package io.netty.handler.ssl;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufAllocator;
import io.netty.internal.tcnative.Buffer;
import io.netty.internal.tcnative.Library;
import io.netty.internal.tcnative.SSL;
import io.netty.internal.tcnative.SSLContext;
import io.netty.util.ReferenceCountUtil;
import io.netty.util.ReferenceCounted;
import io.netty.util.internal.NativeLibraryLoader;
import io.netty.util.internal.PlatformDependent;
import io.netty.util.internal.SystemPropertyUtil;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.ByteArrayInputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
public final class OpenSsl {
public static final /* synthetic */ boolean $assertionsDisabled = false;
public static final Set<String> AVAILABLE_CIPHER_SUITES;
private static final Set<String> AVAILABLE_JAVA_CIPHER_SUITES;
private static final Set<String> AVAILABLE_OPENSSL_CIPHER_SUITES;
public static final List<String> DEFAULT_CIPHERS;
private static final boolean IS_BORINGSSL;
public static final Set<String> SUPPORTED_PROTOCOLS_SET;
private static final boolean SUPPORTS_HOSTNAME_VALIDATION;
private static final boolean SUPPORTS_KEYMANAGER_FACTORY;
private static final boolean SUPPORTS_OCSP;
private static final boolean TLSV13_SUPPORTED;
private static final Throwable UNAVAILABILITY_CAUSE;
private static final boolean USE_KEYMANAGER_FACTORY;
private static final InternalLogger logger;
/* JADX WARNING: Failed to process nested try/catch */
/* JADX WARNING: Missing exception handler attribute for start block: B:85:0x0164 */
/* JADX WARNING: Removed duplicated region for block: B:101:0x0182 A[Catch:{ all -> 0x018d }] */
/* JADX WARNING: Removed duplicated region for block: B:114:0x019e A[Catch:{ all -> 0x01a2 }] */
/* JADX WARNING: Removed duplicated region for block: B:130:0x01da */
/* JADX WARNING: Removed duplicated region for block: B:136:0x0247 */
/* JADX WARNING: Removed duplicated region for block: B:139:0x0254 */
/* JADX WARNING: Removed duplicated region for block: B:142:0x0262 */
/* JADX WARNING: Removed duplicated region for block: B:145:0x0271 */
/* JADX WARNING: Removed duplicated region for block: B:148:0x0280 */
/* JADX WARNING: Removed duplicated region for block: B:150:0x0287 */
/* JADX WARNING: Removed duplicated region for block: B:156:0x02b0 */
/* JADX WARNING: Removed duplicated region for block: B:173:? A[RETURN, SYNTHETIC] */
static {
boolean z;
boolean z4;
boolean z5;
boolean z12;
InternalLogger internalLogger;
boolean z13;
Exception e;
Throwable th2;
long j;
Throwable th3;
boolean z14;
boolean z15;
ClassNotFoundException e6;
ClassNotFoundException classNotFoundException;
InternalLogger instance = InternalLoggerFactory.getInstance(OpenSsl.class);
logger = instance;
boolean z16 = false;
Throwable th4 = null;
if (SystemPropertyUtil.getBoolean("io.netty.handler.ssl.noOpenSsl", false)) {
th4 = new UnsupportedOperationException("OpenSSL was explicit disabled with -Dio.netty.handler.ssl.noOpenSsl=true");
instance.debug("netty-tcnative explicit disabled; OpenSslEngine will be unavailable.", th4);
} else {
try {
Class.forName("io.netty.internal.tcnative.SSL", false, OpenSsl.class.getClassLoader());
e6 = null;
} catch (ClassNotFoundException e12) {
e6 = e12;
logger.debug("netty-tcnative not in the classpath; OpenSslEngine will be unavailable.");
}
if (e6 == null) {
try {
loadTcNative();
classNotFoundException = e6;
} catch (Throwable th5) {
classNotFoundException = th5;
logger.debug("Failed to load netty-tcnative; OpenSslEngine will be unavailable, unless the application has already loaded the symbols by some other means. See http://netty.io/wiki/forked-tomcat-native.html for more information.", (Throwable) classNotFoundException);
}
try {
String str = SystemPropertyUtil.get("io.netty.handler.ssl.openssl.engine", null);
if (str == null) {
