package by.avest.net.tls;

import by.avest.crypto.provider.Destroyable;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Principal;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.util.WeakHashMap;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.TimeUnit;
import javax.crypto.SecretKey;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.security.cert.CertificateException;
import javax.security.cert.X509Certificate;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:by/avest/net/tls/SSLSession.class */
public class SSLSession implements javax.net.ssl.SSLSession {
    private static ScheduledExecutorService executor = Executors.newSingleThreadScheduledExecutor(new DaemonThreadFactory());
    static final SSLSession NULL = new SSLSession(null, -1);
    private String peerHost;
    private int peerPort;
    private long lastRestartTime;
    private ID id;
    private ProtocolVersion protocolVersion;
    private CipherSuite cipherSuite;
    private CompressionMethod compressionMethod;
    private PreMasterSecret preMasterSecret;
    private SecretKey masterSecret;
    private java.security.cert.Certificate[] peerCertificates;
    private java.security.cert.Certificate[] localCertificates;
    private SSLSessionContext sessionContext;
    private ScheduledFuture<?> future;
    private Map<SSLSocket, Boolean> sockets = new WeakHashMap();
    private long creationTime = System.currentTimeMillis();
    private long lastAccessedTime = this.creationTime;
    private boolean valid = true;

    /* loaded from: input_file:by/avest/net/tls/SSLSession$DaemonThreadFactory.class */
    static class DaemonThreadFactory implements ThreadFactory {
        DaemonThreadFactory() {
        }

        @Override // java.util.concurrent.ThreadFactory
        public Thread newThread(Runnable runnable) {
            Thread thread = new Thread(runnable, "AvTLSJava session watcher");
            thread.setDaemon(true);
            return thread;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:by/avest/net/tls/SSLSession$ID.class */
    public static class ID implements Constructed {
        private byte[] id;

        private static int hashCode(byte[] bArr) {
            if (bArr == null) {
                return 0;
            }
            int i = 1;
            for (byte b : bArr) {
                i = (31 * i) + b;
            }
            return i;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public ID() {
            this(null);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public ID(byte[] bArr) {
            if (bArr == null) {
                this.id = new byte[0];
            } else {
                this.id = (byte[]) bArr.clone();
            }
        }

        @Override // by.avest.net.tls.Constructed
        public void write(OutputStream outputStream) throws IOException {
            outputStream.write(this.id.length);
            outputStream.write(this.id);
        }

        public static ID read(InputStream inputStream) throws IOException {
            int read = inputStream.read() & 255;
            Util.checkAvailable(read, inputStream);
            byte[] bArr = new byte[read];
            inputStream.read(bArr);
            return new ID(bArr);
        }

        public boolean isEmpty() {
            return this.id == null || this.id.length == 0;
        }

        public byte[] getId() {
            return (byte[]) this.id.clone();
        }

        public String toString() {
            return Util.toHexString(this.id, ' ');
        }

        public int hashCode() {
            return (31 * 1) + hashCode(this.id);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            return obj != null && (obj instanceof ID) && Arrays.equals(this.id, ((ID) obj).id);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:by/avest/net/tls/SSLSession$SessionWatcherJob.class */
    public static final class SessionWatcherJob implements Runnable {
        private SSLSession session;

        public SessionWatcherJob(SSLSession sSLSession) {
            this.session = sSLSession;
        }

        @Override // java.lang.Runnable
        public void run() {
            if (Util.isDebug()) {
                Util.log("Session timeout action performed.");
            }
            this.session.invalidateInternal();
            if (Util.isDebug()) {
                Util.log("Expired session ID: " + Util.toHexString(this.session.getId(), ' ') + ".");
            }
            if (Util.isDebug()) {
                Util.log("Session invalidated and removed from context.");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSession(String str, int i) {
        this.peerHost = str;
        this.peerPort = i;
    }

    @Override // javax.net.ssl.SSLSession
    public long getCreationTime() {
        return this.creationTime;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setId(ID id) {
        this.id = id;
    }

