package sun.security.ssl;

import java.io.IOException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Queue;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.locks.ReentrantLock;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.ExtendedSSLSession;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLPermission;
import javax.net.ssl.SSLSessionBindingEvent;
import javax.net.ssl.SSLSessionBindingListener;
import javax.net.ssl.SSLSessionContext;
import sun.security.x509.X509CertImpl;

/* JADX INFO: Access modifiers changed from: package-private */
/* JADX WARN: Classes with same name are omitted:
  input_file:META-INF/modules/java.base/classes/sun/security/ssl/SSLSessionImpl.class
 */
/* loaded from: input_file:WEB-INF/lib/java.base-2021-11-02.jar:META-INF/modules/java.base/classes/sun/security/ssl/SSLSessionImpl.class */
public final class SSLSessionImpl extends ExtendedSSLSession {
    private final ProtocolVersion protocolVersion;
    private final SessionId sessionId;
    private X509Certificate[] peerCerts;
    private CipherSuite cipherSuite;
    private SecretKey masterSecret;
    final boolean useExtendedMasterSecret;
    private final long creationTime;
    private long lastUsedTime;
    private final String host;
    private final int port;
    private SSLSessionContextImpl context;
    private boolean invalidated;
    private X509Certificate[] localCerts;
    private PrivateKey localPrivateKey;
    private final Collection<SignatureScheme> localSupportedSignAlgs;
    private Collection<SignatureScheme> peerSupportedSignAlgs;
    private boolean useDefaultPeerSignAlgs;
    private List<byte[]> statusResponses;
    private SecretKey resumptionMasterSecret;
    private SecretKey preSharedKey;
    private byte[] pskIdentity;
    private final long ticketCreationTime;
    private int ticketAgeAdd;
    private int negotiatedMaxFragLen;
    private int maximumPacketSize;
    private final Queue<SSLSessionImpl> childSessions;
    private boolean isSessionResumption;
    private static final boolean defaultRejoinable = true;
    final SNIServerName serverNameIndication;
    private final List<SNIServerName> requestedServerNames;
    private BigInteger ticketNonceCounter;
    private final String identificationProtocol;
    private final ReentrantLock sessionLock;
    private static final ArrayList<SignatureScheme> defaultPeerSupportedSignAlgs = new ArrayList<>(Arrays.asList(SignatureScheme.RSA_PKCS1_SHA1, SignatureScheme.DSA_SHA1, SignatureScheme.ECDSA_SHA1));
    private final ConcurrentHashMap<SecureKey, Object> boundValues;
    boolean updateNST;
    private boolean acceptLargeFragments;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSessionImpl() {
        this.lastUsedTime = 0L;
        this.useDefaultPeerSignAlgs = false;
        this.ticketCreationTime = System.currentTimeMillis();
        this.negotiatedMaxFragLen = -1;
        this.childSessions = new ConcurrentLinkedQueue();
        this.isSessionResumption = false;
        this.ticketNonceCounter = BigInteger.ONE;
        this.sessionLock = new ReentrantLock();
        this.acceptLargeFragments = Utilities.getBooleanProperty("jsse.SSLEngine.acceptLargeFragments", false);
        this.protocolVersion = ProtocolVersion.NONE;
        this.cipherSuite = CipherSuite.C_NULL;
        this.sessionId = new SessionId(false, null);
        this.host = null;
        this.port = -1;
        this.localSupportedSignAlgs = Collections.emptySet();
        this.serverNameIndication = null;
        this.requestedServerNames = Collections.emptyList();
        this.useExtendedMasterSecret = false;
        this.creationTime = System.currentTimeMillis();
        this.identificationProtocol = null;
        this.boundValues = new ConcurrentHashMap<>();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSessionImpl(HandshakeContext handshakeContext, CipherSuite cipherSuite) {
        this(handshakeContext, cipherSuite, new SessionId(true, handshakeContext.sslContext.getSecureRandom()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSessionImpl(HandshakeContext handshakeContext, CipherSuite cipherSuite, SessionId sessionId) {
        this(handshakeContext, cipherSuite, sessionId, System.currentTimeMillis());
    }

