package sun.security.ssl;

import java.security.AlgorithmConstraints;
import java.security.AlgorithmParameters;
import java.security.CryptoPrimitive;
import java.security.Key;
import java.util.HashSet;
import java.util.Set;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import org.hsqldb.Tokens;
import sun.security.ssl.CipherSuite;
import sun.security.util.DisabledAlgorithmConstraints;

/* loaded from: input_file:libs/Autorizador.jar:sun/security/ssl/SSLAlgorithmConstraints.class */
final class SSLAlgorithmConstraints implements AlgorithmConstraints {
    private static final AlgorithmConstraints tlsDisabledAlgConstraints = new TLSDisabledAlgConstraints();
    private static final AlgorithmConstraints x509DisabledAlgConstraints = new X509DisabledAlgConstraints();
    private AlgorithmConstraints userAlgConstraints;
    private AlgorithmConstraints peerAlgConstraints;
    private boolean enabledX509DisabledAlgConstraints;

    /* loaded from: input_file:libs/Autorizador.jar:sun/security/ssl/SSLAlgorithmConstraints$BasicDisabledAlgConstraints.class */
    private static class BasicDisabledAlgConstraints extends DisabledAlgorithmConstraints {
        BasicDisabledAlgConstraints(String str) {
            super(str);
        }

        protected Set<String> decomposes(CipherSuite.KeyExchange keyExchange, boolean z) {
            HashSet hashSet = new HashSet();
            switch (keyExchange) {
                case K_NULL:
                    if (!z) {
                        hashSet.add(Tokens.T_NULL);
                        break;
                    }
                    break;
                case K_RSA:
                    hashSet.add("RSA");
                    break;
                case K_RSA_EXPORT:
                    hashSet.add("RSA");
                    hashSet.add("RSA_EXPORT");
                    break;
                case K_DH_RSA:
                    hashSet.add("RSA");
                    hashSet.add("DH");
                    hashSet.add("DiffieHellman");
                    hashSet.add("DH_RSA");
                    break;
                case K_DH_DSS:
                    hashSet.add("DSA");
                    hashSet.add("DSS");
                    hashSet.add("DH");
                    hashSet.add("DiffieHellman");
                    hashSet.add("DH_DSS");
                    break;
                case K_DHE_DSS:
                    hashSet.add("DSA");
                    hashSet.add("DSS");
                    hashSet.add("DH");
                    hashSet.add("DHE");
                    hashSet.add("DiffieHellman");
                    hashSet.add("DHE_DSS");
                    break;
                case K_DHE_RSA:
                    hashSet.add("RSA");
                    hashSet.add("DH");
                    hashSet.add("DHE");
                    hashSet.add("DiffieHellman");
                    hashSet.add("DHE_RSA");
                    break;
                case K_DH_ANON:
                    if (!z) {
                        hashSet.add("ANON");
                        hashSet.add("DH");
                        hashSet.add("DiffieHellman");
                        hashSet.add("DH_ANON");
                        break;
                    }
                    break;
                case K_ECDH_ECDSA:
                    hashSet.add("ECDH");
                    hashSet.add("ECDSA");
                    hashSet.add("ECDH_ECDSA");
                    break;
                case K_ECDH_RSA:
                    hashSet.add("ECDH");
                    hashSet.add("RSA");
                    hashSet.add("ECDH_RSA");
                    break;
                case K_ECDHE_ECDSA:
                    hashSet.add("ECDHE");
                    hashSet.add("ECDSA");
                    hashSet.add("ECDHE_ECDSA");
                    break;
                case K_ECDHE_RSA:
                    hashSet.add("ECDHE");
                    hashSet.add("RSA");
                    hashSet.add("ECDHE_RSA");
                    break;
                case K_ECDH_ANON:
                    if (!z) {
                        hashSet.add("ECDH");
                        hashSet.add("ANON");
                        hashSet.add("ECDH_ANON");
                        break;
                    }
                    break;
                case K_KRB5:
                    if (!z) {
                        hashSet.add("KRB5");
                        break;
                    }
                    break;
                case K_KRB5_EXPORT:
                    if (!z) {
                        hashSet.add("KRB5_EXPORT");
                        break;
                    }
                    break;
            }
            return hashSet;
        }

        protected Set<String> decomposes(CipherSuite.BulkCipher bulkCipher) {
            HashSet hashSet = new HashSet();
            if (bulkCipher.transformation != null) {
                hashSet.addAll(super.decomposes(bulkCipher.transformation));
            }
            return hashSet;
        }