logger.debug("Initialize netty-tcnative using engine: 'default'");
} else {
logger.debug("Initialize netty-tcnative using engine: '{}'", str);
}
initializeTcNative(str);
} catch (Throwable th6) {
th4 = classNotFoundException == null ? th6 : classNotFoundException;
logger.debug("Failed to initialize netty-tcnative; OpenSslEngine will be unavailable. See http://netty.io/wiki/forked-tomcat-native.html for more information.", th6);
}
} else {
th4 = e6;
}
}
UNAVAILABILITY_CAUSE = th4;
if (th4 == null) {
logger.debug("netty-tcnative using native library: {}", SSL.versionString());
ArrayList arrayList = new ArrayList();
LinkedHashSet linkedHashSet = new LinkedHashSet(128);
IS_BORINGSSL = "BoringSSL".equals(versionString());
try {
long make = SSLContext.make(63, 1);
try {
StringBuilder sb2 = new StringBuilder();
for (String str2 : SslUtils.TLSV13_CIPHERS) {
String openSsl = CipherSuiteConverter.toOpenSsl(str2, IS_BORINGSSL);
if (openSsl != null) {
sb2.append(openSsl);
sb2.append(':');
}
}
if (sb2.length() == 0) {
z15 = false;
} else {
sb2.setLength(sb2.length() - 1);
SSLContext.setCipherSuite(make, sb2.toString(), true);
z15 = true;
}
z5 = z15;
} catch (Exception unused) {
z5 = false;
} catch (Throwable th7) {
th2 = th7;
z5 = false;
z13 = false;
z4 = false;
try {
SSLContext.free(make);
throw th2;
} catch (Exception e13) {
e = e13;
logger.warn("Failed to get the list of available OpenSSL cipher suites.", (Throwable) e);
z = z16;
z12 = z13;
Set<String> unmodifiableSet = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet;
LinkedHashSet linkedHashSet2 = new LinkedHashSet(unmodifiableSet.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet2, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet2, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet2);
List<String> unmodifiableList = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList;
Set<String> unmodifiableSet2 = Collections.unmodifiableSet(linkedHashSet2);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet2;
Set<String> set = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet3 = new LinkedHashSet(unmodifiableSet2.size() + set.size());
linkedHashSet3.addAll(set);
linkedHashSet3.addAll(unmodifiableSet2);
AVAILABLE_CIPHER_SUITES = linkedHashSet3;
SUPPORTS_KEYMANAGER_FACTORY = z;
SUPPORTS_HOSTNAME_VALIDATION = z4;
USE_KEYMANAGER_FACTORY = z12;
LinkedHashSet linkedHashSet4 = new LinkedHashSet(6);
linkedHashSet4.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (z5) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet3 = Collections.unmodifiableSet(linkedHashSet4);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet3;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (!internalLogger.isDebugEnabled()) {
}
}
}
try {
SSLContext.setCipherSuite(make, "ALL", false);
long newSSL = SSL.newSSL(make, true);
try {
String[] ciphers = SSL.getCiphers(newSSL);
for (String str3 : ciphers) {
if (str3 != null && !str3.isEmpty() && !linkedHashSet.contains(str3)) {
if (z5 || !SslUtils.isTLSv13Cipher(str3)) {
linkedHashSet.add(str3);
}
}
}
if (IS_BORINGSSL) {
Collections.addAll(linkedHashSet, "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "AEAD-AES128-GCM-SHA256", "AEAD-AES256-GCM-SHA384", "AEAD-CHACHA20-POLY1305-SHA256");
}
try {
SSL.setHostNameValidation(newSSL, 0, "netty.io");
z4 = true;
} catch (Throwable unused2) {
logger.debug("Hostname Verification not supported.");
z4 = false;
}
try {
j = ReferenceCountedOpenSslContext.toBIO(ByteBufAllocator.DEFAULT, selfSignedCertificate());
try {
SSL.setCertificateChainBio(newSSL, j, false);
z14 = ((Boolean) AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
/* class io.netty.handler.ssl.OpenSsl.AnonymousClass1 */
@Override // java.security.PrivilegedAction
public Boolean run() {
return Boolean.valueOf(SystemPropertyUtil.getBoolean("io.netty.handler.ssl.openssl.useKeyManagerFactory", true));
