package org.conscrypt;

import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.nio.BufferUnderflowException;
import java.nio.ByteBuffer;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;

/* loaded from: input_file:org/conscrypt/AbstractSessionContext.class */
abstract class AbstractSessionContext implements SSLSessionContext {
    private static final int DEFAULT_SESSION_TIMEOUT_SECONDS = 28800;
    volatile int maximumSize;
    static final int OPEN_SSL = 1;
    static final int OPEN_SSL_WITH_OCSP = 2;
    static final int OPEN_SSL_WITH_TLS_SCT = 3;
    volatile int timeout = DEFAULT_SESSION_TIMEOUT_SECONDS;
    final long sslCtxNativePointer = NativeCrypto.SSL_CTX_new();
    private final Map<ByteArray, SSLSession> sessions = new LinkedHashMap<ByteArray, SSLSession>() { // from class: org.conscrypt.AbstractSessionContext.1
        @Override // java.util.LinkedHashMap
        protected boolean removeEldestEntry(Map.Entry<ByteArray, SSLSession> entry) {
            if (!(AbstractSessionContext.this.maximumSize > 0 && size() > AbstractSessionContext.this.maximumSize)) {
                return false;
            }
            remove(entry.getKey());
            AbstractSessionContext.this.sessionRemoved(entry.getValue());
            return false;
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    public AbstractSessionContext(int i) {
        this.maximumSize = i;
    }

    private Iterator<SSLSession> sessionIterator() {
        Iterator<SSLSession> it;
        synchronized (this.sessions) {
            it = Arrays.asList((SSLSession[]) this.sessions.values().toArray(new SSLSession[this.sessions.size()])).iterator();
        }
        return it;
    }

    @Override // javax.net.ssl.SSLSessionContext
    public final Enumeration<byte[]> getIds() {
        final Iterator<SSLSession> sessionIterator = sessionIterator();
        return new Enumeration<byte[]>() { // from class: org.conscrypt.AbstractSessionContext.2
            private SSLSession next;

            @Override // java.util.Enumeration
            public boolean hasMoreElements() {
                if (this.next != null) {
                    return true;
                }
                while (sessionIterator.hasNext()) {
                    SSLSession sSLSession = (SSLSession) sessionIterator.next();
                    if (sSLSession.isValid()) {
                        this.next = sSLSession;
                        return true;
                    }
                }
                this.next = null;
                return false;
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.Enumeration
            public byte[] nextElement() {
                if (!hasMoreElements()) {
                    throw new NoSuchElementException();
                }
                byte[] id = this.next.getId();
                this.next = null;
                return id;
            }
        };
    }

    @Override // javax.net.ssl.SSLSessionContext
    public final int getSessionCacheSize() {
        return this.maximumSize;
    }

    @Override // javax.net.ssl.SSLSessionContext
    public final int getSessionTimeout() {
        return this.timeout;
    }

    protected void trimToSize() {
        synchronized (this.sessions) {
            int size = this.sessions.size();
            if (size > this.maximumSize) {
                int i = size - this.maximumSize;
                Iterator<SSLSession> it = this.sessions.values().iterator();
                do {
                    SSLSession next = it.next();
                    it.remove();
                    sessionRemoved(next);
                    i--;
                } while (i > 0);
            }
        }
    }

    @Override // javax.net.ssl.SSLSessionContext
    public void setSessionTimeout(int i) throws IllegalArgumentException {
        if (i < 0) {
            throw new IllegalArgumentException("seconds < 0");
        }
        this.timeout = i;
        synchronized (this.sessions) {
            Iterator<SSLSession> it = this.sessions.values().iterator();
            while (it.hasNext()) {
                SSLSession next = it.next();
                if (!next.isValid()) {
                    it.remove();
                    sessionRemoved(next);
                }
            }
        }
    }

    protected abstract void sessionRemoved(SSLSession sSLSession);

    @Override // javax.net.ssl.SSLSessionContext
    public final void setSessionCacheSize(int i) throws IllegalArgumentException {
        if (i < 0) {
            throw new IllegalArgumentException("size < 0");
        }
        int i2 = this.maximumSize;
        this.maximumSize = i;
        if (i < i2) {
            trimToSize();
        }
    }

