package com.novell.service.security.net.ssl;

import com.novell.service.security.net.SecureSocketNotification;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/novell/service/security/net/ssl/SSLState.class */
public class SSLState {
    public byte[] shaHashServer;
    public byte[] md5HashServer;
    public byte[] shaHashClient;
    public byte[] md5HashClient;
    public SHA shaHandshake;
    public MD5 md5Handshake;
    public static final boolean debug = false;
    public RandomBitsSource rng;
    public byte[] preMasterSecret;
    public j tempKey;
    public SSLCertificate clientCert;
    public SSLCertificate serverCert;
    public ServerKeyExchange skx;
    public Random clientRandom;
    public Random serverRandom;
    public int writeMACalg;
    public int readMACalg;
    public byte[] writeMACsecret;
    public byte[] readMACsecret;
    public SymmetricCipher writeCipher;
    public SymmetricCipher readCipher;
    public byte[] serverIV;
    public byte[] clientIV;
    public byte[] serverKey;
    public byte[] clientKey;
    public byte[] serverMACsecret;
    public byte[] clientMACsecret;
    public byte[] masterSecret;
    public SessionID sessionID;
    public boolean client;
    public SSLParams params;
    public SSLSocketImpl socket;
    public int compressionMethod = 0;
    public boolean renegotiated = false;
    public boolean aborted = false;
    public boolean closeSent = false;
    public boolean closed = false;
    public boolean finishedReceived = false;
    public boolean handshakeInProgress = false;
    public long outSeqNum = 0;
    public long inSeqNum = 0;
    public CipherSpec currentCS = new CipherSpec();

    public void setSessionParams(SessionParams sessionParams) {
        this.sessionID = sessionParams.sessionID;
        if (this.client) {
            this.serverCert = sessionParams.peerCertificate;
        } else {
            this.clientCert = sessionParams.peerCertificate;
        }
        this.currentCS = new CipherSpec(sessionParams.cipherSuite);
        this.masterSecret = new byte[sessionParams.masterSecret.length];
        System.arraycopy(sessionParams.masterSecret, 0, this.masterSecret, 0, this.masterSecret.length);
    }

    public void setParams(SSLParams sSLParams, SessionParams sessionParams) {
        this.params = sSLParams;
        this.rng = new MD5RandomBitsSource();
        ((MD5RandomBitsSource) this.rng).seed();
        if (this.client) {
            this.clientCert = this.params.clientCert;
        } else {
            this.serverCert = this.params.serverCert;
        }
        if (sessionParams == null || !this.client) {
            return;
        }
        setSessionParams(sessionParams);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int sendNotification(String str, byte[][] bArr, int i) {
        SecureSocketNotification _getNotificationObject = _getNotificationObject();
        if (_getNotificationObject == null) {
            return 0;
        }
        _getNotificationObject.certificateChain = bArr;
        _getNotificationObject.subjectDN = str;
        return _getNotificationObject.notification(i);
    }

    public void removeSession() {
        if (SSLParams.sessionCache == null || this.sessionID == null) {
            return;
        }
        SSLParams.sessionCache.remove(this.sessionID);
    }

    public static void println(String str) {
    }

    public static void println(Object obj) {
        println(obj.toString());
    }

    public static void println() {
    }

    public static void print(String str) {
    }

    public SessionParams getSessionParams() {
        SessionParams sessionParams;
        if (this.sessionID == null) {
            return null;
        }
        if (SSLParams.sessionCache != null && (sessionParams = (SessionParams) SSLParams.sessionCache.get(this.sessionID)) != null) {
            return sessionParams;
        }
        SessionParams sessionParams2 = new SessionParams();
        sessionParams2.sessionID = this.sessionID;
        sessionParams2.peerCertificate = this.client ? this.serverCert : this.clientCert;
        sessionParams2.cipherSuite = this.currentCS.cipherSuite;
        sessionParams2.masterSecret = new byte[this.masterSecret.length];
        System.arraycopy(this.masterSecret, 0, sessionParams2.masterSecret, 0, this.masterSecret.length);
        return sessionParams2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecureSocketNotification getNotificationObject() {
        SecureSocketNotification _getNotificationObject = _getNotificationObject();
        if (_getNotificationObject != null) {
            SSLCertificate sSLCertificate = this.client ? this.serverCert : this.clientCert;
            if (sSLCertificate != null) {
                _getNotificationObject.certificateChain = sSLCertificate.getCertChainBytes();
                _getNotificationObject.subjectDN = sSLCertificate.getSubject();
            }
        }
        return _getNotificationObject;
    }

