package net.luminis.tls.engine.impl;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.function.Function;
import net.luminis.tls.ProtectionKeysType;
import net.luminis.tls.TlsConstants;
import net.luminis.tls.TlsProtocolException;
import net.luminis.tls.alert.DecryptErrorAlert;
import net.luminis.tls.alert.HandshakeFailureAlert;
import net.luminis.tls.alert.IllegalParameterAlert;
import net.luminis.tls.alert.MissingExtensionAlert;
import net.luminis.tls.alert.UnexpectedMessageAlert;
import net.luminis.tls.engine.ServerMessageProcessor;
import net.luminis.tls.engine.ServerMessageSender;
import net.luminis.tls.engine.TlsServerEngine;
import net.luminis.tls.engine.TlsSession;
import net.luminis.tls.engine.TlsSessionRegistry;
import net.luminis.tls.engine.TlsStatusEventHandler;
import net.luminis.tls.extension.ClientHelloPreSharedKeyExtension;
import net.luminis.tls.extension.EarlyDataExtension;
import net.luminis.tls.extension.Extension;
import net.luminis.tls.extension.KeyShareExtension;
import net.luminis.tls.extension.PskKeyExchangeModesExtension;
import net.luminis.tls.extension.ServerPreSharedKeyExtension;
import net.luminis.tls.extension.SignatureAlgorithmsExtension;
import net.luminis.tls.extension.SupportedGroupsExtension;
import net.luminis.tls.extension.SupportedVersionsExtension;
import net.luminis.tls.handshake.CertificateMessage;
import net.luminis.tls.handshake.CertificateRequestMessage;
import net.luminis.tls.handshake.CertificateVerifyMessage;
import net.luminis.tls.handshake.ClientHello;
import net.luminis.tls.handshake.EncryptedExtensions;
import net.luminis.tls.handshake.FinishedMessage;
import net.luminis.tls.handshake.NewSessionTicketMessage;
import net.luminis.tls.handshake.ServerHello;

/* loaded from: classes21.dex */
public class TlsServerEngineImpl extends TlsEngineImpl implements TlsServerEngine, ServerMessageProcessor {
    private byte[] additionalSessionData;
    private PrivateKey certificatePrivateKey;
    private List<TlsConstants.PskKeyExchangeMode> clientSupportedKeyExchangeModes;
    private final ArrayList<Extension> extensions;
    private String selectedApplicationLayerProtocol;
    private TlsConstants.CipherSuite selectedCipher;
    private List<X509Certificate> serverCertificateChain;
    private List<Extension> serverExtensions;
    private ServerMessageSender serverMessageSender;
    private Function<ByteBuffer, Boolean> sessionDataVerificationCallback;
    private TlsSessionRegistry sessionRegistry;
    protected TlsStatusEventHandler statusHandler;
    private TranscriptHash transcriptHash;
    private Status status = Status.Start;
    private byte currentTicketNumber = 0;
    private Long maxEarlyDataSize = 4294967295L;
    private final Set<TlsConstants.CipherSuite> supportedCiphers = new HashSet();

    /* loaded from: classes21.dex */
    enum Status {
        Start,
        ReceivedClientHello,
        Negotiated,
        WaitFinished,
        Connected
    }

    public TlsServerEngineImpl(X509Certificate x509Certificate, PrivateKey privateKey, ServerMessageSender serverMessageSender, TlsStatusEventHandler tlsStatusEventHandler, TlsSessionRegistry tlsSessionRegistry) {
        this.serverCertificateChain = single(x509Certificate);
        this.certificatePrivateKey = privateKey;
        this.serverMessageSender = serverMessageSender;
        this.statusHandler = tlsStatusEventHandler;
        this.supportedCiphers.add(TlsConstants.CipherSuite.TLS_AES_128_GCM_SHA256);
        this.extensions = new ArrayList<>();
        this.serverExtensions = new ArrayList();
        this.clientSupportedKeyExchangeModes = new ArrayList();
        this.sessionRegistry = tlsSessionRegistry;
    }