}
})).booleanValue();
} catch (Throwable unused3) {
z = false;
try {
logger.debug("KeyManagerFactory not supported.");
z12 = false;
SSL.freeSSL(newSSL);
if (j != 0) {
}
SSLContext.free(make);
Set<String> unmodifiableSet4 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet4;
LinkedHashSet linkedHashSet22 = new LinkedHashSet(unmodifiableSet4.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet22, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet22, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet22);
List<String> unmodifiableList2 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList2;
Set<String> unmodifiableSet22 = Collections.unmodifiableSet(linkedHashSet22);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet22;
Set<String> set2 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet32 = new LinkedHashSet(unmodifiableSet22.size() + set2.size());
linkedHashSet32.addAll(set2);
linkedHashSet32.addAll(unmodifiableSet22);
AVAILABLE_CIPHER_SUITES = linkedHashSet32;
SUPPORTS_KEYMANAGER_FACTORY = z;
SUPPORTS_HOSTNAME_VALIDATION = z4;
USE_KEYMANAGER_FACTORY = z12;
LinkedHashSet linkedHashSet42 = new LinkedHashSet(6);
linkedHashSet42.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (z5) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet32 = Collections.unmodifiableSet(linkedHashSet42);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet32;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (!internalLogger.isDebugEnabled()) {
}
} catch (Throwable th8) {
th3 = th8;
try {
SSL.freeSSL(newSSL);
if (j != 0) {
SSL.freeBIO(j);
}
throw th3;
} catch (Throwable th9) {
th2 = th9;
z16 = z;
z13 = false;
SSLContext.free(make);
throw th2;
}
}
}
try {
logger.debug("Failed to get useKeyManagerFactory system property.");
z14 = false;
z12 = z14;
z = true;
} catch (Throwable unused4) {
z = true;
logger.debug("KeyManagerFactory not supported.");
z12 = false;
SSL.freeSSL(newSSL);
if (j != 0) {
}
SSLContext.free(make);
Set<String> unmodifiableSet42 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet42;
LinkedHashSet linkedHashSet222 = new LinkedHashSet(unmodifiableSet42.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet222);
List<String> unmodifiableList22 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList22;
Set<String> unmodifiableSet222 = Collections.unmodifiableSet(linkedHashSet222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet222;
Set<String> set22 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet322 = new LinkedHashSet(unmodifiableSet222.size() + set22.size());
linkedHashSet322.addAll(set22);
linkedHashSet322.addAll(unmodifiableSet222);
AVAILABLE_CIPHER_SUITES = linkedHashSet322;
SUPPORTS_KEYMANAGER_FACTORY = z;
SUPPORTS_HOSTNAME_VALIDATION = z4;
USE_KEYMANAGER_FACTORY = z12;
LinkedHashSet linkedHashSet422 = new LinkedHashSet(6);
linkedHashSet422.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (z5) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet322 = Collections.unmodifiableSet(linkedHashSet422);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet322;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (!internalLogger.isDebugEnabled()) {
}
}
} catch (Throwable unused5) {
j = 0;
z = false;
logger.debug("KeyManagerFactory not supported.");
z12 = false;
SSL.freeSSL(newSSL);
if (j != 0) {
}
SSLContext.free(make);
Set<String> unmodifiableSet422 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet422;
LinkedHashSet linkedHashSet2222 = new LinkedHashSet(unmodifiableSet422.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet2222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet2222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet2222);
List<String> unmodifiableList222 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList222;
