package io.netty.handler.ssl; import io.netty.buffer.ByteBuf; import io.netty.buffer.ByteBufAllocator; import io.netty.internal.tcnative.Buffer; import io.netty.internal.tcnative.Library; import io.netty.internal.tcnative.SSL; import io.netty.internal.tcnative.SSLContext; import io.netty.util.ReferenceCountUtil; import io.netty.util.ReferenceCounted; import io.netty.util.internal.NativeLibraryLoader; import io.netty.util.internal.PlatformDependent; import io.netty.util.internal.SystemPropertyUtil; import io.netty.util.internal.logging.InternalLogger; import io.netty.util.internal.logging.InternalLoggerFactory; import java.io.ByteArrayInputStream; import java.security.AccessController; import java.security.PrivilegedAction; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collections; import java.util.LinkedHashSet; import java.util.List; import java.util.Set; public final class OpenSsl { public static final /* synthetic */ boolean $assertionsDisabled = false; public static final Set<String> AVAILABLE_CIPHER_SUITES; private static final Set<String> AVAILABLE_JAVA_CIPHER_SUITES; private static final Set<String> AVAILABLE_OPENSSL_CIPHER_SUITES; public static final List<String> DEFAULT_CIPHERS; private static final boolean IS_BORINGSSL; public static final Set<String> SUPPORTED_PROTOCOLS_SET; private static final boolean SUPPORTS_HOSTNAME_VALIDATION; private static final boolean SUPPORTS_KEYMANAGER_FACTORY; private static final boolean SUPPORTS_OCSP; private static final boolean TLSV13_SUPPORTED; private static final Throwable UNAVAILABILITY_CAUSE; private static final boolean USE_KEYMANAGER_FACTORY; private static final InternalLogger logger; /* JADX WARNING: Failed to process nested try/catch */ /* JADX WARNING: Missing exception handler attribute for start block: B:85:0x0164 */ /* JADX WARNING: Removed duplicated region for block: B:101:0x0182 A[Catch:{ all -> 0x018d }] */ /* JADX WARNING: Removed duplicated region for block: B:114:0x019e A[Catch:{ all -> 0x01a2 }] */ /* JADX WARNING: Removed duplicated region for block: B:130:0x01da */ /* JADX WARNING: Removed duplicated region for block: B:136:0x0247 */ /* JADX WARNING: Removed duplicated region for block: B:139:0x0254 */ /* JADX WARNING: Removed duplicated region for block: B:142:0x0262 */ /* JADX WARNING: Removed duplicated region for block: B:145:0x0271 */ /* JADX WARNING: Removed duplicated region for block: B:148:0x0280 */ /* JADX WARNING: Removed duplicated region for block: B:150:0x0287 */ /* JADX WARNING: Removed duplicated region for block: B:156:0x02b0 */ /* JADX WARNING: Removed duplicated region for block: B:173:? A[RETURN, SYNTHETIC] */ static { boolean z; boolean z4; boolean z5; boolean z12; InternalLogger internalLogger; boolean z13; Exception e; Throwable th2; long j; Throwable th3; boolean z14; boolean z15; ClassNotFoundException e6; ClassNotFoundException classNotFoundException; InternalLogger instance = InternalLoggerFactory.getInstance(OpenSsl.class); logger = instance; boolean z16 = false; Throwable th4 = null; if (SystemPropertyUtil.getBoolean("io.netty.handler.ssl.noOpenSsl", false)) { th4 = new UnsupportedOperationException("OpenSSL was explicit disabled with -Dio.netty.handler.ssl.noOpenSsl=true"); instance.debug("netty-tcnative explicit disabled; OpenSslEngine will be unavailable.", th4); } else { try { Class.forName("io.netty.internal.tcnative.SSL", false, OpenSsl.class.getClassLoader()); e6 = null; } catch (ClassNotFoundException e12) { e6 = e12; logger.debug("netty-tcnative not in the classpath; OpenSslEngine will be unavailable."); } if (e6 == null) { try { loadTcNative(); classNotFoundException = e6; } catch (Throwable th5) { classNotFoundException = th5; logger.debug("Failed to load netty-tcnative; OpenSslEngine will be unavailable, unless the application has already loaded the symbols by some other means. See http://netty.io/wiki/forked-tomcat-native.html for more information.", (Throwable) classNotFoundException); } try { String str = SystemPropertyUtil.get("io.netty.handler.ssl.openssl.engine", null); if (str == null) { logger.debug("Initialize netty-tcnative using engine: 'default'"); } else { logger.debug("Initialize netty-tcnative using engine: '{}'", str); } initializeTcNative(str); } catch (Throwable th6) { th4 = classNotFoundException == null ? th6 : classNotFoundException; logger.debug("Failed to initialize netty-tcnative; OpenSslEngine will be unavailable. See http://netty.io/wiki/forked-tomcat-native.html for more information.", th6); } } else { th4 = e6; } } UNAVAILABILITY_CAUSE = th4; if (th4 == null) { logger.debug("netty-tcnative using native library: {}", SSL.versionString()); ArrayList arrayList = new ArrayList(); LinkedHashSet linkedHashSet = new LinkedHashSet(128); IS_BORINGSSL = "BoringSSL".equals(versionString()); try { long make = SSLContext.make(63, 1); try { StringBuilder sb2 = new StringBuilder(); for (String str2 : SslUtils.TLSV13_CIPHERS) { String openSsl = CipherSuiteConverter.toOpenSsl(str2, IS_BORINGSSL); if (openSsl != null) { sb2.append(openSsl); sb2.append(':'); } } if (sb2.length() == 0) { z15 = false; } else { sb2.setLength(sb2.length() - 1); SSLContext.setCipherSuite(make, sb2.toString(), true); z15 = true; } z5 = z15; } catch (Exception unused) { z5 = false; } catch (Throwable th7) { th2 = th7; z5 = false; z13 = false; z4 = false; try { SSLContext.free(make); throw th2; } catch (Exception e13) { e = e13; logger.warn("Failed to get the list of available OpenSSL cipher suites.", (Throwable) e); z = z16; z12 = z13; Set<String> unmodifiableSet = Collections.unmodifiableSet(linkedHashSet); AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet; LinkedHashSet linkedHashSet2 = new LinkedHashSet(unmodifiableSet.size() * 2); while (r0.hasNext()) { } SslUtils.addIfSupported(linkedHashSet2, arrayList, SslUtils.DEFAULT_CIPHER_SUITES); SslUtils.addIfSupported(linkedHashSet2, arrayList, SslUtils.TLSV13_CIPHER_SUITES); SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet2); List<String> unmodifiableList = Collections.unmodifiableList(arrayList); DEFAULT_CIPHERS = unmodifiableList; Set<String> unmodifiableSet2 = Collections.unmodifiableSet(linkedHashSet2); AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet2; Set<String> set = AVAILABLE_OPENSSL_CIPHER_SUITES; LinkedHashSet linkedHashSet3 = new LinkedHashSet(unmodifiableSet2.size() + set.size()); linkedHashSet3.addAll(set); linkedHashSet3.addAll(unmodifiableSet2); AVAILABLE_CIPHER_SUITES = linkedHashSet3; SUPPORTS_KEYMANAGER_FACTORY = z; SUPPORTS_HOSTNAME_VALIDATION = z4; USE_KEYMANAGER_FACTORY = z12; LinkedHashSet linkedHashSet4 = new LinkedHashSet(6); linkedHashSet4.add("SSLv2Hello"); if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) { } if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) { } if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) { } if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) { } if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) { } if (z5) { } TLSV13_SUPPORTED = false; Set<String> unmodifiableSet3 = Collections.unmodifiableSet(linkedHashSet4); SUPPORTED_PROTOCOLS_SET = unmodifiableSet3; SUPPORTS_OCSP = doesSupportOcsp(); internalLogger = logger; if (!internalLogger.isDebugEnabled()) { } } } try { SSLContext.setCipherSuite(make, "ALL", false); long newSSL = SSL.newSSL(make, true); try { String[] ciphers = SSL.getCiphers(newSSL); for (String str3 : ciphers) { if (str3 != null && !str3.isEmpty() && !linkedHashSet.contains(str3)) { if (z5 || !SslUtils.isTLSv13Cipher(str3)) { linkedHashSet.add(str3); } } } if (IS_BORINGSSL) { Collections.addAll(linkedHashSet, "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "AEAD-AES128-GCM-SHA256", "AEAD-AES256-GCM-SHA384", "AEAD-CHACHA20-POLY1305-SHA256"); } try { SSL.setHostNameValidation(newSSL, 0, "netty.io"); z4 = true; } catch (Throwable unused2) { logger.debug("Hostname Verification not supported."); z4 = false; } try { j = ReferenceCountedOpenSslContext.toBIO(ByteBufAllocator.DEFAULT, selfSignedCertificate()); try { SSL.setCertificateChainBio(newSSL, j, false); z14 = ((Boolean) AccessController.doPrivileged(new PrivilegedAction<Boolean>() { /* class io.netty.handler.ssl.OpenSsl.AnonymousClass1 */ @Override // java.security.PrivilegedAction public Boolean run() { return Boolean.valueOf(SystemPropertyUtil.getBoolean("io.netty.handler.ssl.openssl.useKeyManagerFactory", true)); } })).booleanValue(); } catch (Throwable unused3) { z = false; try { logger.debug("KeyManagerFactory not supported."); z12 = false; SSL.freeSSL(newSSL); if (j != 0) { } SSLContext.free(make); Set<String> unmodifiableSet4 = Collections.unmodifiableSet(linkedHashSet); AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet4; LinkedHashSet linkedHashSet22 = new LinkedHashSet(unmodifiableSet4.size() * 2); while (r0.hasNext()) { } SslUtils.addIfSupported(linkedHashSet22, arrayList, SslUtils.DEFAULT_CIPHER_SUITES); SslUtils.addIfSupported(linkedHashSet22, arrayList, SslUtils.TLSV13_CIPHER_SUITES); SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet22); List<String> unmodifiableList2 = Collections.unmodifiableList(arrayList); DEFAULT_CIPHERS = unmodifiableList2; Set<String> unmodifiableSet22 = Collections.unmodifiableSet(linkedHashSet22); AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet22; Set<String> set2 = AVAILABLE_OPENSSL_CIPHER_SUITES; LinkedHashSet linkedHashSet32 = new LinkedHashSet(unmodifiableSet22.size() + set2.size()); linkedHashSet32.addAll(set2); linkedHashSet32.addAll(unmodifiableSet22); AVAILABLE_CIPHER_SUITES = linkedHashSet32; SUPPORTS_KEYMANAGER_FACTORY = z; SUPPORTS_HOSTNAME_VALIDATION = z4; USE_KEYMANAGER_FACTORY = z12; LinkedHashSet linkedHashSet42 = new LinkedHashSet(6); linkedHashSet42.add("SSLv2Hello"); if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) { } if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) { } if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) { } if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) { } if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) { } if (z5) { } TLSV13_SUPPORTED = false; Set<String> unmodifiableSet32 = Collections.unmodifiableSet(linkedHashSet42); SUPPORTED_PROTOCOLS_SET = unmodifiableSet32; SUPPORTS_OCSP = doesSupportOcsp(); internalLogger = logger; if (!internalLogger.isDebugEnabled()) { } } catch (Throwable th8) { th3 = th8; try { SSL.freeSSL(newSSL); if (j != 0) { SSL.freeBIO(j); } throw th3; } catch (Throwable th9) { th2 = th9; z16 = z; z13 = false; SSLContext.free(make); throw th2; } } } try { logger.debug("Failed to get useKeyManagerFactory system property."); z14 = false; z12 = z14; z = true; } catch (Throwable unused4) { z = true; logger.debug("KeyManagerFactory not supported."); z12 = false; SSL.freeSSL(newSSL); if (j != 0) { } SSLContext.free(make); Set<String> unmodifiableSet42 = Collections.unmodifiableSet(linkedHashSet); AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet42; LinkedHashSet linkedHashSet222 = new LinkedHashSet(unmodifiableSet42.size() * 2); while (r0.hasNext()) { } SslUtils.addIfSupported(linkedHashSet222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES); SslUtils.addIfSupported(linkedHashSet222, arrayList, SslUtils.TLSV13_CIPHER_SUITES); SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet222); List<String> unmodifiableList22 = Collections.unmodifiableList(arrayList); DEFAULT_CIPHERS = unmodifiableList22; Set<String> unmodifiableSet222 = Collections.unmodifiableSet(linkedHashSet222); AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet222; Set<String> set22 = AVAILABLE_OPENSSL_CIPHER_SUITES; LinkedHashSet linkedHashSet322 = new LinkedHashSet(unmodifiableSet222.size() + set22.size()); linkedHashSet322.addAll(set22); linkedHashSet322.addAll(unmodifiableSet222); AVAILABLE_CIPHER_SUITES = linkedHashSet322; SUPPORTS_KEYMANAGER_FACTORY = z; SUPPORTS_HOSTNAME_VALIDATION = z4; USE_KEYMANAGER_FACTORY = z12; LinkedHashSet linkedHashSet422 = new LinkedHashSet(6); linkedHashSet422.add("SSLv2Hello"); if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) { } if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) { } if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) { } if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) { } if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) { } if (z5) { } TLSV13_SUPPORTED = false; Set<String> unmodifiableSet322 = Collections.unmodifiableSet(linkedHashSet422); SUPPORTED_PROTOCOLS_SET = unmodifiableSet322; SUPPORTS_OCSP = doesSupportOcsp(); internalLogger = logger; if (!internalLogger.isDebugEnabled()) { } } } catch (Throwable unused5) { j = 0; z = false; logger.debug("KeyManagerFactory not supported."); z12 = false; SSL.freeSSL(newSSL); if (j != 0) { } SSLContext.free(make); Set<String> unmodifiableSet422 = Collections.unmodifiableSet(linkedHashSet); AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet422; LinkedHashSet linkedHashSet2222 = new LinkedHashSet(unmodifiableSet422.size() * 2); while (r0.hasNext()) { } SslUtils.addIfSupported(linkedHashSet2222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES); SslUtils.addIfSupported(linkedHashSet2222, arrayList, SslUtils.TLSV13_CIPHER_SUITES); SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet2222); List<String> unmodifiableList222 = Collections.unmodifiableList(arrayList); DEFAULT_CIPHERS = unmodifiableList222; Set<String> unmodifiableSet2222 = Collections.unmodifiableSet(linkedHashSet2222); AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet2222; Set<String> set222 = AVAILABLE_OPENSSL_CIPHER_SUITES; LinkedHashSet linkedHashSet3222 = new LinkedHashSet(unmodifiableSet2222.size() + set222.size()); linkedHashSet3222.addAll(set222); linkedHashSet3222.addAll(unmodifiableSet2222); AVAILABLE_CIPHER_SUITES = linkedHashSet3222; SUPPORTS_KEYMANAGER_FACTORY = z; SUPPORTS_HOSTNAME_VALIDATION = z4; USE_KEYMANAGER_FACTORY = z12; LinkedHashSet linkedHashSet4222 = new LinkedHashSet(6); linkedHashSet4222.add("SSLv2Hello"); if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) { } if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) { } if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) { } if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) { } if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) { } if (z5) { } TLSV13_SUPPORTED = false; Set<String> unmodifiableSet3222 = Collections.unmodifiableSet(linkedHashSet4222); SUPPORTED_PROTOCOLS_SET = unmodifiableSet3222; SUPPORTS_OCSP = doesSupportOcsp(); internalLogger = logger; if (!internalLogger.isDebugEnabled()) { } } try { SSL.freeSSL(newSSL); if (j != 0) { SSL.freeBIO(j); } try { SSLContext.free(make); } catch (Exception e14) { e = e14; z13 = z12; z16 = z; } Set<String> unmodifiableSet4222 = Collections.unmodifiableSet(linkedHashSet); AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet4222; LinkedHashSet