package org.bouncycastle.jsse.provider;

import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCryptoProvider;
import org.bouncycastle.util.Strings;
import org.jruby.ext.openssl.CipherStrings;
import org.jruby.ext.openssl.impl.ASN1Registry;

/* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bctls-jdk15on/1.65/bctls-jdk15on-1.65.jar:org/bouncycastle/jsse/provider/BouncyCastleJsseProvider.class */
public class BouncyCastleJsseProvider extends Provider {
    public static final String PROVIDER_NAME = "BCJSSE";
    private static final double PROVIDER_VERSION = 1.001d;
    private static final String PROVIDER_INFO = "Bouncy Castle JSSE Provider Version 1.0.10";
    private Map<String, BcJsseService> serviceMap;
    private Map<String, EngineCreator> creatorMap;
    private final boolean isInFipsMode;
    private static final Map<Map<String, String>, Map<String, String>> attributeMaps = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bctls-jdk15on/1.65/bctls-jdk15on-1.65.jar:org/bouncycastle/jsse/provider/BouncyCastleJsseProvider$BcJsseService.class */
    public static class BcJsseService extends Provider.Service {
        private final EngineCreator creator;

        public BcJsseService(Provider provider, String str, String str2, String str3, List<String> list, Map<String, String> map, EngineCreator engineCreator) {
            super(provider, str, str2, str3, list, map);
            this.creator = engineCreator;
        }

        @Override // java.security.Provider.Service
        public Object newInstance(Object obj) throws NoSuchAlgorithmException {
            try {
                Object createInstance = this.creator.createInstance(obj);
                if (createInstance == null) {
                    throw new NoSuchAlgorithmException("No such algorithm in FIPS approved mode: " + getAlgorithm());
                }
                return createInstance;
            } catch (NoSuchAlgorithmException e) {
                throw e;
            } catch (Exception e2) {
                throw new NoSuchAlgorithmException("Unable to invoke creator for " + getAlgorithm() + ": " + e2.getMessage(), e2);
            }
        }
    }

    public BouncyCastleJsseProvider() {
        super(PROVIDER_NAME, PROVIDER_VERSION, PROVIDER_INFO);
        this.serviceMap = new HashMap();
        this.creatorMap = new HashMap();
        this.isInFipsMode = configure(false, new JcaTlsCryptoProvider());
    }

    public BouncyCastleJsseProvider(Provider provider) {
        this(false, provider);
    }

    public BouncyCastleJsseProvider(boolean z, Provider provider) {
        super(PROVIDER_NAME, PROVIDER_VERSION, PROVIDER_INFO);
        this.serviceMap = new HashMap();
        this.creatorMap = new HashMap();
        this.isInFipsMode = configure(z, new JcaTlsCryptoProvider().setProvider(provider));
    }

    public BouncyCastleJsseProvider(String str) {
        super(PROVIDER_NAME, PROVIDER_VERSION, PROVIDER_INFO);
        this.serviceMap = new HashMap();
        this.creatorMap = new HashMap();
        String trim = str.trim();
        boolean z = false;
        String str2 = trim;
        int indexOf = trim.indexOf(58);
        if (indexOf >= 0) {
            String trim2 = trim.substring(0, indexOf).trim();
            String trim3 = trim.substring(indexOf + 1).trim();
            z = trim2.equalsIgnoreCase("fips");
            str2 = trim3;
        }
        try {
            this.isInFipsMode = configure(z, createCryptoProvider(str2));
        } catch (GeneralSecurityException e) {
            throw new IllegalArgumentException("unable to set up JcaTlsCryptoProvider: " + e.getMessage(), e);
        }
    }

    public BouncyCastleJsseProvider(boolean z, JcaTlsCryptoProvider jcaTlsCryptoProvider) {
        super(PROVIDER_NAME, PROVIDER_VERSION, PROVIDER_INFO);
        this.serviceMap = new HashMap();
        this.creatorMap = new HashMap();
        this.isInFipsMode = configure(z, jcaTlsCryptoProvider);
    }

