package org.bouncycastle.jsse.provider;

import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLPermission;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionBindingEvent;
import javax.net.ssl.SSLSessionBindingListener;
import javax.net.ssl.SSLSessionContext;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.jsse.BCExtendedSSLSession;
import org.bouncycastle.tls.Certificate;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.TlsUtils;
import org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto;
import org.bouncycastle.util.Arrays;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/bouncycastle/jsse/provider/ProvSSLSessionBase.class */
public abstract class ProvSSLSessionBase extends BCExtendedSSLSession {
    protected final Map<String, Object> valueMap = Collections.synchronizedMap(new HashMap());
    protected ProvSSLSessionContext sslSessionContext;
    protected final boolean isFips;
    protected final JcaTlsCrypto crypto;
    protected final String peerHost;
    protected final int peerPort;
    protected final long creationTime;
    protected final SSLSession exportSSLSession;
    protected long lastAccessedTime;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProvSSLSessionBase(ProvSSLSessionContext provSSLSessionContext, String str, int i) {
        this.sslSessionContext = provSSLSessionContext;
        this.isFips = null == provSSLSessionContext ? false : provSSLSessionContext.getSSLContext().isFips();
        this.crypto = null == provSSLSessionContext ? null : provSSLSessionContext.getCrypto();
        this.peerHost = str;
        this.peerPort = i;
        this.creationTime = System.currentTimeMillis();
        this.exportSSLSession = SSLSessionUtil.exportSSLSession(this);
        this.lastAccessedTime = this.creationTime;
    }

    protected abstract int getCipherSuiteTLS();

    protected abstract byte[] getIDArray();

    protected abstract JsseSecurityParameters getJsseSecurityParameters();

    protected abstract JsseSessionParameters getJsseSessionParameters();

    protected abstract Certificate getLocalCertificateTLS();

    protected abstract Certificate getPeerCertificateTLS();

    protected abstract ProtocolVersion getProtocolTLS();

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSession getExportSSLSession() {
        return this.exportSSLSession;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void accessedAt(long j) {
        this.lastAccessedTime = Math.max(this.lastAccessedTime, j);
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj instanceof ProvSSLSessionBase) {
            return Arrays.areEqual(getIDArray(), ((ProvSSLSessionBase) obj).getIDArray());
        }
        return false;
    }

    @Override // javax.net.ssl.SSLSession
    public int getApplicationBufferSize() {
        return 16384;
    }

    @Override // javax.net.ssl.SSLSession
    public String getCipherSuite() {
        return ProvSSLContextSpi.getCipherSuiteName(getCipherSuiteTLS());
    }

    @Override // javax.net.ssl.SSLSession
    public long getCreationTime() {
        return this.creationTime;
    }

    @Override // javax.net.ssl.SSLSession
    public byte[] getId() {
        byte[] iDArray = getIDArray();
        return TlsUtils.isNullOrEmpty(iDArray) ? TlsUtils.EMPTY_BYTES : (byte[]) iDArray.clone();
    }

    @Override // javax.net.ssl.SSLSession
    public long getLastAccessedTime() {
        return this.lastAccessedTime;
    }

    @Override // javax.net.ssl.SSLSession
    public java.security.cert.Certificate[] getLocalCertificates() {
        X509Certificate[] x509CertificateChain;
        if (null == this.crypto || null == (x509CertificateChain = JsseUtils.getX509CertificateChain(this.crypto, getLocalCertificateTLS())) || x509CertificateChain.length <= 0) {
            return null;
        }
        return x509CertificateChain;
    }

    @Override // javax.net.ssl.SSLSession
    public Principal getLocalPrincipal() {
        if (null != this.crypto) {
            return JsseUtils.getSubject(this.crypto, getLocalCertificateTLS());
        }
        return null;
    }

    @Override // javax.net.ssl.SSLSession
    public int getPacketBufferSize() {
        return 18443;
    }