    public byte[] toBytes(SSLSession sSLSession) {
        if (!(sSLSession instanceof OpenSSLSessionImpl)) {
            return null;
        }
        OpenSSLSessionImpl openSSLSessionImpl = (OpenSSLSessionImpl) sSLSession;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
            dataOutputStream.writeInt(OPEN_SSL_WITH_TLS_SCT);
            byte[] encoded = openSSLSessionImpl.getEncoded();
            dataOutputStream.writeInt(encoded.length);
            dataOutputStream.write(encoded);
            Certificate[] peerCertificates = sSLSession.getPeerCertificates();
            dataOutputStream.writeInt(peerCertificates.length);
            for (Certificate certificate : peerCertificates) {
                byte[] encoded2 = certificate.getEncoded();
                dataOutputStream.writeInt(encoded2.length);
                dataOutputStream.write(encoded2);
            }
            List<byte[]> statusResponses = openSSLSessionImpl.getStatusResponses();
            dataOutputStream.writeInt(statusResponses.size());
            for (byte[] bArr : statusResponses) {
                dataOutputStream.writeInt(bArr.length);
                dataOutputStream.write(bArr);
            }
            byte[] tlsSctData = openSSLSessionImpl.getTlsSctData();
            if (tlsSctData != null) {
                dataOutputStream.writeInt(tlsSctData.length);
                dataOutputStream.write(tlsSctData);
            } else {
                dataOutputStream.writeInt(0);
            }
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            System.err.println("Failed to convert saved SSL Session: " + e.getMessage());
            return null;
        } catch (CertificateEncodingException e2) {
            log(e2);
            return null;
        }
    }

    private static void checkRemaining(ByteBuffer byteBuffer, int i) throws IOException {
        if (i < 0) {
            throw new IOException("Length is negative: " + i);
        }
        if (i > byteBuffer.remaining()) {
            throw new IOException("Length of blob is longer than available: " + i + " > " + byteBuffer.remaining());
        }
    }

    public OpenSSLSessionImpl toSession(byte[] bArr, String str, int i) {
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        try {
            int i2 = wrap.getInt();
            if (i2 != 1 && i2 != 2 && i2 != OPEN_SSL_WITH_TLS_SCT) {
                throw new IOException("Unexpected type ID: " + i2);
            }
            int i3 = wrap.getInt();
            checkRemaining(wrap, i3);
            byte[] bArr2 = new byte[i3];
            wrap.get(bArr2);
            int i4 = wrap.getInt();
            checkRemaining(wrap, i4);
            X509Certificate[] x509CertificateArr = new X509Certificate[i4];
            for (int i5 = 0; i5 < i4; i5++) {
                int i6 = wrap.getInt();
                checkRemaining(wrap, i6);
                byte[] bArr3 = new byte[i6];
                wrap.get(bArr3);
                try {
                    x509CertificateArr[i5] = OpenSSLX509Certificate.fromX509Der(bArr3);
                } catch (Exception e) {
                    throw new IOException("Can not read certificate " + i5 + "/" + i4);
                }
            }
            byte[] bArr4 = null;
            if (i2 >= 2) {
                int i7 = wrap.getInt();
                checkRemaining(wrap, i7);
                if (i7 >= 1) {
                    int i8 = wrap.getInt();
                    checkRemaining(wrap, i8);
                    bArr4 = new byte[i8];
                    wrap.get(bArr4);
                    for (int i9 = 1; i9 < i7; i9++) {
                        int i10 = wrap.getInt();
                        checkRemaining(wrap, i10);
                        wrap.position(wrap.position() + i10);
                    }
                }
            }
            byte[] bArr5 = null;
            if (i2 == OPEN_SSL_WITH_TLS_SCT) {
                int i11 = wrap.getInt();
                checkRemaining(wrap, i11);
                if (i11 > 0) {
                    bArr5 = new byte[i11];
                    wrap.get(bArr5);
                }
            }
            if (wrap.remaining() == 0) {
                return new OpenSSLSessionImpl(bArr2, str, i, x509CertificateArr, bArr4, bArr5, this);
            }
            log(new AssertionError("Read entire session, but data still remains; rejecting"));
            return null;
        } catch (IOException e2) {
            log(e2);
            return null;
        } catch (BufferUnderflowException e3) {
            log(e3);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSLSession wrapSSLSessionIfNeeded(SSLSession sSLSession) {
        return sSLSession instanceof AbstractOpenSSLSession ? Platform.wrapSSLSession((AbstractOpenSSLSession) sSLSession) : sSLSession;
    }

    @Override // javax.net.ssl.SSLSessionContext
    public SSLSession getSession(byte[] bArr) {
        SSLSession sSLSession;
        if (bArr == null) {
            throw new NullPointerException("sessionId == null");
        }
        ByteArray byteArray = new ByteArray(bArr);
        synchronized (this.sessions) {
            sSLSession = this.sessions.get(byteArray);
        }
        if (sSLSession == null || !sSLSession.isValid()) {
            return null;
        }
        return wrapSSLSessionIfNeeded(sSLSession);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void putSession(SSLSession sSLSession) {
        byte[] id = sSLSession.getId();
        if (id.length == 0) {
            return;
        }
        ByteArray byteArray = new ByteArray(id);
        synchronized (this.sessions) {
            this.sessions.put(byteArray, sSLSession);
        }
    }

    static void log(Throwable th) {
        System.out.println("Error inflating SSL session: " + (th.getMessage() != null ? th.getMessage() : th.getClass().getName()));
    }

    protected void finalize() throws Throwable {
        try {
            NativeCrypto.SSL_CTX_free(this.sslCtxNativePointer);
        } finally {
            super.finalize();
        }
    }
}
