICATE)};
    }

    @Override // org.openeuler.sun.security.ssl.SSLPossessionGenerator
    public SSLPossession createPossession(HandshakeContext handshakeContext) {
        return this.possessionGenerator.createPossession(handshakeContext);
    }
}