    SSLSessionImpl(HandshakeContext handshakeContext, CipherSuite cipherSuite, SessionId sessionId, long j) {
        this.lastUsedTime = 0L;
        this.useDefaultPeerSignAlgs = false;
        this.ticketCreationTime = System.currentTimeMillis();
        this.negotiatedMaxFragLen = -1;
        this.childSessions = new ConcurrentLinkedQueue();
        this.isSessionResumption = false;
        this.ticketNonceCounter = BigInteger.ONE;
        this.sessionLock = new ReentrantLock();
        this.acceptLargeFragments = Utilities.getBooleanProperty("jsse.SSLEngine.acceptLargeFragments", false);
        this.protocolVersion = handshakeContext.negotiatedProtocol;
        this.cipherSuite = cipherSuite;
        this.sessionId = sessionId;
        this.host = handshakeContext.conContext.transport.getPeerHost();
        this.port = handshakeContext.conContext.transport.getPeerPort();
        this.localSupportedSignAlgs = handshakeContext.localSupportedSignAlgs == null ? Collections.emptySet() : Collections.unmodifiableCollection(new ArrayList(handshakeContext.localSupportedSignAlgs));
        this.serverNameIndication = handshakeContext.negotiatedServerName;
        this.requestedServerNames = List.copyOf(handshakeContext.getRequestedServerNames());
        if (handshakeContext.sslConfig.isClientMode) {
            this.useExtendedMasterSecret = (handshakeContext.handshakeExtensions.get(SSLExtension.CH_EXTENDED_MASTER_SECRET) == null || handshakeContext.handshakeExtensions.get(SSLExtension.SH_EXTENDED_MASTER_SECRET) == null) ? false : true;
        } else {
            this.useExtendedMasterSecret = (handshakeContext.handshakeExtensions.get(SSLExtension.CH_EXTENDED_MASTER_SECRET) == null || handshakeContext.negotiatedProtocol.useTLS13PlusSpec()) ? false : true;
        }
        this.creationTime = j;
        this.identificationProtocol = handshakeContext.sslConfig.identificationProtocol;
        this.boundValues = new ConcurrentHashMap<>();
        if (SSLLogger.isOn && SSLLogger.isOn("session")) {
            SSLLogger.finest("Session initialized:  " + ((Object) this), new Object[0]);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSessionImpl(SSLSessionImpl sSLSessionImpl, SessionId sessionId) {
        this.lastUsedTime = 0L;
        this.useDefaultPeerSignAlgs = false;
        this.ticketCreationTime = System.currentTimeMillis();
        this.negotiatedMaxFragLen = -1;
        this.childSessions = new ConcurrentLinkedQueue();
        this.isSessionResumption = false;
        this.ticketNonceCounter = BigInteger.ONE;
        this.sessionLock = new ReentrantLock();
        this.acceptLargeFragments = Utilities.getBooleanProperty("jsse.SSLEngine.acceptLargeFragments", false);
        this.protocolVersion = sSLSessionImpl.getProtocolVersion();
        this.cipherSuite = sSLSessionImpl.cipherSuite;
        this.sessionId = sessionId;
        this.host = sSLSessionImpl.getPeerHost();
        this.port = sSLSessionImpl.getPeerPort();
        this.localSupportedSignAlgs = sSLSessionImpl.localSupportedSignAlgs == null ? Collections.emptySet() : sSLSessionImpl.localSupportedSignAlgs;
        this.peerSupportedSignAlgs = sSLSessionImpl.peerSupportedSignAlgs == null ? Collections.emptySet() : sSLSessionImpl.peerSupportedSignAlgs;
        this.serverNameIndication = sSLSessionImpl.serverNameIndication;
        this.requestedServerNames = sSLSessionImpl.getRequestedServerNames();
        this.masterSecret = sSLSessionImpl.getMasterSecret();
        this.useExtendedMasterSecret = sSLSessionImpl.useExtendedMasterSecret;
        this.creationTime = sSLSessionImpl.getCreationTime();
        this.lastUsedTime = System.currentTimeMillis();
        this.identificationProtocol = sSLSessionImpl.getIdentificationProtocol();
        this.localCerts = sSLSessionImpl.localCerts;
        this.peerCerts = sSLSessionImpl.peerCerts;
        this.statusResponses = sSLSessionImpl.statusResponses;
        this.resumptionMasterSecret = sSLSessionImpl.resumptionMasterSecret;
        this.context = sSLSessionImpl.context;
        this.negotiatedMaxFragLen = sSLSessionImpl.negotiatedMaxFragLen;
        this.maximumPacketSize = sSLSessionImpl.maximumPacketSize;
        this.boundValues = sSLSessionImpl.boundValues;
        if (SSLLogger.isOn && SSLLogger.isOn("session")) {
            SSLLogger.finest("Session initialized:  " + ((Object) this), new Object[0]);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSessionImpl(HandshakeContext handshakeContext, ByteBuffer byteBuffer) throws IOException {
        this.lastUsedTime = 0L;
        this.useDefaultPeerSignAlgs = false;
        this.ticketCreationTime = System.currentTimeMillis();
        this.negotiatedMaxFragLen = -1;
        this.childSessions = new ConcurrentLinkedQueue();
        this.isSessionResumption = false;
        this.ticketNonceCounter = BigInteger.ONE;
        this.sessionLock = new ReentrantLock();
        this.acceptLargeFragments = Utilities.getBooleanProperty("jsse.SSLEngine.acceptLargeFragments", false);
        this.boundValues = new ConcurrentHashMap<>();
        this.protocolVersion = ProtocolVersion.valueOf(Short.toUnsignedInt(byteBuffer.getShort()));
        this.sessionId = new SessionId(true, handshakeContext.sslContext.getSecureRandom());
        this.cipherSuite = CipherSuite.valueOf(Short.toUnsignedInt(byteBuffer.getShort()));
        ArrayList arrayList = new ArrayList();
        int unsignedInt = Byte.toUnsignedInt(byteBuffer.get());
        while (true) {
            int i = unsignedInt;
