package com.rsa.ssl.ssl2;

import com.rsa.certj.cert.X509Certificate;
import com.rsa.jsafe.JSAFE_Exception;
import com.rsa.jsafe.JSAFE_MessageDigest;
import com.rsa.jsafe.JSAFE_PublicKey;
import com.rsa.ssl.AlertException;
import com.rsa.ssl.AlertedException;
import com.rsa.ssl.CipherSuite;
import com.rsa.ssl.CompressionMethod;
import com.rsa.ssl.SSLException;
import com.rsa.ssl.SSLParams;
import com.rsa.ssl.SSLSession;
import com.rsa.ssl.ciphers.Null_With_Null_Null;
import com.rsa.ssl.ciphers.RSA_With_RC4_MD5;
import com.rsa.ssl.common.AuthenticationInfo;
import com.rsa.ssl.common.HelloInformation;
import java.io.IOException;

/* loaded from: input_file:lib/external/sslj.jar:com/rsa/ssl/ssl2/SSLJaw.class */
public class SSLJaw extends SSLJak {
    private HelloInformation a;
    private SSLSession b;
    private boolean c = false;
    private X509Certificate[] d = null;
    private AuthenticationInfo e = null;

    public SSLJaw(SSLParams sSLParams, HelloInformation helloInformation, PacketInputStream packetInputStream, PacketOutputStream packetOutputStream, String str) throws AlertException, AlertedException, SSLException {
        super.c = sSLParams;
        super.a = new Null_With_Null_Null();
        super.d = packetInputStream;
        super.e = packetOutputStream;
        packetInputStream.setCipherSuite(super.a);
        packetOutputStream.setCipherSuite(super.a);
        this.j = str;
        this.a = helloInformation;
        this.g = helloInformation.getRandom();
        this.b = sSLParams.getSession(helloInformation.getSessionID());
        try {
            f();
        } catch (AlertException e) {
            if ((sSLParams.getDebug() & 1) == 1) {
                sSLParams.getDebugOutput().println(new StringBuffer().append("STATE: Sending alert because: ").append(e.getMessage()).toString());
            }
            try {
                super.e.write(e.getLevel());
                super.e.write(e.getDescription());
                super.e.flush();
                super.e.close();
            } catch (IOException e2) {
            }
            throw e;
        } catch (AlertedException e3) {
            throw e3;
        } catch (IOException e4) {
            throw new SSLException(e4.getMessage());
        }
    }

    private void f() throws AlertException, AlertedException, SSLException {
        try {
            g();
            if (this.b == null) {
                h();
            } else {
                super.b = this.b.getCipherSuite();
                if (super.b == null) {
                    throw new AlertException("No supported Cipher Suites", 0, 1);
                }
                a(this.b.getMasterSecret(), this.g, this.i, true);
                super.a = super.b;
                super.d.setCipherSuite(super.a);
                super.e.setCipherSuite(super.a);
            }
            j();
            if (super.c.getClientAuthentication() != 0) {
                a();
            }
            i();
            if (super.c.getClientAuthentication() != 0) {
                l();
            }
            k();
            if (super.c.getSession(this.b.getID()) == null) {
                super.c.cacheSession(this.b);
            }
        } catch (AlertException e) {
            throw e;
        } catch (AlertedException e2) {
            throw e2;
        } catch (IOException e3) {
            throw new SSLException(e3.getMessage());
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v34, types: [byte[]] */
    private void g() throws SSLException {
        byte[] bArr;
        byte[][] bArr2;
        if ((super.c.getDebug() & 1) == 1) {
            super.c.getDebugOutput().println("STATE: Sending the Server Hello");
        }
        this.i = new byte[16];
        super.c.getRandom().nextBytes(this.i);
        try {
            int i = 1;
            int i2 = 0;
            if (this.b == null) {
                this.e = super.c.chooseCertificateChain(new RSA_With_RC4_MD5());
                bArr = this.e.encodingAt(0);
                bArr2 = new byte[1];
                super.b = a(this.a.getCipherSuitesList());
                if (super.b == null) {
                    throw new AlertException("No available cipher suites", 2, 1);
                }
                if ((super.c.getDebug() & 4) == 4) {
                    super.c.getDebugOutput().println(new StringBuffer().append("Using Cipher Suite: ").append(super.b.getCipherSuiteName()).toString());
                }
                bArr2[0] = super.b.getID(2);
            } else {
                bArr = new byte[0];
                bArr2 = new byte[0][0];
                i2 = 1;
                i = 0;
            }
            SSLJai sSLJai = new SSLJai(i2, i, this.i, bArr, bArr2);
            if ((super.c.getDebug() & 1) == 1) {
                super.c.getDebugOutput().println(sSLJai);
            }
            sSLJai.a(super.e);
        } catch (AlertException e) {
            throw e;
        } catch (IOException e2) {
            throw new SSLException("An IO Exception occured while writing the Server Hello");
        }
    }