    public TlsServerEngineImpl(List<X509Certificate> list, PrivateKey privateKey, ServerMessageSender serverMessageSender, TlsStatusEventHandler tlsStatusEventHandler, TlsSessionRegistry tlsSessionRegistry) {
        this.serverCertificateChain = list;
        this.certificatePrivateKey = privateKey;
        this.serverMessageSender = serverMessageSender;
        this.statusHandler = tlsStatusEventHandler;
        this.supportedCiphers.add(TlsConstants.CipherSuite.TLS_AES_128_GCM_SHA256);
        this.extensions = new ArrayList<>();
        this.serverExtensions = new ArrayList();
        this.clientSupportedKeyExchangeModes = new ArrayList();
        this.sessionRegistry = tlsSessionRegistry;
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    static TlsConstants.SignatureScheme determineSignatureScheme(X509Certificate x509Certificate) throws TlsProtocolException {
        char c2;
        String sigAlgName = x509Certificate.getSigAlgName();
        switch (sigAlgName.hashCode()) {
            case -840266709:
                if (sigAlgName.equals("SHA384WITHECDSA")) {
                    c2 = '\t';
                    break;
                }
                c2 = 65535;
                break;
            case -794853417:
                if (sigAlgName.equals("SHA384withRSA")) {
                    c2 = 2;
                    break;
                }
                c2 = 65535;
                break;
            case -611254448:
                if (sigAlgName.equals("SHA512withRSA")) {
                    c2 = 4;
                    break;
                }
                c2 = 65535;
                break;
            case -495316636:
                if (sigAlgName.equals("SHA512WITHECDSA")) {
                    c2 = 11;
                    break;
                }
                c2 = 65535;
                break;
            case -280290445:
                if (sigAlgName.equals("SHA256withRSA")) {
                    c2 = 0;
                    break;
                }
                c2 = 65535;
                break;
            case -266489657:
                if (sigAlgName.equals("SHA256WITHECDSA")) {
                    c2 = 7;
                    break;
                }
                c2 = 65535;
                break;
            case -76838953:
                if (sigAlgName.equals("SHA384WITHRSA")) {
                    c2 = 3;
                    break;
                }
                c2 = 65535;
                break;
            case 106760016:
                if (sigAlgName.equals("SHA512WITHRSA")) {
                    c2 = 5;
                    break;
                }
                c2 = 65535;
                break;
            case 437724019:
                if (sigAlgName.equals("SHA256WITHRSA")) {
                    c2 = 1;
                    break;
                }
                c2 = 65535;
                break;
            case 637568043:
                if (sigAlgName.equals("SHA384withECDSA")) {
                    c2 = '\b';
                    break;
                }
                c2 = 65535;
                break;
            case 982518116:
                if (sigAlgName.equals("SHA512withECDSA")) {
                    c2 = '\n';
                    break;
                }
                c2 = 65535;
                break;
            case 1211345095:
                if (sigAlgName.equals("SHA256withECDSA")) {
                    c2 = 6;
                    break;
                }
                c2 = 65535;
                break;
            default:
                c2 = 65535;
                break;
        }
        switch (c2) {
            case 0:
            case 1:
                return TlsConstants.SignatureScheme.rsa_pss_rsae_sha256;
            case 2:
            case 3:
                return TlsConstants.SignatureScheme.rsa_pss_rsae_sha384;
            case 4:
            case 5:
                return TlsConstants.SignatureScheme.rsa_pss_rsae_sha512;
            case 6:
            case 7:
                return TlsConstants.SignatureScheme.ecdsa_secp256r1_sha256;
            case '\b':
            case '\t':
                return TlsConstants.SignatureScheme.ecdsa_secp384r1_sha384;
            case '\n':
            case 11:
                return TlsConstants.SignatureScheme.ecdsa_secp521r1_sha512;
            default:
                throw new TlsProtocolException("Unknown or unsupported certificate type " + x509Certificate.getSigAlgName());
        }
    }

    private boolean isAcceptable(byte[] bArr) {
        if (this.sessionDataVerificationCallback == null || bArr == null) {
            return true;
        }
        return this.sessionDataVerificationCallback.apply(ByteBuffer.wrap(bArr)).booleanValue();
    }

    private List<X509Certificate> single(X509Certificate x509Certificate) {
        ArrayList arrayList = new ArrayList(1);
        arrayList.add(x509Certificate);
        return arrayList;
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void addServerExtensions(Extension extension) {
        this.serverExtensions.add(extension);
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void addSupportedCiphers(List<TlsConstants.CipherSuite> list) {
        this.supportedCiphers.addAll(list);
    }

