package com.enterprisedt.net.puretls;

import com.enterprisedt.cryptix.util.core.ArrayUtil;
import com.enterprisedt.net.puretls.cert.CertContext;
import com.enterprisedt.net.puretls.cert.CertificateDecodeException;
import com.enterprisedt.net.puretls.cert.CertificateVerifyException;
import com.enterprisedt.net.puretls.cert.X509Cert;
import com.enterprisedt.net.puretls.crypto.DHPrivateKey;
import com.enterprisedt.net.puretls.sslg.SSLPolicyInt;
import com.enterprisedt.net.puretls.util.Util;
import com.enterprisedt.util.debug.Logger;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Vector;
import xjava.security.interfaces.CryptixRSAPrivateKey;
import xjava.security.interfaces.CryptixRSAPublicKey;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: SSLHandshake.java */
/* loaded from: input_file:com/enterprisedt/net/puretls/m.class */
public abstract class m {
    private static Logger x = Logger.getLogger("SSLHandshake");
    public static byte[] a = {54};
    public static byte[] b = {92};
    int d;
    j e;
    byte[] f;
    boolean g;
    CertContext h;
    Vector i;
    SecureRandom j;
    o n;
    g o;
    byte[] p;
    byte[] q;
    PublicKey r;
    PublicKey s;
    DHPrivateKey t;
    ByteArrayOutputStream c = new ByteArrayOutputStream();
    byte[] k = new byte[32];
    byte[] l = new byte[32];
    CryptixRSAPrivateKey u = null;
    CryptixRSAPublicKey v = null;
    int w = 0;
    o m = new o();

    public m(j jVar) {
        this.e = jVar;
        this.h = new CertContext(jVar.d.a());
        this.j = new SecureRandom(jVar.d.g());
        a(jVar.d.c(), jVar.d());
    }

    public void a() throws IOException {
        while (this.d != 255) {
            try {
                c();
            } catch (SSLCaughtAlertException e) {
                SSLCaughtAlertException sSLCaughtAlertException = new SSLCaughtAlertException(e.getAlert(), new StringBuffer().append("at handshake state ").append(b()).toString());
                sSLCaughtAlertException.initCause(e);
                throw sSLCaughtAlertException;
            }
        }
        this.e.r = this.f.length != 0 ? this.f : null;
        this.e.l = new u(this.e);
        SSLDebug.debug(4, "Handshake completed");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String b() {
        switch (this.d) {
            case 0:
                return "SSL_HT_HELLO_REQUEST";
            case 1:
                return "SSL_HT_CLIENT_HELLO";
            case 2:
                return "SSL_HT_SERVER_HELLO";
            case 11:
                return "SSL_HT_CERTIFICATE";
            case 12:
                return "SSL_HT_SERVER_KEY_EXCHANGE";
            case 13:
                return "SSL_HT_CERTIFICATE_REQUEST";
            case 14:
                return "SSL_HT_SERVER_HELLO_DONE";
            case 15:
                return "SSL_HT_CERTIFICATE_VERIFY";
            case 16:
                return "SSL_HT_CLIENT_KEY_EXCHANGE";
            case 20:
                return "SSL_HT_FINISHED or SSL_HS_WAIT_FOR_CHANGE_CIPHER_SPECS";
            case 21:
                return "SSL_HS_WAIT_FOR_FINISHED";
            case 255:
                return "SSL_HT_V2_CLIENT_HELLO or SSL_HANDSHAKE_FINISHED";
            default:
                return new StringBuffer().append("").append(this.d).toString();
        }
    }

    public abstract void c() throws IOException;

    public void a(j jVar, int i, v vVar) throws IOException {
        a(jVar, i, vVar, true);
    }

    public void a(j jVar, int i, v vVar, boolean z) throws IOException, Error {
        vVar.a(jVar, this.c);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(this.c.size() + 10);
        new p(i, this.c.size()).a(jVar, byteArrayOutputStream);
        this.c.writeTo(byteArrayOutputStream);
        this.c.reset();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        if (z) {
            this.m.a(byteArray);
        }
        new y(jVar, 22, byteArray).a(jVar);
    }

    public InputStream a(j jVar, p pVar) throws IOException {
        pVar.a(jVar, jVar.h);
        switch (pVar.a.a) {
            case 15:
            case 20:
                try {
                    this.n = (o) this.m.clone();
                    break;
                } catch (CloneNotSupportedException e) {
                    throw new Error(new StringBuffer().append("Internal error: clone not supported for ").append(this.m.getClass().getName()).toString());
                }
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        pVar.a(jVar, byteArrayOutputStream);
        this.m.a(byteArrayOutputStream.toByteArray());
        byte[] bArr = new byte[pVar.b.a];
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= bArr.length) {
                this.m.a(bArr);
                return new ByteArrayInputStream(bArr);
            }
            i = jVar.h.read(bArr, i2, bArr.length - i2);
        }
    }

    public boolean d() {
        return this.d == 255;
    }

    public void a(int i) {
        SSLDebug.debug(64, new StringBuffer().append("Old handshake state is ").append(b()).toString());
        this.d = i;
        SSLDebug.debug(4, new StringBuffer().append("New handshake state is ").append(b()).toString());
    }

    public void b(int i) throws IOException {
        if (this.d == i) {
            return;
        }
        this.e.a(b.d);
    }

    public void a(int i, int i2) throws IOException {
        if (this.d == i || this.d == i2) {
            return;
        }
        this.e.a(b.d);
    }

    public void a(int i, int i2, int i3) throws IOException {
        if (this.d == i || this.d == i2 || this.d == i3) {
            return;
        }
        this.e.a(b.d);
    }

