RbChat v4.56630229版本的 MD5 值为:d137f4b55d6b64b50641a810905f5957
以下内容为反编译后的 OpenSsl.java 源代码,内容仅作参考
package io.netty.handler.ssl;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufAllocator;
import io.netty.buffer.UnpooledByteBufAllocator;
import io.netty.internal.tcnative.Buffer;
import io.netty.internal.tcnative.CertificateCallback;
import io.netty.internal.tcnative.Library;
import io.netty.internal.tcnative.SSL;
import io.netty.internal.tcnative.SSLContext;
import io.netty.util.CharsetUtil;
import io.netty.util.ReferenceCountUtil;
import io.netty.util.ReferenceCounted;
import io.netty.util.internal.NativeLibraryLoader;
import io.netty.util.internal.PlatformDependent;
import io.netty.util.internal.SystemPropertyUtil;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.codec_a.language.bm.Rule;
public final class OpenSsl {
static final boolean $assertionsDisabled = false;
static final Set<String> AVAILABLE_CIPHER_SUITES;
private static final Set<String> AVAILABLE_JAVA_CIPHER_SUITES;
private static final Set<String> AVAILABLE_OPENSSL_CIPHER_SUITES;
private static final String CERT = "-----BEGIN CERTIFICATE-----\nMIICrjCCAZagAwIBAgIIdSvQPv1QAZQwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAxMLZXhhbXBs\nZS5jb20wIBcNMTgwNDA2MjIwNjU5WhgPOTk5OTEyMzEyMzU5NTlaMBYxFDASBgNVBAMTC2V4YW1w\nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggbWsmDQ6zNzRZ5AW8E3eoGl\nqWvOBDb5Fs1oBRrVQHuYmVAoaqwDzXYJ0LOwa293AgWEQ1jpcbZ2hpoYQzqEZBTLnFhMrhRFlH6K\nbJND8Y33kZ/iSVBBDuGbdSbJShlM+4WwQ9IAso4MZ4vW3S1iv5fGGpLgbtXRmBf/RU8omN0Gijlv\nWlLWHWijLN8xQtySFuBQ7ssW8RcKAary3pUm6UUQB+Co6lnfti0Tzag8PgjhAJq2Z3wbsGRnP2YS\nvYoaK6qzmHXRYlp/PxrjBAZAmkLJs4YTm/XFF+fkeYx4i9zqHbyone5yerRibsHaXZWLnUL+rFoe\nMdKvr0VS3sGmhQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQADQi441pKmXf9FvUV5EHU4v8nJT9Iq\nyqwsKwXnr7AsUlDGHBD7jGrjAXnG5rGxuNKBQ35wRxJATKrUtyaquFUL6H8O6aGQehiFTk6zmPbe\n12Gu44vqqTgIUxnv3JQJiox8S2hMxsSddpeCmSdvmalvD6WG4NthH6B9ZaBEiep1+0s0RUaBYn73\nI7CCUaAtbjfR6pcJjrFk5ei7uwdQZFSJtkP2z8r7zfeANJddAKFlkaMWn7u+OIVuB4XPooWicObk\nNAHFtP65bocUYnDpTVdiyvn8DdqyZ/EO8n1bBKBzuSLplk2msW4pdgaFgY7Vw/0wzcFXfUXmL1uy\nG8sQD/wx\n-----END CERTIFICATE-----";
static final List<String> DEFAULT_CIPHERS;
private static final boolean IS_BORINGSSL;
private static final String KEY = "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCBtayYNDrM3NFnkBbwTd6gaWp\na84ENvkWzWgFGtVAe5iZUChqrAPNdgnQs7Brb3cCBYRDWOlxtnaGmhhDOoRkFMucWEyuFEWUfops\nk0PxjfeRn+JJUEEO4Zt1JslKGUz7hbBD0gCyjgxni9bdLWK/l8YakuBu1dGYF/9FTyiY3QaKOW9a\nUtYdaKMs3zFC3JIW4FDuyxbxFwoBqvLelSbpRRAH4KjqWd+2LRPNqDw+COEAmrZnfBuwZGc/ZhK9\nihorqrOYddFiWn8/GuMEBkCaQsmzhhOb9cUX5+R5jHiL3OodvKid7nJ6tGJuwdpdlYudQv6sWh4x\n0q+vRVLewaaFAgMBAAECggEAP8tPJvFtTxhNJAkCloHz0D0vpDHqQBMgntlkgayqmBqLwhyb18pR\ni0qwgh7HHc7wWqOOQuSqlEnrWRrdcI6TSe8R/sErzfTQNoznKWIPYcI/hskk4sdnQ//Yn9/Jvnsv\nU/BBjOTJxtD+sQbhAl80JcA3R+5sArURQkfzzHOL/YMqzAsn5hTzp7HZCxUqBk3KaHRxV7NefeOE\nxlZuWSmxYWfbFIs4kx19/1t7h8CHQWezw+G60G2VBtSBBxDnhBWvqG6R/wpzJ3nEhPLLY9T+XIHe\nipzdMOOOUZorfIg7M+pyYPji+ZIZxIpY5OjrOzXHciAjRtr5Y7l99K1CG1LguQKBgQDrQfIMxxtZ\nvxU/1cRmUV9l7pt5bjV5R6byXq178LxPKVYNjdZ840Q0/OpZEVqaT1xKVi35ohP1QfNjxPLlHD+K\niDAR9z6zkwjIrbwPCnb5kuXy4lpwPcmmmkva25fI7qlpHtbcuQdoBdCfr/KkKaUCMPyY89LCXgEw\n5KTDj64UywKBgQCNfbO+eZLGzhiHhtNJurresCsIGWlInv322gL8CSfBMYl6eNfUTZvUDdFhPISL\nUljKWzXDrjw0ujFSPR0XhUGtiq89H+HUTuPPYv25gVXO+HTgBFZEPl4PpA+BUsSVZy0NddneyqLk\n42Wey9omY9Q8WsdNQS5cbUvy0uG6WFoX7wKBgQDZ1jpW8pa0x2bZsQsm4vo+3G5CRnZlUp+XlWt2\ndDcp5dC0xD1zbs1dc0NcLeGDOTDv9FSl7hok42iHXXq8AygjEm/QcuwwQ1nC2HxmQP5holAiUs4D\nWHM8PWs3wFYPzE459EBoKTxeaeP/uWAn+he8q7d5uWvSZlEcANs/6e77eQKBgD21Ar0hfFfj7mK8\n9E0FeRZBsqK3omkfnhcYgZC11Xa2SgT1yvs2Va2n0RcdM5kncr3eBZav2GYOhhAdwyBM55XuE/sO\neokDVutNeuZ6d5fqV96TRaRBpvgfTvvRwxZ9hvKF4Vz+9wfn/JvCwANaKmegF6ejs7pvmF3whq2k\ndrZVAoGAX5YxQ5XMTD0QbMAl7/6qp6S58xNoVdfCkmkj1ZLKaHKIjS/benkKGlySVQVPexPfnkZx\np/Vv9yyphBoudiTBS9Uog66ueLYZqpgxlM/6OhYg86Gm3U2ycvMxYjBM1NFiyze21AqAhI+HX+Ot\nmraV2/guSgDgZAhukRZzeQ2RucI=\n-----END PRIVATE KEY-----";