    public Provider configure(String str) {
        return new BouncyCastleJsseProvider(str);
    }

    private JcaTlsCryptoProvider createCryptoProvider(String str) throws GeneralSecurityException {
        if (str.equalsIgnoreCase("default")) {
            return new JcaTlsCryptoProvider();
        }
        Provider provider = Security.getProvider(str);
        if (provider != null) {
            return new JcaTlsCryptoProvider().setProvider(provider);
        }
        try {
            Object newInstance = Class.forName(str).newInstance();
            if (newInstance instanceof JcaTlsCryptoProvider) {
                return (JcaTlsCryptoProvider) newInstance;
            }
            if (newInstance instanceof Provider) {
                return new JcaTlsCryptoProvider().setProvider((Provider) newInstance);
            }
            throw new IllegalArgumentException("unrecognized class: " + str);
        } catch (ClassNotFoundException e) {
            throw new IllegalArgumentException("unable to find Provider/JcaTlsCryptoProvider class: " + str);
        } catch (IllegalAccessException e2) {
            throw new IllegalArgumentException("unable to create Provider/JcaTlsCryptoProvider class '" + str + "': " + e2.getMessage(), e2);
        } catch (InstantiationException e3) {
            throw new IllegalArgumentException("unable to create Provider/JcaTlsCryptoProvider class '" + str + "': " + e3.getMessage(), e3);
        }
    }

    private boolean configure(final boolean z, final JcaTlsCryptoProvider jcaTlsCryptoProvider) {
        addAlgorithmImplementation("KeyManagerFactory.X.509", "org.bouncycastle.jsse.provider.KeyManagerFactory", new EngineCreator() { // from class: org.bouncycastle.jsse.provider.BouncyCastleJsseProvider.1
            @Override // org.bouncycastle.jsse.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new ProvKeyManagerFactorySpi(jcaTlsCryptoProvider.getHelper());
            }
        });
        addAlias("Alg.Alias.KeyManagerFactory.X509", "X.509");
        addAlias("Alg.Alias.KeyManagerFactory.PKIX", "X.509");
        addAlgorithmImplementation("TrustManagerFactory.PKIX", "org.bouncycastle.jsse.provider.TrustManagerFactory", new EngineCreator() { // from class: org.bouncycastle.jsse.provider.BouncyCastleJsseProvider.2
            @Override // org.bouncycastle.jsse.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new ProvTrustManagerFactorySpi(jcaTlsCryptoProvider.getHelper());
            }
        });
        addAlias("Alg.Alias.TrustManagerFactory.X.509", ASN1Registry.SN_id_pkix);
        addAlias("Alg.Alias.TrustManagerFactory.X509", ASN1Registry.SN_id_pkix);
        addAlgorithmImplementation("SSLContext.TLS", "org.bouncycastle.jsse.provider.SSLContext.TLS", new EngineCreator() { // from class: org.bouncycastle.jsse.provider.BouncyCastleJsseProvider.3
            @Override // org.bouncycastle.jsse.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new ProvSSLContextSpi(z, jcaTlsCryptoProvider, null);
            }
        });
        addAlgorithmImplementation("SSLContext.TLSV1", "org.bouncycastle.jsse.provider.SSLContext.TLSv1", new EngineCreator() { // from class: org.bouncycastle.jsse.provider.BouncyCastleJsseProvider.4
            @Override // org.bouncycastle.jsse.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new ProvSSLContextSpi(z, jcaTlsCryptoProvider, new String[]{CipherStrings.SSL_TXT_TLSV1});
            }
        });
        addAlgorithmImplementation("SSLContext.TLSV1.1", "org.bouncycastle.jsse.provider.SSLContext.TLSv1_1", new EngineCreator() { // from class: org.bouncycastle.jsse.provider.BouncyCastleJsseProvider.5
            @Override // org.bouncycastle.jsse.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new ProvSSLContextSpi(z, jcaTlsCryptoProvider, new String[]{"TLSv1.1", CipherStrings.SSL_TXT_TLSV1});
            }
        });
        addAlgorithmImplementation("SSLContext.TLSV1.2", "org.bouncycastle.jsse.provider.SSLContext.TLSv1_2", new EngineCreator() { // from class: org.bouncycastle.jsse.provider.BouncyCastleJsseProvider.6
            @Override // org.bouncycastle.jsse.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new ProvSSLContextSpi(z, jcaTlsCryptoProvider, new String[]{"TLSv1.2", "TLSv1.1", CipherStrings.SSL_TXT_TLSV1});
            }
        });
        addAlgorithmImplementation("SSLContext.DEFAULT", "org.bouncycastle.jsse.provider.SSLContext.Default", new EngineCreator() { // from class: org.bouncycastle.jsse.provider.BouncyCastleJsseProvider.7
            @Override // org.bouncycastle.jsse.provider.EngineCreator
            public Object createInstance(Object obj) throws GeneralSecurityException {
                return new DefaultSSLContextSpi(z, jcaTlsCryptoProvider);
            }
        });
        addAlias("Alg.Alias.SSLContext.SSL", "TLS");
        addAlias("Alg.Alias.SSLContext.SSLV3", "TLSV1");
        return z;
    }