Set<String> unmodifiableSet2222 = Collections.unmodifiableSet(linkedHashSet2222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet2222;
Set<String> set222 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet3222 = new LinkedHashSet(unmodifiableSet2222.size() + set222.size());
linkedHashSet3222.addAll(set222);
linkedHashSet3222.addAll(unmodifiableSet2222);
AVAILABLE_CIPHER_SUITES = linkedHashSet3222;
SUPPORTS_KEYMANAGER_FACTORY = z;
SUPPORTS_HOSTNAME_VALIDATION = z4;
USE_KEYMANAGER_FACTORY = z12;
LinkedHashSet linkedHashSet4222 = new LinkedHashSet(6);
linkedHashSet4222.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (z5) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet3222 = Collections.unmodifiableSet(linkedHashSet4222);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet3222;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (!internalLogger.isDebugEnabled()) {
}
}
try {
SSL.freeSSL(newSSL);
if (j != 0) {
SSL.freeBIO(j);
}
try {
SSLContext.free(make);
} catch (Exception e14) {
e = e14;
z13 = z12;
z16 = z;
}
Set<String> unmodifiableSet4222 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet4222;
LinkedHashSet linkedHashSet22222 = new LinkedHashSet(unmodifiableSet4222.size() * 2);
for (String str4 : unmodifiableSet4222) {
if (!SslUtils.isTLSv13Cipher(str4)) {
linkedHashSet22222.add(CipherSuiteConverter.toJava(str4, "TLS"));
linkedHashSet22222.add(CipherSuiteConverter.toJava(str4, "SSL"));
} else {
linkedHashSet22222.add(str4);
}
}
SslUtils.addIfSupported(linkedHashSet22222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet22222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet22222);
List<String> unmodifiableList2222 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList2222;
Set<String> unmodifiableSet22222 = Collections.unmodifiableSet(linkedHashSet22222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet22222;
Set<String> set2222 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet32222 = new LinkedHashSet(unmodifiableSet22222.size() + set2222.size());
linkedHashSet32222.addAll(set2222);
linkedHashSet32222.addAll(unmodifiableSet22222);
AVAILABLE_CIPHER_SUITES = linkedHashSet32222;
SUPPORTS_KEYMANAGER_FACTORY = z;
SUPPORTS_HOSTNAME_VALIDATION = z4;
USE_KEYMANAGER_FACTORY = z12;
LinkedHashSet linkedHashSet42222 = new LinkedHashSet(6);
linkedHashSet42222.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
linkedHashSet42222.add("SSLv2");
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
linkedHashSet42222.add("SSLv3");
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
linkedHashSet42222.add("TLSv1");
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
linkedHashSet42222.add("TLSv1.1");
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
linkedHashSet42222.add("TLSv1.2");
}
if (z5 || !doesSupportProtocol(32, SSL.SSL_OP_NO_TLSv1_3)) {
TLSV13_SUPPORTED = false;
} else {
linkedHashSet42222.add("TLSv1.3");
TLSV13_SUPPORTED = true;
}
Set<String> unmodifiableSet32222 = Collections.unmodifiableSet(linkedHashSet42222);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet32222;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (!internalLogger.isDebugEnabled()) {
internalLogger.debug("Supported protocols (OpenSSL): {} ", unmodifiableSet32222);
internalLogger.debug("Default cipher suites (OpenSSL): {}", unmodifiableList2222);
}
} catch (Throwable th10) {
th2 = th10;
z13 = z12;
z16 = z;
SSLContext.free(make);
throw th2;
}
} catch (Throwable th11) {
th3 = th11;
j = 0;
z4 = false;
z = false;
SSL.freeSSL(newSSL);
if (j != 0) {
}
throw th3;
}
} catch (Throwable th12) {
th2 = th12;
z16 = false;
z13 = false;
z4 = false;
SSLContext.free(make);
throw th2;
}
} catch (Exception e15) {
e = e15;
z16 = false;
z5 = false;
z13 = false;
z4 = false;
logger.warn("Failed to get the list of available OpenSSL cipher suites.", (Throwable) e);
z = z16;
z12 = z13;