static final Set<String> SUPPORTED_PROTOCOLS_SET;
private static final boolean SUPPORTS_KEYMANAGER_FACTORY;
private static final boolean SUPPORTS_OCSP;
private static final boolean TLSV13_SUPPORTED;
private static final Throwable UNAVAILABILITY_CAUSE;
private static final boolean USE_KEYMANAGER_FACTORY;
private static final InternalLogger logger;
static {
Throwable th;
boolean z;
InternalLogger internalLogger;
long make;
long newSSL;
?? r14;
long j;
long j2;
long j3;
String[] ciphers;
long j4;
long j5;
boolean z2;
boolean z3;
boolean z4;
boolean z5;
boolean z6;
?? r0;
String str = "io.netty.handler.ssl.openssl.useKeyManagerFactory";
InternalLogger internalLoggerFactory = InternalLoggerFactory.getInstance(OpenSsl.class);
logger = internalLoggerFactory;
String str2 = "OpenSslEngine";
boolean z7 = false;
if (SystemPropertyUtil.getBoolean("io.netty.handler.ssl.noOpenSsl", false)) {
e = new UnsupportedOperationException("OpenSSL was explicit disabled with -Dio.netty.handler.ssl.noOpenSsl=true");
internalLoggerFactory.debug("netty-tcnative explicit disabled; OpenSslEngine will be unavailable.", e);
} else {
try {
Class.forName("io.netty.internal.tcnative.SSL", false, OpenSsl.class.getClassLoader());
e = null;
} catch (ClassNotFoundException e) {
e = e;
logger.debug("netty-tcnative not in the classpath; OpenSslEngine will be unavailable.");
}
if (e == null) {
try {
loadTcNative();
th = e;
} catch (Throwable th2) {
th = th2;
logger.debug("Failed to load netty-tcnative; OpenSslEngine will be unavailable, unless the application has already loaded the symbols by some other means. See https://netty.io/wiki/forked-tomcat-native.html for more information.", th);
}
try {
String str3 = SystemPropertyUtil.get("io.netty.handler.ssl.openssl.engine", null);
if (str3 == null) {
logger.debug("Initialize netty-tcnative using engine: 'default'");
} else {
logger.debug("Initialize netty-tcnative using engine: '{}'", str3);
}
initializeTcNative(str3);
e = null;
} catch (Throwable th3) {
if (th == null) {
th = th3;
}
InternalLogger internalLogger2 = logger;
StringBuilder sb = new StringBuilder();
sb.append("Failed to initialize netty-tcnative; ");
sb.append("OpenSslEngine");
str2 = " will be unavailable. See https://netty.io/wiki/forked-tomcat-native.html for more information.";
sb.append(" will be unavailable. See https://netty.io/wiki/forked-tomcat-native.html for more information.");
internalLogger2.debug(sb.toString(), th3);
e = th;
}
}
}
UNAVAILABILITY_CAUSE = e;
if (e == null) {
logger.debug("netty-tcnative using native library: {}", SSL.versionString());
ArrayList arrayList = new ArrayList();
LinkedHashSet linkedHashSet = new LinkedHashSet(128);
IS_BORINGSSL = "BoringSSL".equals(versionString());
try {
try {
make = SSLContext.make(63, 1);
try {
StringBuilder sb2 = new StringBuilder();
for (String str4 : SslUtils.TLSV13_CIPHERS) {
String openSsl = CipherSuiteConverter.toOpenSsl(str4, IS_BORINGSSL);
if (openSsl != null) {
sb2.append(openSsl);
sb2.append(':');