        protected Set<String> decomposes(CipherSuite.MacAlg macAlg) {
            HashSet hashSet = new HashSet();
            if (macAlg == CipherSuite.M_MD5) {
                hashSet.add("MD5");
                hashSet.add("HmacMD5");
            } else if (macAlg == CipherSuite.M_SHA) {
                hashSet.add("SHA1");
                hashSet.add("SHA-1");
                hashSet.add("HmacSHA1");
            } else if (macAlg == CipherSuite.M_SHA256) {
                hashSet.add("SHA256");
                hashSet.add("SHA-256");
                hashSet.add("HmacSHA256");
            } else if (macAlg == CipherSuite.M_SHA384) {
                hashSet.add("SHA384");
                hashSet.add("SHA-384");
                hashSet.add("HmacSHA384");
            }
            return hashSet;
        }
    }

    /* loaded from: input_file:libs/Autorizador.jar:sun/security/ssl/SSLAlgorithmConstraints$SupportedSignatureAlgorithmConstraints.class */
    private static class SupportedSignatureAlgorithmConstraints implements AlgorithmConstraints {
        private String[] supportedAlgorithms;

        SupportedSignatureAlgorithmConstraints(String[] strArr) {
            if (strArr != null) {
                this.supportedAlgorithms = (String[]) strArr.clone();
            } else {
                this.supportedAlgorithms = null;
            }
        }

        @Override // java.security.AlgorithmConstraints
        public boolean permits(Set<CryptoPrimitive> set, String str, AlgorithmParameters algorithmParameters) {
            if (str == null || str.length() == 0) {
                throw new IllegalArgumentException("No algorithm name specified");
            }
            if (set == null || set.isEmpty()) {
                throw new IllegalArgumentException("No cryptographic primitive specified");
            }
            if (this.supportedAlgorithms == null || this.supportedAlgorithms.length == 0) {
                return false;
            }
            int indexOf = str.indexOf("and");
            if (indexOf > 0) {
                str = str.substring(0, indexOf);
            }
            for (String str2 : this.supportedAlgorithms) {
                if (str.equalsIgnoreCase(str2)) {
                    return true;
                }
            }
            return false;
        }

        @Override // java.security.AlgorithmConstraints
        public final boolean permits(Set<CryptoPrimitive> set, Key key) {
            return true;
        }

        @Override // java.security.AlgorithmConstraints
        public final boolean permits(Set<CryptoPrimitive> set, String str, Key key, AlgorithmParameters algorithmParameters) {
            if (str == null || str.length() == 0) {
                throw new IllegalArgumentException("No algorithm name specified");
            }
            return permits(set, str, algorithmParameters);
        }
    }

    /* loaded from: input_file:libs/Autorizador.jar:sun/security/ssl/SSLAlgorithmConstraints$TLSDisabledAlgConstraints.class */
    private static class TLSDisabledAlgConstraints extends BasicDisabledAlgConstraints {
        TLSDisabledAlgConstraints() {
            super("jdk.tls.disabledAlgorithms");
        }

        protected Set<String> decomposes(String str) {
            if (str.startsWith("SSL_") || str.startsWith("TLS_")) {
                CipherSuite cipherSuite = null;
                try {
                    cipherSuite = CipherSuite.valueOf(str);
                } catch (IllegalArgumentException e) {
                }
                if (cipherSuite != null) {
                    HashSet hashSet = new HashSet();
                    if (cipherSuite.keyExchange != null) {
                        hashSet.addAll(decomposes(cipherSuite.keyExchange, false));
                    }
                    if (cipherSuite.cipher != null) {
                        hashSet.addAll(decomposes(cipherSuite.cipher));
                    }
                    if (cipherSuite.macAlg != null) {
                        hashSet.addAll(decomposes(cipherSuite.macAlg));
                    }
                    return hashSet;
                }
            }
            return super.decomposes(str);
        }
    }

    /* loaded from: input_file:libs/Autorizador.jar:sun/security/ssl/SSLAlgorithmConstraints$X509DisabledAlgConstraints.class */
    private static class X509DisabledAlgConstraints extends BasicDisabledAlgConstraints {
        X509DisabledAlgConstraints() {
            super("jdk.certpath.disabledAlgorithms");
        }

