package org.openeuler.sun.security.ssl;

import java.io.IOException;
import java.security.AccessController;
import java.security.AlgorithmParameters;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.EllipticCurve;
import java.security.spec.RSAPublicKeySpec;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import org.openeuler.gm.GMConstants;
import sun.security.jca.ProviderList;
import sun.security.jca.Providers;
import sun.security.util.ECUtil;
import sun.security.util.SecurityConstants;

/* loaded from: input_file:WEB-INF/lib/jsse-1.0.3.jar:org/openeuler/sun/security/ssl/JsseJce.class */
final class JsseJce {
    static final boolean ALLOW_ECC = Utilities.getBooleanProperty("com.sun.net.ssl.enableECC", true);
    private static final ProviderList fipsProviderList;
    private static final boolean kerberosAvailable;
    static final String CIPHER_RSA_PKCS1 = "RSA/ECB/PKCS1Padding";
    static final String CIPHER_RC4 = "RC4";
    static final String CIPHER_DES = "DES/CBC/NoPadding";
    static final String CIPHER_3DES = "DESede/CBC/NoPadding";
    static final String CIPHER_AES = "AES/CBC/NoPadding";
    static final String CIPHER_SM4 = "SM4/CBC/NoPadding";
    static final String CIPHER_SM2 = "SM2";
    static final String CIPHER_AES_GCM = "AES/GCM/NoPadding";
    static final String CIPHER_SM4_GCM = "SM4/GCM/NoPadding";
    static final String SIGNATURE_DSA = "DSA";
    static final String SIGNATURE_ECDSA = "SHA1withECDSA";
    static final String SIGNATURE_SM2 = "SM3WithSM2";
    static final String SIGNATURE_RAWDSA = "RawDSA";
    static final String SIGNATURE_RAWECDSA = "NONEwithECDSA";
    static final String SIGNATURE_RAWRSA = "NONEwithRSA";
    static final String SIGNATURE_SSLRSA = "MD5andSHA1withRSA";

    /* loaded from: input_file:WEB-INF/lib/jsse-1.0.3.jar:org/openeuler/sun/security/ssl/JsseJce$EcAvailability.class */
    private static class EcAvailability {
        private static final boolean isAvailable;

        private EcAvailability() {
        }

        static {
            boolean z = true;
            try {
                JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA);
                JsseJce.getSignature(JsseJce.SIGNATURE_RAWECDSA);
                JsseJce.getKeyAgreement("ECDH");
                JsseJce.getKeyFactory(GMConstants.EC);
                JsseJce.getKeyPairGenerator(GMConstants.EC);
                JsseJce.getAlgorithmParameters(GMConstants.EC);
            } catch (Exception e) {
                z = false;
            }
            isAvailable = z;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jsse-1.0.3.jar:org/openeuler/sun/security/ssl/JsseJce$SunCertificates.class */
    private static final class SunCertificates extends Provider {
        private static final long serialVersionUID = -3284138292032213752L;

        SunCertificates(final Provider provider) {
            super("SunCertificates", SecurityConstants.PROVIDER_VER.doubleValue(), "SunJSSE internal");
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: org.openeuler.sun.security.ssl.JsseJce.SunCertificates.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    for (Map.Entry<Object, Object> entry : provider.entrySet()) {
                        String str = (String) entry.getKey();
                        if (str.startsWith("CertPathValidator.") || str.startsWith("CertPathBuilder.") || str.startsWith("CertStore.") || str.startsWith("CertificateFactory.")) {
                            SunCertificates.this.put(str, entry.getValue());
                        }
                    }
                    return null;
                }
            });
        }
    }