}
}
if (sb2.length() == 0) {
r0 = 0;
} else {
sb2.setLength(sb2.length() - 1);
SSLContext.setCipherSuite(make, sb2.toString(), true);
r0 = 1;
}
str2 = r0;
} catch (Exception unused) {
str2 = null;
} catch (Throwable th4) {
th = th4;
SSLContext.free(make);
throw th;
}
try {
SSLContext.setCipherSuite(make, Rule.ALL, false);
newSSL = SSL.newSSL(make, true);
} catch (Throwable th5) {
th = th5;
SSLContext.free(make);
throw th;
}
} catch (Exception e2) {
e = e2;
str = null;
str2 = null;
z7 = false;
logger.warn("Failed to get the list of available OpenSSL cipher suites.", (Throwable) e);
z = str;
Set<String> unmodifiableSet = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet;
LinkedHashSet linkedHashSet2 = new LinkedHashSet(unmodifiableSet.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet2, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet2, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet2);
List<String> unmodifiableList = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList;
Set<String> unmodifiableSet2 = Collections.unmodifiableSet(linkedHashSet2);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet2;
Set<String> set = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet3 = new LinkedHashSet(set.size() + unmodifiableSet2.size());
linkedHashSet3.addAll(set);
linkedHashSet3.addAll(unmodifiableSet2);
AVAILABLE_CIPHER_SUITES = linkedHashSet3;
SUPPORTS_KEYMANAGER_FACTORY = z7;
USE_KEYMANAGER_FACTORY = z;
LinkedHashSet linkedHashSet4 = new LinkedHashSet(6);
linkedHashSet4.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (str2 == null) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet3 = Collections.unmodifiableSet(linkedHashSet4);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet3;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (internalLogger.isDebugEnabled()) {
}
}
} catch (Exception e3) {
e = e3;
logger.warn("Failed to get the list of available OpenSSL cipher suites.", (Throwable) e);
z = str;
Set<String> unmodifiableSet4 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet4;
LinkedHashSet linkedHashSet22 = new LinkedHashSet(unmodifiableSet4.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet22, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet22, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet22);
List<String> unmodifiableList2 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList2;
Set<String> unmodifiableSet22 = Collections.unmodifiableSet(linkedHashSet22);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet22;
Set<String> set2 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet32 = new LinkedHashSet(set2.size() + unmodifiableSet22.size());
linkedHashSet32.addAll(set2);
linkedHashSet32.addAll(unmodifiableSet22);
AVAILABLE_CIPHER_SUITES = linkedHashSet32;
SUPPORTS_KEYMANAGER_FACTORY = z7;
USE_KEYMANAGER_FACTORY = z;
LinkedHashSet linkedHashSet42 = new LinkedHashSet(6);
linkedHashSet42.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (str2 == null) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet32 = Collections.unmodifiableSet(linkedHashSet42);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet32;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (internalLogger.isDebugEnabled()) {
}
}
try {
try {
for (String str5 : SSL.getCiphers(newSSL)) {
if (str5 != null && !str5.isEmpty() && !linkedHashSet.contains(str5) && (str2 != null || !SslUtils.isTLSv13Cipher(str5))) {
linkedHashSet.add(str5);
}
}
boolean z8 = IS_BORINGSSL;
