package oracle.net.nt;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import oracle.net.jdbc.nl.NLException;
import oracle.net.jdbc.nl.NVFactory;
import oracle.net.jdbc.nl.NVPair;
import oracle.net.ns.NetException;
import oracle.net.resolver.NavSchemaObject;

/* loaded from: input_file:oracle/net/nt/TcpsConfigure.class */
public class TcpsConfigure {
    static final boolean DEBUG = false;
    private static final int SSL_CERT_SAN_DNS_NAME = 2;
    public static final String[] VALID_SSL_VERSION_STRINGS = {"1.2", "1.3", "1.3 or 1.2"};
    public static final String[][] TABLE_ENABLED_SSL_PROTOCOLS = {new String[]{"TLSv1.2"}, new String[]{"TLSv1.3"}, new String[]{"TLSv1.3", "TLSv1.2"}};
    public static final int[] VALID_SSL_STRING_TO_PROTOCOLS_MAP = {0, 1, 2};
    static final HashSet<String> UNSUPPORTED_PROTOCOLS_SET = new HashSet<>();
    static final HashSet<String> DEFAULT_VALUE_SET;

    private TcpsConfigure() {
    }

    public static void configureVersion(SSLSocket sSLSocket, SSLEngine sSLEngine, String str, boolean z) throws NetException, IOException {
        String[] allSupportedProtocols;
        if (str == null) {
            str = System.getProperty("oracle.net.ssl_version");
        }
        int i = -1;
        if (str == null || DEFAULT_VALUE_SET.contains(str)) {
            allSupportedProtocols = getAllSupportedProtocols(z, sSLEngine, sSLSocket);
            if (allSupportedProtocols == null) {
                throw new NetException(NetException.INVALID_SSL_VERSION);
            }
        } else {
            if (str.startsWith("(") && str.endsWith(")")) {
                str = str.substring(1, str.length() - 1);
            }
            if (str.startsWith("{")) {
                String substring = str.substring(1, str.length() - 1);
                if (substring.startsWith("(")) {
                    substring = substring.substring(1, substring.length() - 1);
                }
                allSupportedProtocols = substring.trim().split("\\s*,\\s*");
            } else {
                int i2 = 0;
                while (true) {
                    try {
                        if (i2 >= VALID_SSL_VERSION_STRINGS.length) {
                            break;
                        }
                        if (str.equalsIgnoreCase(VALID_SSL_VERSION_STRINGS[i2])) {
                            i = i2;
                            break;
                        }
                        i2++;
                    } catch (Exception e) {
                        throw ((NetException) new NetException(NetException.INVALID_SSL_VERSION, str).initCause(e));
                    }
                }
                if (i == -1 || i >= VALID_SSL_VERSION_STRINGS.length) {
                    throw new NetException(NetException.INVALID_SSL_VERSION);
                }
                allSupportedProtocols = TABLE_ENABLED_SSL_PROTOCOLS[VALID_SSL_STRING_TO_PROTOCOLS_MAP[i]];
            }
        }
        try {
            if (z) {
                sSLEngine.setEnabledProtocols(allSupportedProtocols);
            } else {
                sSLSocket.setEnabledProtocols(allSupportedProtocols);
            }
        } catch (IllegalArgumentException e2) {
            throw ((NetException) new NetException(NetException.UNSUPPORTED_SSL_PROTOCOL).initCause(e2));
        }
    }

    public static void configureCipherSuites(SSLSocket sSLSocket, SSLEngine sSLEngine, String str, boolean z) throws NetException, IOException {
        if (str == null) {
            str = System.getProperty("oracle.net.ssl_cipher_suites");
        }
        if (str == null) {
            return;
        }
        String str2 = (str.startsWith("(") && str.endsWith(")")) ? "(cipher_suites=" + str + ")" : "(cipher_suites=(" + str + NavSchemaObject.CID3v2;
        try {
            NVPair createNVPair = new NVFactory().createNVPair(str2);
            String[] strArr = new String[createNVPair.getListSize()];
            if (createNVPair.getRHSType() != NVPair.LIST_COMMASEP && createNVPair.getRHSType() != NVPair.RHS_LIST) {
                throw new NetException(NetException.INVALID_SSL_CIPHER_SUITES, str2);
            }
            for (int i = 0; i < createNVPair.getListSize(); i++) {
                strArr[i] = createNVPair.getListElement(i).getName();
            }
            if (z) {
                sSLEngine.setEnabledCipherSuites(strArr);
            } else {
                sSLSocket.setEnabledCipherSuites(strArr);
            }
        } catch (IllegalArgumentException e) {
            throw ((NetException) new NetException(NetException.UNSUPPORTED_SSL_CIPHER_SUITE).initCause(e));
        } catch (NLException e2) {
            throw new NetException(NetException.INVALID_SSL_CIPHER_SUITES, str2);
        }
    }

    private static String[] getAllSupportedProtocols(boolean z, SSLEngine sSLEngine, SSLSocket sSLSocket) {
        ArrayList arrayList = new ArrayList();
        String[] supportedProtocols = z ? sSLEngine.getSupportedProtocols() : sSLSocket.getSupportedProtocols();
        if (supportedProtocols == null) {
            return null;
        }
        for (String str : supportedProtocols) {
            if (!UNSUPPORTED_PROTOCOLS_SET.contains(str)) {
                arrayList.add(str);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.String[], java.lang.String[][]] */
    static {
        UNSUPPORTED_PROTOCOLS_SET.add("SSLv3");
        UNSUPPORTED_PROTOCOLS_SET.add("SSLv2Hello");
        DEFAULT_VALUE_SET = new HashSet<>();
        DEFAULT_VALUE_SET.add("0");
        DEFAULT_VALUE_SET.add("(0)");
        DEFAULT_VALUE_SET.add("undetermined");
        DEFAULT_VALUE_SET.add("(undetermined)");
    }
}