            unsignedInt--;
            if (i <= 0) {
                break;
            } else {
                arrayList.add(SignatureScheme.valueOf(Short.toUnsignedInt(byteBuffer.getShort())));
            }
        }
        this.localSupportedSignAlgs = Collections.unmodifiableCollection(arrayList);
        int unsignedInt2 = Byte.toUnsignedInt(byteBuffer.get());
        arrayList.clear();
        while (true) {
            int i2 = unsignedInt2;
            unsignedInt2--;
            if (i2 <= 0) {
                break;
            } else {
                arrayList.add(SignatureScheme.valueOf(Short.toUnsignedInt(byteBuffer.getShort())));
            }
        }
        this.peerSupportedSignAlgs = Collections.unmodifiableCollection(arrayList);
        int unsignedInt3 = Short.toUnsignedInt(byteBuffer.getShort());
        if (unsignedInt3 > 0) {
            byteBuffer.get(new byte[unsignedInt3], 0, unsignedInt3);
            byte[] bArr = new byte[Short.toUnsignedInt(byteBuffer.getShort())];
            byteBuffer.get(bArr);
            this.preSharedKey = new SecretKeySpec(bArr, "TlsMasterSecret");
        } else {
            this.preSharedKey = null;
        }
        int i3 = byteBuffer.get();
        if (i3 > 0) {
            byte[] bArr2 = new byte[i3];
            byteBuffer.get(bArr2);
            this.pskIdentity = bArr2;
        } else {
            this.pskIdentity = null;
        }
        int i4 = byteBuffer.get();
        if (i4 > 0) {
            byteBuffer.get(new byte[i4], 0, i4);
            byte[] bArr3 = new byte[Short.toUnsignedInt(byteBuffer.getShort())];
            byteBuffer.get(bArr3);
            this.masterSecret = new SecretKeySpec(bArr3, "TlsMasterSecret");
        } else {
            this.masterSecret = null;
        }
        this.useExtendedMasterSecret = byteBuffer.get() != 0;
        int i5 = byteBuffer.get();
        if (i5 == 0) {
            this.identificationProtocol = null;
        } else {
            byte[] bArr4 = new byte[i5];
            byteBuffer.get(bArr4);
            this.identificationProtocol = new String(bArr4);
        }
        int i6 = byteBuffer.get();
        if (i6 == 0) {
            this.serverNameIndication = null;
        } else {
            byte[] bArr5 = new byte[i6];
            byteBuffer.get(bArr5, 0, bArr5.length);
            this.serverNameIndication = new SNIHostName(bArr5);
        }
        int unsignedInt4 = Short.toUnsignedInt(byteBuffer.getShort());
        if (unsignedInt4 == 0) {
            this.requestedServerNames = Collections.emptyList();
        } else {
            this.requestedServerNames = new ArrayList();
            while (unsignedInt4 > 0) {
                int i7 = byteBuffer.get();
                byte[] bArr6 = new byte[i7];
                byteBuffer.get(bArr6, 0, i7);
                this.requestedServerNames.add(new SNIHostName(new String(bArr6)));
                unsignedInt4--;
            }
        }
        this.maximumPacketSize = byteBuffer.getInt();
        this.negotiatedMaxFragLen = byteBuffer.getInt();
        this.creationTime = byteBuffer.getLong();
        int unsignedInt5 = Short.toUnsignedInt(byteBuffer.getShort());
        if (unsignedInt5 == 0) {
            this.statusResponses = Collections.emptyList();
        } else {
            this.statusResponses = new ArrayList();
        }
        while (true) {
            int i8 = unsignedInt5;
            unsignedInt5--;
            if (i8 <= 0) {
                break;
            }
            byte[] bArr7 = new byte[Short.toUnsignedInt(byteBuffer.getShort())];
            byteBuffer.get(bArr7);
            this.statusResponses.add(bArr7);
        }
        int unsignedInt6 = Byte.toUnsignedInt(byteBuffer.get());
        if (unsignedInt6 == 0) {
            this.host = new String();
        } else {
            byte[] bArr8 = new byte[unsignedInt6];
            byteBuffer.get(bArr8, 0, unsignedInt6);
            this.host = new String(bArr8);
        }
        this.port = Short.toUnsignedInt(byteBuffer.getShort());
        int i9 = byteBuffer.get();
        if (i9 == 0) {
            this.peerCerts = null;
        } else {
            this.peerCerts = new X509Certificate[i9];
            for (int i10 = 0; i9 > i10; i10++) {
                byte[] bArr9 = new byte[byteBuffer.getInt()];
                byteBuffer.get(bArr9);
                try {
                    this.peerCerts[i10] = new X509CertImpl(bArr9);
                } catch (Exception e) {
                    throw new IOException(e);
                }
            }
        }
        switch (byteBuffer.get()) {
            case 0:
                break;
            case 1:
                int i11 = byteBuffer.get();
                this.localCerts = new X509Certificate[i11];
                for (int i12 = 0; i11 > i12; i12++) {
                    byte[] bArr10 = new byte[byteBuffer.getInt()];
                    byteBuffer.get(bArr10);
                    try {
                        this.localCerts[i12] = new X509CertImpl(bArr10);
                    } catch (Exception e2) {
                        throw new IOException(e2);
                    }
                }
                break;
            case 2:
                int i13 = byteBuffer.get();
                byte[] bArr11 = new byte[i13];
                byteBuffer.get(bArr11, 0, i13);
                String str = new String(bArr11);
                byte[] bArr12 = new byte[Short.toUnsignedInt(byteBuffer.getShort())];
                byteBuffer.get(bArr12);