    void addAttribute(String str, String str2, String str3) {
        String str4 = str + " " + str2;
        if (containsKey(str4)) {
            throw new IllegalStateException("duplicate provider attribute key (" + str4 + ") found");
        }
        put(str4, str3);
    }

    void addAlgorithmImplementation(String str, String str2, EngineCreator engineCreator) {
        if (containsKey(str)) {
            throw new IllegalStateException("duplicate provider key (" + str + ") found");
        }
        addAttribute(str, "ImplementedIn", "Software");
        put(str, str2);
        this.creatorMap.put(str2, engineCreator);
    }

    void addAlias(String str, String str2) {
        if (containsKey(str)) {
            throw new IllegalStateException("duplicate provider key (" + str + ") found");
        }
        put(str, str2);
    }

    @Override // java.security.Provider
    public final synchronized Provider.Service getService(String str, String str2) {
        String upperCase = Strings.toUpperCase(str2);
        BcJsseService bcJsseService = this.serviceMap.get(str + "." + upperCase);
        if (bcJsseService == null) {
            String str3 = "Alg.Alias." + str + ".";
            String str4 = (String) get(str3 + upperCase);
            if (str4 == null) {
                str4 = upperCase;
            }
            String str5 = (String) get(str + "." + str4);
            if (str5 == null) {
                return null;
            }
            String str6 = str + "." + upperCase + " ";
            ArrayList arrayList = new ArrayList();
            HashMap hashMap = new HashMap();
            for (Object obj : keySet()) {
                String str7 = (String) obj;
                if (str7.startsWith(str3) && get(obj).equals(str2)) {
                    arrayList.add(str7.substring(str3.length()));
                }
                if (str7.startsWith(str6)) {
                    hashMap.put(str7.substring(str6.length()), (String) get(str7));
                }
            }
            bcJsseService = new BcJsseService(this, str, upperCase, str5, arrayList, getAttributeMap(hashMap), this.creatorMap.get(str5));
            this.serviceMap.put(str + "." + upperCase, bcJsseService);
        }
        return bcJsseService;
    }

    @Override // java.security.Provider
    public final synchronized Set<Provider.Service> getServices() {
        Set<Provider.Service> services = super.getServices();
        HashSet hashSet = new HashSet();
        for (Provider.Service service : services) {
            hashSet.add(getService(service.getType(), service.getAlgorithm()));
        }
        return hashSet;
    }

    private static Map<String, String> getAttributeMap(Map<String, String> map) {
        Map<String, String> map2 = attributeMaps.get(map);
        if (map2 != null) {
            return map2;
        }
        attributeMaps.put(map, map);
        return map;
    }

    public boolean isFipsMode() {
        return this.isInFipsMode;
    }
}
