package sun.security.ssl;

import java.io.IOException;
import java.security.AccessController;
import java.security.AlgorithmConstraints;
import java.security.AlgorithmParameters;
import java.security.CryptoPrimitive;
import java.security.PrivilegedAction;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.util.ArrayList;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.SSLProtocolException;
import sun.security.action.GetPropertyAction;

/* loaded from: input_file:sun/security/ssl/EllipticCurvesExtension.class */
final class EllipticCurvesExtension extends HelloExtension {
    private static final int ARBITRARY_PRIME = 65281;
    private static final int ARBITRARY_CHAR2 = 65282;
    private static final int[] supportedCurveIds;
    private final int[] curveIds;
    private static final Debug debug = Debug.getInstance("ssl");
    private static final Map<String, Integer> oidToIdMap = new HashMap();
    private static final Map<Integer, String> idToOidMap = new HashMap();
    private static final Map<Integer, AlgorithmParameters> idToParams = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:sun/security/ssl/EllipticCurvesExtension$NamedEllipticCurve.class */
    public enum NamedEllipticCurve {
        T163_K1(1, "sect163k1", "1.3.132.0.1", true),
        T163_R1(2, "sect163r1", "1.3.132.0.2", false),
        T163_R2(3, "sect163r2", "1.3.132.0.15", true),
        T193_R1(4, "sect193r1", "1.3.132.0.24", false),
        T193_R2(5, "sect193r2", "1.3.132.0.25", false),
        T233_K1(6, "sect233k1", "1.3.132.0.26", true),
        T233_R1(7, "sect233r1", "1.3.132.0.27", true),
        T239_K1(8, "sect239k1", "1.3.132.0.3", false),
        T283_K1(9, "sect283k1", "1.3.132.0.16", true),
        T283_R1(10, "sect283r1", "1.3.132.0.17", true),
        T409_K1(11, "sect409k1", "1.3.132.0.36", true),
        T409_R1(12, "sect409r1", "1.3.132.0.37", true),
        T571_K1(13, "sect571k1", "1.3.132.0.38", true),
        T571_R1(14, "sect571r1", "1.3.132.0.39", true),
        P160_K1(15, "secp160k1", "1.3.132.0.9", false),
        P160_R1(16, "secp160r1", "1.3.132.0.8", false),
        P160_R2(17, "secp160r2", "1.3.132.0.30", false),
        P192_K1(18, "secp192k1", "1.3.132.0.31", false),
        P192_R1(19, "secp192r1", "1.2.840.10045.3.1.1", true),
        P224_K1(20, "secp224k1", "1.3.132.0.32", false),
        P224_R1(21, "secp224r1", "1.3.132.0.33", true),
        P256_K1(22, "secp256k1", "1.3.132.0.10", false),
        P256_R1(23, "secp256r1", "1.2.840.10045.3.1.7", true),
        P384_R1(24, "secp384r1", "1.3.132.0.34", true),
        P521_R1(25, "secp521r1", "1.3.132.0.35", true);

        int id;
        String name;
        String oid;
        boolean isFips;

        NamedEllipticCurve(int i, String str, String str2, boolean z) {
            this.id = i;
            this.name = str;
            this.oid = str2;
            this.isFips = z;
            if (EllipticCurvesExtension.oidToIdMap.put(str2, Integer.valueOf(i)) != null || EllipticCurvesExtension.idToOidMap.put(Integer.valueOf(i), str2) != null) {
                throw new RuntimeException("Duplicate named elliptic curve definition: " + str);
            }
        }

        static NamedEllipticCurve getCurve(String str, boolean z) {
            for (NamedEllipticCurve namedEllipticCurve : values()) {
                if (namedEllipticCurve.name.equals(str) && (!z || namedEllipticCurve.isFips)) {
                    return namedEllipticCurve;
                }
            }
            return null;
        }
    }

    private static boolean isAvailableCurve(int i) {
        String str = idToOidMap.get(Integer.valueOf(i));
        if (str == null) {
            return false;
        }
        try {
            AlgorithmParameters algorithmParameters = JsseJce.getAlgorithmParameters("EC");
            algorithmParameters.init(new ECGenParameterSpec(str));
            idToParams.put(Integer.valueOf(i), algorithmParameters);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private EllipticCurvesExtension(int[] iArr) {
        super(ExtensionType.EXT_ELLIPTIC_CURVES);
        this.curveIds = iArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EllipticCurvesExtension(HandshakeInStream handshakeInStream, int i) throws IOException {
        super(ExtensionType.EXT_ELLIPTIC_CURVES);
        int int16 = handshakeInStream.getInt16();
        if ((i & 1) != 0 || int16 + 2 != i) {
            throw new SSLProtocolException("Invalid " + this.type + " extension");
        }
        this.curveIds = new int[int16 >> 1];
        for (int i2 = 0; i2 < this.curveIds.length; i2++) {
            this.curveIds[i2] = handshakeInStream.getInt16();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getActiveCurves(AlgorithmConstraints algorithmConstraints) {
        return getPreferredCurve(supportedCurveIds, algorithmConstraints);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean hasActiveCurves(AlgorithmConstraints algorithmConstraints) {
        return getActiveCurves(algorithmConstraints) >= 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static EllipticCurvesExtension createExtension(AlgorithmConstraints algorithmConstraints) {
        ArrayList arrayList = new ArrayList(supportedCurveIds.length);
        for (int i : supportedCurveIds) {
            if (algorithmConstraints.permits(EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), "EC", idToParams.get(Integer.valueOf(i)))) {
                arrayList.add(Integer.valueOf(i));
            }
        }
        if (arrayList.isEmpty()) {
            return null;
        }
        int[] iArr = new int[arrayList.size()];
        int i2 = 0;
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            int i3 = i2;
            i2++;
            iArr[i3] = ((Integer) it.next()).intValue();
        }
        return new EllipticCurvesExtension(iArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getPreferredCurve(AlgorithmConstraints algorithmConstraints) {
        return getPreferredCurve(this.curveIds, algorithmConstraints);
    }

