package org.jruby.ext.openssl;

import java.security.SecureRandom;
import java.util.Iterator;
import java.util.Map;
import net.bytebuddy.ClassFileVersion;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.codehaus.groovy.control.CompilerConfiguration;
import org.jruby.Ruby;
import org.jruby.RubyArray;
import org.jruby.RubyClass;
import org.jruby.RubyIO;
import org.jruby.RubyModule;
import org.jruby.RubyString;
import org.jruby.anno.JRubyMethod;
import org.jruby.anno.JRubyModule;
import org.jruby.ext.openssl.util.CryptoSecurity;
import org.jruby.runtime.ThreadContext;
import org.jruby.runtime.Visibility;
import org.jruby.runtime.builtin.IRubyObject;
import org.jruby.util.ByteList;
import org.jruby.util.SafePropertyAccessor;
import org.objenesis.strategy.PlatformDescription;

@JRubyModule(name = {"OpenSSL"})
/* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/OpenSSL.class */
public final class OpenSSL {
    private static boolean debug;
    private static boolean warn = true;
    private static boolean tryContextSecureRandom = true;

    public static void load(Ruby ruby) {
        createOpenSSL(ruby);
    }

    public static boolean isProviderAvailable() {
        return SecurityHelper.isProviderAvailable(BouncyCastleProvider.PROVIDER_NAME);
    }

    public static void createOpenSSL(Ruby ruby) {
        SecurityHelper.setRegisterProvider(SafePropertyAccessor.getBoolean("jruby.openssl.provider.register"));
        RubyModule orCreateModule = ruby.getOrCreateModule("OpenSSL");
        RubyClass standardError = ruby.getStandardError();
        RubyClass defineClassUnder = orCreateModule.defineClassUnder("OpenSSLError", standardError, standardError.getAllocator());
        orCreateModule.defineAnnotatedMethods(OpenSSL.class);
        setDebug(orCreateModule, ruby.newBoolean(SafePropertyAccessor.getBoolean("jruby.openssl.debug")));
        String property = SafePropertyAccessor.getProperty("jruby.openssl.warn");
        if (property != null) {
            warn = Boolean.parseBoolean(property);
        } else {
            warn = ruby.warningsEnabled();
        }
        ExtConfig.create(ruby, orCreateModule);
        PKey.createPKey(ruby, orCreateModule, defineClassUnder);
        BN.createBN(ruby, orCreateModule, defineClassUnder);
        Digest.createDigest(ruby, orCreateModule, defineClassUnder);
        Cipher.createCipher(ruby, orCreateModule, defineClassUnder);
        Random.createRandom(ruby, orCreateModule, defineClassUnder);
        HMAC.createHMAC(ruby, orCreateModule, defineClassUnder);
        ASN1.createASN1(ruby, orCreateModule, defineClassUnder);
        X509.createX509(ruby, orCreateModule, defineClassUnder);
        NetscapeSPKI.createNetscapeSPKI(ruby, orCreateModule, defineClassUnder);
        SSL.createSSL(ruby, orCreateModule, defineClassUnder);
        PKCS7.createPKCS7(ruby, orCreateModule, defineClassUnder);
        PKCS5.createPKCS5(ruby, orCreateModule);
        OCSP.createOCSP(ruby, orCreateModule, defineClassUnder);
        KDF.createKDF(ruby, orCreateModule, defineClassUnder);
        ruby.getLoadService().require("jopenssl/version");
        orCreateModule.setConstant("VERSION", StringHelper.newString(ruby, new byte[]{49, 46, 49, 46, 48}));
        RubyString asString = ruby.getModule("JOpenSSL").getConstantAt("VERSION").asString();
        byte[] bArr = {74, 82, 117, 98, 121, 45, 79, 112, 101, 110, 83, 83, 76, 32};
        ByteList byteList = new ByteList(asString.getByteList().getRealSize() + bArr.length);
        byteList.setEncoding(asString.getEncoding());
        byteList.append(bArr);
        byteList.append(asString.getByteList());
        RubyString newString = ruby.newString(byteList);
        orCreateModule.setConstant("OPENSSL_VERSION", newString);
        orCreateModule.setConstant("OPENSSL_VERSION_NUMBER", ruby.newFixnum(999999999));
        orCreateModule.setConstant("OPENSSL_LIBRARY_VERSION", newString);
        orCreateModule.setConstant("OPENSSL_FIPS", ruby.getFalse());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RubyClass _OpenSSLError(Ruby ruby) {
        return (RubyClass) ruby.getModule("OpenSSL").getConstantAt("OpenSSLError");
    }

