package sun.security.ssl;

import java.io.IOException;
import java.security.AlgorithmConstraints;
import java.security.AlgorithmParameters;
import java.security.CryptoPrimitive;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.NamedParameterSpec;
import java.util.Collections;
import java.util.EnumSet;
import java.util.List;
import java.util.Set;
import javax.crypto.KeyAgreement;
import javax.crypto.spec.DHParameterSpec;
import javax.net.ssl.SSLException;
import sun.security.ssl.DHKeyExchange;
import sun.security.ssl.ECDHKeyExchange;
import sun.security.ssl.XDHKeyExchange;
import sun.security.util.CurveDB;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BOOT-INF/lib/java.base-2020-07-01.jar:META-INF/modules/java.base/classes/sun/security/ssl/NamedGroup.class */
public enum NamedGroup {
    SECT163_K1(1, "sect163k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect163k1")),
    SECT163_R1(2, "sect163r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect163r1")),
    SECT163_R2(3, "sect163r2", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect163r2")),
    SECT193_R1(4, "sect193r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect193r1")),
    SECT193_R2(5, "sect193r2", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect193r2")),
    SECT233_K1(6, "sect233k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect233k1")),
    SECT233_R1(7, "sect233r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect233r1")),
    SECT239_K1(8, "sect239k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect239k1")),
    SECT283_K1(9, "sect283k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect283k1")),
    SECT283_R1(10, "sect283r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect283r1")),
    SECT409_K1(11, "sect409k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect409k1")),
    SECT409_R1(12, "sect409r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect409r1")),
    SECT571_K1(13, "sect571k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect571k1")),
    SECT571_R1(14, "sect571r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("sect571r1")),
    SECP160_K1(15, "secp160k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("secp160k1")),
    SECP160_R1(16, "secp160r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("secp160r1")),
    SECP160_R2(17, "secp160r2", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("secp160r2")),
    SECP192_K1(18, "secp192k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("secp192k1")),
    SECP192_R1(19, "secp192r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("secp192r1")),
    SECP224_K1(20, "secp224k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("secp224k1")),
    SECP224_R1(21, "secp224r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("secp224r1")),
    SECP256_K1(22, "secp256k1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_12, CurveDB.lookup("secp256k1")),
    SECP256_R1(23, "secp256r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_13, CurveDB.lookup("secp256r1")),
    SECP384_R1(24, "secp384r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_13, CurveDB.lookup("secp384r1")),
    SECP521_R1(25, "secp521r1", NamedGroupSpec.NAMED_GROUP_ECDHE, ProtocolVersion.PROTOCOLS_TO_13, CurveDB.lookup("secp521r1")),
    X25519(29, "x25519", NamedGroupSpec.NAMED_GROUP_XDH, ProtocolVersion.PROTOCOLS_TO_13, NamedParameterSpec.X25519),
    X448(30, "x448", NamedGroupSpec.NAMED_GROUP_XDH, ProtocolVersion.PROTOCOLS_TO_13, NamedParameterSpec.X448),
    FFDHE_2048(256, "ffdhe2048", NamedGroupSpec.NAMED_GROUP_FFDHE, ProtocolVersion.PROTOCOLS_TO_13, PredefinedDHParameterSpecs.ffdheParams.get(2048)),
    FFDHE_3072(257, "ffdhe3072", NamedGroupSpec.NAMED_GROUP_FFDHE, ProtocolVersion.PROTOCOLS_TO_13, PredefinedDHParameterSpecs.ffdheParams.get(3072)),
    FFDHE_4096(258, "ffdhe4096", NamedGroupSpec.NAMED_GROUP_FFDHE, ProtocolVersion.PROTOCOLS_TO_13, PredefinedDHParameterSpecs.ffdheParams.get(4096)),
    FFDHE_6144(259, "ffdhe6144", NamedGroupSpec.NAMED_GROUP_FFDHE, ProtocolVersion.PROTOCOLS_TO_13, PredefinedDHParameterSpecs.ffdheParams.get(6144)),
    FFDHE_8192(260, "ffdhe8192", NamedGroupSpec.NAMED_GROUP_FFDHE, ProtocolVersion.PROTOCOLS_TO_13, PredefinedDHParameterSpecs.ffdheParams.get(8192)),
    ARBITRARY_PRIME(65281, "arbitrary_explicit_prime_curves", NamedGroupSpec.NAMED_GROUP_ARBITRARY, ProtocolVersion.PROTOCOLS_TO_12, null),
    ARBITRARY_CHAR2(65282, "arbitrary_explicit_char2_curves", NamedGroupSpec.NAMED_GROUP_ARBITRARY, ProtocolVersion.PROTOCOLS_TO_12, null);