if (z8) {
r14 = "AEAD-AES256-GCM-SHA384";
Collections.addAll(linkedHashSet, "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "AEAD-AES128-GCM-SHA256", "AEAD-AES256-GCM-SHA384", "AEAD-CHACHA20-POLY1305-SHA256");
}
try {
PemPrivateKey valueOf = PemPrivateKey.valueOf(KEY.getBytes(CharsetUtil.US_ASCII));
try {
SSLContext.setCertificateCallback(make, (CertificateCallback) null);
j = ReferenceCountedOpenSslContext.toBIO(ByteBufAllocator.DEFAULT, selfSignedCertificate());
try {
j2 = SSL.parseX509Chain(j);
try {
j5 = ReferenceCountedOpenSslContext.toBIO(UnpooledByteBufAllocator.DEFAULT, valueOf.retain());
try {
j3 = SSL.parsePrivateKey(j5, (String) null);
} catch (Error unused2) {
j3 = 0;
} catch (Throwable th6) {
th = th6;
}
} catch (Error unused3) {
j5 = 0;
j3 = 0;
} catch (Throwable th7) {
th = th7;
}
} catch (Error unused4) {
j5 = 0;
j2 = 0;
j3 = j2;
z2 = false;
z7 = false;
try {
logger.debug("KeyManagerFactory not supported.");
valueOf.release();
z3 = z2;
SSL.freeSSL(newSSL);
if (j != 0) {
}
if (j5 != 0) {
}
if (j2 != 0) {
}
if (j3 != 0) {
}
SSLContext.free(make);
z = z3;
Set<String> unmodifiableSet42 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet42;
LinkedHashSet linkedHashSet222 = new LinkedHashSet(unmodifiableSet42.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet222);
List<String> unmodifiableList22 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList22;
Set<String> unmodifiableSet222 = Collections.unmodifiableSet(linkedHashSet222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet222;
Set<String> set22 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet322 = new LinkedHashSet(set22.size() + unmodifiableSet222.size());
linkedHashSet322.addAll(set22);
linkedHashSet322.addAll(unmodifiableSet222);
AVAILABLE_CIPHER_SUITES = linkedHashSet322;
SUPPORTS_KEYMANAGER_FACTORY = z7;
USE_KEYMANAGER_FACTORY = z;
LinkedHashSet linkedHashSet422 = new LinkedHashSet(6);
linkedHashSet422.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (str2 == null) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet322 = Collections.unmodifiableSet(linkedHashSet422);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet322;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (internalLogger.isDebugEnabled()) {
}
} catch (Throwable th8) {
th = th8;
valueOf.release();
throw th;
}
} catch (Throwable th9) {
th = th9;
j4 = 0;
valueOf.release();
throw th;
}
} catch (Error unused5) {
j5 = 0;
j = 0;
j2 = 0;
} catch (Throwable th10) {
th = th10;
j4 = 0;
}
try {
SSL.setKeyMaterial(newSSL, j2, j3);
try {
boolean contains = SystemPropertyUtil.contains("io.netty.handler.ssl.openssl.useKeyManagerFactory");
if (z8) {
if (contains) {
try {
logger.info("System property 'io.netty.handler.ssl.openssl.useKeyManagerFactory' is deprecated and will be ignored when using BoringSSL");
} catch (Throwable unused6) {
z4 = true;
logger.debug("Failed to get useKeyManagerFactory system property.");
z5 = z4;
valueOf.release();
j5 = j5;
z7 = true;
z3 = z5;
SSL.freeSSL(newSSL);
if (j != 0) {
}
if (j5 != 0) {
}
if (j2 != 0) {
}
if (j3 != 0) {
}
SSLContext.free(make);
z = z3;
Set<String> unmodifiableSet422 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet422;
LinkedHashSet linkedHashSet2222 = new LinkedHashSet(unmodifiableSet422.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet2222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet2222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet2222);