    public void finishHandshake() {
        byte[] bArr = new byte[48];
        byte[] bArr2 = new byte[48];
        Utils.setArray(bArr, (byte) 54);
        Utils.setArray(bArr2, (byte) 92);
        MD5 md5 = (MD5) this.md5Handshake.clone();
        MD5 md52 = new MD5();
        md5.update(Finished.client);
        md5.update(this.masterSecret);
        md5.update(bArr);
        md5.computeCurrent();
        md52.update(this.masterSecret);
        md52.update(bArr2);
        md52.update(md5.digestBits);
        md52.computeCurrent();
        this.md5HashClient = md52.digestBits;
        MD5 md53 = (MD5) this.md5Handshake.clone();
        MD5 md54 = new MD5();
        md53.update(Finished.server);
        md53.update(this.masterSecret);
        md53.update(bArr);
        md53.computeCurrent();
        md54.update(this.masterSecret);
        md54.update(bArr2);
        md54.update(md53.digestBits);
        md54.computeCurrent();
        this.md5HashServer = md54.digestBits;
        byte[] bArr3 = new byte[40];
        byte[] bArr4 = new byte[40];
        Utils.setArray(bArr3, (byte) 54);
        Utils.setArray(bArr4, (byte) 92);
        SHA sha = (SHA) this.shaHandshake.clone();
        SHA sha2 = new SHA();
        sha.update(Finished.client);
        sha.update(this.masterSecret);
        sha.update(bArr3);
        sha.computeCurrent();
        sha2.update(this.masterSecret);
        sha2.update(bArr4);
        sha2.update(sha.digestBits);
        sha2.computeCurrent();
        this.shaHashClient = sha2.digestBits;
        SHA sha3 = (SHA) this.shaHandshake.clone();
        SHA sha4 = new SHA();
        sha3.update(Finished.server);
        sha3.update(this.masterSecret);
        sha3.update(bArr3);
        sha3.computeCurrent();
        sha4.update(this.masterSecret);
        sha4.update(bArr4);
        sha4.update(sha3.digestBits);
        sha4.computeCurrent();
        this.shaHashServer = sha4.digestBits;
    }

    public void eraseSecrets() {
        Utils.setArray(this.preMasterSecret, (byte) 0);
        Utils.setArray(this.masterSecret, (byte) 0);
        Utils.setArray(this.clientMACsecret, (byte) 0);
        Utils.setArray(this.serverMACsecret, (byte) 0);
        Utils.setArray(this.clientKey, (byte) 0);
        Utils.setArray(this.serverKey, (byte) 0);
        Utils.setArray(this.clientIV, (byte) 0);
        Utils.setArray(this.serverIV, (byte) 0);
        Utils.setArray(this.readMACsecret, (byte) 0);
        Utils.setArray(this.writeMACsecret, (byte) 0);
        if (this.readCipher != null) {
            this.readCipher.h();
        }
        if (this.writeCipher != null) {
            this.writeCipher.h();
        }
        this.writeCipher = null;
        this.readCipher = null;
    }

    public void enableWriteCipher() {
        this.writeCipher = this.client ? this.currentCS.clientCipher : this.currentCS.serverCipher;
        this.writeCipher.c(new SymmetricKey(this.client ? this.clientKey : this.serverKey));
        if (this.writeCipher instanceof y) {
            try {
                ((y) this.writeCipher).a(this.client ? this.clientIV : this.serverIV);
            } catch (CipherException unused) {
            }
        }
        this.writeMACalg = this.currentCS.MACalgorithm;
        this.writeMACsecret = this.client ? this.clientMACsecret : this.serverMACsecret;
    }

    public void enableReadCipher() {
        this.readCipher = this.client ? this.currentCS.serverCipher : this.currentCS.clientCipher;
        this.readCipher.c(new SymmetricKey(this.client ? this.serverKey : this.clientKey));
        if (this.readCipher instanceof y) {
            try {
                ((y) this.readCipher).a(this.client ? this.serverIV : this.clientIV);
            } catch (CipherException unused) {
            }
        }
        this.readMACalg = this.currentCS.MACalgorithm;
        this.readMACsecret = this.client ? this.serverMACsecret : this.clientMACsecret;
    }

