package com.tibco.security.ssl.A;

import com.tibco.security.AXSecurityException;
import com.tibco.security.Cert;
import com.tibco.security.CertUtils;
import com.tibco.security.Identity;
import com.tibco.security.PK;
import com.tibco.security.RestrictedCiphers;
import com.tibco.security.impl.OoOO.ooOO;
import com.tibco.security.providers.SSLFactory_entrust6;
import com.tibco.security.ssl.CertificateVerifier;
import com.tibco.security.ssl.HostNameVerifier;
import com.tibco.security.ssl.SSLClient;
import com.tibco.security.ssl.SSLInfo;
import iaik.protocol.https.Handler;
import iaik.protocol.https.HttpsURLConnection;
import iaik.security.jsse.net.IAIKSSLSocketWrapper;
import iaik.security.ssl.CipherSuite;
import iaik.security.ssl.CipherSuiteList;
import iaik.security.ssl.DefaultSessionManager;
import iaik.security.ssl.SSLClientContext;
import iaik.security.ssl.SSLContext;
import iaik.security.ssl.SSLSocket;
import java.io.IOException;
import java.io.PrintStream;
import java.lang.reflect.Constructor;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.Socket;
import java.net.URL;
import java.net.URLStreamHandler;
import java.net.UnknownHostException;
import java.security.PrivateKey;
import javax.net.ssl.SSLSocketFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: SSLClientImpl.java */
/* loaded from: input_file:com/tibco/security/ssl/A/E.class */
public class E extends SSLSocketFactory implements SSLClient {

    /* renamed from: class, reason: not valid java name */
    SSLClientContext f183class;

    /* renamed from: super, reason: not valid java name */
    Identity f184super = null;

    /* renamed from: Ô00000, reason: contains not printable characters */
    int f18500000 = -1;

    /* renamed from: Ó00000, reason: contains not printable characters */
    private final Logger f18600000 = LoggerFactory.getLogger("com.tibco.security.ssl");

    /* renamed from: Ò00000, reason: contains not printable characters */
    private int f18700000 = 0;

    /* renamed from: super, reason: not valid java name */
    protected HttpURLConnection m136super(URL url) throws IOException {
        HttpsURLConnection openConnection = url.openConnection();
        openConnection.setSSLContext(this.f183class);
        return openConnection;
    }

    /* renamed from: super, reason: not valid java name */
    public void m137super(Identity identity, CertificateVerifier certificateVerifier, int[] iArr, PrintStream printStream) throws AXSecurityException {
        this.f184super = identity;
        if (printStream == null) {
            printStream = com.tibco.security.ssl.OoOO.OoOO.o00000(SSLClient.class);
        }
        this.f183class = new SSLClientContext();
        if (identity != null && !m138super(identity)) {
            Cert[] signingCertChain = identity.getSigningCertChain();
            if (identity.getSSLSigningIdentity() != null) {
                this.f183class.addClientCredentials(CertUtils.convertCertificateList(signingCertChain), (PrivateKey) identity.getSSLSigningIdentity());
            }
        }
        if (iArr == null) {
            iArr = SSLFactory_entrust6.supportedCipherSuites;
        }
        this.f183class.setEnabledCipherSuites(Creturn.m143super(iArr));
        if (certificateVerifier != null) {
            this.f183class.setChainVerifier(new C0006oOOO(certificateVerifier, printStream, true));
        }
        if (printStream != null) {
            this.f183class.setDebugStream(printStream);
        }
    }

    /* renamed from: super, reason: not valid java name */
    protected boolean m138super(Identity identity) {
        PK pk = null;
        try {
            pk = identity.getSigningKey();
        } catch (AXSecurityException unused) {
        }
        if (pk != null) {
            return false;
        }
        try {
            identity.getEncryptionKey();
            return false;
        } catch (AXSecurityException unused2) {
            return true;
        }
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket() throws IOException {
        try {
            Constructor declaredConstructor = IAIKSSLSocketWrapper.class.getDeclaredConstructor(SSLContext.class);
            declaredConstructor.setAccessible(true);
            return (Socket) declaredConstructor.newInstance(this.f183class);
        } catch (Exception e) {
            throw new IOException(e.toString(), e);
        }
    }

    @Override // javax.net.SocketFactory, com.tibco.security.ssl.SSLClient
    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        return new SSLSocket(str, i, this.f183class);
    }

    @Override // javax.net.SocketFactory, com.tibco.security.ssl.SSLClient
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        return new SSLSocket(inetAddress, i, this.f183class);
    }

