package net.jini.jeri.ssl;

import java.security.Principal;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import net.jini.core.constraint.ClientAuthentication;
import net.jini.core.constraint.ClientMaxPrincipal;
import net.jini.core.constraint.ClientMaxPrincipalType;
import net.jini.core.constraint.ClientMinPrincipal;
import net.jini.core.constraint.ClientMinPrincipalType;
import net.jini.core.constraint.Confidentiality;
import net.jini.core.constraint.ConnectionAbsoluteTime;
import net.jini.core.constraint.ConnectionRelativeTime;
import net.jini.core.constraint.ConstraintAlternatives;
import net.jini.core.constraint.Delegation;
import net.jini.core.constraint.DelegationAbsoluteTime;
import net.jini.core.constraint.DelegationRelativeTime;
import net.jini.core.constraint.Integrity;
import net.jini.core.constraint.InvocationConstraint;
import net.jini.core.constraint.InvocationConstraints;
import net.jini.core.constraint.ServerAuthentication;
import net.jini.core.constraint.ServerMinPrincipal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:net/jini/jeri/ssl/ConnectionContext.class */
public final class ConnectionContext extends Utilities {
    private static final long OK = Long.MAX_VALUE;
    private static final long INTEGRITY = -3;
    private static final long NOT_SUPPORTED = -4;
    private static final ClientMinPrincipalType clientMinPrincipalType = new ClientMinPrincipalType(X500Principal.class);
    final String cipherSuite;
    final Principal client;
    final Principal server;
    private final boolean integrity;
    private final boolean clientSide;
    private boolean notSupported;
    private boolean integrityRequired;
    private boolean integrityPreferred;
    private long connectionTime = Long.MAX_VALUE;
    private int preferences;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ConnectionContext getInstance(String str, Principal principal, Principal principal2, boolean z, boolean z2, InvocationConstraints invocationConstraints) {
        ConnectionContext connectionContext = new ConnectionContext(str, principal, principal2, z, z2);
        if (connectionContext.supported(invocationConstraints)) {
            return connectionContext;
        }
        return null;
    }

    private ConnectionContext(String str, Principal principal, Principal principal2, boolean z, boolean z2) {
        this.cipherSuite = str;
        this.client = principal;
        this.server = principal2;
        this.integrity = z;
        this.clientSide = z2;
        if (doesServerAuthentication(str) != (principal2 != null) || (principal != null && principal2 == null)) {
            this.notSupported = true;
        }
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer("ConnectionContext[");
        fieldsToString(stringBuffer);
        stringBuffer.append("]");
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void fieldsToString(StringBuffer stringBuffer) {
        stringBuffer.append(this.cipherSuite);
        if (this.client != null) {
            stringBuffer.append(", client: ").append(this.client);
        }
        if (this.server != null) {
            stringBuffer.append(", server: ").append(this.server);
        }
        if (this.integrityRequired) {
            stringBuffer.append(", integrity: required");
        } else if (this.integrityPreferred) {
            stringBuffer.append(", integrity: preferred");
        }
        if (this.connectionTime != Long.MAX_VALUE) {
            stringBuffer.append(", connectionTime = ").append(this.connectionTime);
        }
        stringBuffer.append(", preferences: ").append(this.preferences);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean getIntegrityRequired() {
        return this.integrityRequired;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean getIntegrityPreferred() {
        return this.integrityPreferred;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public long getConnectionTime() {
        return this.connectionTime;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getPreferences() {
        return this.preferences;
    }

    private boolean supported(InvocationConstraints invocationConstraints) {
        if (this.notSupported) {
            return false;
        }
        Iterator it = invocationConstraints.requirements().iterator();
        while (it.hasNext()) {
            long supported = supported((InvocationConstraint) it.next());
            if (supported == NOT_SUPPORTED) {
                return false;
            }
            if (supported == INTEGRITY) {
                this.integrityRequired = true;
            } else if (this.connectionTime > supported) {
                this.connectionTime = supported;
            }
        }
        Iterator it2 = invocationConstraints.preferences().iterator();
        while (it2.hasNext()) {
            long supported2 = supported((InvocationConstraint) it2.next());
            if (supported2 != NOT_SUPPORTED) {
                this.preferences++;
                if (supported2 == INTEGRITY) {
                    if (!this.integrityRequired) {
                        this.integrityPreferred = true;
                    }
                } else if (this.connectionTime > supported2) {
                    this.connectionTime = supported2;
                }
            }
        }
        return !this.integrity || this.integrityRequired || this.integrityPreferred;
    }

