package com.ibm.hod5sslight;

import java.io.IOException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:hasslite.jar:com/ibm/hod5sslight/SSLServer.class */
public class SSLServer extends SSLConnection {
    static final int CERT_VERIFY = 32;
    static CL3 RSAKey64;
    static CL3 RSAKey128;

    private static synchronized CL3 genEphemeralRSAKey(int i) {
        if (i == 64) {
            CL3 rsaKeyGen = CL3.rsaKeyGen(512, null);
            RSAKey64 = rsaKeyGen;
            return rsaKeyGen;
        }
        CL3 rsaKeyGen2 = CL3.rsaKeyGen(1024, null);
        RSAKey128 = rsaKeyGen2;
        return rsaKeyGen2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.ibm.hod5sslight.SSLConnection
    public synchronized int install(SSLContext sSLContext) {
        if (sSLContext != null && this.handshake_state != 2) {
            return 0;
        }
        this.state = 0;
        this.handshake_state = 2;
        if (sSLContext == null) {
            return 0;
        }
        if (this.session != null) {
            SSLSession.uninstall(this.session, this, false);
            this.session = null;
        }
        this.context = sSLContext;
        return sendHelloRequest();
    }

    @Override // com.ibm.hod5sslight.SSLConnection
    int alert(int i, int i2) {
        if (this.context.debug) {
            System.out.println("SSLServer: alert.");
        }
        if (i2 != 41) {
            return 40;
        }
        try {
            if ((4 & this.handshake_state) == 0 || !this.context.handleNoPeerAuthentication(this.corr)) {
                return 40;
            }
            this.handshake_state = 8;
            return 0;
        } catch (Exception e) {
            this.exception = e;
            return 40;
        }
    }

    @Override // com.ibm.hod5sslight.SSLConnection
    int handshake(byte[] bArr, byte b, int i, int i2, int i3) {
        if (this.context.debug) {
            System.out.println(new StringBuffer().append(">> handshakeV").append(i3 == 0 ? 2 : 3).append(" type = ").append((int) b).toString());
        }
        switch (b) {
            case 1:
                if ((2 & this.handshake_state) != 0) {
                    return clientHello(bArr, i, i2, i3);
                }
                return 10;
            case 11:
                if ((4 & this.handshake_state) != 0) {
                    return clientCertificate(bArr, i, i2);
                }
                return 10;
            case SSLRuntimeException.CERT_ERROR /* 15 */:
                if ((32 & this.handshake_state) != 0) {
                    return clientCertificateVerify(bArr, i, i2);
                }
                return 10;
            case 16:
                if ((8 & this.handshake_state) != 0) {
                    return clientKeyExchange(bArr, i, i2);
                }
                return 10;
            case 20:
                if ((16 & this.handshake_state) == 0) {
                    return 10;
                }
                int finished = finished(bArr, i, i2);
                if (finished != 0) {
                    return finished;
                }
                SSLSession.install(this.session, this);
                reset();
                this.handshake_state = 2;
                return 0;
            default:
                return 10;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:45:0x00e8, code lost:
    
        if (r0.verifySignature(r1, 0, r1.length, (r0.alg != 0 || r14 == 40) ? com.ibm.hod5sslight.SSLCert.PLAIN : 0, r10, r15, r14) != false) goto L44;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private int clientCertificateVerify(byte[] r10, int r11, int r12) {
        /*
            Method dump skipped, instructions count: 301
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.hod5sslight.SSLServer.clientCertificateVerify(byte[], int, int):int");
    }

    private int clientCertificate(byte[] bArr, int i, int i2) {
        if (this.context.debug) {
            System.out.println(">> clientCertificate.");
        }
        int certificate = certificate(bArr, i, i2);
        if (certificate != 0) {
            return certificate;
        }
        if ((getCS(this.session.cipher_suite) & 3840) != 256 && this.session.peer_cert != null) {
            if ((this.session.site_cert.alg == 1) ^ (this.session.peer_cert.alg == 1)) {
                return 40;
            }
        }
        reg(bArr, i, i2);
        this.handshake_state = 8;
        return 0;
    }

    /* JADX WARN: Code restructure failed: missing block: B:71:0x019e, code lost:
    
        if (r0 <= 0) goto L56;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v17, types: [byte[], byte[][]] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private int clientKeyExchange(byte[] r12, int r13, int r14) {
        /*
            Method dump skipped, instructions count: 617
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.hod5sslight.SSLServer.clientKeyExchange(byte[], int, int):int");
    }