    final int id;
    final String name;
    final NamedGroupSpec spec;
    final ProtocolVersion[] supportedProtocols;
    final String algorithm;
    final AlgorithmParameterSpec keAlgParamSpec;
    final AlgorithmParameters keAlgParams;
    final boolean isAvailable;
    private static final Set<CryptoPrimitive> KEY_AGREEMENT_PRIMITIVE_SET = Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.KEY_AGREEMENT));

    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-07-01.jar:META-INF/modules/java.base/classes/sun/security/ssl/NamedGroup$ECDHEScheme.class */
    private static class ECDHEScheme implements NamedGroupScheme {
        private static final ECDHEScheme instance = new ECDHEScheme();

        private ECDHEScheme() {
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public byte[] encodePossessionPublicKey(NamedGroupPossession namedGroupPossession) {
            return ((ECDHKeyExchange.ECDHEPossession) namedGroupPossession).encode();
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLCredentials decodeCredentials(NamedGroup namedGroup, byte[] bArr, AlgorithmConstraints algorithmConstraints, ExceptionSupplier exceptionSupplier) throws IOException, GeneralSecurityException {
            ECDHKeyExchange.ECDHECredentials valueOf = ECDHKeyExchange.ECDHECredentials.valueOf(namedGroup, bArr);
            checkConstraints(valueOf.getPublicKey(), algorithmConstraints, exceptionSupplier);
            return valueOf;
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLPossession createPossession(NamedGroup namedGroup, SecureRandom secureRandom) {
            return new ECDHKeyExchange.ECDHEPossession(namedGroup, secureRandom);
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext) throws IOException {
            return ECDHKeyExchange.ecdheKAGenerator.createKeyDerivation(handshakeContext);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-07-01.jar:META-INF/modules/java.base/classes/sun/security/ssl/NamedGroup$ExceptionSupplier.class */
    public interface ExceptionSupplier {
        void apply(String str) throws SSLException;
    }

    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-07-01.jar:META-INF/modules/java.base/classes/sun/security/ssl/NamedGroup$FFDHEScheme.class */
    private static class FFDHEScheme implements NamedGroupScheme {
        private static final FFDHEScheme instance = new FFDHEScheme();

        private FFDHEScheme() {
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public byte[] encodePossessionPublicKey(NamedGroupPossession namedGroupPossession) {
            return ((DHKeyExchange.DHEPossession) namedGroupPossession).encode();
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLCredentials decodeCredentials(NamedGroup namedGroup, byte[] bArr, AlgorithmConstraints algorithmConstraints, ExceptionSupplier exceptionSupplier) throws IOException, GeneralSecurityException {
            DHKeyExchange.DHECredentials valueOf = DHKeyExchange.DHECredentials.valueOf(namedGroup, bArr);
            checkConstraints(valueOf.getPublicKey(), algorithmConstraints, exceptionSupplier);
            return valueOf;
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLPossession createPossession(NamedGroup namedGroup, SecureRandom secureRandom) {
            return new DHKeyExchange.DHEPossession(namedGroup, secureRandom);
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext) throws IOException {
            return DHKeyExchange.kaGenerator.createKeyDerivation(handshakeContext);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-07-01.jar:META-INF/modules/java.base/classes/sun/security/ssl/NamedGroup$NamedGroupScheme.class */
    public interface NamedGroupScheme {
        default void checkConstraints(PublicKey publicKey, AlgorithmConstraints algorithmConstraints, ExceptionSupplier exceptionSupplier) throws SSLException {
            if (algorithmConstraints.permits(EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), publicKey)) {
                return;
            }
            exceptionSupplier.apply("key share entry does not comply with algorithm constraints");
        }

        byte[] encodePossessionPublicKey(NamedGroupPossession namedGroupPossession);

        SSLCredentials decodeCredentials(NamedGroup namedGroup, byte[] bArr, AlgorithmConstraints algorithmConstraints, ExceptionSupplier exceptionSupplier) throws IOException, GeneralSecurityException;