linkedHashSet22222 = new LinkedHashSet(unmodifiableSet4222.size() * 2); for (String str4 : unmodifiableSet4222) { if (!SslUtils.isTLSv13Cipher(str4)) { linkedHashSet22222.add(CipherSuiteConverter.toJava(str4, "TLS")); linkedHashSet22222.add(CipherSuiteConverter.toJava(str4, "SSL")); } else { linkedHashSet22222.add(str4); } } SslUtils.addIfSupported(linkedHashSet22222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES); SslUtils.addIfSupported(linkedHashSet22222, arrayList, SslUtils.TLSV13_CIPHER_SUITES); SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet22222); List<String> unmodifiableList2222 = Collections.unmodifiableList(arrayList); DEFAULT_CIPHERS = unmodifiableList2222; Set<String> unmodifiableSet22222 = Collections.unmodifiableSet(linkedHashSet22222); AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet22222; Set<String> set2222 = AVAILABLE_OPENSSL_CIPHER_SUITES; LinkedHashSet linkedHashSet32222 = new LinkedHashSet(unmodifiableSet22222.size() + set2222.size()); linkedHashSet32222.addAll(set2222); linkedHashSet32222.addAll(unmodifiableSet22222); AVAILABLE_CIPHER_SUITES = linkedHashSet32222; SUPPORTS_KEYMANAGER_FACTORY = z; SUPPORTS_HOSTNAME_VALIDATION = z4; USE_KEYMANAGER_FACTORY = z12; LinkedHashSet linkedHashSet42222 = new LinkedHashSet(6); linkedHashSet42222.add("SSLv2Hello"); if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) { linkedHashSet42222.add("SSLv2"); } if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) { linkedHashSet42222.add("SSLv3"); } if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) { linkedHashSet42222.add("TLSv1"); } if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) { linkedHashSet42222.add("TLSv1.1"); } if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) { linkedHashSet42222.add("TLSv1.2"); } if (z5 || !doesSupportProtocol(32, SSL.SSL_OP_NO_TLSv1_3)) { TLSV13_SUPPORTED = false; } else { linkedHashSet42222.add("TLSv1.3"); TLSV13_SUPPORTED = true; } Set<String> unmodifiableSet32222 = Collections.unmodifiableSet(linkedHashSet42222); SUPPORTED_PROTOCOLS_SET = unmodifiableSet32222; SUPPORTS_OCSP = doesSupportOcsp(); internalLogger = logger; if (!internalLogger.isDebugEnabled()) { internalLogger.debug("Supported protocols (OpenSSL): {} ", unmodifiableSet32222); internalLogger.debug("Default cipher suites (OpenSSL): {}", unmodifiableList2222); } } catch (Throwable th10) { th2 = th10; z13 = z12; z16 = z; SSLContext.free(make); throw th2; } } catch (Throwable th11) { th3 = th11; j = 0; z4 = false; z = false; SSL.freeSSL(newSSL); if (j != 0) { } throw th3; } } catch (Throwable th12) { th2 = th12; z16 = false; z13 = false; z4 = false; SSLContext.free(make); throw th2; } } catch (Exception e15) { e = e15; z16 = false; z5 = false; z13 = false; z4 = false; logger.warn("Failed to get the list of available OpenSSL cipher suites.", (Throwable) e); z = z16; z12 = z13; Set<String> unmodifiableSet42222 = Collections.unmodifiableSet(linkedHashSet); AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet42222; LinkedHashSet linkedHashSet222222 = new LinkedHashSet(unmodifiableSet42222.size() * 2); while (r0.hasNext()) { } SslUtils.addIfSupported(linkedHashSet222222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES); SslUtils.addIfSupported(linkedHashSet222222, arrayList, SslUtils.TLSV13_CIPHER_SUITES); SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet222222); List<String> unmodifiableList22222 = Collections.unmodifiableList(arrayList); DEFAULT_CIPHERS = unmodifiableList22222; Set<String> unmodifiableSet222222 = Collections.unmodifiableSet(linkedHashSet222222); AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet222222; Set<String> set22222 = AVAILABLE_OPENSSL_CIPHER_SUITES; LinkedHashSet linkedHashSet322222 = new LinkedHashSet(unmodifiableSet222222.size() + set22222.size()); linkedHashSet322222.addAll(set22222); linkedHashSet322222.addAll(unmodifiableSet222222); AVAILABLE_CIPHER_SUITES = linkedHashSet322222; SUPPORTS_KEYMANAGER_FACTORY = z; SUPPORTS_HOSTNAME_VALIDATION = z4; USE_KEYMANAGER_FACTORY = z12; LinkedHashSet linkedHashSet422222 = new LinkedHashSet(6); linkedHashSet422222.add("SSLv2Hello"); if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) { } if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) { } if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) { } if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) { } if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) { } if (z5) { } TLSV13_SUPPORTED = false; Set<String> unmodifiableSet322222 = Collections.unmodifiableSet(linkedHashSet422222); SUPPORTED_PROTOCOLS_SET = unmodifiableSet322222; SUPPORTS_OCSP = doesSupportOcsp(); internalLogger = logger; if (!internalLogger.isDebugEnabled()) { } } } else { DEFAULT_CIPHERS = Collections.emptyList(); AVAILABLE_OPENSSL_CIPHER_SUITES = Collections.emptySet(); AVAILABLE_JAVA_CIPHER_SUITES = Collections.emptySet(); AVAILABLE_CIPHER_SUITES = Collections.emptySet(); SUPPORTS_KEYMANAGER_FACTORY = false; SUPPORTS_HOSTNAME_VALIDATION = false; USE_KEYMANAGER_FACTORY = false; SUPPORTED_PROTOCOLS_SET = Collections.emptySet(); SUPPORTS_OCSP = false; TLSV13_SUPPORTED = false; IS_BORINGSSL = false; } } private OpenSsl() { } @Deprecated public static Set<String> availableCipherSuites() { return availableOpenSslCipherSuites(); } public static Set<String> availableJavaCipherSuites() { return AVAILABLE_JAVA_CIPHER_SUITES; } public static Set<String> availableOpenSslCipherSuites() { return AVAILABLE_OPENSSL_CIPHER_SUITES; } /* JADX WARNING: Removed duplicated region for block: B:16:0x002b */ /* JADX WARNING: Removed duplicated region for block: B:22:0x0034 */ private static boolean doesSupportOcsp() { long j; Throwable th2; if (((long) version()) >= 268443648) { try { j = SSLContext.make(16, 1); try { SSLContext.enableOcsp(j, false); if (j == -1) { return true; } SSLContext.free(j); return true; } catch (Exception unused) { if (j != -1) { } return false; } catch (Throwable th3) { th2 = th3; if (j != -1) { } throw th2; } } catch (Exception unused2) { j = -1; if (j != -1) { SSLContext.free(j); } return false; } catch (Throwable th4) { th2 = th4; j = -1; if (j != -1) { SSLContext.free(j); } throw th2; } } return false; } /* JADX WARNING: Code restructure failed: missing block: B:12:0x0016, code lost: return false; */ /* JADX WARNING: Exception block dominator not found, dom blocks: [] */ private static boolean doesSupportProtocol(int i, int i3) { if (i3 == 0) { return false; } long make = SSLContext.make(i, 2); if (make != -1) { SSLContext.free(make); } return true; } public static void ensureAvailability() { Throwable th2 = UNAVAILABILITY_CAUSE; if (th2 != null) { throw ((Error) new UnsatisfiedLinkError("failed to load the required native library").initCause(th2)); } } private static boolean initializeTcNative(String str) throws Exception { return Library.initialize("provided", str); } public static boolean isAlpnSupported() { return ((long) version()) >= 268443648; } public static boolean isAvailable() { return UNAVAILABILITY_CAUSE == null; } public static boolean isBoringSSL() { return IS_BORINGSSL; } public static boolean isCipherSuiteAvailable(String str) { String openSsl = CipherSuiteConverter.toOpenSsl(str, IS_BORINGSSL); if (openSsl != null) { str = openSsl; } return AVAILABLE_OPENSSL_CIPHER_SUITES.contains(str); } public