    @Override // javax.net.ssl.SSLSession
    public byte[] getId() {
        if (this.id != null) {
            return this.id.getId();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ID getIdInt() {
        return this.id;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setMasterSecret(SecretKey secretKey) {
        this.masterSecret = secretKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey getMasterSecret() {
        return this.masterSecret;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPreMasterSecret(PreMasterSecret preMasterSecret) {
        this.preMasterSecret = preMasterSecret;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PreMasterSecret getPreMasterSecret() {
        return this.preMasterSecret;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPeerCertificates(java.security.cert.Certificate[] certificateArr) {
        this.peerCertificates = certificateArr;
    }

    @Override // javax.net.ssl.SSLSession
    public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException {
        if (isPeerUnverified()) {
            throw new SSLPeerUnverifiedException("Peer's identity has not been verified.");
        }
        ArrayList arrayList = new ArrayList();
        for (java.security.cert.Certificate certificate : this.peerCertificates) {
            try {
                arrayList.add(Util.convert(certificate));
            } catch (CertificateEncodingException e) {
                throw new AvTLSProviderException(e);
            } catch (CertificateException e2) {
                throw new AvTLSProviderException(e2);
            }
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    private boolean isPeerUnverified() {
        return this.peerCertificates == null;
    }

    @Override // javax.net.ssl.SSLSession
    public java.security.cert.Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {
        if (isPeerUnverified()) {
            throw new SSLPeerUnverifiedException("Peer's identity has not been verified.");
        }
        return this.peerCertificates;
    }

    @Override // javax.net.ssl.SSLSession
    public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
        if (isPeerUnverified()) {
            throw new SSLPeerUnverifiedException("Peer's identity has not been verified.");
        }
        if ((this.peerCertificates[0] instanceof java.security.cert.X509Certificate) || (this.peerCertificates[0] instanceof java.security.cert.X509Certificate)) {
            return ((java.security.cert.X509Certificate) this.peerCertificates[0]).getSubjectX500Principal();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCipherSuite(CipherSuite cipherSuite) {
        this.cipherSuite = cipherSuite;
    }

    @Override // javax.net.ssl.SSLSession
    public String getCipherSuite() {
        return this.cipherSuite.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CipherSuite getCipherSuiteInt() {
        return this.cipherSuite;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCompressionMethod(CompressionMethod compressionMethod) {
        this.compressionMethod = compressionMethod;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CompressionMethod getCompressionMethod() {
        return this.compressionMethod;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setProtocolVersion(ProtocolVersion protocolVersion) {
        this.protocolVersion = protocolVersion;
    }

    @Override // javax.net.ssl.SSLSession
    public String getProtocol() {
        return this.protocolVersion.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProtocolVersion getProtocolVersion() {
        return this.protocolVersion;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setLocalCertificates(java.security.cert.Certificate[] certificateArr) {
        this.localCertificates = certificateArr;
    }

    @Override // javax.net.ssl.SSLSession
    public java.security.cert.Certificate[] getLocalCertificates() {
        return this.localCertificates;
    }

    @Override // javax.net.ssl.SSLSession
    public Principal getLocalPrincipal() {
        if (this.localCertificates == null || this.localCertificates.length == 0 || !(this.localCertificates[0] instanceof java.security.cert.X509Certificate)) {
            return null;
        }
        return ((java.security.cert.X509Certificate) this.localCertificates[0]).getSubjectX500Principal();
    }

    @Override // javax.net.ssl.SSLSession
    public String getPeerHost() {
        return this.peerHost;
    }

    @Override // javax.net.ssl.SSLSession
    public int getPeerPort() {
        return this.peerPort;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSessionContext(javax.net.ssl.SSLSessionContext sSLSessionContext) throws SSLHandshakeException {
        if (!(sSLSessionContext instanceof SSLSessionContext)) {
            throw new SSLHandshakeException("Unsupported SSLSessionContext instance.");
        }
        this.sessionContext = (SSLSessionContext) sSLSessionContext;
    }

    @Override // javax.net.ssl.SSLSession
    public javax.net.ssl.SSLSessionContext getSessionContext() {
        return this.sessionContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void touch() {
        this.lastAccessedTime = System.currentTimeMillis();
    }

    @Override // javax.net.ssl.SSLSession
    public long getLastAccessedTime() {
        return this.lastAccessedTime;
    }

    @Override // javax.net.ssl.SSLSession
    public int getPacketBufferSize() {
        return 16384;
    }