    @Override // javax.net.ssl.SSLSession
    public javax.security.cert.X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException {
        if (this.isFips) {
            throw new UnsupportedOperationException();
        }
        java.security.cert.Certificate[] peerCertificates = getPeerCertificates();
        try {
            javax.security.cert.X509Certificate[] x509CertificateArr = new javax.security.cert.X509Certificate[peerCertificates.length];
            for (int i = 0; i < peerCertificates.length; i++) {
                x509CertificateArr[i] = javax.security.cert.X509Certificate.getInstance(peerCertificates[i].getEncoded());
            }
            return x509CertificateArr;
        } catch (Exception e) {
            throw new SSLPeerUnverifiedException(e.getMessage());
        }
    }

    @Override // javax.net.ssl.SSLSession
    public java.security.cert.Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {
        X509Certificate[] x509CertificateChain;
        if (null == this.crypto || null == (x509CertificateChain = JsseUtils.getX509CertificateChain(this.crypto, getPeerCertificateTLS())) || x509CertificateChain.length <= 0) {
            throw new SSLPeerUnverifiedException("No peer identity established");
        }
        return x509CertificateChain;
    }

    @Override // javax.net.ssl.SSLSession
    public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
        X500Principal subject;
        if (null == this.crypto || null == (subject = JsseUtils.getSubject(this.crypto, getPeerCertificateTLS()))) {
            throw new SSLPeerUnverifiedException("No peer identity established");
        }
        return subject;
    }

    @Override // javax.net.ssl.SSLSession
    public String getPeerHost() {
        return this.peerHost;
    }

    @Override // javax.net.ssl.SSLSession
    public int getPeerPort() {
        return this.peerPort;
    }

    @Override // javax.net.ssl.SSLSession
    public String getProtocol() {
        return ProvSSLContextSpi.getProtocolVersionName(getProtocolTLS());
    }

    @Override // javax.net.ssl.SSLSession
    public SSLSessionContext getSessionContext() {
        SecurityManager securityManager = System.getSecurityManager();
        if (null != securityManager) {
            securityManager.checkPermission(new SSLPermission("getSSLSessionContext"));
        }
        return this.sslSessionContext;
    }

    @Override // javax.net.ssl.SSLSession
    public Object getValue(String str) {
        return this.valueMap.get(str);
    }

    @Override // javax.net.ssl.SSLSession
    public String[] getValueNames() {
        String[] strArr;
        synchronized (this.valueMap) {
            strArr = (String[]) this.valueMap.keySet().toArray(new String[this.valueMap.size()]);
        }
        return strArr;
    }

    public int hashCode() {
        return Arrays.hashCode(getIDArray());
    }

    @Override // javax.net.ssl.SSLSession
    public synchronized void invalidate() {
        if (null != this.sslSessionContext) {
            this.sslSessionContext.removeSession(getIDArray());
            this.sslSessionContext = null;
        }
    }

    @Override // javax.net.ssl.SSLSession
    public synchronized boolean isValid() {
        return (null == this.sslSessionContext || TlsUtils.isNullOrEmpty(getIDArray())) ? false : true;
    }

    @Override // javax.net.ssl.SSLSession
    public void putValue(String str, Object obj) {
        notifyUnbound(str, this.valueMap.put(str, obj));
        notifyBound(str, obj);
    }

    @Override // javax.net.ssl.SSLSession
    public void removeValue(String str) {
        notifyUnbound(str, this.valueMap.remove(str));
    }

    public String toString() {
        return "Session(" + getCreationTime() + "|" + getCipherSuite() + ")";
    }

    protected void notifyBound(String str, Object obj) {
        if (obj instanceof SSLSessionBindingListener) {
            ((SSLSessionBindingListener) obj).valueBound(new SSLSessionBindingEvent(this, str));
        }
    }

    protected void notifyUnbound(String str, Object obj) {
        if (obj instanceof SSLSessionBindingListener) {
            ((SSLSessionBindingListener) obj).valueUnbound(new SSLSessionBindingEvent(this, str));
        }
    }
}