                this.preSharedKey = new SecretKeySpec(bArr12, str);
                this.pskIdentity = new byte[byteBuffer.get()];
                byteBuffer.get(this.pskIdentity);
                break;
            default:
                throw new SSLException("Failed local certs of session.");
        }
        this.context = (SSLSessionContextImpl) handshakeContext.sslContext.engineGetServerSessionContext();
        this.lastUsedTime = System.currentTimeMillis();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isStatelessable() {
        if (!this.protocolVersion.useTLS13PlusSpec() && getMasterSecret().getEncoded() == null) {
            if (!SSLLogger.isOn || !SSLLogger.isOn("ssl,handshake")) {
                return false;
            }
            SSLLogger.finest("No MasterSecret, cannot make stateless ticket", new Object[0]);
            return false;
        }
        if (this.boundValues == null || this.boundValues.size() <= 0) {
            return true;
        }
        if (!SSLLogger.isOn || !SSLLogger.isOn("ssl,handshake")) {
            return false;
        }
        SSLLogger.finest("There are boundValues, cannot make stateless ticket", new Object[0]);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] write() throws Exception {
        HandshakeOutStream handshakeOutStream = new HandshakeOutStream(null);
        handshakeOutStream.putInt16(this.protocolVersion.id);
        handshakeOutStream.putInt16(this.cipherSuite.id);
        handshakeOutStream.putInt8(this.localSupportedSignAlgs.size());
        Iterator<SignatureScheme> iterator2 = this.localSupportedSignAlgs.iterator2();
        while (iterator2.hasNext()) {
            handshakeOutStream.putInt16(iterator2.next().id);
        }
        handshakeOutStream.putInt8(this.peerSupportedSignAlgs.size());
        Iterator<SignatureScheme> iterator22 = this.peerSupportedSignAlgs.iterator2();
        while (iterator22.hasNext()) {
            handshakeOutStream.putInt16(iterator22.next().id);
        }
        if (this.preSharedKey == null || this.preSharedKey.getAlgorithm() == null) {
            handshakeOutStream.putInt16(0);
        } else {
            handshakeOutStream.putInt16(this.preSharedKey.getAlgorithm().length());
            if (this.preSharedKey.getAlgorithm().length() != 0) {
                handshakeOutStream.write(this.preSharedKey.getAlgorithm().getBytes());
            }
            byte[] encoded = this.preSharedKey.getEncoded();
            handshakeOutStream.putInt16(encoded.length);
            handshakeOutStream.write(encoded, 0, encoded.length);
        }
        if (this.pskIdentity == null) {
            handshakeOutStream.putInt8(0);
        } else {
            handshakeOutStream.putInt8(this.pskIdentity.length);
            handshakeOutStream.write(this.pskIdentity, 0, this.pskIdentity.length);
        }
        if (getMasterSecret() == null || getMasterSecret().getAlgorithm() == null) {
            handshakeOutStream.putInt8(0);
        } else {
            handshakeOutStream.putInt8(getMasterSecret().getAlgorithm().length());
            if (getMasterSecret().getAlgorithm().length() != 0) {
                handshakeOutStream.write(getMasterSecret().getAlgorithm().getBytes());
            }
            byte[] encoded2 = getMasterSecret().getEncoded();
            handshakeOutStream.putInt16(encoded2.length);
            handshakeOutStream.write(encoded2, 0, encoded2.length);
        }
        handshakeOutStream.putInt8(this.useExtendedMasterSecret ? 1 : 0);
        if (this.identificationProtocol == null) {
            handshakeOutStream.putInt8(0);
        } else {
            handshakeOutStream.putInt8(this.identificationProtocol.length());
            handshakeOutStream.write(this.identificationProtocol.getBytes(), 0, this.identificationProtocol.length());
        }
        if (this.serverNameIndication == null) {
            handshakeOutStream.putInt8(0);
        } else {
            byte[] encoded3 = this.serverNameIndication.getEncoded();
            handshakeOutStream.putInt8(encoded3.length);
            handshakeOutStream.write(encoded3, 0, encoded3.length);
        }
        handshakeOutStream.putInt16(this.requestedServerNames.size());
        if (this.requestedServerNames.size() > 0) {
            Iterator<SNIServerName> iterator23 = this.requestedServerNames.iterator2();
            while (iterator23.hasNext()) {
                byte[] encoded4 = iterator23.next().getEncoded();
                handshakeOutStream.putInt8(encoded4.length);
                handshakeOutStream.write(encoded4, 0, encoded4.length);
            }
        }
        handshakeOutStream.putInt32(this.maximumPacketSize);
        handshakeOutStream.putInt32(this.negotiatedMaxFragLen);
        handshakeOutStream.writeBytes(ByteBuffer.allocate(8).putLong(this.creationTime).array());
        List<byte[]> statusResponses = getStatusResponses();
        handshakeOutStream.putInt16(statusResponses.size());
        for (byte[] bArr : statusResponses) {
            handshakeOutStream.putInt16(bArr.length);
            handshakeOutStream.write(bArr);
        }
        if (this.host == null || this.host.length() == 0) {
            handshakeOutStream.putInt8(0);
        } else {
            handshakeOutStream.putInt8(this.host.length());
            handshakeOutStream.writeBytes(this.host.getBytes());
        }
        handshakeOutStream.putInt16(this.port);
        if (this.peerCerts == null || this.peerCerts.length == 0) {