        SSLPossession createPossession(NamedGroup namedGroup, SecureRandom secureRandom);

        SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext) throws IOException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-07-01.jar:META-INF/modules/java.base/classes/sun/security/ssl/NamedGroup$NamedGroupSpec.class */
    public enum NamedGroupSpec implements NamedGroupScheme {
        NAMED_GROUP_ECDHE("EC", ECDHEScheme.instance),
        NAMED_GROUP_FFDHE("DiffieHellman", FFDHEScheme.instance),
        NAMED_GROUP_XDH("XDH", XDHScheme.instance),
        NAMED_GROUP_ARBITRARY("EC", null),
        NAMED_GROUP_NONE("", null);

        private final String algorithm;
        private final NamedGroupScheme scheme;

        NamedGroupSpec(String str, NamedGroupScheme namedGroupScheme) {
            this.algorithm = str;
            this.scheme = namedGroupScheme;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public boolean isSupported(List<CipherSuite> list) {
            for (CipherSuite cipherSuite : list) {
                if (cipherSuite.keyExchange == null || arrayContains(cipherSuite.keyExchange.groupTypes, this)) {
                    return true;
                }
            }
            return false;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static boolean arrayContains(NamedGroupSpec[] namedGroupSpecArr, NamedGroupSpec namedGroupSpec) {
            for (NamedGroupSpec namedGroupSpec2 : namedGroupSpecArr) {
                if (namedGroupSpec2 == namedGroupSpec) {
                    return true;
                }
            }
            return false;
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public byte[] encodePossessionPublicKey(NamedGroupPossession namedGroupPossession) {
            if (this.scheme != null) {
                return this.scheme.encodePossessionPublicKey(namedGroupPossession);
            }
            return null;
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLCredentials decodeCredentials(NamedGroup namedGroup, byte[] bArr, AlgorithmConstraints algorithmConstraints, ExceptionSupplier exceptionSupplier) throws IOException, GeneralSecurityException {
            if (this.scheme != null) {
                return this.scheme.decodeCredentials(namedGroup, bArr, algorithmConstraints, exceptionSupplier);
            }
            return null;
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLPossession createPossession(NamedGroup namedGroup, SecureRandom secureRandom) {
            if (this.scheme != null) {
                return this.scheme.createPossession(namedGroup, secureRandom);
            }
            return null;
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext) throws IOException {
            if (this.scheme != null) {
                return this.scheme.createKeyDerivation(handshakeContext);
            }
            return null;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-07-01.jar:META-INF/modules/java.base/classes/sun/security/ssl/NamedGroup$XDHScheme.class */
    private static class XDHScheme implements NamedGroupScheme {
        private static final XDHScheme instance = new XDHScheme();

        private XDHScheme() {
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public byte[] encodePossessionPublicKey(NamedGroupPossession namedGroupPossession) {
            return ((XDHKeyExchange.XDHEPossession) namedGroupPossession).encode();
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLCredentials decodeCredentials(NamedGroup namedGroup, byte[] bArr, AlgorithmConstraints algorithmConstraints, ExceptionSupplier exceptionSupplier) throws IOException, GeneralSecurityException {
            XDHKeyExchange.XDHECredentials valueOf = XDHKeyExchange.XDHECredentials.valueOf(namedGroup, bArr);
            checkConstraints(valueOf.getPublicKey(), algorithmConstraints, exceptionSupplier);
            return valueOf;
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLPossession createPossession(NamedGroup namedGroup, SecureRandom secureRandom) {
            return new XDHKeyExchange.XDHEPossession(namedGroup, secureRandom);
        }

        @Override // sun.security.ssl.NamedGroup.NamedGroupScheme
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext) throws IOException {
            return XDHKeyExchange.xdheKAGenerator.createKeyDerivation(handshakeContext);
        }
    }