    @Override // javax.net.SocketFactory, com.tibco.security.ssl.SSLClient
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        return new SSLSocket(str, i, inetAddress, i2, this.f183class);
    }

    @Override // javax.net.SocketFactory, com.tibco.security.ssl.SSLClient
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        return new SSLSocket(inetAddress, i, inetAddress2, i2, this.f183class);
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        return new SSLSocket(socket, this.f183class, str, i);
    }

    @Override // com.tibco.security.ssl.SSLClient
    public Socket createSocket(Socket socket) throws AXSecurityException, IOException {
        return new SSLSocket(socket, this.f183class);
    }

    @Override // com.tibco.security.ssl.SSLClient
    public Socket createSocket(Socket socket, String str, int i) throws AXSecurityException, IOException {
        return new SSLSocket(socket, this.f183class, str, i);
    }

    @Override // com.tibco.security.ssl.SSLClient
    public HttpURLConnection createURLConnection(String str, HostNameVerifier hostNameVerifier) throws AXSecurityException, IOException {
        return m136super(new URL((URL) null, "https://" + str, (URLStreamHandler) new Handler()));
    }

    @Override // com.tibco.security.ssl.SSLClient
    public HttpURLConnection createURLConnection(InetAddress inetAddress, HostNameVerifier hostNameVerifier) throws AXSecurityException, IOException {
        return m136super(new URL((URL) null, "https://" + inetAddress.getHostAddress(), (URLStreamHandler) new Handler()));
    }

    @Override // com.tibco.security.ssl.SSLClient
    public HttpURLConnection createURLConnection(String str, int i, HostNameVerifier hostNameVerifier) throws AXSecurityException, IOException {
        return m136super(new URL((URL) null, "https://" + str + ":" + i, (URLStreamHandler) new Handler()));
    }

    @Override // com.tibco.security.ssl.SSLClient
    public HttpURLConnection createURLConnection(InetAddress inetAddress, int i, HostNameVerifier hostNameVerifier) throws AXSecurityException, IOException {
        return m136super(new URL((URL) null, "https://" + inetAddress.getHostAddress() + ":" + i, (URLStreamHandler) new Handler()));
    }

    @Override // com.tibco.security.ssl.SSLClient
    public HttpURLConnection createURLConnection(String str, int i, String str2, HostNameVerifier hostNameVerifier) throws AXSecurityException, IOException {
        return m136super(new URL((URL) null, "https://" + str + ":" + i + "/" + str2, (URLStreamHandler) new Handler()));
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x005f, code lost:
    
        if (r8 != null) goto L20;
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x006c, code lost:
    
        throw new com.tibco.security.AXSecurityException("socket must be an Entrust SSL socket!");
     */
    @Override // com.tibco.security.ssl.SSLClient
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void doHandshake(java.net.Socket r6, boolean r7) throws com.tibco.security.AXSecurityException, java.io.IOException {
        /*
            r5 = this;
            r0 = 0
            r8 = r0
            r0 = r6
            boolean r0 = r0 instanceof iaik.security.ssl.SSLSocket
            if (r0 != 0) goto L6d
            r0 = r6
            java.lang.Class r0 = r0.getClass()
            java.lang.reflect.Field[] r0 = r0.getDeclaredFields()
            r1 = r0
            r12 = r1
            int r0 = r0.length
            r11 = r0
            r0 = 0
            r10 = r0
            goto L57
        L1c:
            r0 = r12
            r1 = r10
            r0 = r0[r1]
            r9 = r0
            r0 = r9
            java.lang.Class r0 = r0.getType()
            java.lang.Class<iaik.security.ssl.SSLSocket> r1 = iaik.security.ssl.SSLSocket.class
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto L54
            r0 = r9
            r1 = 1
            r0.setAccessible(r1)
            r0 = r9
            r1 = r6
            java.lang.Object r0 = r0.get(r1)     // Catch: java.lang.Exception -> L43
            iaik.security.ssl.SSLSocket r0 = (iaik.security.ssl.SSLSocket) r0     // Catch: java.lang.Exception -> L43
            r8 = r0
            goto L5e
        L43:
            r13 = move-exception
            com.tibco.security.AXSecurityException r0 = new com.tibco.security.AXSecurityException
            r1 = r0
            r2 = r13
            java.lang.String r2 = r2.toString()
            r3 = r13
            r1.<init>(r2, r3)
            throw r0
        L54:
            int r10 = r10 + 1
        L57:
            r0 = r10
            r1 = r11
            if (r0 < r1) goto L1c
        L5e:
            r0 = r8
            if (r0 != 0) goto L72
            com.tibco.security.AXSecurityException r0 = new com.tibco.security.AXSecurityException
            r1 = r0
            java.lang.String r2 = "socket must be an Entrust SSL socket!"
            r1.<init>(r2)
            throw r0
        L6d:
            r0 = r6
            iaik.security.ssl.SSLSocket r0 = (iaik.security.ssl.SSLSocket) r0
            r8 = r0
        L72:
            r0 = r7
            if (r0 == 0) goto L89
            r0 = r6
            java.io.OutputStream r0 = r0.getOutputStream()
            r0 = r8
            iaik.security.ssl.Session r0 = r0.getSession()
            if (r0 == 0) goto L89
            r0 = r8
            iaik.security.ssl.Session r0 = r0.getSession()
            r0.invalidate()
        L89:
            r0 = r8
            r0.renegotiate()
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tibco.security.ssl.A.E.doHandshake(java.net.Socket, boolean):void");
    }