            handshakeOutStream.putInt8(0);
        } else {
            handshakeOutStream.putInt8(this.peerCerts.length);
            for (X509Certificate x509Certificate : this.peerCerts) {
                byte[] encoded5 = x509Certificate.getEncoded();
                handshakeOutStream.putInt32(encoded5.length);
                handshakeOutStream.writeBytes(encoded5);
            }
        }
        if (this.localCerts != null && this.localCerts.length > 0) {
            handshakeOutStream.putInt8(1);
            handshakeOutStream.putInt8(this.localCerts.length);
            for (X509Certificate x509Certificate2 : this.localCerts) {
                byte[] encoded6 = x509Certificate2.getEncoded();
                handshakeOutStream.putInt32(encoded6.length);
                handshakeOutStream.writeBytes(encoded6);
            }
        } else if (this.preSharedKey != null) {
            handshakeOutStream.putInt8(2);
            handshakeOutStream.putInt8(this.preSharedKey.getAlgorithm().length());
            handshakeOutStream.write(this.preSharedKey.getAlgorithm().getBytes());
            byte[] encoded7 = this.preSharedKey.getEncoded();
            handshakeOutStream.putInt32(encoded7.length);
            handshakeOutStream.writeBytes(encoded7);
            handshakeOutStream.putInt32(this.pskIdentity.length);
            handshakeOutStream.writeBytes(this.pskIdentity);
        } else {
            handshakeOutStream.putInt8(0);
        }
        return handshakeOutStream.toByteArray();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setMasterSecret(SecretKey secretKey) {
        this.masterSecret = secretKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setResumptionMasterSecret(SecretKey secretKey) {
        this.resumptionMasterSecret = secretKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPreSharedKey(SecretKey secretKey) {
        this.preSharedKey = secretKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addChild(SSLSessionImpl sSLSessionImpl) {
        this.childSessions.add(sSLSessionImpl);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setTicketAgeAdd(int i) {
        this.ticketAgeAdd = i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPskIdentity(byte[] bArr) {
        this.pskIdentity = bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger incrTicketNonceCounter() {
        BigInteger bigInteger = this.ticketNonceCounter;
        this.ticketNonceCounter = this.ticketNonceCounter.add(BigInteger.ONE);
        return bigInteger;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isPSKable() {
        return this.ticketNonceCounter.compareTo(BigInteger.ZERO) > 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey getMasterSecret() {
        return this.masterSecret;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey getResumptionMasterSecret() {
        return this.resumptionMasterSecret;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey getPreSharedKey() {
        this.sessionLock.lock();
        try {
            return this.preSharedKey;
        } finally {
            this.sessionLock.unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey consumePreSharedKey() {
        this.sessionLock.lock();
        try {
            return this.preSharedKey;
        } finally {
            this.preSharedKey = null;
            this.sessionLock.unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getTicketAgeAdd() {
        return this.ticketAgeAdd;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getIdentificationProtocol() {
        return this.identificationProtocol;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] consumePskIdentity() {
        this.sessionLock.lock();
        try {
            return this.pskIdentity;
        } finally {
            this.pskIdentity = null;
            this.sessionLock.unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getPskIdentity() {
        return this.pskIdentity;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPeerCertificates(X509Certificate[] x509CertificateArr) {
        if (this.peerCerts == null) {
            this.peerCerts = x509CertificateArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setLocalCertificates(X509Certificate[] x509CertificateArr) {
        this.localCerts = x509CertificateArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setLocalPrivateKey(PrivateKey privateKey) {
        this.localPrivateKey = privateKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPeerSupportedSignatureAlgorithms(Collection<SignatureScheme> collection) {
        this.peerSupportedSignAlgs = collection;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setUseDefaultPeerSignAlgs() {
        this.useDefaultPeerSignAlgs = true;
        this.peerSupportedSignAlgs = defaultPeerSupportedSignAlgs;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSessionImpl finish() {
        if (this.useDefaultPeerSignAlgs) {
            this.peerSupportedSignAlgs = Collections.emptySet();
        }
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setStatusResponses(List<byte[]> list) {
        if (list == null || list.isEmpty()) {
            this.statusResponses = Collections.emptyList();
        } else {
            this.statusResponses = list;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isRejoinable() {
        return this.protocolVersion.useTLS13PlusSpec() ? !this.invalidated && isLocalAuthenticationValid() : (this.sessionId == null || this.sessionId.length() == 0 || this.invalidated || !isLocalAuthenticationValid()) ? false : true;
    }

