package org.wildfly.security.ssl;

import java.io.IOError;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.EnumMap;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BOOT-INF/lib/wildfly-elytron-ssl-1.20.1.Final.jar:org/wildfly/security/ssl/MechanismDatabase.class */
public class MechanismDatabase {
    private static final MechanismDatabase INSTANCE = new MechanismDatabase("MechanismDatabase.properties");
    private static final MechanismDatabase TLS13_INSTANCE = new MechanismDatabase("TLS13MechanismDatabase.properties", true);
    private final Map<String, Entry> entriesByStdName;
    private final Map<String, Entry> entriesByOSSLName;
    private final Entry[][] algorithmsById;
    private final boolean isTLS13;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/wildfly-elytron-ssl-1.20.1.Final.jar:org/wildfly/security/ssl/MechanismDatabase$Entry.class */
    public static final class Entry {
        private final String name;
        private final List<String> openSslNames;
        private final List<String> aliases;
        private final KeyAgreement keyAgreement;
        private final Authentication authentication;
        private final Encryption encryption;
        private final Digest digest;
        private final Protocol protocol;
        private final boolean export;
        private final SecurityLevel level;
        private final boolean fips;
        private final int strengthBits;
        private final int algorithmBits;

        Entry(String str, List<String> list, List<String> list2, KeyAgreement keyAgreement, Authentication authentication, Encryption encryption, Digest digest, Protocol protocol, boolean z, SecurityLevel securityLevel, boolean z2, int i, int i2) {
            this.name = str;
            this.openSslNames = list;
            this.aliases = list2;
            this.keyAgreement = keyAgreement;
            this.authentication = authentication;
            this.encryption = encryption;
            this.digest = digest;
            this.protocol = protocol;
            this.export = z;
            this.level = securityLevel;
            this.fips = z2;
            this.strengthBits = i;
            this.algorithmBits = i2;
        }

        public String getName() {
            return this.name;
        }

        public List<String> getOpenSslNames() {
            return this.openSslNames;
        }

        public List<String> getAliases() {
            return this.aliases;
        }

        public KeyAgreement getKeyAgreement() {
            return this.keyAgreement;
        }

        public Authentication getAuthentication() {
            return this.authentication;
        }

        public Encryption getEncryption() {
            return this.encryption;
        }

        public Digest getDigest() {
            return this.digest;
        }

        public Protocol getProtocol() {
            return this.protocol;
        }

        public boolean isExport() {
            return this.export;
        }

        public SecurityLevel getLevel() {
            return this.level;
        }

        public boolean isFips() {
            return this.fips;
        }

        public int getStrengthBits() {
            return this.strengthBits;
        }

        public int getAlgorithmBits() {
            return this.algorithmBits;
        }

        public String toString() {
            return getName() + "/" + String.join("|", this.openSslNames);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static MechanismDatabase getInstance() {
        return INSTANCE;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static MechanismDatabase getTLS13Instance() {
        return TLS13_INSTANCE;
    }