    @Override // com.tibco.security.ssl.SSLClient
    public SSLInfo getSSLInfo(Socket socket) throws AXSecurityException {
        return Creturn.m145super(socket);
    }

    @Override // com.tibco.security.ssl.SSLClient
    public void setAllowedProtocolVersions(int i, int i2) throws AXSecurityException {
        if (i == 2) {
            i = 768;
        }
        this.f183class.setAllowedProtocolVersions(i, i2);
    }

    @Override // com.tibco.security.ssl.SSLClient
    public int[] getAllowedProtocolVersions() throws AXSecurityException {
        return this.f183class.getAllowedProtocolVersions();
    }

    @Override // com.tibco.security.ssl.SSLClient
    public void setMaxSessionCachedLife(int i) throws AXSecurityException {
        if (i < 0) {
            throw new AXSecurityException("Session life must be 0 or positive.");
        }
        if (this.f183class == null) {
            throw new AXSecurityException("SSL Context has not yet been initialized.");
        }
        DefaultSessionManager sessionManager = this.f183class.getSessionManager();
        if (sessionManager instanceof DefaultSessionManager) {
            sessionManager.setResumePeriod(i);
            this.f18500000 = i;
        }
    }

    @Override // com.tibco.security.ssl.SSLClient
    public int getMaxSessionCachedLife() {
        return this.f18500000;
    }

    @Override // com.tibco.security.RestrictedCiphers
    public void setDisabledCiphers(int i) {
        this.f18700000 = i;
        m139super();
    }

    @Override // com.tibco.security.RestrictedCiphers
    public int getDisabledCiphers() {
        return this.f18700000;
    }

    /* renamed from: super, reason: not valid java name */
    private void m139super() {
        boolean isFIPSMode = ooOO.getInstance().isFIPSMode();
        if (this.f18600000.isDebugEnabled()) {
            this.f18600000.debug("Restricting ciphers to " + this.f18700000 + ", i.e. " + RestrictedCiphers.CipherStrength.fromOrdinal(this.f18700000) + (isFIPSMode ? "; intersecting with FIPS ciphers" : ""));
        }
        CipherSuiteList enabledCipherSuiteList = this.f183class.getEnabledCipherSuiteList();
        for (CipherSuite cipherSuite : enabledCipherSuiteList.toArray()) {
            switch (this.f18700000) {
                case 1:
                    if (cipherSuite.isExportable()) {
                        enabledCipherSuiteList.remove(cipherSuite);
                        break;
                    }
                    break;
                case 2:
                    if (cipherSuite.getKeyLength() < 16) {
                        enabledCipherSuiteList.remove(cipherSuite);
                        break;
                    }
                    break;
                case 3:
                    if (cipherSuite.getKeyLength() <= 16) {
                        enabledCipherSuiteList.remove(cipherSuite);
                        break;
                    }
                    break;
                case 4:
                    if (cipherSuite.getKeyLength() < 32) {
                        enabledCipherSuiteList.remove(cipherSuite);
                        break;
                    }
                    break;
                default:
                    throw new IllegalArgumentException("Unknown option " + this.f18700000);
            }
            if (isFIPSMode && !Creturn.f19900000.contains(cipherSuite)) {
                enabledCipherSuiteList.remove(cipherSuite);
            }
        }
        enabledCipherSuiteList.sort();
        this.f183class.setEnabledCipherSuiteList(enabledCipherSuiteList);
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return Creturn.m146super(this.f183class.getEnabledCipherSuiteList());
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return Creturn.m147super();
    }
}