    @Override // javax.net.ssl.SSLSession
    public boolean isValid() {
        this.sessionLock.lock();
        try {
            return isRejoinable();
        } finally {
            this.sessionLock.unlock();
        }
    }

    private boolean isLocalAuthenticationValid() {
        if (this.localPrivateKey == null) {
            return true;
        }
        try {
            this.localPrivateKey.getAlgorithm();
            return true;
        } catch (Exception e) {
            invalidate();
            return false;
        }
    }

    @Override // javax.net.ssl.SSLSession
    public byte[] getId() {
        return this.sessionId.getId();
    }

    @Override // javax.net.ssl.SSLSession
    public SSLSessionContext getSessionContext() {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new SSLPermission("getSSLSessionContext"));
        }
        return this.context;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SessionId getSessionId() {
        return this.sessionId;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CipherSuite getSuite() {
        return this.cipherSuite;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSuite(CipherSuite cipherSuite) {
        this.cipherSuite = cipherSuite;
        if (SSLLogger.isOn && SSLLogger.isOn("session")) {
            SSLLogger.finest("Negotiating session:  " + ((Object) this), new Object[0]);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isSessionResumption() {
        return this.isSessionResumption;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setAsSessionResumption(boolean z) {
        this.isSessionResumption = z;
    }

    @Override // javax.net.ssl.SSLSession
    public String getCipherSuite() {
        return getSuite().name;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProtocolVersion getProtocolVersion() {
        return this.protocolVersion;
    }