Set<String> unmodifiableSet42222 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet42222;
LinkedHashSet linkedHashSet222222 = new LinkedHashSet(unmodifiableSet42222.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet222222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet222222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet222222);
List<String> unmodifiableList22222 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList22222;
Set<String> unmodifiableSet222222 = Collections.unmodifiableSet(linkedHashSet222222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet222222;
Set<String> set22222 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet322222 = new LinkedHashSet(unmodifiableSet222222.size() + set22222.size());
linkedHashSet322222.addAll(set22222);
linkedHashSet322222.addAll(unmodifiableSet222222);
AVAILABLE_CIPHER_SUITES = linkedHashSet322222;
SUPPORTS_KEYMANAGER_FACTORY = z;
SUPPORTS_HOSTNAME_VALIDATION = z4;
USE_KEYMANAGER_FACTORY = z12;
LinkedHashSet linkedHashSet422222 = new LinkedHashSet(6);
linkedHashSet422222.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (z5) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet322222 = Collections.unmodifiableSet(linkedHashSet422222);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet322222;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (!internalLogger.isDebugEnabled()) {
}
}
} else {
DEFAULT_CIPHERS = Collections.emptyList();
AVAILABLE_OPENSSL_CIPHER_SUITES = Collections.emptySet();
AVAILABLE_JAVA_CIPHER_SUITES = Collections.emptySet();
AVAILABLE_CIPHER_SUITES = Collections.emptySet();
SUPPORTS_KEYMANAGER_FACTORY = false;
SUPPORTS_HOSTNAME_VALIDATION = false;
USE_KEYMANAGER_FACTORY = false;
SUPPORTED_PROTOCOLS_SET = Collections.emptySet();
SUPPORTS_OCSP = false;
TLSV13_SUPPORTED = false;
IS_BORINGSSL = false;
}
}
private OpenSsl() {
}
@Deprecated
public static Set<String> availableCipherSuites() {
return availableOpenSslCipherSuites();
}
public static Set<String> availableJavaCipherSuites() {
return AVAILABLE_JAVA_CIPHER_SUITES;
}
public static Set<String> availableOpenSslCipherSuites() {
return AVAILABLE_OPENSSL_CIPHER_SUITES;
}
/* JADX WARNING: Removed duplicated region for block: B:16:0x002b */
/* JADX WARNING: Removed duplicated region for block: B:22:0x0034 */
private static boolean doesSupportOcsp() {
long j;
Throwable th2;
if (((long) version()) >= 268443648) {
try {
j = SSLContext.make(16, 1);
try {
SSLContext.enableOcsp(j, false);
if (j == -1) {
return true;
}
SSLContext.free(j);
return true;
} catch (Exception unused) {
if (j != -1) {
}
return false;
} catch (Throwable th3) {
th2 = th3;
if (j != -1) {
}
throw th2;
}
} catch (Exception unused2) {
j = -1;
if (j != -1) {
SSLContext.free(j);
}
return false;
} catch (Throwable th4) {
th2 = th4;
j = -1;
if (j != -1) {
SSLContext.free(j);
}
throw th2;
}
}
return false;
}
/* JADX WARNING: Code restructure failed: missing block: B:12:0x0016, code lost:
return false;
*/
/* JADX WARNING: Exception block dominator not found, dom blocks: [] */
private static boolean doesSupportProtocol(int i, int i3) {
if (i3 == 0) {
return false;
}
long make = SSLContext.make(i, 2);
if (make != -1) {
SSLContext.free(make);
}
return true;
}
public static void ensureAvailability() {
Throwable th2 = UNAVAILABILITY_CAUSE;
if (th2 != null) {
throw ((Error) new UnsatisfiedLinkError("failed to load the required native library").initCause(th2));
}
}
private static boolean initializeTcNative(String str) throws Exception {
return Library.initialize("provided", str);
}
public static boolean isAlpnSupported() {
return ((long) version()) >= 268443648;
}
public static boolean isAvailable() {
return UNAVAILABILITY_CAUSE == null;
}
public static boolean isBoringSSL() {
return IS_BORINGSSL;
}
public static boolean isCipherSuiteAvailable(String str) {