    @Override // net.luminis.tls.engine.impl.TlsEngineImpl, net.luminis.tls.engine.TlsClientEngine
    public TlsConstants.CipherSuite getSelectedCipher() {
        return this.selectedCipher;
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public List<Extension> getServerExtensions() {
        return this.serverExtensions;
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void received(CertificateMessage certificateMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void received(CertificateRequestMessage certificateRequestMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void received(CertificateVerifyMessage certificateVerifyMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void received(ClientHello clientHello, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
        TlsSession useSession;
        if (this.status != Status.Start) {
            return;
        }
        this.status = Status.ReceivedClientHello;
        TlsConstants.CipherSuite cipherSuite = null;
        for (TlsConstants.CipherSuite cipherSuite2 : clientHello.getCipherSuites()) {
            if (this.supportedCiphers.contains(cipherSuite2)) {
                cipherSuite = cipherSuite2;
            }
        }
        if (cipherSuite == null) {
            throw new HandshakeFailureAlert("Failed to negotiate a cipher (server only supports " + this.supportedCiphers);
        }
        this.selectedCipher = cipherSuite;
        SupportedGroupsExtension supportedGroupsExtension = null;
        Iterator<Extension> it = clientHello.getExtensions().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Extension next = it.next();
            if (next instanceof SupportedGroupsExtension) {
                supportedGroupsExtension = (SupportedGroupsExtension) next;
                break;
            }
        }
        if (supportedGroupsExtension == null) {
            throw new MissingExtensionAlert("supported groups extension is required in Client Hello");
        }
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(TlsConstants.NamedGroup.secp256r1);
        arrayList.add(TlsConstants.NamedGroup.x25519);
        boolean z2 = false;
        Iterator<TlsConstants.NamedGroup> it2 = supportedGroupsExtension.getNamedGroups().iterator();
        while (true) {
            if (it2.hasNext()) {
                if (arrayList.contains(it2.next())) {
                    z2 = true;
                    break;
                }
            } else {
                break;
            }
        }
        if (!z2) {
            throw new HandshakeFailureAlert(String.format("Failed to negotiate supported group (server only supports %s)", arrayList));
        }
        KeyShareExtension keyShareExtension = null;
        Iterator<Extension> it3 = clientHello.getExtensions().iterator();
        while (true) {
            if (!it3.hasNext()) {
                break;
            }
            Extension next2 = it3.next();
            if (next2 instanceof KeyShareExtension) {
                keyShareExtension = (KeyShareExtension) next2;
                break;
            }
        }
        if (keyShareExtension == null) {
            throw new MissingExtensionAlert("key share extension is required in Client Hello");
        }
        KeyShareExtension.KeyShareEntry keyShareEntry = null;
        Iterator<KeyShareExtension.KeyShareEntry> it4 = keyShareExtension.getKeyShareEntries().iterator();
        while (true) {
            if (!it4.hasNext()) {
                break;
            }
            KeyShareExtension.KeyShareEntry next3 = it4.next();
            if (arrayList.contains(next3.getNamedGroup())) {
                keyShareEntry = next3;
                break;
            }
        }
        if (keyShareEntry == null) {
            throw new IllegalParameterAlert("key share named group not supported (and no HelloRetryRequest support)");
        }
        SignatureAlgorithmsExtension signatureAlgorithmsExtension = null;
        Iterator<Extension> it5 = clientHello.getExtensions().iterator();
        while (true) {
            if (!it5.hasNext()) {
                break;
            }
            Extension next4 = it5.next();
            if (next4 instanceof SignatureAlgorithmsExtension) {
                signatureAlgorithmsExtension = (SignatureAlgorithmsExtension) next4;
                break;
            }
        }
        if (signatureAlgorithmsExtension == null) {
            throw new MissingExtensionAlert("signature algorithms extension is required in Client Hello");
        }
        Iterator<Extension> it6 = clientHello.getExtensions().iterator();
        while (true) {
            if (!it6.hasNext()) {
                break;
            }
            Extension next5 = it6.next();