    MechanismDatabase(String str) {
        this(str, false);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v158 */
    /* JADX WARN: Type inference failed for: r0v30, types: [org.wildfly.security.ssl.MechanismDatabase$Entry[], org.wildfly.security.ssl.MechanismDatabase$Entry[][]] */
    MechanismDatabase(String str, boolean z) {
        String str2;
        int i;
        int i2;
        int i3;
        int i4;
        this.isTLS13 = z;
        LinkedProperties linkedProperties = new LinkedProperties();
        try {
            InputStream resourceAsStream = getClass().getResourceAsStream(str);
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(resourceAsStream, StandardCharsets.UTF_8);
                try {
                    linkedProperties.load(inputStreamReader);
                    inputStreamReader.close();
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                    Pattern compile = Pattern.compile("\\s*,\\s*");
                    LinkedHashMap linkedHashMap = new LinkedHashMap();
                    LinkedHashMap linkedHashMap2 = new LinkedHashMap();
                    EnumMap enumMap = new EnumMap(KeyAgreement.class);
                    EnumMap enumMap2 = new EnumMap(Authentication.class);
                    EnumMap enumMap3 = new EnumMap(Encryption.class);
                    EnumMap enumMap4 = new EnumMap(Digest.class);
                    EnumMap enumMap5 = new EnumMap(Protocol.class);
                    EnumMap enumMap6 = new EnumMap(SecurityLevel.class);
                    HashMap hashMap = new HashMap();
                    ?? r0 = new Entry[256];
                    for (Map.Entry<String, String> entry : linkedProperties.stringMapEntries()) {
                        String key = entry.getKey();
                        String[] split = compile.split(entry.getValue());
                        if (split.length == 1 && split[0].startsWith("alias:")) {
                            String substring = split[0].substring(6);
                            hashMap.put(key, substring);
                            if (key.startsWith("TLS_")) {
                                hashMap.put("SSL_" + key.substring(4), substring);
                            }
                        } else if (split.length == 11 || split.length == 13) {
                            boolean z2 = true;
                            String[] split2 = split[0].split("\\|");
                            KeyAgreement forName = KeyAgreement.forName(split[1]);
                            if (!z && forName == null) {
                                ElytronMessages.log.warnInvalidKeyExchangeForMechanismDatabaseEntry(split[1], key);
                                z2 = false;
                            }
                            Authentication forName2 = Authentication.forName(split[2]);
                            if ((!z && forName2 == null) || (z && !split[2].equals("ANY"))) {
                                ElytronMessages.log.warnInvalidAuthenticationForMechanismDatabaseEntry(split[2], key);
                                z2 = false;
                            }
                            Encryption forName3 = Encryption.forName(split[3]);
                            if (forName3 == null) {
                                ElytronMessages.log.warnInvalidEncryptionForMechanismDatabaseEntry(split[3], key);
                                z2 = false;
                            }
                            Digest forName4 = Digest.forName(split[4]);
                            if (forName4 == null) {
                                ElytronMessages.log.warnInvalidDigestForMechanismDatabaseEntry(split[4], key);
                                z2 = false;
                            }
                            Protocol forName5 = Protocol.forName(split[5]);
                            if (forName5 == null || (z ^ forName5.equals(Protocol.TLSv1_3))) {
                                ElytronMessages.log.warnInvalidProtocolForMechanismDatabaseEntry(split[5], key);
                                z2 = false;
                            }
                            boolean parseBoolean = Boolean.parseBoolean(split[6]);
                            SecurityLevel forName6 = SecurityLevel.forName(split[7]);
                            if (forName6 == null) {
                                ElytronMessages.log.warnInvalidLevelForMechanismDatabaseEntry(split[7], key);
                                z2 = false;
                            }
                            boolean parseBoolean2 = Boolean.parseBoolean(split[8]);
                            try {
                                i = Integer.parseInt(split[9], 10);
                            } catch (NumberFormatException e) {
                                ElytronMessages.log.warnInvalidStrengthBitsForMechanismDatabaseEntry(split[9], key);
                                i = 0;
                                z2 = false;
                            }
                            try {
                                i2 = Integer.parseInt(split[10], 10);
                            } catch (NumberFormatException e2) {
                                ElytronMessages.log.warnInvalidAlgorithmBitsForMechanismDatabaseEntry(split[10], key);
                                i2 = 0;
                                z2 = false;
                            }
                            try {
                                i3 = Integer.parseInt(split[11], 16);
                                i4 = Integer.parseInt(split[12], 16);
                            } catch (ArrayIndexOutOfBoundsException | NumberFormatException e3) {
                                i3 = -1;
                                i4 = -1;
                            }
                            if (z2) {
                                Entry entry2 = new Entry(key, Arrays.asList(split2), new ArrayList(0), forName, forName2, forName3, forName4, forName5, parseBoolean, forName6, parseBoolean2, i, i2);
                                if (linkedHashMap.containsKey(key)) {
                                    ElytronMessages.log.warnInvalidDuplicateMechanismDatabaseEntry(key);
                                } else {
                                    linkedHashMap.put(key, entry2);
                                }
                                for (String str3 : split2) {
                                    if (linkedHashMap2.containsKey(str3)) {
                                        ElytronMessages.log.warnInvalidDuplicateOpenSslStyleAliasForMechanismDatabaseEntry(str3, key, ((Entry) linkedHashMap2.get(str3)).getName());
                                    } else {
                                        linkedHashMap2.put(str3, entry2);
                                    }
                                    if (forName == KeyAgreement.DHE) {
                                        String join = join("-", replaceEdh(str3.split("-")));
                                        if (!linkedHashMap2.containsKey(join)) {
                                            linkedHashMap2.put(join, entry2);
                                        }
                                    }
                                }
                                if (!z) {
                                    addTo(enumMap, forName, entry2);
                                    addTo(enumMap2, forName2, entry2);
                                }
                                addTo(enumMap3, forName3, entry2);
                                addTo(enumMap4, forName4, entry2);
                                addTo(enumMap5, forName5, entry2);
                                addTo(enumMap6, forName6, entry2);
                                if (i3 != -1 && i4 != -1) {
                                    Entry[] entryArr = r0[i3];
                                    if (entryArr == null) {
                                        Entry[] entryArr2 = new Entry[256];
                                        r0[i3] = entryArr2;
                                        entryArr = entryArr2;
                                    }
                                    entryArr[i4] = entry2;
                                }
                                if (key.startsWith("TLS_")) {
                                    hashMap.put("SSL_" + key.substring(4), key);
                                }
                            }
                        } else {
                            ElytronMessages.log.warnInvalidStringCountForMechanismDatabaseEntry(key);
                        }
                    }
                    for (Map.Entry entry3 : hashMap.entrySet()) {
                        String str4 = (String) entry3.getKey();
                        Object value = entry3.getValue();
                        while (true) {
                            str2 = (String) value;
                            if (!hashMap.containsKey(str2)) {
                                break;
                            } else {
                                value = hashMap.get(str2);
                            }
                        }
                        if (linkedHashMap.containsKey(str4)) {
                            ElytronMessages.log.warnInvalidDuplicateMechanismDatabaseEntry(str4);
                        } else if (linkedHashMap.containsKey(str2)) {
                            Entry entry4 = (Entry) linkedHashMap.get(str2);
                            entry4.getAliases().add(str4);
                            linkedHashMap.put(str4, entry4);
                        } else {
                            ElytronMessages.log.warnInvalidAliasForMissingMechanismDatabaseEntry(str2, str4);
                        }
                    }
                    this.entriesByStdName = linkedHashMap;
                    this.entriesByOSSLName = linkedHashMap2;
                    this.algorithmsById = r0;
                } catch (Throwable th) {
                    try {
                        inputStreamReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } finally {
            }
        } catch (IOException e4) {
            throw new IOError(e4);
        }
    }