    @Override // javax.net.ssl.SSLSession
    public int getApplicationBufferSize() {
        return 16384;
    }

    @Override // javax.net.ssl.SSLSession
    public Object getValue(String str) {
        return null;
    }

    @Override // javax.net.ssl.SSLSession
    public String[] getValueNames() {
        return null;
    }

    @Override // javax.net.ssl.SSLSession
    public void putValue(String str, Object obj) {
    }

    @Override // javax.net.ssl.SSLSession
    public void removeValue(String str) {
    }

    @Override // javax.net.ssl.SSLSession
    public synchronized boolean isValid() {
        return this.valid;
    }

    @Override // javax.net.ssl.SSLSession
    public synchronized void invalidate() {
        if (Util.isDebug()) {
            Util.log("Session invalidate, ID: " + Util.toHexString(getId(), ' ') + ".");
        }
        stopTimer();
        invalidateInternal();
        if (Util.isDebug()) {
            Util.log("Session invalidated.");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void invalidateInternal() {
        this.valid = false;
        if (this.sessionContext != null) {
            this.sessionContext.removeSession(this);
            this.sessionContext = null;
        }
        synchronized (this.sockets) {
            int size = this.sockets.size();
            if (size == 0) {
                destroyMasterSecret();
            } else if (Util.isDebug()) {
                Util.log("Session master secret destroy pending. Clients still using this session: " + size);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void destroyMasterSecret() {
        if (this.masterSecret instanceof Destroyable) {
            if (Util.isDebug()) {
                Util.log("Session master secret destroy.");
            }
            ((Destroyable) this.masterSecret).destroy();
            this.masterSecret = null;
            if (Util.isDebug()) {
                Util.log("Session master secret destroyed.");
            }
        }
    }

    synchronized void startTimer(long j) {
        if (Util.isDebug()) {
            Util.log("Schedule session expiration event after: " + j + " ms.");
        }
        this.future = executor.schedule(new SessionWatcherJob(this), j, TimeUnit.MILLISECONDS);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void stopTimer() {
        if (this.future != null) {
            this.future.cancel(false);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void restartTimer(long j, boolean z) {
        if (this.future != null && !z) {
            j = calcRemainingDelay(j);
        }
        this.lastRestartTime = System.currentTimeMillis();
        stopTimer();
        startTimer(j);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setDelay(long j) {
    }

    private long calcRemainingDelay(long j) {
        long currentTimeMillis = j - (System.currentTimeMillis() - this.lastRestartTime);
        if (currentTimeMillis < 0) {
            currentTimeMillis = 0;
        }
        return currentTimeMillis;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void notifyClientStarted(SSLSocket sSLSocket) {
        synchronized (this.sockets) {
            boolean z = this.sockets.put(sSLSocket, Boolean.TRUE) == null;
            long size = this.sockets.size();
            if (z) {
                if (Util.isDebug()) {
                    Util.log("Client started using session, ID: " + Util.toHexString(getId(), ' ') + ". New client count: " + size);
                }
            } else if (Util.isDebug()) {
                Util.logTrace("WARNING: Client wanted to attach to session twice, ID: " + Util.toHexString(getId(), ' ') + ". Client count: " + size);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void notifyClientFinished(SSLSocket sSLSocket) {
        synchronized (this.sockets) {
            Boolean remove = this.sockets.remove(sSLSocket);
            long size = this.sockets.size();
            if (remove != null && remove.booleanValue()) {
                if (Util.isDebug()) {
                    Util.log("Client finished using session, ID: " + Util.toHexString(getId(), ' ') + ". New client count: " + size + ". Session valid: " + this.valid);
                }
                if (!this.valid && size == 0) {
                    destroyMasterSecret();
                }
            } else if (Util.isDebug()) {
                Util.logTrace("WARNING: Client wanted to detach from session twice, ID: " + Util.toHexString(getId(), ' ') + ". Client count: " + size);
            }
        }
    }

    static {
        NULL.setProtocolVersion(ProtocolVersion.NONE);
        NULL.setCipherSuite(CipherSuite.TLS_NULL_WITH_NULL_NULL);
        NULL.setCompressionMethod(CompressionMethod.NULL);
        NULL.setId(new ID(new byte[0]));
        NULL.invalidate();
    }
}