    @Override // javax.net.ssl.SSLSession
    public String getProtocol() {
        return getProtocolVersion().name;
    }

    public int hashCode() {
        return this.sessionId.hashCode();
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (obj instanceof SSLSessionImpl) {
            return this.sessionId != null && this.sessionId.equals(((SSLSessionImpl) obj).getSessionId());
        }
        return false;
    }

    @Override // javax.net.ssl.SSLSession
    public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {
        if (this.peerCerts == null) {
            throw new SSLPeerUnverifiedException("peer not authenticated");
        }
        return (Certificate[]) this.peerCerts.clone();
    }

    @Override // javax.net.ssl.SSLSession
    public Certificate[] getLocalCertificates() {
        if (this.localCerts == null) {
            return null;
        }
        return (Certificate[]) this.localCerts.clone();
    }

    public X509Certificate[] getCertificateChain() throws SSLPeerUnverifiedException {
        if (this.peerCerts != null) {
            return (X509Certificate[]) this.peerCerts.clone();
        }
        throw new SSLPeerUnverifiedException("peer not authenticated");
    }

    @Override // javax.net.ssl.ExtendedSSLSession
    public List<byte[]> getStatusResponses() {
        if (this.statusResponses == null || this.statusResponses.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(this.statusResponses.size());
        Iterator<byte[]> iterator2 = this.statusResponses.iterator2();
        while (iterator2.hasNext()) {
            arrayList.add((byte[]) iterator2.next().clone());
        }
        return Collections.unmodifiableList(arrayList);
    }

    @Override // javax.net.ssl.SSLSession
    public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
        if (this.peerCerts == null) {
            throw new SSLPeerUnverifiedException("peer not authenticated");
        }
        return this.peerCerts[0].getSubjectX500Principal();
    }

    @Override // javax.net.ssl.SSLSession
    public Principal getLocalPrincipal() {
        if (this.localCerts == null || this.localCerts.length == 0) {
            return null;
        }
        return this.localCerts[0].getSubjectX500Principal();
    }

    public long getTicketCreationTime() {
        return this.ticketCreationTime;
    }

    @Override // javax.net.ssl.SSLSession
    public long getCreationTime() {
        return this.creationTime;
    }

    @Override // javax.net.ssl.SSLSession
    public long getLastAccessedTime() {
        return this.lastUsedTime != 0 ? this.lastUsedTime : this.creationTime;
    }

    void setLastAccessedTime(long j) {
        this.lastUsedTime = j;
    }

    public InetAddress getPeerAddress() {
        try {
            return InetAddress.getByName(this.host);
        } catch (UnknownHostException e) {
            return null;
        }
    }

    @Override // javax.net.ssl.SSLSession
    public String getPeerHost() {
        return this.host;
    }

    @Override // javax.net.ssl.SSLSession
    public int getPeerPort() {
        return this.port;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setContext(SSLSessionContextImpl sSLSessionContextImpl) {
        if (this.context == null) {
            this.context = sSLSessionContextImpl;
        }
    }

    @Override // javax.net.ssl.SSLSession
    public void invalidate() {
        this.sessionLock.lock();
        try {
            if (this.context != null) {
                this.context.remove(this.sessionId);
                this.context = null;
            }
            if (this.invalidated) {
                return;
            }
            this.invalidated = true;
            if (SSLLogger.isOn && SSLLogger.isOn("session")) {
                SSLLogger.finest("Invalidated session:  " + ((Object) this), new Object[0]);
            }
            Iterator<SSLSessionImpl> it = this.childSessions.iterator2();
            while (it.hasNext()) {
                it.next().invalidate();
            }
        } finally {
            this.sessionLock.unlock();
        }
    }

    @Override // javax.net.ssl.SSLSession
    public void putValue(String str, Object obj) {
        if (str == null || obj == null) {
            throw new IllegalArgumentException("arguments can not be null");
        }
        Object put = this.boundValues.put(new SecureKey(str), obj);
        if (put instanceof SSLSessionBindingListener) {
            ((SSLSessionBindingListener) put).valueUnbound(new SSLSessionBindingEvent(this, str));
        }
        if (obj instanceof SSLSessionBindingListener) {
            ((SSLSessionBindingListener) obj).valueBound(new SSLSessionBindingEvent(this, str));
        }
        if (this.protocolVersion.useTLS13PlusSpec()) {
            this.updateNST = true;
        }
    }

    @Override // javax.net.ssl.SSLSession
    public Object getValue(String str) {
        if (str == null) {
            throw new IllegalArgumentException("argument can not be null");
        }
        return this.boundValues.get(new SecureKey(str));
    }