    @JRubyMethod(name = {"errors"}, meta = true)
    public static IRubyObject errors(IRubyObject iRubyObject) {
        Ruby runtime = iRubyObject.getRuntime();
        RubyArray newArray = runtime.newArray();
        Iterator<Map.Entry<Integer, String>> it = X509.getErrors().entrySet().iterator();
        while (it.hasNext()) {
            newArray.add(runtime.newString(it.next().getValue()));
        }
        return newArray;
    }

    @JRubyMethod(name = {"debug"}, meta = true)
    public static IRubyObject getDebug(IRubyObject iRubyObject) {
        return (IRubyObject) getDebug((RubyModule) iRubyObject);
    }

    private static Object getDebug(RubyModule rubyModule) {
        return rubyModule.getInternalVariable("debug");
    }

    @JRubyMethod(name = {"debug="}, meta = true)
    public static IRubyObject setDebug(IRubyObject iRubyObject, IRubyObject iRubyObject2) {
        ((RubyModule) iRubyObject).setInternalVariable("debug", iRubyObject2);
        debug = iRubyObject2.isTrue();
        return iRubyObject2;
    }

    @JRubyMethod(name = {"Digest"}, meta = true)
    public static IRubyObject Digest(IRubyObject iRubyObject, IRubyObject iRubyObject2) {
        return iRubyObject.getRuntime().getModule("OpenSSL").getClass("Digest").getConstantAt(iRubyObject2.asJavaString());
    }

    @JRubyMethod(meta = true)
    public static IRubyObject deprecated_warning_flag(IRubyObject iRubyObject) {
        return iRubyObject.getRuntime().getNil();
    }

    @JRubyMethod(meta = true, rest = true)
    public static IRubyObject check_func(IRubyObject iRubyObject, IRubyObject[] iRubyObjectArr) {
        return iRubyObject.getRuntime().getNil();
    }

    @JRubyMethod(name = {"fips_mode="}, meta = true)
    public static IRubyObject set_fips_mode(ThreadContext threadContext, IRubyObject iRubyObject, IRubyObject iRubyObject2) {
        if (iRubyObject2.isTrue()) {
            warn(threadContext, "FIPS mode not supported on JRuby-OpenSSL");
        }
        return iRubyObject2;
    }

    @JRubyMethod(name = {"_disable_security_restrictions!"}, visibility = Visibility.PRIVATE, meta = true)
    public static IRubyObject _disable_security_restrictions(ThreadContext threadContext, IRubyObject iRubyObject) {
        Boolean unrestrictSecurity = CryptoSecurity.unrestrictSecurity();
        Boolean allPermissionPolicy = CryptoSecurity.setAllPermissionPolicy();
        if (unrestrictSecurity == null || allPermissionPolicy == null) {
            return threadContext.nil;
        }
        return threadContext.runtime.newBoolean(unrestrictSecurity.booleanValue() && allPermissionPolicy.booleanValue());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isDebug() {
        return debug;
    }

    public static void debugStackTrace(Throwable th) {
        if (isDebug()) {
            th.printStackTrace(System.out);
        }
    }

    public static void debug(String str) {
        if (isDebug()) {
            System.out.println(str);
        }
    }

    public static void debug(String str, Throwable th) {
        if (isDebug()) {
            System.out.println(str + ' ' + th);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isDebug(Ruby ruby) {
        RubyModule module = ruby.getModule("OpenSSL");
        return module == null ? debug : getDebug(module) == ruby.getTrue();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void debugStackTrace(Ruby ruby, Throwable th) {
        if (isDebug(ruby)) {
            th.printStackTrace(ruby.getOut());
        }
    }