String openSsl = CipherSuiteConverter.toOpenSsl(str, IS_BORINGSSL);
if (openSsl != null) {
str = openSsl;
}
return AVAILABLE_OPENSSL_CIPHER_SUITES.contains(str);
}
public static boolean isOcspSupported() {
return SUPPORTS_OCSP;
}
public static boolean isTlsv13Supported() {
return TLSV13_SUPPORTED;
}
private static void loadTcNative() throws Exception {
String normalizedOs = PlatformDependent.normalizedOs();
String normalizedArch = PlatformDependent.normalizedArch();
LinkedHashSet linkedHashSet = new LinkedHashSet(4);
linkedHashSet.add("netty_tcnative" + "_" + normalizedOs + '_' + normalizedArch);
if ("linux".equalsIgnoreCase(normalizedOs)) {
linkedHashSet.add("netty_tcnative" + "_" + normalizedOs + '_' + normalizedArch + "_fedora");
}
linkedHashSet.add("netty_tcnative" + "_" + normalizedArch);
linkedHashSet.add("netty_tcnative");
NativeLibraryLoader.loadFirstAvailable(SSL.class.getClassLoader(), (String[]) linkedHashSet.toArray(new String[0]));
}
public static long memoryAddress(ByteBuf byteBuf) {
return byteBuf.hasMemoryAddress() ? byteBuf.memoryAddress() : Buffer.address(byteBuf.nioBuffer());
}
public static void releaseIfNeeded(ReferenceCounted referenceCounted) {
if (referenceCounted.refCnt() > 0) {
ReferenceCountUtil.safeRelease(referenceCounted);
}
}
public static X509Certificate selfSignedCertificate() throws CertificateException {
return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(new byte[]{48, -126, 1, -92, 48, -126, 1, 13, -96, 3, 2, 1, 2, 2, 9, 0, -9, 61, 44, 121, -118, -4, -45, -120, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 5, 5, 0, 48, 19, 49, 17, 48, 15, 6, 3, 85, 4, 3, 19, 8, 110, 101, 116, 116, 121, 46, 105, 111, 48, 32, 23, 13, 49, 55, 49, 48, 50, 48, 49, 56, 49, 54, 51, 54, 90, 24, 15, 57, 57, 57, 57, 49, 50, 51, 49, 50, 51, 53, 57, 53, 57, 90, 48, 19, 49, 17, 48, 15, 6, 3, 85, 4, 3, 19, 8, 110, 101, 116, 116, 121, 46, 105, 111, 48, -127, -97, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 1, 5, 0, 3, -127, -115, 0, 48, -127, -119, 2, -127, -127, 0, -116, 37, 122, -53, 28, 46, 13, -90, -14, -33, 111, -108, -41, 59, 90, 124, 113, -112, -66, -17, -102, 44, 13, 7, -33, -28, 24, -79, -126, -76, 40, 111, -126, -103, -102, 34, 11, 45, 16, -38, 63, 24, 80, 24, 76, 88, -93, 96, 11, 38, -19, -64, -11, 87, -49, -52, -65, 24, 36, -22, 53, 8, -42, 14, -121, 114, 6, 17, -82, 10, 92, -91, -127, 81, -12, -75, 105, -10, -106, 91, -38, 111, 50, 57, -97, -125, 109, 42, -87, -1, -19, 80, 78, 49, -97, -4, 23, -2, -103, 122, -107, -43, 4, -31, -21, 90, 39, -9, -106, 34, -101, -116, 31, -94, -84, 80, -6, -78, -33, 87, -90, 31, 103, 100, 56, -103, -5, 11, 2, 3, 1, 0, 1, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 5, 5, 0, 3, -127, -127, 0, 112, 45, -73, 5, 64, 49, 59, 101, 51, 73, -96, 62, 23, -84, 90, -41, -58, 83, -20, -72, 38, 123, -108, -45, 28, 96, -122, -18, 30, 42, 86, 87, -87, -28, 107, 110, 11, -59, 91, 100, 101, -18, 26, -103, -78, -80, -3, 38, 113, 83, -48, -108, 109, 41, -15, 6, 112, 105, 7, -46, -11, -3, -51, 40, -66, -73, -83, -46, -94, -121, -88, 51, -106, -77, 109, 53, -7, 123, 91, 75, -105, -22, 64, 121, -72, -59, -21, -44, 84, 12, 9, 120, 21, -26, 13, 49, -81, -58, -47, 117, -44, -18, -17, 124, 49, -48, 19, 16, -41, 71, -52, -107, 99, -19, -29, 105, -93, -71, -38, -97, Byte.MIN_VALUE, -2, 118, 119, 49, -126, 109, 119}));
}
public static boolean supportsHostnameValidation() {
return SUPPORTS_HOSTNAME_VALIDATION;
}
public static boolean supportsKeyManagerFactory() {
return SUPPORTS_KEYMANAGER_FACTORY;
}
public static Throwable unavailabilityCause() {
return UNAVAILABILITY_CAUSE;
}
public static boolean useKeyManagerFactory() {
return USE_KEYMANAGER_FACTORY;
}
public static int version() {
if (isAvailable()) {
return SSL.version();
}
return -1;
}
public static String versionString() {
if (isAvailable()) {
return SSL.versionString();
}
return null;
}
}