            if (next5 instanceof PskKeyExchangeModesExtension) {
                this.clientSupportedKeyExchangeModes.addAll(((PskKeyExchangeModesExtension) next5).getKeyExchangeModes());
                break;
            }
        }
        if (!signatureAlgorithmsExtension.getSignatureAlgorithms().contains(TlsConstants.SignatureScheme.rsa_pss_rsae_sha256)) {
            throw new HandshakeFailureAlert("Failed to negotiate signature algorithm (server only supports rsa_pss_rsae_sha256");
        }
        ClientHelloPreSharedKeyExtension clientHelloPreSharedKeyExtension = null;
        Iterator<Extension> it7 = clientHello.getExtensions().iterator();
        while (true) {
            if (!it7.hasNext()) {
                break;
            }
            Extension next6 = it7.next();
            if (next6 instanceof ClientHelloPreSharedKeyExtension) {
                clientHelloPreSharedKeyExtension = (ClientHelloPreSharedKeyExtension) next6;
                break;
            }
        }
        this.statusHandler.extensionsReceived(clientHello.getExtensions());
        this.status = Status.Negotiated;
        boolean z3 = false;
        Integer num = null;
        if (clientHelloPreSharedKeyExtension != null) {
            if (this.clientSupportedKeyExchangeModes.isEmpty()) {
                throw new MissingExtensionAlert("psk_key_exchange_modes extension required with pre_shared_key");
            }
            if (this.clientSupportedKeyExchangeModes.contains(TlsConstants.PskKeyExchangeMode.psk_dhe_ke)) {
                ClientHelloPreSharedKeyExtension clientHelloPreSharedKeyExtension2 = clientHelloPreSharedKeyExtension;
                num = this.sessionRegistry.selectIdentity(clientHelloPreSharedKeyExtension2.getIdentities(), this.selectedCipher);
                if (num != null && isAcceptable(this.sessionRegistry.peekSessionData(clientHelloPreSharedKeyExtension2.getIdentities().get(num.intValue()))) && (useSession = this.sessionRegistry.useSession(clientHelloPreSharedKeyExtension2.getIdentities().get(num.intValue()))) != null) {
                    this.transcriptHash = new TranscriptHash(hashLength(this.selectedCipher));
                    this.state = new TlsState(this.transcriptHash, useSession.getPsk(), keyLength(this.selectedCipher), hashLength(this.selectedCipher));
                    if (!validateBinder(clientHelloPreSharedKeyExtension2.getBinders().get(num.intValue()), clientHelloPreSharedKeyExtension2.getBinderPosition(), clientHello)) {
                        this.state = null;
                        throw new DecryptErrorAlert("Invalid PSK binder");
                    }
                    boolean z4 = false;
                    Iterator<Extension> it8 = clientHello.getExtensions().iterator();
                    while (true) {
                        if (it8.hasNext()) {
                            if (it8.next() instanceof EarlyDataExtension) {
                                z4 = true;
                                break;
                            }
                        } else {
                            break;
                        }
                    }
                    if (z4 && num.intValue() == 0 && this.selectedApplicationLayerProtocol != null && this.selectedApplicationLayerProtocol.equals(useSession.getApplicationLayerProtocol())) {
                        z3 = this.statusHandler.isEarlyDataAccepted();
                    }
                }
            }
        }
        if (this.state == null) {
            this.transcriptHash = new TranscriptHash(hashLength(this.selectedCipher));
            this.state = new TlsState(this.transcriptHash, keyLength(this.selectedCipher), hashLength(this.selectedCipher));
            num = null;
        }
        this.transcriptHash.record(clientHello);
        generateKeys(keyShareEntry.getNamedGroup());
        this.state.setOwnKey(this.privateKey);
        this.state.computeEarlyTrafficSecret();
        this.statusHandler.earlySecretsKnown();
        ArrayList arrayList2 = new ArrayList(2);
        arrayList2.add(new SupportedVersionsExtension(TlsConstants.HandshakeType.server_hello));
        arrayList2.add(new KeyShareExtension(this.publicKey, keyShareEntry.getNamedGroup(), TlsConstants.HandshakeType.server_hello));
        if (num != null) {
            arrayList2.add(new ServerPreSharedKeyExtension(num.shortValue()));
        }
        ServerHello serverHello = new ServerHello(this.selectedCipher, arrayList2);
        this.serverMessageSender.send(serverHello);
        this.transcriptHash.record(serverHello);
        this.state.setPeerKey(keyShareEntry.getKey());
        this.state.computeSharedSecret();
        this.state.computeHandshakeSecrets();
