package com.adguard.filter.proxy.ssl;

import com.adguard.filter.proxy.ssl.cipher.FastTlsCipherFactory;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Hashtable;
import org.bouncycastle.crypto.tls.AlertDescription;
import org.bouncycastle.crypto.tls.AlertLevel;
import org.bouncycastle.crypto.tls.Certificate;
import org.bouncycastle.crypto.tls.CertificateRequest;
import org.bouncycastle.crypto.tls.CipherSuite;
import org.bouncycastle.crypto.tls.DefaultTlsClient;
import org.bouncycastle.crypto.tls.ProtocolVersion;
import org.bouncycastle.crypto.tls.TlsAuthentication;
import org.bouncycastle.crypto.tls.TlsCredentials;
import org.bouncycastle.crypto.tls.TlsECCUtils;
import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
import org.bouncycastle.crypto.tls.TlsKeyExchange;
import org.bouncycastle.crypto.tls.TlsSession;
import org.bouncycastle.crypto.tls.TlsUtils;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class o extends DefaultTlsClient implements TlsAuthentication {

    /* renamed from: a, reason: collision with root package name */
    private static final org.slf4j.c f793a = org.slf4j.d.a((Class<?>) o.class);
    private static final int[] i;
    private static final com.adguard.commons.a.a.a<Integer> j;
    private static final com.adguard.commons.a.a.a<Short> k;
    private final long b;
    private final e c;
    private final int[] d;
    private final TlsSession e;
    private Certificate f;
    private ProtocolVersion g;
    private byte[] h;

    static {
        int[] iArr = {CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, 64, 50, CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 103, 51, CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, 60, 47, 255, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 56, 57, CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA, CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, 53, 5, 10, 4, CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 107, 61};
        Arrays.sort(iArr);
        i = iArr;
        j = new com.adguard.commons.a.a.a<Integer>() { // from class: com.adguard.filter.proxy.ssl.o.1
            @Override // com.adguard.commons.a.a.a
            public final /* synthetic */ boolean a(Integer num) {
                Integer num2 = num;
                return num2 != null && TlsECCUtils.isSupportedNamedCurve(num2.intValue());
            }
        };
        k = new com.adguard.commons.a.a.a<Short>() { // from class: com.adguard.filter.proxy.ssl.o.2
            @Override // com.adguard.commons.a.a.a
            public final /* synthetic */ boolean a(Short sh) {
                Short sh2 = sh;
                return sh2 != null && (sh2.shortValue() == 0 || 1 == sh2.shortValue() || 2 == sh2.shortValue());
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public o(long j2, e eVar, TlsSession tlsSession) {
        int i2 = 0;
        this.cipherFactory = FastTlsCipherFactory.getInstance();
        this.b = j2;
        this.c = eVar;
        this.e = tlsSession;
        ArrayList arrayList = new ArrayList();
        for (int i3 : eVar.b()) {
            if (Arrays.binarySearch(i, i3) >= 0) {
                arrayList.add(Integer.valueOf(i3));
            } else if (f793a.isDebugEnabled()) {
                f793a.debug("TCP id={} Client provided unsupported cipher: 0x{}, ignoring", Long.valueOf(j2), Integer.toHexString(i3));
            }
        }
        if (f793a.isDebugEnabled()) {
            f793a.debug("TCP id={} Cipher suits count: {}", Long.valueOf(j2), Integer.valueOf(arrayList.size()));
        }
        this.d = new int[arrayList.size()];
        while (true) {
            int i4 = i2;
            if (i4 >= this.d.length) {
                return;
            }
            this.d[i4] = ((Integer) arrayList.get(i4)).intValue();
            i2 = i4 + 1;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final Certificate a() {
        return this.f;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] b() {
        return this.h;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final ProtocolVersion c() {
        return this.g;
    }

    @Override // org.bouncycastle.crypto.tls.DefaultTlsClient
    protected TlsKeyExchange createDHEKeyExchange(int i2) {
        return new w(i2, this.supportedSignatureAlgorithms, 1280);
    }

    @Override // org.bouncycastle.crypto.tls.DefaultTlsClient
    protected TlsKeyExchange createDHKeyExchange(int i2) {
        return new x(i2, this.supportedSignatureAlgorithms, 1280);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final int d() {
        return this.selectedCipherSuite;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final short[] e() {
        return this.serverECPointFormats;
    }

    @Override // org.bouncycastle.crypto.tls.TlsClient
    public TlsAuthentication getAuthentication() {
        return this;
    }