    public static void debug(Ruby ruby, CharSequence charSequence) {
        if (isDebug(ruby)) {
            ruby.getOut().println(charSequence.toString());
        }
    }

    public static void debug(Ruby ruby, CharSequence charSequence, Throwable th) {
        if (isDebug(ruby)) {
            ruby.getOut().println(charSequence.toString() + ' ' + th);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void warn(ThreadContext threadContext, CharSequence charSequence) {
        if (warn) {
            warn(threadContext, RubyString.newString(threadContext.runtime, charSequence));
        }
    }

    static void warn(ThreadContext threadContext, RubyString rubyString) {
        warn(threadContext, (IRubyObject) rubyString);
    }

    static void warn(ThreadContext threadContext, IRubyObject iRubyObject) {
        if (warn) {
            threadContext.runtime.getModule("OpenSSL").callMethod(threadContext, "warn", iRubyObject);
        }
    }

    private static String javaVersion(String str, int i) {
        String property = SafePropertyAccessor.getProperty(ClassFileVersion.VersionLocator.JAVA_VERSION, str);
        if ("0".equals(property)) {
            property = "1.7.0";
        }
        return (property.length() <= i || i <= -1) ? property : property.substring(0, i);
    }

    static boolean javaVersion7(boolean z) {
        int compareTo = CompilerConfiguration.JDK7.compareTo(javaVersion("0.0", 3));
        return z ? compareTo <= 0 : compareTo == 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean javaVersion8(boolean z) {
        int compareTo = CompilerConfiguration.JDK8.compareTo(javaVersion("0.0", 3));
        return z ? compareTo <= 0 : compareTo == 0;
    }

    public static boolean javaVersion9(boolean z) {
        int parseIntDot = parseIntDot(javaVersion("0", -1));
        return z ? parseIntDot >= 9 : parseIntDot == 9;
    }

    static boolean javaVersion10(boolean z) {
        int parseIntDot = parseIntDot(javaVersion("0", -1));
        return z ? parseIntDot >= 10 : parseIntDot == 10;
    }

    private static int parseIntDot(String str) {
        try {
            return Integer.parseInt(str.split("[-_]")[0].split("\\.")[0]);
        } catch (NumberFormatException e) {
            return -1;
        }
    }

    private static String javaName(String str) {
        return SafePropertyAccessor.getProperty("java.vm.name", str);
    }

    public static boolean javaHotSpot() {
        return javaName("").contains("HotSpot(TM)");
    }

    public static boolean javaOpenJDK() {
        return javaName("").contains(PlatformDescription.OPENJDK);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecureRandom getSecureRandom(Ruby ruby) {
        return getSecureRandom(ruby, false);
    }

    static SecureRandom getSecureRandom(Ruby ruby, boolean z) {
        SecureRandom secureRandomFrom;
        if (tryContextSecureRandom && (secureRandomFrom = getSecureRandomFrom(ruby.getCurrentContext())) != null) {
            return secureRandomFrom;
        }
        if (z) {
            return null;
        }
        return new SecureRandom();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecureRandom getSecureRandomFrom(ThreadContext threadContext) {
        if (!tryContextSecureRandom) {
            return null;
        }
        try {
            SecureRandom secureRandom = threadContext.secureRandom;
            if (secureRandom == null) {
                secureRandom = (SecureRandom) threadContext.getClass().getMethod("getSecureRandom", new Class[0]).invoke(threadContext, new Object[0]);
            }
            return secureRandom;
        } catch (Throwable th) {
            tryContextSecureRandom = false;
            debug(threadContext.runtime, "JRuby-OpenSSL failed to retrieve secure random from thread-context", th);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static IRubyObject to_der_if_possible(ThreadContext threadContext, IRubyObject iRubyObject) {
        return ((iRubyObject instanceof RubyString) || (iRubyObject instanceof RubyIO)) ? iRubyObject : !iRubyObject.respondsTo("to_der") ? iRubyObject : iRubyObject.callMethod(threadContext, "to_der");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String bcExceptionMessage(Throwable th) {
        return "You need to configure JVM/classpath to enable BouncyCastle Security Provider: " + th;
    }
}