    private void h() throws AlertException, AlertedException, SSLException {
        if ((super.c.getDebug() & 1) == 1) {
            super.c.getDebugOutput().println("STATE: Receiving the Client Master Key");
        }
        SSLJal sSLJal = new SSLJal();
        try {
            sSLJal.b(super.d);
            if ((super.c.getDebug() & 1) == 1) {
                super.c.getDebugOutput().println(sSLJal);
            }
            byte[] c = sSLJal.c();
            if (this.e.isEncryptedKey()) {
                super.b.setPrivateKey(this.e.getPrivateKey(), 0, this.e.getPassPhrase());
            } else {
                super.b.setPrivateKey(this.e.getJSAFEPrivateKey());
            }
            super.b.setPrivateKeyStrength(this.e.getPrivateKeyStrength());
            byte[] bArr = new byte[c.length];
            boolean z = false;
            int i = 0;
            try {
                i = super.b.decryptAsymmetric(c, 0, c.length, bArr, 0);
                z = true;
            } catch (SSLException e) {
                if ((super.c.getDebug() & 1) == 1) {
                    super.c.getDebugOutput().println("WARNING: failed to decrypt");
                }
            }
            this.f = new byte[sSLJal.a().length + i];
            if (z) {
                System.arraycopy(sSLJal.a(), 0, this.f, 0, sSLJal.a().length);
                System.arraycopy(bArr, 0, this.f, sSLJal.a().length, i);
            } else {
                if ((super.c.getDebug() & 1) == 1) {
                    super.c.getDebugOutput().println("WARNING: possible attack occurred, will fail with decrytpion or bad mac error!");
                }
                super.c.getRandom().nextBytes(this.f);
            }
            System.arraycopy(this.g, 0, new byte[16], 0, 16);
            a(this.f, this.g, this.i, true);
            if (super.b.getSymmetricBlockSize() != 1) {
                byte[] d = sSLJal.d();
                super.b.setReadIV(d, 0);
                super.b.setWriteIV(d, 0);
            }
            super.a = super.b;
            super.d.setCipherSuite(super.a);
            super.e.setCipherSuite(super.a);
        } catch (AlertException e2) {
            throw e2;
        } catch (AlertedException e3) {
            throw e3;
        } catch (IOException e4) {
            throw new SSLException("An IO Exception occured while reading the Client Master Key");
        }
    }

    private void i() throws SSLException {
        if ((super.c.getDebug() & 1) == 1) {
            super.c.getDebugOutput().println("STATE: Receiving the Client Finished message");
        }
        SSLJan sSLJan = new SSLJan();
        try {
            sSLJan.b(super.d);
            if (!a(sSLJan.a(), this.i)) {
                throw new SSLException("Client finished did not verify");
            }
            if ((super.c.getDebug() & 1) == 1) {
                super.c.getDebugOutput().println(sSLJan);
            }
        } catch (IOException e) {
            throw new SSLException("An IO Exception occured while reading the client finished message");
        }
    }

    private void j() throws SSLException {
        if ((super.c.getDebug() & 1) == 1) {
            super.c.getDebugOutput().println("STATE: Sending the Server Verify message");
        }
        SSLJam sSLJam = new SSLJam(this.g);
        try {
            sSLJam.a(super.e);
            if ((super.c.getDebug() & 1) == 1) {
                super.c.getDebugOutput().println(sSLJam);
            }
        } catch (IOException e) {
            throw new SSLException("Server Verify did not verify");
        }
    }

    private void k() throws SSLException {
        byte[] id;
        if ((super.c.getDebug() & 1) == 1) {
            super.c.getDebugOutput().println("STATE: Sending Server Finished message");
        }
        if (this.b == null) {
            id = new byte[16];
            super.c.getRandom().nextBytes(id);
            this.b = new SSLSession(id, this.j, System.currentTimeMillis(), this.f, super.b, null, null, super.c, 2);
            if (super.b.getSymmetricBlockSize() != 1) {
                this.b.setIV(super.b.getReadIV());
            }
        } else {
            id = this.b.getID();
        }
        SSLJap sSLJap = new SSLJap(id);
        try {
            sSLJap.a(super.e);
            if ((super.c.getDebug() & 1) == 1) {
                super.c.getDebugOutput().println(sSLJap);
            }
        } catch (IOException e) {
            throw new SSLException("An IO Exception occured while sending the Server Finished message");
        }
    }