    @Override // org.bouncycastle.crypto.tls.DefaultTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public int[] getCipherSuites() {
        return this.d;
    }

    @Override // org.bouncycastle.crypto.tls.TlsAuthentication
    public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) {
        return null;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public Hashtable getClientExtensions() {
        int[] iArr;
        int i2 = 0;
        Hashtable clientExtensions = super.getClientExtensions();
        if (clientExtensions != null && this.c.d() != null) {
            Hashtable<Integer, byte[]> d = this.c.d();
            if (d.containsKey(TlsExtensionsUtils.EXT_server_name)) {
                clientExtensions.put(TlsExtensionsUtils.EXT_server_name, d.get(TlsExtensionsUtils.EXT_server_name));
            }
            if (d.containsKey(TlsECCUtils.EXT_elliptic_curves) && d.containsKey(TlsECCUtils.EXT_ec_point_formats)) {
                int[] supportedEllipticCurvesExtension = TlsECCUtils.getSupportedEllipticCurvesExtension(d);
                short[] supportedPointFormatsExtension = TlsECCUtils.getSupportedPointFormatsExtension(d);
                com.adguard.commons.a.a.a<Integer> aVar = j;
                if (supportedEllipticCurvesExtension == null) {
                    iArr = null;
                } else {
                    ArrayList arrayList = new ArrayList();
                    for (int i3 : supportedEllipticCurvesExtension) {
                        if (aVar.a(Integer.valueOf(i3))) {
                            arrayList.add(Integer.valueOf(i3));
                        }
                    }
                    int[] iArr2 = new int[arrayList.size()];
                    while (true) {
                        int i4 = i2;
                        if (i4 >= arrayList.size()) {
                            break;
                        }
                        iArr2[i4] = ((Integer) arrayList.get(i4)).intValue();
                        i2 = i4 + 1;
                    }
                    iArr = iArr2;
                }
                short[] a2 = com.adguard.commons.a.a.a(supportedPointFormatsExtension, k);
                if (iArr != null && iArr.length > 0 && a2 != null && a2.length > 0) {
                    TlsECCUtils.addSupportedEllipticCurvesExtension(clientExtensions, iArr);
                    TlsECCUtils.addSupportedPointFormatsExtension(clientExtensions, a2);
                }
            }
            if (d.contains(TlsUtils.EXT_signature_algorithms)) {
                TlsUtils.addSignatureAlgorithmsExtension(clientExtensions, TlsUtils.getSignatureAlgorithmsExtension(clientExtensions));
            }
        }
        return clientExtensions;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public ProtocolVersion getClientHelloRecordLayerVersion() {
        return super.getClientHelloRecordLayerVersion();
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public ProtocolVersion getClientVersion() {
        switch (this.c.a()) {
            case 769:
                return ProtocolVersion.TLSv10;
            case 770:
            default:
                return super.getClientVersion();
            case 771:
                return ProtocolVersion.TLSv12;
        }
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public short[] getCompressionMethods() {
        return this.c.c();
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient
    public ProtocolVersion getMinimumVersion() {
        return ProtocolVersion.TLSv10;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public TlsSession getSessionToResume() {
        return this.e;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsPeer, org.bouncycastle.crypto.tls.TlsPeer
    public void notifyAlertRaised(short s, short s2, String str, Throwable th) {
        f793a.debug("TCP id={} Client alert raised. Level: {}, Description: {} {}, Message: {}", Long.valueOf(this.b), AlertLevel.getName(s), AlertDescription.getName(s2), AlertDescription.getText(s2), str);
        super.notifyAlertRaised(s, s2, str, th);
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsPeer, org.bouncycastle.crypto.tls.TlsPeer
    public void notifyAlertReceived(short s, short s2) {
        f793a.debug("TCP id={} Client alert received. Level: {}, Description: {} {}", Long.valueOf(this.b), AlertLevel.getName(s), AlertDescription.getName(s2), AlertDescription.getText(s2));
        super.notifyAlertReceived(s, s2);
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsPeer, org.bouncycastle.crypto.tls.TlsPeer
    public void notifySecureRenegotiation(boolean z) {
        f793a.debug("Secure renegotiation: {}", Boolean.valueOf(z));
    }

    @Override // org.bouncycastle.crypto.tls.TlsAuthentication
    public void notifyServerCertificate(Certificate certificate) {
        this.f = certificate;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public void notifyServerVersion(ProtocolVersion protocolVersion) {
        this.g = protocolVersion;
        super.notifyServerVersion(protocolVersion);
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public void notifySessionID(byte[] bArr) {
        this.h = bArr;
    }
}