    private static int getPreferredCurve(int[] iArr, AlgorithmConstraints algorithmConstraints) {
        for (int i : iArr) {
            if (isSupported(i) && algorithmConstraints.permits(EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), "EC", idToParams.get(Integer.valueOf(i)))) {
                return i;
            }
        }
        return -1;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean contains(int i) {
        for (int i2 : this.curveIds) {
            if (i == i2) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // sun.security.ssl.HelloExtension
    public int length() {
        return 6 + (this.curveIds.length << 1);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // sun.security.ssl.HelloExtension
    public void send(HandshakeOutStream handshakeOutStream) throws IOException {
        handshakeOutStream.putInt16(this.type.id);
        int length = this.curveIds.length << 1;
        handshakeOutStream.putInt16(length + 2);
        handshakeOutStream.putInt16(length);
        for (int i : this.curveIds) {
            handshakeOutStream.putInt16(i);
        }
    }

    @Override // sun.security.ssl.HelloExtension
    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("Extension " + this.type + ", curve names: {");
        boolean z = true;
        for (int i : this.curveIds) {
            if (z) {
                z = false;
            } else {
                sb.append(", ");
            }
            String curveName = getCurveName(i);
            if (curveName != null) {
                sb.append(curveName);
            } else if (i == ARBITRARY_PRIME) {
                sb.append("arbitrary_explicit_prime_curves");
            } else if (i == ARBITRARY_CHAR2) {
                sb.append("arbitrary_explicit_char2_curves");
            } else {
                sb.append("unknown curve " + i);
            }
        }
        sb.append("}");
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isSupported(int i) {
        for (int i2 : supportedCurveIds) {
            if (i == i2) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getCurveIndex(ECParameterSpec eCParameterSpec) {
        Integer num;
        String namedCurveOid = JsseJce.getNamedCurveOid(eCParameterSpec);
        if (namedCurveOid == null || (num = oidToIdMap.get(namedCurveOid)) == null) {
            return -1;
        }
        return num.intValue();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getCurveOid(int i) {
        return idToOidMap.get(Integer.valueOf(i));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECGenParameterSpec getECGenParamSpec(int i) {
        try {
            return (ECGenParameterSpec) idToParams.get(Integer.valueOf(i)).getParameterSpec(ECGenParameterSpec.class);
        } catch (InvalidParameterSpecException e) {
            return new ECGenParameterSpec(getCurveOid(i));
        }
    }

    private static String getCurveName(int i) {
        for (NamedEllipticCurve namedEllipticCurve : NamedEllipticCurve.values()) {
            if (namedEllipticCurve.id == i) {
                return namedEllipticCurve.name;
            }
        }
        return null;
    }

    static {
        ArrayList arrayList;
        NamedEllipticCurve curve;
        boolean isFIPS = SunJSSE.isFIPS();
        NamedEllipticCurve.getCurve("secp256r1", false);
        String str = (String) AccessController.doPrivileged((PrivilegedAction) new GetPropertyAction("jdk.tls.namedGroups"));
        if (str != null && str.length() != 0 && str.length() > 1 && str.charAt(0) == '\"' && str.charAt(str.length() - 1) == '\"') {
            str = str.substring(1, str.length() - 1);
        }
        if (str == null || str.length() == 0) {
            int[] iArr = isFIPS ? new int[]{23, 24, 25} : new int[]{23, 24, 25};
            arrayList = new ArrayList(iArr.length);
            for (int i : iArr) {
                if (isAvailableCurve(i)) {
                    arrayList.add(Integer.valueOf(i));
                }
            }
        } else {
            String[] split = str.split(",");
            arrayList = new ArrayList(split.length);
            for (String str2 : split) {
                String trim = str2.trim();
                if (!trim.isEmpty() && (curve = NamedEllipticCurve.getCurve(trim, isFIPS)) != null && isAvailableCurve(curve.id)) {
                    arrayList.add(Integer.valueOf(curve.id));
                }
            }
            if (arrayList.isEmpty() && JsseJce.isEcAvailable()) {
                throw new IllegalArgumentException("System property jdk.tls.namedGroups(" + str + ") contains no supported elliptic curves");
            }
        }
        if (debug != null && arrayList.isEmpty()) {
            debug.println("Initialized [jdk.tls.namedGroups|default] list contains no available elliptic curves. " + (str != null ? "(" + str + ")" : "[Default]"));
        }
        supportedCurveIds = new int[arrayList.size()];
        int i2 = 0;
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            int i3 = i2;
            i2++;
            supportedCurveIds[i3] = ((Integer) it.next()).intValue();
        }
    }
}