List<String> unmodifiableList222 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList222;
Set<String> unmodifiableSet2222 = Collections.unmodifiableSet(linkedHashSet2222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet2222;
Set<String> set222 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet3222 = new LinkedHashSet(set222.size() + unmodifiableSet2222.size());
linkedHashSet3222.addAll(set222);
linkedHashSet3222.addAll(unmodifiableSet2222);
AVAILABLE_CIPHER_SUITES = linkedHashSet3222;
SUPPORTS_KEYMANAGER_FACTORY = z7;
USE_KEYMANAGER_FACTORY = z;
LinkedHashSet linkedHashSet4222 = new LinkedHashSet(6);
linkedHashSet4222.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (str2 == null) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet3222 = Collections.unmodifiableSet(linkedHashSet4222);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet3222;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (internalLogger.isDebugEnabled()) {
}
}
}
z6 = true;
} else {
z6 = SystemPropertyUtil.getBoolean("io.netty.handler.ssl.openssl.useKeyManagerFactory", true);
if (contains) {
try {
logger.info("System property 'io.netty.handler.ssl.openssl.useKeyManagerFactory' is deprecated and so will be ignored in the future");
} catch (Throwable unused7) {
z4 = z6;
try {
logger.debug("Failed to get useKeyManagerFactory system property.");
z5 = z4;
valueOf.release();
j5 = j5;
z7 = true;
z3 = z5;
} catch (Error unused8) {
j5 = j5;
z7 = true;
z2 = z4;
logger.debug("KeyManagerFactory not supported.");
valueOf.release();
z3 = z2;
SSL.freeSSL(newSSL);
if (j != 0) {
}
if (j5 != 0) {
}
if (j2 != 0) {
}
if (j3 != 0) {
}
SSLContext.free(make);
z = z3;
Set<String> unmodifiableSet4222 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet4222;
LinkedHashSet linkedHashSet22222 = new LinkedHashSet(unmodifiableSet4222.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet22222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet22222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet22222);
List<String> unmodifiableList2222 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList2222;
Set<String> unmodifiableSet22222 = Collections.unmodifiableSet(linkedHashSet22222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet22222;
Set<String> set2222 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet32222 = new LinkedHashSet(set2222.size() + unmodifiableSet22222.size());
linkedHashSet32222.addAll(set2222);
linkedHashSet32222.addAll(unmodifiableSet22222);
AVAILABLE_CIPHER_SUITES = linkedHashSet32222;
SUPPORTS_KEYMANAGER_FACTORY = z7;
USE_KEYMANAGER_FACTORY = z;
LinkedHashSet linkedHashSet42222 = new LinkedHashSet(6);
linkedHashSet42222.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (str2 == null) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet32222 = Collections.unmodifiableSet(linkedHashSet42222);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet32222;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (internalLogger.isDebugEnabled()) {
}
} catch (Throwable th11) {
th = th11;
valueOf.release();
throw th;
}
SSL.freeSSL(newSSL);
if (j != 0) {
}
if (j5 != 0) {
}
if (j2 != 0) {
}
if (j3 != 0) {
}
SSLContext.free(make);
z = z3;
Set<String> unmodifiableSet42222 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet42222;
LinkedHashSet linkedHashSet222222 = new LinkedHashSet(unmodifiableSet42222.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet222222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet222222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet222222);