        this.statusHandler.handshakeSecretsKnown();
        if (z3) {
            this.serverExtensions.add(new EarlyDataExtension());
        }
        EncryptedExtensions encryptedExtensions = new EncryptedExtensions(this.serverExtensions);
        this.serverMessageSender.send(encryptedExtensions);
        this.transcriptHash.record(encryptedExtensions);
        if (num == null) {
            CertificateMessage certificateMessage = new CertificateMessage(this.serverCertificateChain);
            this.serverMessageSender.send(certificateMessage);
            this.transcriptHash.recordServer(certificateMessage);
            byte[] serverHash = this.transcriptHash.getServerHash(TlsConstants.HandshakeType.certificate);
            TlsConstants.SignatureScheme determineSignatureScheme = determineSignatureScheme(this.serverCertificateChain.get(0));
            CertificateVerifyMessage certificateVerifyMessage = new CertificateVerifyMessage(determineSignatureScheme, computeSignature(serverHash, this.certificatePrivateKey, determineSignatureScheme, false));
            this.serverMessageSender.send(certificateVerifyMessage);
            this.transcriptHash.recordServer(certificateVerifyMessage);
        }
        FinishedMessage finishedMessage = new FinishedMessage(computeFinishedVerifyData(this.transcriptHash.getServerHash(TlsConstants.HandshakeType.certificate_verify), this.state.getServerHandshakeTrafficSecret()));
        this.serverMessageSender.send(finishedMessage);
        this.transcriptHash.recordServer(finishedMessage);
        this.state.computeApplicationSecrets();
        this.status = Status.WaitFinished;
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void received(EncryptedExtensions encryptedExtensions, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void received(FinishedMessage finishedMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
        if (this.status != Status.WaitFinished) {
            return;
        }
        if (protectionKeysType != ProtectionKeysType.Handshake) {
            throw new UnexpectedMessageAlert("incorrect protection level");
        }
        this.transcriptHash.recordClient(finishedMessage);
        if (!Arrays.equals(finishedMessage.getVerifyData(), computeFinishedVerifyData(this.transcriptHash.getServerHash(TlsConstants.HandshakeType.finished), this.state.getClientHandshakeTrafficSecret()))) {
            throw new DecryptErrorAlert("incorrect finished message");
        }
        this.state.computeResumptionMasterSecret();
        this.statusHandler.handshakeFinished();
        this.status = Status.Connected;
        if (this.sessionRegistry == null || !this.clientSupportedKeyExchangeModes.contains(TlsConstants.PskKeyExchangeMode.psk_dhe_ke)) {
            return;
        }
        TlsSessionRegistry tlsSessionRegistry = this.sessionRegistry;
        byte b2 = this.currentTicketNumber;
        this.currentTicketNumber = (byte) (b2 + 1);
        this.serverMessageSender.send(tlsSessionRegistry.createNewSessionTicketMessage(b2, this.selectedCipher, this.state, this.selectedApplicationLayerProtocol, this.maxEarlyDataSize, this.additionalSessionData));
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void received(NewSessionTicketMessage newSessionTicketMessage, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.MessageProcessor
    public void received(ServerHello serverHello, ProtectionKeysType protectionKeysType) throws TlsProtocolException, IOException {
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void setSelectedApplicationLayerProtocol(String str) {
        if (str == null) {
            throw new IllegalArgumentException();
        }
        this.selectedApplicationLayerProtocol = str;
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void setServerMessageSender(ServerMessageSender serverMessageSender) {
        this.serverMessageSender = serverMessageSender;
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void setSessionData(byte[] bArr) {
        this.additionalSessionData = bArr;
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void setSessionDataVerificationCallback(Function<ByteBuffer, Boolean> function) {
        this.sessionDataVerificationCallback = function;
    }

    @Override // net.luminis.tls.engine.TlsServerEngine
    public void setStatusHandler(TlsStatusEventHandler tlsStatusEventHandler) {
        this.statusHandler = tlsStatusEventHandler;
    }

    protected boolean validateBinder(ClientHelloPreSharedKeyExtension.PskBinderEntry pskBinderEntry, int i2, ClientHello clientHello) {
        return Arrays.equals(pskBinderEntry.getHmac(), this.state.computePskBinder(Arrays.copyOfRange(clientHello.getBytes(), 0, clientHello.getPskExtensionStartPosition() + i2)));
    }
}
