package com.ibm.oti.connection.ssl;

import com.ibm.oti.crypto.Key;
import com.ibm.oti.crypto.Provider;
import com.ibm.oti.util.Msg;
import java.io.IOException;

/* loaded from: input_file:ive-2.2/runtimes/linux/x86/midp20/lib/jclMidp20/classes.zip:com/ibm/oti/connection/ssl/CipherAlgorithm.class */
public class CipherAlgorithm {
    public static final int CIPHER_TYPE_STREAM = 1;
    public static final int CIPHER_TYPE_BLOCK = 2;
    protected ConnectionState state;
    Provider provider;
    Key clientWriteKey = null;
    Key serverWriteKey = null;

    public CipherAlgorithm(Provider provider) {
        this.provider = provider;
    }

    public void setConnectionState(ConnectionState connectionState) {
        this.state = connectionState;
    }

    public int getKeyMaterialSize() {
        return this.provider.getKeyLength();
    }

    public int getBlockSize() {
        return this.provider.getIVLength();
    }

    public int getIVSize() {
        return this.provider.getIVLength();
    }

    protected int getCipherType() {
        return this.provider.getIVLength() > 0 ? 2 : 1;
    }

    public byte[] encipher(byte[] bArr, byte b) throws IOException {
        byte[] concatenate = Util.concatenate(bArr, computeMACHash(bArr, b, this.state.transmitSequenceNumber, this.state.clientWriteMACSecret));
        if (this.clientWriteKey == null) {
            this.clientWriteKey = this.provider.createKey(this.state.clientWriteKey);
        }
        this.clientWriteKey.cryptInit(1, 3, this.state.clientWriteIV);
        this.clientWriteKey.cryptUpdate(concatenate, 0, concatenate.length);
        byte[] cryptFinish = this.clientWriteKey.cryptFinish();
        System.arraycopy(cryptFinish, cryptFinish.length - this.state.clientWriteIV.length, this.state.clientWriteIV, 0, this.state.clientWriteIV.length);
        return cryptFinish;
    }

    public byte[] decipher(byte[] bArr, byte b) throws IOException {
        if (this.serverWriteKey == null) {
            this.serverWriteKey = this.provider.createKey(this.state.serverWriteKey);
        }
        this.serverWriteKey.cryptInit(2, 3, this.state.serverWriteIV);
        this.serverWriteKey.cryptUpdate(bArr, 0, bArr.length);
        byte[] cryptFinish = this.serverWriteKey.cryptFinish();
        byte[] bArr2 = new byte[this.state.getHashingAlgorithm().getHashSize()];
        System.arraycopy(cryptFinish, cryptFinish.length - bArr2.length, bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[cryptFinish.length - bArr2.length];
        System.arraycopy(cryptFinish, 0, bArr3, 0, bArr3.length);
        if (bArr2.length > 0 && !isValidMACHash(bArr2, bArr3, b)) {
            throw new IOException(Msg.getString("K01d3"));
        }
        System.arraycopy(bArr, bArr.length - this.state.serverWriteIV.length, this.state.serverWriteIV, 0, this.state.serverWriteIV.length);
        return bArr3;
    }

    private byte[] computeMACHash(byte[] bArr, byte b, int i, byte[] bArr2) {
        return this.state.getHashingAlgorithm().getHashSize() == 0 ? new byte[0] : this.state.getHashingAlgorithm().hash(Util.concatenate(bArr2, this.state.getHashingAlgorithm().getPad2(), this.state.getHashingAlgorithm().hash(Util.concatenate(bArr2, this.state.getHashingAlgorithm().getPad1(), Util.getBytes(i, 8), Util.getBytes((int) b, 1), Util.getBytes(bArr.length, 2), bArr))));
    }

    private byte[] generatePadding(int i) {
        byte[] bArr = new byte[i];
        for (int i2 = 0; i2 < i; i2++) {
            bArr[i2] = 0;
        }
        return bArr;
    }

    private boolean isValidMACHash(byte[] bArr, byte[] bArr2, byte b) {
        return Util.equals(bArr, computeMACHash(bArr2, b, this.state.receiveSequenceNumber, this.state.serverWriteMACSecret));
    }
}