    private long supported(InvocationConstraint invocationConstraint) {
        boolean z;
        if (invocationConstraint instanceof ConstraintAlternatives) {
            return supported((ConstraintAlternatives) invocationConstraint);
        }
        if (invocationConstraint instanceof Integrity) {
            return (this.integrity && invocationConstraint == Integrity.YES) ? INTEGRITY : NOT_SUPPORTED;
        }
        if (invocationConstraint instanceof Confidentiality) {
            return ok(doesEncryption(this.cipherSuite) == (invocationConstraint == Confidentiality.YES));
        }
        if (invocationConstraint instanceof ConfidentialityStrength) {
            if (doesEncryption(this.cipherSuite)) {
                if (hasStrongCipherAlgorithm(this.cipherSuite) != (invocationConstraint == ConfidentialityStrength.STRONG)) {
                    z = false;
                    return ok(z);
                }
            }
            z = true;
            return ok(z);
        }
        if (invocationConstraint instanceof ClientAuthentication) {
            return ok((this.client == null) == (invocationConstraint == ClientAuthentication.NO));
        }
        if (invocationConstraint instanceof ClientMinPrincipalType) {
            return ok(this.client == null || invocationConstraint.equals(clientMinPrincipalType));
        }
        if (invocationConstraint instanceof ClientMaxPrincipalType) {
            return ok(this.client == null || ((ClientMaxPrincipalType) invocationConstraint).elements().contains(X500Principal.class));
        }
        if (invocationConstraint instanceof ClientMinPrincipal) {
            if (this.client == null) {
                return Long.MAX_VALUE;
            }
            Set elements = ((ClientMinPrincipal) invocationConstraint).elements();
            return ok(elements.size() == 1 && elements.contains(this.client));
        }
        if (invocationConstraint instanceof ClientMaxPrincipal) {
            return ok(this.client == null || ((ClientMaxPrincipal) invocationConstraint).elements().contains(this.client));
        }
        if (invocationConstraint instanceof Delegation) {
            return ok(this.client == null || invocationConstraint == Delegation.NO);
        }
        if (invocationConstraint instanceof DelegationAbsoluteTime) {
            return Long.MAX_VALUE;
        }
        if (invocationConstraint instanceof DelegationRelativeTime) {
            return ok(!this.clientSide);
        }
        if (invocationConstraint instanceof ServerAuthentication) {
            return ok((this.server == null) == (invocationConstraint == ServerAuthentication.NO));
        }
        if (invocationConstraint instanceof ServerMinPrincipal) {
            if (this.server == null) {
                return Long.MAX_VALUE;
            }
            Set elements2 = ((ServerMinPrincipal) invocationConstraint).elements();
            return ok(elements2.size() == 1 && elements2.contains(this.server));
        }
        if (invocationConstraint instanceof ConnectionAbsoluteTime) {
            return Math.max(((ConnectionAbsoluteTime) invocationConstraint).getTime(), 0L);
        }
        if (invocationConstraint instanceof ConnectionRelativeTime) {
            return ok(!this.clientSide);
        }
        return NOT_SUPPORTED;
    }

    private static long ok(boolean z) {
        if (z) {
            return Long.MAX_VALUE;
        }
        return NOT_SUPPORTED;
    }

    private long supported(ConstraintAlternatives constraintAlternatives) {
        long j = -1;
        Class<?> cls = null;
        boolean z = false;
        boolean z2 = false;
        for (InvocationConstraint invocationConstraint : constraintAlternatives.elements()) {
            if (cls == null) {
                cls = invocationConstraint.getClass();
            } else if (cls != invocationConstraint.getClass()) {
                return NOT_SUPPORTED;
            }
            long supported = supported(invocationConstraint);
            if (supported != NOT_SUPPORTED) {
                z = true;
                if (supported == INTEGRITY) {
                    z2 = true;
                } else if (supported > j) {
                    j = supported;
                }
            }
        }
        if (!z) {
            return NOT_SUPPORTED;
        }
        if (z2) {
            return INTEGRITY;
        }
        if (j >= 0) {
            return j;
        }
        return Long.MAX_VALUE;
    }
}