static boolean isOcspSupported() { return SUPPORTS_OCSP; } public static boolean isTlsv13Supported() { return TLSV13_SUPPORTED; } private static void loadTcNative() throws Exception { String normalizedOs = PlatformDependent.normalizedOs(); String normalizedArch = PlatformDependent.normalizedArch(); LinkedHashSet linkedHashSet = new LinkedHashSet(4); linkedHashSet.add("netty_tcnative" + "_" + normalizedOs + '_' + normalizedArch); if ("linux".equalsIgnoreCase(normalizedOs)) { linkedHashSet.add("netty_tcnative" + "_" + normalizedOs + '_' + normalizedArch + "_fedora"); } linkedHashSet.add("netty_tcnative" + "_" + normalizedArch); linkedHashSet.add("netty_tcnative"); NativeLibraryLoader.loadFirstAvailable(SSL.class.getClassLoader(), (String[]) linkedHashSet.toArray(new String[0])); } public static long memoryAddress(ByteBuf byteBuf) { return byteBuf.hasMemoryAddress() ? byteBuf.memoryAddress() : Buffer.address(byteBuf.nioBuffer()); } public static void releaseIfNeeded(ReferenceCounted referenceCounted) { if (referenceCounted.refCnt() > 0) { ReferenceCountUtil.safeRelease(referenceCounted); } } public static X509Certificate selfSignedCertificate() throws CertificateException { return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(new byte[]{48, -126, 1, -92, 48, -126, 1, 13, -96, 3, 2, 1, 2, 2, 9, 0, -9, 61, 44, 121, -118, -4, -45, -120, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 5, 5, 0, 48, 19, 49, 17, 48, 15, 6, 3, 85, 4, 3, 19, 8, 110, 101, 116, 116, 121, 46, 105, 111, 48, 32, 23, 13, 49, 55, 49, 48, 50, 48, 49, 56, 49, 54, 51, 54, 90, 24, 15, 57, 57, 57, 57, 49, 50, 51, 49, 50, 51, 53, 57, 53, 57, 90, 48, 19, 49, 17, 48, 15, 6, 3, 85, 4, 3, 19, 8, 110, 101, 116, 116, 121, 46, 105, 111, 48, -127, -97, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 1, 5, 0, 3, -127, -115, 0, 48, -127, -119, 2, -127, -127, 0, -116, 37, 122, -53, 28, 46, 13, -90, -14, -33, 111, -108, -41, 59, 90, 124, 113, -112, -66, -17, -102, 44, 13, 7, -33, -28, 24, -79, -126, -76, 40, 111, -126, -103, -102, 34, 11, 45, 16, -38, 63, 24, 80, 24, 76, 88, -93, 96, 11, 38, -19, -64, -11, 87, -49, -52, -65, 24, 36, -22, 53, 8, -42, 14, -121, 114, 6, 17, -82, 10, 92, -91, -127, 81, -12, -75, 105, -10, -106, 91, -38, 111, 50, 57, -97, -125, 109, 42, -87, -1, -19, 80, 78, 49, -97, -4, 23, -2, -103, 122, -107, -43, 4, -31, -21, 90, 39, -9, -106, 34, -101, -116, 31, -94, -84, 80, -6, -78, -33, 87, -90, 31, 103, 100, 56, -103, -5, 11, 2, 3, 1, 0, 1, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 5, 5, 0, 3, -127, -127, 0, 112, 45, -73, 5, 64, 49, 59, 101, 51, 73, -96, 62, 23, -84, 90, -41, -58, 83, -20, -72, 38, 123, -108, -45, 28, 96, -122, -18, 30, 42, 86, 87, -87, -28, 107, 110, 11, -59, 91, 100, 101, -18, 26, -103, -78, -80, -3, 38, 113, 83, -48, -108, 109, 41, -15, 6, 112, 105, 7, -46, -11, -3, -51, 40, -66, -73, -83, -46, -94, -121, -88, 51, -106, -77, 109, 53, -7, 123, 91, 75, -105, -22, 64, 121, -72, -59, -21, -44, 84, 12, 9, 120, 21, -26, 13, 49, -81, -58, -47, 117, -44, -18, -17, 124, 49, -48, 19, 16, -41, 71, -52, -107, 99, -19, -29, 105, -93, -71, -38, -97, Byte.MIN_VALUE, -2, 118, 119, 49, -126, 109, 119})); } public static boolean supportsHostnameValidation() { return SUPPORTS_HOSTNAME_VALIDATION; } public static boolean supportsKeyManagerFactory() { return SUPPORTS_KEYMANAGER_FACTORY; } public static Throwable unavailabilityCause() { return UNAVAILABILITY_CAUSE; } public static boolean useKeyManagerFactory() { return USE_KEYMANAGER_FACTORY; } public static int version() { if (isAvailable()) { return SSL.version(); } return -1; } public static String versionString() { if (isAvailable()) { return SSL.versionString(); } return null; } }