    public void a(Vector vector) throws IOException {
        c cVar = new c();
        for (int i = 1; i <= vector.size(); i++) {
            ae aeVar = new ae(-16777215);
            aeVar.b = (byte[]) vector.elementAt(vector.size() - i);
            cVar.a.a.addElement(aeVar);
        }
        a(this.e, 11, cVar);
    }

    public void a(InputStream inputStream) throws IOException {
        c cVar = new c();
        Vector vector = new Vector();
        Vector vector2 = null;
        cVar.a(this.e, inputStream);
        if (cVar.a.a.size() == 0) {
            this.e.a(b.p);
        }
        SSLDebug.debug(32, "Received certificate list - ", cVar.a.a.size());
        for (int i = 1; i <= cVar.a.a.size(); i++) {
            SSLDebug.debug(32, "Reading certificate - ", i);
            vector.addElement(new X509Cert(((ae) cVar.a.a.elementAt(cVar.a.a.size() - i)).b));
        }
        try {
            vector2 = X509Cert.verifyCertChain(this.h, vector, this.e.d().getCertVerifyPolicy());
            x.debug(new StringBuffer().append(vector.size()).append(" certificates supplied.").append(vector2 != null ? vector2.size() : 0).append(" verified certificates.").toString());
        } catch (CertificateDecodeException e) {
            this.e.a(b.k, e);
        } catch (CertificateVerifyException e2) {
            if (SSLDebug.getDebug(32)) {
                e2.printStackTrace();
            }
            this.e.a(b.k, e2);
        }
        boolean z = vector2 != null;
        boolean acceptUnverifiableCertificatesP = this.e.d().acceptUnverifiableCertificatesP();
        x.debug(new StringBuffer().append("isVerified=").append(z).append(", acceptUnverified=").append(acceptUnverifiableCertificatesP).toString());
        if (acceptUnverifiableCertificatesP || this.e.d.getVerifier() == null) {
            if (vector2 == null && !acceptUnverifiableCertificatesP) {
                throw new CertificateVerifyException("Server certificate could not be validated.", vector);
            }
        } else if (!this.e.d.getVerifier().acceptPeerCertificate(vector, z)) {
            throw new CertificateVerifyException("Server certificate could not be validated.", vector);
        }
        this.r = ((X509Cert) vector.elementAt(vector.size() - 1)).getPublicKey();
        this.e.o = vector2;
    }

    public void e() {
        w a2 = w.a(this.e.b);
        SSLDebug.debug(8, "Pre master secret", this.p);
        this.q = new byte[48];
        a2.a(this.p, 1, this.k, this.l, this.q);
        SSLDebug.debug(8, "Master secret", this.q);
    }

    public void f() {
        this.e.u = new f();
        this.e.v = new f();
        try {
            f.a(this, this.e.u, this.e.v);
        } catch (KeyException e) {
            e.printStackTrace();
            throw new Error(e.toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new Error(e2.toString());
        } catch (NoSuchProviderException e3) {
            throw new Error(e3.toString());
        }
    }

    public void g() throws IOException {
        new y(this.e, 20, new byte[]{1}).a(this.e);
        this.e.s = this.e.u;
        this.e.w = 0L;
    }

    public void b(InputStream inputStream) throws IOException {
        new l(this.e, this, false).a(this.e, inputStream);
    }

    public void h() throws IOException {
        a(this.e, 20, new l(this.e, this, true));
        this.e.k.flush();
    }

    public void a(byte[] bArr) throws IOException {
        byte[] bArr2 = {1};
        b(20);
        if (!ArrayUtil.areEqual(bArr2, bArr)) {
            this.e.a(b.p);
        }
        this.e.t = this.e.v;
        this.e.x = 0L;
        a(21);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void a(String str) {
        SSLDebug.debug(64, new StringBuffer().append("Requesting storage of session using key ").append(str).toString(), this.f);
        this.e.d.storeSession(str, new ad(this, str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ad b(String str) {
        SSLDebug.debug(4, new StringBuffer().append("Trying to recover session using key ").append(str).toString());
        ad findSession = this.e.d.findSession(str);
        if (findSession == null || findSession.c() >= System.currentTimeMillis()) {
            return findSession;
        }
        this.e.d.destroySession(findSession.d());
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void a(ad adVar) {
        adVar.a(this);
    }

    protected void a(PrivateKey privateKey, SSLPolicyInt sSLPolicyInt) {
        String algorithm = privateKey.getAlgorithm();
        this.i = new Vector();
        short[] cipherSuites = this.e.d().getCipherSuites();
        for (int i = 0; i < cipherSuites.length; i++) {
            g a2 = g.a(cipherSuites[i]);
            if (a2 == null) {
                SSLDebug.debug(16, new StringBuffer().append("Rejecting unrecognized cipher suite").append((int) cipherSuites[i]).toString());
            } else if (a2.d().equals(algorithm)) {
                SSLDebug.debug(16, new StringBuffer().append("Accepting cipher suite: ").append(a2.b()).toString());
                this.i.addElement(a2);
            } else {
                SSLDebug.debug(16, new StringBuffer().append("Rejecting cipher suite: ").append(a2.b()).append(" -- incompatible with signature algorithm ").append(algorithm).toString());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void b(byte[] bArr) {
        if (bArr.length != 32) {
            throw new InternalError("Incorrect random value length");
        }
        this.j.nextBytes(bArr);
        System.arraycopy(Util.toBytes(System.currentTimeMillis() / 1000, 4), 0, bArr, 0, 4);
    }
}