    public void a() throws SSLException, AlertException {
        if ((super.c.getDebug() & 1) == 1) {
            super.c.getDebugOutput().println("STATE: Sending Certificate Request");
        }
        try {
            SSLJao sSLJao = new SSLJao(1, this.g);
            if ((super.c.getDebug() & 1) == 1) {
                super.c.getDebugOutput().println(sSLJao.toString());
            }
            sSLJao.a(super.e);
        } catch (IOException e) {
            throw new SSLException("There was an IOException while sending the certificate request");
        }
    }

    private void l() throws SSLException, AlertException {
        if ((super.c.getDebug() & 1) == 1) {
            super.c.getDebugOutput().println("STATE: Receiving certificate from client");
        }
        try {
            if (super.d.read() == 0) {
                super.d.read();
                int read = super.d.read();
                if (read != 2) {
                    throw new AlertedException("Unexpected message", 2, read);
                }
                if (super.c.getClientAuthentication() != 2) {
                    throw new AlertedException("No Certificate", 2, 2);
                }
                return;
            }
            SSLJaq sSLJaq = new SSLJaq();
            sSLJaq.b(super.d);
            if ((super.c.getDebug() & 1) == 1) {
                super.c.getDebugOutput().println(sSLJaq.toString());
            }
            byte[] b = sSLJaq.b();
            byte[] c = sSLJaq.c();
            this.d = new X509Certificate[1];
            this.d[0] = new X509Certificate(b, 0, 0);
            JSAFE_PublicKey subjectPublicKey = this.d[0].getSubjectPublicKey(super.c.getDevice());
            try {
                super.b.setSignPublicKey(subjectPublicKey);
            } catch (SSLException e) {
                try {
                    super.b.setSignPublicKey(subjectPublicKey.getKeyData(new StringBuffer().append(subjectPublicKey.getAlgorithm()).append("PublicKeyBER").toString())[0], 0);
                } catch (JSAFE_Exception e2) {
                    throw new AlertException(new StringBuffer().append("Could not set the public key: ").append(e2.getMessage()).toString(), 2, 3);
                }
            }
            this.c = true;
            if (super.c.getTruster().verifyCertificate(super.c, this.d, super.b) == -1) {
                throw new AlertException("certificate unknown", 2, 3);
            }
            if (this.b != null) {
                this.b.setClientCertChain(this.d);
            }
            if (this.e == null) {
                this.e = super.c.chooseCertificateChain(this.b.getCipherSuite());
            }
            try {
                byte[] encodingAt = this.e.encodingAt(0);
                byte[] bArr = new byte[this.h.length + this.g.length + encodingAt.length];
                System.arraycopy(this.h, 0, bArr, 0, this.h.length);
                System.arraycopy(this.g, 0, bArr, this.h.length, this.g.length);
                System.arraycopy(encodingAt, 0, bArr, this.h.length + this.g.length, encodingAt.length);
                JSAFE_MessageDigest jSAFE_MessageDigest = JSAFE_MessageDigest.getInstance("MD5", super.c.getDevice());
                jSAFE_MessageDigest.digestInit();
                jSAFE_MessageDigest.digestUpdate(bArr, 0, bArr.length);
                byte[] digestFinal = jSAFE_MessageDigest.digestFinal();
                if (super.b.verify(c, 0, c.length, digestFinal, 0, digestFinal.length)) {
                } else {
                    throw new AlertException("Could not verify the digital signature sent by client", 2, 3);
                }
            } catch (AlertException e3) {
                throw e3;
            } catch (Exception e4) {
                throw new SSLException("CLIENT Authentication error");
            }
        } catch (Exception e5) {
            throw new AlertException(new StringBuffer().append("Could not handle the client's certificate: ").append(e5.getMessage()).toString(), 2, 3);
        }
    }

    private CipherSuite a(byte[][] bArr) throws SSLException {
        CipherSuite[] cipherSuites = super.c.getCipherSuites();
        for (int i = 0; i < bArr.length; i++) {
            for (int i2 = 0; i2 < cipherSuites.length; i2++) {
                byte[] id = cipherSuites[i2].getID(2);
                if (id != null && bArr[i] != null) {
                    if (a(id, bArr[i])) {
                        return cipherSuites[i2];
                    }
                    byte[] bArr2 = new byte[3];
                    byte[] id2 = cipherSuites[i2].getID(768);
                    if (id2 != null) {
                        bArr2[1] = id2[0];
                        bArr2[2] = id2[1];
                        if (a(bArr2, bArr[i])) {
                            return cipherSuites[i2];
                        }
                    } else {
                        continue;
                    }
                }
            }
        }
        return null;
    }

    public CompressionMethod b() {
        return null;
    }

    public SSLSession c() {
        return this.b;
    }

    public X509Certificate[] e() {
        return this.d;
    }
}