    @Override // javax.net.ssl.SSLSession
    public void removeValue(String str) {
        if (str == null) {
            throw new IllegalArgumentException("argument can not be null");
        }
        Object remove = this.boundValues.remove(new SecureKey(str));
        if (remove instanceof SSLSessionBindingListener) {
            ((SSLSessionBindingListener) remove).valueUnbound(new SSLSessionBindingEvent(this, str));
        }
        if (this.protocolVersion.useTLS13PlusSpec()) {
            this.updateNST = true;
        }
    }

    @Override // javax.net.ssl.SSLSession
    public String[] getValueNames() {
        ArrayList arrayList = new ArrayList();
        Object currentSecurityContext = SecureKey.getCurrentSecurityContext();
        Enumeration<SecureKey> keys = this.boundValues.keys();
        while (keys.hasMoreElements()) {
            SecureKey nextElement = keys.nextElement();
            if (currentSecurityContext.equals(nextElement.getSecurityContext())) {
                arrayList.add(nextElement.getAppKey());
            }
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void expandBufferSizes() {
        this.sessionLock.lock();
        try {
            this.acceptLargeFragments = true;
        } finally {
            this.sessionLock.unlock();
        }
    }

    @Override // javax.net.ssl.SSLSession
    public int getPacketBufferSize() {
        this.sessionLock.lock();
        try {
            int i = 0;
            if (this.negotiatedMaxFragLen > 0) {
                i = this.cipherSuite.calculatePacketSize(this.negotiatedMaxFragLen, this.protocolVersion, this.protocolVersion.isDTLS);
            }
            if (this.maximumPacketSize > 0) {
                return this.maximumPacketSize > i ? this.maximumPacketSize : i;
            }
            if (i != 0) {
                return i;
            }
            if (this.protocolVersion.isDTLS) {
                return DTLSRecord.maxRecordSize;
            }
            return this.acceptLargeFragments ? SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize;
        } finally {
            this.sessionLock.unlock();
        }
    }

    @Override // javax.net.ssl.SSLSession
    public int getApplicationBufferSize() {
        this.sessionLock.lock();
        try {
            int i = 0;
            if (this.maximumPacketSize > 0) {
                i = this.cipherSuite.calculateFragSize(this.maximumPacketSize, this.protocolVersion, this.protocolVersion.isDTLS);
            }
            if (this.negotiatedMaxFragLen > 0) {
                return this.negotiatedMaxFragLen > i ? this.negotiatedMaxFragLen : i;
            }
            if (i != 0) {
                int i2 = i;
                this.sessionLock.unlock();
                return i2;
            }
            if (this.protocolVersion.isDTLS) {
                this.sessionLock.unlock();
                return 16384;
            }
            int i3 = (this.acceptLargeFragments ? SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize) - 5;
            this.sessionLock.unlock();
            return i3;
        } finally {
            this.sessionLock.unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setNegotiatedMaxFragSize(int i) {
        this.sessionLock.lock();
        try {
            this.negotiatedMaxFragLen = i;
        } finally {
            this.sessionLock.unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getNegotiatedMaxFragSize() {
        this.sessionLock.lock();
        try {
            return this.negotiatedMaxFragLen;
        } finally {
            this.sessionLock.unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setMaximumPacketSize(int i) {
        this.sessionLock.lock();
        try {
            this.maximumPacketSize = i;
        } finally {
            this.sessionLock.unlock();
        }
    }

    int getMaximumPacketSize() {
        this.sessionLock.lock();
        try {
            return this.maximumPacketSize;
        } finally {
            this.sessionLock.unlock();
        }
    }

    @Override // javax.net.ssl.ExtendedSSLSession
    public String[] getLocalSupportedSignatureAlgorithms() {
        return SignatureScheme.getAlgorithmNames(this.localSupportedSignAlgs);
    }

    public Collection<SignatureScheme> getLocalSupportedSignatureSchemes() {
        return this.localSupportedSignAlgs;
    }

    @Override // javax.net.ssl.ExtendedSSLSession
    public String[] getPeerSupportedSignatureAlgorithms() {
        return SignatureScheme.getAlgorithmNames(this.peerSupportedSignAlgs);
    }

    @Override // javax.net.ssl.ExtendedSSLSession
    public List<SNIServerName> getRequestedServerNames() {
        return this.requestedServerNames;
    }

    public String toString() {
        return "Session(" + this.creationTime + "|" + getCipherSuite() + ")";
    }
}