List<String> unmodifiableList22222 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList22222;
Set<String> unmodifiableSet222222 = Collections.unmodifiableSet(linkedHashSet222222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet222222;
Set<String> set22222 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet322222 = new LinkedHashSet(set22222.size() + unmodifiableSet222222.size());
linkedHashSet322222.addAll(set22222);
linkedHashSet322222.addAll(unmodifiableSet222222);
AVAILABLE_CIPHER_SUITES = linkedHashSet322222;
SUPPORTS_KEYMANAGER_FACTORY = z7;
USE_KEYMANAGER_FACTORY = z;
LinkedHashSet linkedHashSet422222 = new LinkedHashSet(6);
linkedHashSet422222.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (str2 == null) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet322222 = Collections.unmodifiableSet(linkedHashSet422222);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet322222;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (internalLogger.isDebugEnabled()) {
}
}
}
}
z5 = z6;
} catch (Throwable unused9) {
z4 = false;
}
try {
valueOf.release();
j5 = j5;
z7 = true;
z3 = z5;
} catch (Throwable th12) {
th = th12;
r14 = j5;
SSL.freeSSL(newSSL);
if (j != 0) {
SSL.freeBIO(j);
}
if (r14 != 0) {
SSL.freeBIO((long) r14);
}
if (j2 != 0) {
SSL.freeX509Chain(j2);
}
if (j3 != 0) {
SSL.freePrivateKey(j3);
}
throw th;
}
} catch (Error unused10) {
j5 = j5;
z2 = false;
z7 = false;
logger.debug("KeyManagerFactory not supported.");
valueOf.release();
z3 = z2;
SSL.freeSSL(newSSL);
if (j != 0) {
}
if (j5 != 0) {
}
if (j2 != 0) {
}
if (j3 != 0) {
}
SSLContext.free(make);
z = z3;
Set<String> unmodifiableSet422222 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet422222;
LinkedHashSet linkedHashSet2222222 = new LinkedHashSet(unmodifiableSet422222.size() * 2);
while (r0.hasNext()) {
}
SslUtils.addIfSupported(linkedHashSet2222222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet2222222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet2222222);
List<String> unmodifiableList222222 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList222222;
Set<String> unmodifiableSet2222222 = Collections.unmodifiableSet(linkedHashSet2222222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet2222222;
Set<String> set222222 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet3222222 = new LinkedHashSet(set222222.size() + unmodifiableSet2222222.size());
linkedHashSet3222222.addAll(set222222);
linkedHashSet3222222.addAll(unmodifiableSet2222222);
AVAILABLE_CIPHER_SUITES = linkedHashSet3222222;
SUPPORTS_KEYMANAGER_FACTORY = z7;
USE_KEYMANAGER_FACTORY = z;
LinkedHashSet linkedHashSet4222222 = new LinkedHashSet(6);
linkedHashSet4222222.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
}
if (str2 == null) {
}
TLSV13_SUPPORTED = false;
Set<String> unmodifiableSet3222222 = Collections.unmodifiableSet(linkedHashSet4222222);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet3222222;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (internalLogger.isDebugEnabled()) {
}
} catch (Throwable th13) {
th = th13;
valueOf.release();
throw th;
}
SSL.freeSSL(newSSL);
if (j != 0) {
SSL.freeBIO(j);
}
if (j5 != 0) {
SSL.freeBIO(j5);
}
if (j2 != 0) {
SSL.freeX509Chain(j2);
}
if (j3 != 0) {
SSL.freePrivateKey(j3);
}
SSLContext.free(make);
z = z3;
Set<String> unmodifiableSet4222222 = Collections.unmodifiableSet(linkedHashSet);
AVAILABLE_OPENSSL_CIPHER_SUITES = unmodifiableSet4222222;