    public void computeSecrets() {
        int i = CipherSpec.hashSize[this.currentCS.MACalgorithm];
        int i2 = this.currentCS.keyMaterial;
        int i3 = this.currentCS.expKeyMaterial;
        int i4 = this.currentCS.IVsize;
        boolean z = this.currentCS.isExportable;
        byte[] bytes = Utils.toBytes(this.clientRandom);
        byte[] bytes2 = Utils.toBytes(this.serverRandom);
        this.clientMACsecret = new byte[i];
        this.serverMACsecret = new byte[i];
        this.clientKey = new byte[i2];
        this.serverKey = new byte[i2];
        this.clientIV = new byte[i4];
        this.serverIV = new byte[i4];
        int i5 = (((2 * ((i + i2) + (z ? 0 : i4))) - 1) / 16) + 1;
        byte[] bArr = new byte[i5 * 16];
        for (int i6 = 0; i6 < i5; i6++) {
            MD5 md5 = new MD5();
            SHA sha = new SHA();
            for (int i7 = 0; i7 < i6 + 1; i7++) {
                sha.update((byte) (65 + i6));
            }
            sha.update(this.masterSecret);
            sha.update(bytes2);
            sha.update(bytes);
            sha.computeCurrent();
            md5.update(this.masterSecret);
            md5.update(sha.digestBits);
            md5.computeCurrent();
            System.arraycopy(md5.digestBits, 0, bArr, i6 * 16, 16);
        }
        System.arraycopy(bArr, 0, this.clientMACsecret, 0, i);
        System.arraycopy(bArr, i, this.serverMACsecret, 0, i);
        System.arraycopy(bArr, 2 * i, this.clientKey, 0, i2);
        System.arraycopy(bArr, (2 * i) + i2, this.serverKey, 0, i2);
        if (z) {
            MD5 md52 = new MD5();
            md52.update(bytes);
            md52.update(bytes2);
            md52.computeCurrent();
            System.arraycopy(md52.digestBits, 0, this.clientIV, 0, i4);
            MD5 md53 = new MD5();
            md53.update(bytes2);
            md53.update(bytes);
            md53.computeCurrent();
            System.arraycopy(md53.digestBits, 0, this.serverIV, 0, i4);
        } else {
            System.arraycopy(bArr, 2 * (i + i2), this.clientIV, 0, i4);
            System.arraycopy(bArr, (2 * (i + i2)) + i4, this.serverIV, 0, i4);
        }
        if (z) {
            if (this.clientKey.length > 7 || this.serverKey.length > 7) {
                byte[] bArr2 = new byte[7];
                this.serverKey = bArr2;
                this.clientKey = bArr2;
            }
            MD5 md54 = new MD5();
            md54.update(this.clientKey);
            md54.update(Utils.toBytes(this.clientRandom));
            md54.update(Utils.toBytes(this.serverRandom));
            md54.computeCurrent();
            this.clientKey = new byte[i3];
            System.arraycopy(md54.digestBits, 0, this.clientKey, 0, i3);
            MD5 md55 = new MD5();
            md55.update(this.serverKey);
            md55.update(Utils.toBytes(this.serverRandom));
            md55.update(Utils.toBytes(this.clientRandom));
            md55.computeCurrent();
            this.serverKey = new byte[i3];
            System.arraycopy(md55.digestBits, 0, this.serverKey, 0, i3);
        }
    }

    public void computeMasterSecret() {
        this.masterSecret = new byte[48];
        for (int i = 0; i < 3; i++) {
            MD5 md5 = new MD5();
            SHA sha = new SHA();
            for (int i2 = 0; i2 < i + 1; i2++) {
                sha.update((byte) (65 + i));
            }
            sha.update(this.preMasterSecret);
            sha.update(Utils.toBytes(this.clientRandom));
            sha.update(Utils.toBytes(this.serverRandom));
            sha.computeCurrent();
            md5.update(this.preMasterSecret);
            md5.update(sha.digestBits);
            md5.computeCurrent();
            System.arraycopy(md5.digestBits, 0, this.masterSecret, i * 16, 16);
        }
        Utils.setArray(this.preMasterSecret, (byte) 0);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean canSendNotification() {
        return this.params.Notification != null;
    }

    public void cacheSession() {
        if (SSLParams.sessionCache == null || this.sessionID.id.length <= 0) {
            return;
        }
        SSLParams.sessionCache.put(this.sessionID, getSessionParams());
    }

    SecureSocketNotification _getNotificationObject() {
        SecureSocketNotification notificationObject = this.params.getNotificationObject();
        if (notificationObject != null) {
            notificationObject.socket = this.socket.getExposedSocket();
            notificationObject.sockProps = this.socket.Prop;
            if (this.sessionID != null && this.sessionID.id != null && this.sessionID.id.length != 0) {
                notificationObject.sessionID = this.sessionID.id;
            }
            if (this.currentCS.cipherSuite != 0) {
                notificationObject.cipherSuite = CipherSuiteMapper.shortToString(this.currentCS.cipherSuite);
            }
        }
        return notificationObject;
    }

    public SSLState(SSLSocketImpl sSLSocketImpl, boolean z, SSLParams sSLParams) {
        this.socket = sSLSocketImpl;
        this.client = z;
        byte[] bArr = new byte[0];
        this.clientMACsecret = bArr;
        this.serverMACsecret = bArr;
        this.clientKey = bArr;
        this.serverKey = bArr;
        enableReadCipher();
        enableWriteCipher();
        setParams(sSLParams, null);
        this.md5Handshake = new MD5();
        this.shaHandshake = new SHA();
    }
}