        protected Set<String> decomposes(String str) {
            if (str.startsWith("SSL_") || str.startsWith("TLS_")) {
                CipherSuite cipherSuite = null;
                try {
                    cipherSuite = CipherSuite.valueOf(str);
                } catch (IllegalArgumentException e) {
                }
                if (cipherSuite != null) {
                    HashSet hashSet = new HashSet();
                    if (cipherSuite.keyExchange != null) {
                        hashSet.addAll(decomposes(cipherSuite.keyExchange, true));
                    }
                    return hashSet;
                }
            }
            return super.decomposes(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLAlgorithmConstraints(AlgorithmConstraints algorithmConstraints) {
        this.userAlgConstraints = null;
        this.peerAlgConstraints = null;
        this.enabledX509DisabledAlgConstraints = true;
        this.userAlgConstraints = algorithmConstraints;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLAlgorithmConstraints(SSLSocket sSLSocket, boolean z) {
        this.userAlgConstraints = null;
        this.peerAlgConstraints = null;
        this.enabledX509DisabledAlgConstraints = true;
        if (sSLSocket != null) {
            this.userAlgConstraints = sSLSocket.getSSLParameters().getAlgorithmConstraints();
        }
        if (z) {
            return;
        }
        this.enabledX509DisabledAlgConstraints = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLAlgorithmConstraints(SSLEngine sSLEngine, boolean z) {
        this.userAlgConstraints = null;
        this.peerAlgConstraints = null;
        this.enabledX509DisabledAlgConstraints = true;
        if (sSLEngine != null) {
            this.userAlgConstraints = sSLEngine.getSSLParameters().getAlgorithmConstraints();
        }
        if (z) {
            return;
        }
        this.enabledX509DisabledAlgConstraints = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLAlgorithmConstraints(SSLSocket sSLSocket, String[] strArr, boolean z) {
        this.userAlgConstraints = null;
        this.peerAlgConstraints = null;
        this.enabledX509DisabledAlgConstraints = true;
        if (sSLSocket != null) {
            this.userAlgConstraints = sSLSocket.getSSLParameters().getAlgorithmConstraints();
            this.peerAlgConstraints = new SupportedSignatureAlgorithmConstraints(strArr);
        }
        if (z) {
            return;
        }
        this.enabledX509DisabledAlgConstraints = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLAlgorithmConstraints(SSLEngine sSLEngine, String[] strArr, boolean z) {
        this.userAlgConstraints = null;
        this.peerAlgConstraints = null;
        this.enabledX509DisabledAlgConstraints = true;
        if (sSLEngine != null) {
            this.userAlgConstraints = sSLEngine.getSSLParameters().getAlgorithmConstraints();
            this.peerAlgConstraints = new SupportedSignatureAlgorithmConstraints(strArr);
        }
        if (z) {
            return;
        }
        this.enabledX509DisabledAlgConstraints = false;
    }

    @Override // java.security.AlgorithmConstraints
    public boolean permits(Set<CryptoPrimitive> set, String str, AlgorithmParameters algorithmParameters) {
        boolean z = true;
        if (this.peerAlgConstraints != null) {
            z = this.peerAlgConstraints.permits(set, str, algorithmParameters);
        }
        if (z && this.userAlgConstraints != null) {
            z = this.userAlgConstraints.permits(set, str, algorithmParameters);
        }
        if (z) {
            z = tlsDisabledAlgConstraints.permits(set, str, algorithmParameters);
        }
        if (z && this.enabledX509DisabledAlgConstraints) {
            z = x509DisabledAlgConstraints.permits(set, str, algorithmParameters);
        }
        return z;
    }

    @Override // java.security.AlgorithmConstraints
    public boolean permits(Set<CryptoPrimitive> set, Key key) {
        boolean z = true;
        if (this.peerAlgConstraints != null) {
            z = this.peerAlgConstraints.permits(set, key);
        }
        if (z && this.userAlgConstraints != null) {
            z = this.userAlgConstraints.permits(set, key);
        }
        if (z) {
            z = tlsDisabledAlgConstraints.permits(set, key);
        }
        if (z && this.enabledX509DisabledAlgConstraints) {
            z = x509DisabledAlgConstraints.permits(set, key);
        }
        return z;
    }

    @Override // java.security.AlgorithmConstraints
    public boolean permits(Set<CryptoPrimitive> set, String str, Key key, AlgorithmParameters algorithmParameters) {
        boolean z = true;
        if (this.peerAlgConstraints != null) {
            z = this.peerAlgConstraints.permits(set, str, key, algorithmParameters);
        }
        if (z && this.userAlgConstraints != null) {
            z = this.userAlgConstraints.permits(set, str, key, algorithmParameters);
        }
        if (z) {
            z = tlsDisabledAlgConstraints.permits(set, str, key, algorithmParameters);
        }
        if (z && this.enabledX509DisabledAlgConstraints) {
            z = x509DisabledAlgConstraints.permits(set, str, key, algorithmParameters);
        }
        return z;
    }
}