    private JsseJce() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isEcAvailable() {
        return EcAvailability.isAvailable;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isKerberosAvailable() {
        return kerberosAvailable;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Cipher getCipher(String str) throws NoSuchAlgorithmException {
        try {
            return SunJSSE.cryptoProvider == null ? Cipher.getInstance(str) : Cipher.getInstance(str, SunJSSE.cryptoProvider);
        } catch (NoSuchPaddingException e) {
            throw new NoSuchAlgorithmException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Signature getSignature(String str) throws NoSuchAlgorithmException {
        if (SunJSSE.cryptoProvider == null) {
            return Signature.getInstance(str);
        }
        if (str != SIGNATURE_SSLRSA || SunJSSE.cryptoProvider.getService("Signature", str) != null) {
            return Signature.getInstance(str, SunJSSE.cryptoProvider);
        }
        try {
            return Signature.getInstance(str, "SunJSSE");
        } catch (NoSuchProviderException e) {
            throw new NoSuchAlgorithmException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyGenerator getKeyGenerator(String str) throws NoSuchAlgorithmException {
        return SunJSSE.cryptoProvider == null ? KeyGenerator.getInstance(str) : KeyGenerator.getInstance(str, SunJSSE.cryptoProvider);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyPairGenerator getKeyPairGenerator(String str) throws NoSuchAlgorithmException {
        return SunJSSE.cryptoProvider == null ? KeyPairGenerator.getInstance(str) : KeyPairGenerator.getInstance(str, SunJSSE.cryptoProvider);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyAgreement getKeyAgreement(String str) throws NoSuchAlgorithmException {
        return SunJSSE.cryptoProvider == null ? KeyAgreement.getInstance(str) : KeyAgreement.getInstance(str, SunJSSE.cryptoProvider);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Mac getMac(String str) throws NoSuchAlgorithmException {
        return SunJSSE.cryptoProvider == null ? Mac.getInstance(str) : Mac.getInstance(str, SunJSSE.cryptoProvider);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyFactory getKeyFactory(String str) throws NoSuchAlgorithmException {
        return SunJSSE.cryptoProvider == null ? KeyFactory.getInstance(str) : KeyFactory.getInstance(str, SunJSSE.cryptoProvider);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AlgorithmParameters getAlgorithmParameters(String str) throws NoSuchAlgorithmException {
        return SunJSSE.cryptoProvider == null ? AlgorithmParameters.getInstance(str) : AlgorithmParameters.getInstance(str, SunJSSE.cryptoProvider);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecureRandom getSecureRandom() throws KeyManagementException {
        if (SunJSSE.cryptoProvider == null) {
            return new SecureRandom();
        }
        try {
            return SecureRandom.getInstance("PKCS11", SunJSSE.cryptoProvider);
        } catch (NoSuchAlgorithmException e) {
            for (Provider.Service service : SunJSSE.cryptoProvider.getServices()) {
                if (service.getType().equals("SecureRandom")) {
                    try {
                        return SecureRandom.getInstance(service.getAlgorithm(), SunJSSE.cryptoProvider);
                    } catch (NoSuchAlgorithmException e2) {
                    }
                }
            }
            throw new KeyManagementException("FIPS mode: no SecureRandom  implementation found in provider " + SunJSSE.cryptoProvider.getName());
        }
    }

    static MessageDigest getMD5() {
        return getMessageDigest("MD5");
    }

    static MessageDigest getSHA() {
        return getMessageDigest("SHA");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static MessageDigest getMessageDigest(String str) {
        try {
            return SunJSSE.cryptoProvider == null ? MessageDigest.getInstance(str) : MessageDigest.getInstance(str, SunJSSE.cryptoProvider);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Algorithm " + str + " not available", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getRSAKeyLength(PublicKey publicKey) {
        return (publicKey instanceof RSAPublicKey ? ((RSAPublicKey) publicKey).getModulus() : getRSAPublicKeySpec(publicKey).getModulus()).bitLength();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RSAPublicKeySpec getRSAPublicKeySpec(PublicKey publicKey) {
        if (publicKey instanceof RSAPublicKey) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            return new RSAPublicKeySpec(rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent());
        }
        try {
            return (RSAPublicKeySpec) getKeyFactory("RSA").getKeySpec(publicKey, RSAPublicKeySpec.class);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECParameterSpec getECParameterSpec(String str) {
        return ECUtil.getECParameterSpec(SunJSSE.cryptoProvider, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getNamedCurveOid(ECParameterSpec eCParameterSpec) {
        return ECUtil.getCurveName(SunJSSE.cryptoProvider, eCParameterSpec);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECPoint decodePoint(byte[] bArr, EllipticCurve ellipticCurve) throws IOException {
        return ECUtil.decodePoint(bArr, ellipticCurve);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] encodePoint(ECPoint eCPoint, EllipticCurve ellipticCurve) {
        return ECUtil.encodePoint(eCPoint, ellipticCurve);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Object beginFipsProvider() {
        if (fipsProviderList == null) {
            return null;
        }
        return Providers.beginThreadProviderList(fipsProviderList);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void endFipsProvider(Object obj) {
        if (fipsProviderList != null) {
            Providers.endThreadProviderList((ProviderList) obj);
        }
    }

    static {
        boolean z;
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() { // from class: org.openeuler.sun.security.ssl.JsseJce.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Void run() throws Exception {
                    Class.forName("sun.security.krb5.PrincipalName", true, null);
                    return null;
                }
            });
            z = true;
        } catch (Exception e) {
            z = false;
        }
        kerberosAvailable = z;
        if (!SunJSSE.isFIPS()) {
            fipsProviderList = null;
            return;
        }
        Provider provider = Security.getProvider("SUN");
        if (provider == null) {
            throw new RuntimeException("FIPS mode: SUN provider must be installed");
        }
        fipsProviderList = ProviderList.newList(new Provider[]{SunJSSE.cryptoProvider, new SunCertificates(provider)});
    }
}