    /* JADX WARN: Code restructure failed: missing block: B:76:0x02c1, code lost:
    
        if (r0[r1] == 0) goto L98;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private int clientHello(byte[] r12, int r13, int r14, int r15) {
        /*
            Method dump skipped, instructions count: 1283
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.hod5sslight.SSLServer.clientHello(byte[], int, int, int):int");
    }

    private int sendServerKeyExchange() {
        if (this.context.debug) {
            System.out.println("<< sendServerKeyExchange.");
        }
        getCS(this.session.cipher_suite);
        int reg = reg(null, 0, 4) + 4;
        byte[] exportKey = CL3.exportKey(this.key_exchange, CL3.TLS);
        reg(exportKey, 0, exportKey.length);
        if (this.session.site_cert != null) {
            byte[] paramHash = paramHash(this.handshake, reg, this.handshake_off - reg, null, 0, this.session.site_cert.alg == 1);
            try {
                byte[] generateSignature = this.session.site_cert.generateSignature(paramHash, 0, paramHash.length, this.session.site_cert.alg == 0 ? 0 : SSLCert.PLAIN);
                int reg2 = reg(null, 0, generateSignature.length + 2);
                CL3.msbf2(generateSignature.length, this.handshake, reg2);
                System.arraycopy(generateSignature, 0, this.handshake, reg2 + 2, generateSignature.length);
            } catch (Exception e) {
                this.exception = e;
                return 40;
            }
        }
        return sendHandshake(12, this.handshake, reg - 4, this.handshake_off - reg, false);
    }

    private int sendHelloRequest() {
        if (this.context.debug) {
            System.out.println("<< sendHelloRequest.");
        }
        return sendHandshake(0, new byte[4], 0, 0, true);
    }

    private int sendServerHello(byte b, short s) {
        if (this.context.debug) {
            System.out.println("<< sendServerHello.");
            System.out.println(new StringBuffer().append("SSL version: ").append(this.version >>> 8).append(".").append((int) ((byte) this.version)).toString());
            System.out.println(SSLContext.getCipherSuite(s));
        }
        helloRandom();
        int length = this.session.session_id != null ? this.session.session_id.length : 0;
        int i = length;
        int i2 = 38 + length;
        int reg = reg(null, 0, 4 + i2);
        int i3 = this.version;
        byte[] bArr = this.handshake;
        CL3.msbf2(i3, bArr, reg + 4);
        System.arraycopy(this.random[1], 0, bArr, reg + 6, 32);
        int i4 = reg + 39;
        byte b2 = (byte) i;
        bArr[i4 - 1] = b2;
        if (b2 != 0) {
            System.arraycopy(this.session.session_id, 0, bArr, i4, i);
        }
        CL3.msbf2(s, bArr, i4 + i);
        return sendHandshake(2, bArr, reg, i2, false);
    }

    private int sendServerHelloDone() {
        if (this.context.debug) {
            System.out.println("<< sendServerHelloDone.");
        }
        return sendHandshake(14, this.handshake, reg(null, 0, 4), 0, true);
    }

    private int sendCertificateRequest() {
        SSLCert sSLCert;
        if (this.context.debug) {
            System.out.println("<< sendCertificateRequest.");
        }
        int i = 0;
        int reg = reg(null, 0, 9);
        if ((getCS(this.session.cipher_suite) & 3840) == 256) {
            CL3.msbf(131330, this.handshake, reg + 4, 3);
        } else {
            CL3.msbf2(this.session.site_cert.alg == 1 ? 257 : 258, this.handshake, reg + 4);
            this.handshake_off--;
        }
        for (int i2 = 0; i2 < this.context.nTokens; i2++) {
            byte[] acceptedIssuers = this.context.tokens[i2].getAcceptedIssuers();
            if (acceptedIssuers != null) {
                i += acceptedIssuers.length;
                reg(acceptedIssuers, 0, acceptedIssuers.length);
            }
        }
        if (i == 0) {
            SSLCert sSLCert2 = this.session.site_cert;
            do {
                int i3 = this.handshake_off;
                byte[] bArr = sSLCert2.x509;
                int i4 = sSLCert2.iss - 2;
                int i5 = sSLCert2.issL + 2;
                i = i5;
                reg(bArr, i4, i5);
                CL3.msbf2(sSLCert2.issL, this.handshake, i3);
                if (sSLCert2 == sSLCert2.signer) {
                    break;
                }
                sSLCert = sSLCert2.signer;
                sSLCert2 = sSLCert;
            } while (sSLCert != null);
        }
        CL3.msbf2(i, this.handshake, (this.handshake_off - i) - 2);
        return sendHandshake(13, this.handshake, reg, (this.handshake_off - reg) - 4, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLServer(SSLSocket sSLSocket, boolean z, SSLContext sSLContext, boolean z2) throws IOException, SSLException {
        install(sSLSocket, z, 1, sSLContext, z2);
    }
}