LinkedHashSet linkedHashSet22222222 = new LinkedHashSet(unmodifiableSet4222222.size() * 2);
for (String str6 : unmodifiableSet4222222) {
if (!SslUtils.isTLSv13Cipher(str6)) {
linkedHashSet22222222.add(CipherSuiteConverter.toJava(str6, "TLS"));
linkedHashSet22222222.add(CipherSuiteConverter.toJava(str6, "SSL"));
} else {
linkedHashSet22222222.add(str6);
}
}
SslUtils.addIfSupported(linkedHashSet22222222, arrayList, SslUtils.DEFAULT_CIPHER_SUITES);
SslUtils.addIfSupported(linkedHashSet22222222, arrayList, SslUtils.TLSV13_CIPHER_SUITES);
SslUtils.useFallbackCiphersIfDefaultIsEmpty(arrayList, linkedHashSet22222222);
List<String> unmodifiableList2222222 = Collections.unmodifiableList(arrayList);
DEFAULT_CIPHERS = unmodifiableList2222222;
Set<String> unmodifiableSet22222222 = Collections.unmodifiableSet(linkedHashSet22222222);
AVAILABLE_JAVA_CIPHER_SUITES = unmodifiableSet22222222;
Set<String> set2222222 = AVAILABLE_OPENSSL_CIPHER_SUITES;
LinkedHashSet linkedHashSet32222222 = new LinkedHashSet(set2222222.size() + unmodifiableSet22222222.size());
linkedHashSet32222222.addAll(set2222222);
linkedHashSet32222222.addAll(unmodifiableSet22222222);
AVAILABLE_CIPHER_SUITES = linkedHashSet32222222;
SUPPORTS_KEYMANAGER_FACTORY = z7;
USE_KEYMANAGER_FACTORY = z;
LinkedHashSet linkedHashSet42222222 = new LinkedHashSet(6);
linkedHashSet42222222.add("SSLv2Hello");
if (doesSupportProtocol(1, SSL.SSL_OP_NO_SSLv2)) {
linkedHashSet42222222.add("SSLv2");
}
if (doesSupportProtocol(2, SSL.SSL_OP_NO_SSLv3)) {
linkedHashSet42222222.add("SSLv3");
}
if (doesSupportProtocol(4, SSL.SSL_OP_NO_TLSv1)) {
linkedHashSet42222222.add("TLSv1");
}
if (doesSupportProtocol(8, SSL.SSL_OP_NO_TLSv1_1)) {
linkedHashSet42222222.add("TLSv1.1");
}
if (doesSupportProtocol(16, SSL.SSL_OP_NO_TLSv1_2)) {
linkedHashSet42222222.add("TLSv1.2");
}
if (str2 == null && doesSupportProtocol(32, SSL.SSL_OP_NO_TLSv1_3)) {
linkedHashSet42222222.add("TLSv1.3");
TLSV13_SUPPORTED = true;
} else {
TLSV13_SUPPORTED = false;
}
Set<String> unmodifiableSet32222222 = Collections.unmodifiableSet(linkedHashSet42222222);
SUPPORTED_PROTOCOLS_SET = unmodifiableSet32222222;
SUPPORTS_OCSP = doesSupportOcsp();
internalLogger = logger;
if (internalLogger.isDebugEnabled()) {
return;
}
internalLogger.debug("Supported protocols (OpenSSL): {} ", unmodifiableSet32222222);
internalLogger.debug("Default cipher suites (OpenSSL): {}", unmodifiableList2222222);
} catch (Throwable th14) {
th = th14;
}
} catch (Throwable th15) {
th = th15;
SSLContext.free(make);
throw th;
}
} catch (Throwable th16) {
th = th16;
r14 = 0;
j = 0;
j2 = 0;
j3 = 0;
}
} else {
DEFAULT_CIPHERS = Collections.emptyList();
AVAILABLE_OPENSSL_CIPHER_SUITES = Collections.emptySet();
AVAILABLE_JAVA_CIPHER_SUITES = Collections.emptySet();
AVAILABLE_CIPHER_SUITES = Collections.emptySet();
SUPPORTS_KEYMANAGER_FACTORY = false;
USE_KEYMANAGER_FACTORY = false;
SUPPORTED_PROTOCOLS_SET = Collections.emptySet();
SUPPORTS_OCSP = false;
TLSV13_SUPPORTED = false;
IS_BORINGSSL = false;
}
}
static X509Certificate selfSignedCertificate() throws CertificateException {
return (X509Certificate) SslContext.X509_CERT_FACTORY.generateCertificate(new ByteArrayInputStream(CERT.getBytes(CharsetUtil.US_ASCII)));
}
private static boolean doesSupportOcsp() {
long j;
if (version() >= 268443648) {
try {
j = SSLContext.make(16, 1);
try {
SSLContext.enableOcsp(j, false);
if (j != -1) {
SSLContext.free(j);
return true;
}
return true;
} catch (Exception unused) {
if (j != -1) {