    NamedGroup(int i, String str, NamedGroupSpec namedGroupSpec, ProtocolVersion[] protocolVersionArr, AlgorithmParameterSpec algorithmParameterSpec) {
        this.id = i;
        this.name = str;
        this.spec = namedGroupSpec;
        this.algorithm = namedGroupSpec.algorithm;
        this.supportedProtocols = protocolVersionArr;
        this.keAlgParamSpec = algorithmParameterSpec;
        AlgorithmParameters algorithmParameters = null;
        boolean z = algorithmParameterSpec != null;
        if (z && namedGroupSpec == NamedGroupSpec.NAMED_GROUP_ECDHE) {
            z = JsseJce.isEcAvailable();
        }
        if (z) {
            try {
                algorithmParameters = AlgorithmParameters.getInstance(namedGroupSpec.algorithm);
                algorithmParameters.init(algorithmParameterSpec);
            } catch (NoSuchAlgorithmException | InvalidParameterSpecException e) {
                if (namedGroupSpec != NamedGroupSpec.NAMED_GROUP_XDH) {
                    z = false;
                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                        SSLLogger.warning("No AlgorithmParameters for " + str, e);
                    }
                } else {
                    algorithmParameters = null;
                    try {
                        KeyAgreement.getInstance(str);
                    } catch (NoSuchAlgorithmException e2) {
                        z = false;
                        if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                            SSLLogger.warning("No AlgorithmParameters for " + str, e2);
                        }
                    }
                }
            }
        }
        this.isAvailable = z;
        this.keAlgParams = z ? algorithmParameters : null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NamedGroup valueOf(int i) {
        for (NamedGroup namedGroup : values()) {
            if (namedGroup.id == i) {
                return namedGroup;
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NamedGroup valueOf(ECParameterSpec eCParameterSpec) {
        for (NamedGroup namedGroup : values()) {
            if (namedGroup.spec == NamedGroupSpec.NAMED_GROUP_ECDHE && (eCParameterSpec == namedGroup.keAlgParamSpec || namedGroup.keAlgParamSpec == CurveDB.lookup(eCParameterSpec))) {
                return namedGroup;
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NamedGroup valueOf(DHParameterSpec dHParameterSpec) {
        for (NamedGroup namedGroup : values()) {
            if (namedGroup.spec == NamedGroupSpec.NAMED_GROUP_FFDHE) {
                DHParameterSpec dHParameterSpec2 = (DHParameterSpec) namedGroup.keAlgParamSpec;
                if (dHParameterSpec2.getP().equals(dHParameterSpec.getP()) && dHParameterSpec2.getG().equals(dHParameterSpec.getG())) {
                    return namedGroup;
                }
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NamedGroup nameOf(String str) {
        for (NamedGroup namedGroup : values()) {
            if (namedGroup.name.equals(str)) {
                return namedGroup;
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String nameOf(int i) {
        for (NamedGroup namedGroup : values()) {
            if (namedGroup.id == i) {
                return namedGroup.name;
            }
        }
        return "UNDEFINED-NAMED-GROUP(" + i + ")";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isAvailable(List<ProtocolVersion> list) {
        if (!this.isAvailable) {
            return false;
        }
        for (ProtocolVersion protocolVersion : this.supportedProtocols) {
            if (list.contains(protocolVersion)) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isAvailable(ProtocolVersion protocolVersion) {
        if (!this.isAvailable) {
            return false;
        }
        for (ProtocolVersion protocolVersion2 : this.supportedProtocols) {
            if (protocolVersion == protocolVersion2) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isSupported(List<CipherSuite> list) {
        for (CipherSuite cipherSuite : list) {
            if (isAvailable(cipherSuite.supportedProtocols) && (cipherSuite.keyExchange == null || NamedGroupSpec.arrayContains(cipherSuite.keyExchange.groupTypes, this.spec))) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isPermitted(AlgorithmConstraints algorithmConstraints) {
        return algorithmConstraints.permits(KEY_AGREEMENT_PRIMITIVE_SET, this.name, null) && algorithmConstraints.permits(KEY_AGREEMENT_PRIMITIVE_SET, this.algorithm, this.keAlgParams);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] encodePossessionPublicKey(NamedGroupPossession namedGroupPossession) {
        return this.spec.encodePossessionPublicKey(namedGroupPossession);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLCredentials decodeCredentials(byte[] bArr, AlgorithmConstraints algorithmConstraints, ExceptionSupplier exceptionSupplier) throws IOException, GeneralSecurityException {
        return this.spec.decodeCredentials(this, bArr, algorithmConstraints, exceptionSupplier);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLPossession createPossession(SecureRandom secureRandom) {
        return this.spec.createPossession(this, secureRandom);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext) throws IOException {
        return this.spec.createKeyDerivation(handshakeContext);
    }
}