    static String[] replaceEdh(String... strArr) {
        int length = strArr.length;
        for (int i = 0; i < length; i++) {
            if ("EDH".equals(strArr[i])) {
                strArr[i] = "DHE";
            } else if ("DHE".equals(strArr[i])) {
                strArr[i] = "EDH";
            }
        }
        return strArr;
    }

    static String join(String str, String... strArr) {
        StringBuilder sb = new StringBuilder();
        int length = strArr.length;
        int i = 0;
        if (length == 0) {
            return "";
        }
        while (true) {
            int i2 = i;
            i++;
            sb.append(strArr[i2]);
            if (i == length) {
                return sb.toString();
            }
            sb.append(str);
        }
    }

    static <T> void addTo(Map<T, List<Entry>> map, T t, Entry entry) {
        List<Entry> list = map.get(t);
        if (list == null) {
            list = new ArrayList(1);
            map.put(t, list);
        }
        list.add(entry);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Entry getCipherSuite(String str) {
        return this.entriesByStdName.get(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Entry getCipherSuiteOpenSSLName(String str) {
        return this.entriesByOSSLName.get(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Entry getCipherSuiteById(int i, int i2) {
        Entry[] entryArr;
        if (i < 0 || i > 255 || i2 < 0 || i2 > 255 || (entryArr = this.algorithmsById[i]) == null) {
            return null;
        }
        return entryArr[i2];
    }

    boolean isTLS13() {
        return this.isTLS13;
    }
}