SSLContext.free(j);
}
return false;
} catch (Throwable th) {
th = th;
if (j != -1) {
SSLContext.free(j);
}
throw th;
}
} catch (Exception unused2) {
j = -1;
} catch (Throwable th2) {
th = th2;
j = -1;
}
}
return false;
}
private static boolean doesSupportProtocol(int i, int i2) {
if (i2 == 0) {
return false;
}
try {
long make = SSLContext.make(i, 2);
if (make != -1) {
SSLContext.free(make);
}
return true;
} catch (Exception unused) {
return false;
}
}
public static boolean isAvailable() {
return UNAVAILABILITY_CAUSE == null;
}
@Deprecated
public static boolean isAlpnSupported() {
return ((long) version()) >= 268443648;
}
public static boolean isOcspSupported() {
return SUPPORTS_OCSP;
}
public static int version() {
if (isAvailable()) {
return SSL.version();
}
return -1;
}
public static String versionString() {
if (isAvailable()) {
return SSL.versionString();
}
return null;
}
public static void ensureAvailability() {
Throwable th = UNAVAILABILITY_CAUSE;
if (th != null) {
throw ((Error) new UnsatisfiedLinkError("failed to load the required native library").initCause(th));
}
}
public static Throwable unavailabilityCause() {
return UNAVAILABILITY_CAUSE;
}
@Deprecated
public static Set<String> availableCipherSuites() {
return availableOpenSslCipherSuites();
}
public static Set<String> availableOpenSslCipherSuites() {
return AVAILABLE_OPENSSL_CIPHER_SUITES;
}
public static Set<String> availableJavaCipherSuites() {
return AVAILABLE_JAVA_CIPHER_SUITES;
}
public static boolean isCipherSuiteAvailable(String str) {
String openSsl = CipherSuiteConverter.toOpenSsl(str, IS_BORINGSSL);
if (openSsl != null) {
str = openSsl;
}
return AVAILABLE_OPENSSL_CIPHER_SUITES.contains(str);
}
public static boolean supportsKeyManagerFactory() {
return SUPPORTS_KEYMANAGER_FACTORY;
}
@Deprecated
public static boolean supportsHostnameValidation() {
return isAvailable();
}
public static boolean useKeyManagerFactory() {
return USE_KEYMANAGER_FACTORY;
}
public static long memoryAddress(ByteBuf byteBuf) {
return byteBuf.hasMemoryAddress() ? byteBuf.memoryAddress() : Buffer.address(byteBuf.nioBuffer());
}
private OpenSsl() {
}
private static void loadTcNative() throws Exception {
String normalizedOs = PlatformDependent.normalizedOs();
String normalizedArch = PlatformDependent.normalizedArch();
LinkedHashSet linkedHashSet = new LinkedHashSet(5);
if ("linux".equalsIgnoreCase(normalizedOs)) {
Iterator<String> it = PlatformDependent.normalizedLinuxClassifiers().iterator();
while (it.hasNext()) {
linkedHashSet.add("netty_tcnative_" + normalizedOs + '_' + normalizedArch + "_" + it.next());
}
linkedHashSet.add("netty_tcnative_" + normalizedOs + '_' + normalizedArch);
linkedHashSet.add("netty_tcnative_" + normalizedOs + '_' + normalizedArch + "_fedora");
} else {
linkedHashSet.add("netty_tcnative_" + normalizedOs + '_' + normalizedArch);
}
linkedHashSet.add("netty_tcnative_" + normalizedArch);
linkedHashSet.add("netty_tcnative");
NativeLibraryLoader.loadFirstAvailable(SSL.class.getClassLoader(), (String[]) linkedHashSet.toArray(new String[0]));
}
private static boolean initializeTcNative(String str) throws Exception {
return Library.initialize("provided", str);
}
public static void releaseIfNeeded(ReferenceCounted referenceCounted) {
if (referenceCounted.refCnt() > 0) {
ReferenceCountUtil.safeRelease(referenceCounted);
}
}
public static boolean isTlsv13Supported() {
return TLSV13_SUPPORTED;
}
public static boolean isBoringSSL() {
return IS_BORINGSSL;
}
}