package com.novell.service.security.net.ssl;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.PublicKey;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/novell/service/security/net/ssl/ServerKeyExchange.class */
public class ServerKeyExchange extends HandshakeMessage {
    public RandomBitsSource rbs;
    public byte[] sigBytes;
    public byte[] paramBytes;
    public Biguint exponent;
    public Biguint modulus;
    public w dh;
    public Biguint gx;
    public Biguint g;
    public Biguint p;
    SSLState state;

    void verifySignature() throws IOException {
        try {
            PublicKey publicKey = this.state.serverCert.getPublicKey();
            if (this.state.currentCS.serverCertType == 3) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                this.state.clientRandom.output(byteArrayOutputStream);
                this.state.serverRandom.output(byteArrayOutputStream);
                byteArrayOutputStream.write(this.paramBytes);
                X509 bottomCert = this.state.serverCert.getBottomCert();
                try {
                    java.security.Signature signature = java.security.Signature.getInstance("DSA");
                    signature.initVerify(bottomCert.getPublicKey());
                    signature.update(byteArrayOutputStream.toByteArray());
                    if (!signature.verify(this.sigBytes)) {
                        throw new IOException("Invalid signature");
                    }
                    return;
                } catch (Exception e) {
                    throw new IOException(e.toString());
                }
            }
            if (this.state.currentCS.serverCertType == 1) {
                f fVar = new f(2);
                fVar.a((h) publicKey);
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(fVar.b(this.sigBytes));
                byte[] bArr = new byte[16];
                byte[] bArr2 = new byte[20];
                Utils.inputByteArray(bArr, byteArrayInputStream);
                Utils.inputByteArray(bArr2, byteArrayInputStream);
                DigestOutputStream digestOutputStream = new DigestOutputStream(new NullOutputStream(), new MD5());
                this.state.clientRandom.output(digestOutputStream);
                this.state.serverRandom.output(digestOutputStream);
                digestOutputStream.write(this.paramBytes);
                digestOutputStream.computeCurrent();
                DigestOutputStream digestOutputStream2 = new DigestOutputStream(new NullOutputStream(), new SHA());
                this.state.clientRandom.output(digestOutputStream2);
                this.state.serverRandom.output(digestOutputStream2);
                digestOutputStream2.write(this.paramBytes);
                digestOutputStream2.computeCurrent();
                if (!digestOutputStream.getMessageDigest().isEqual(bArr) || !digestOutputStream2.getMessageDigest().isEqual(bArr2)) {
                    throw new IOException("Invalid signature");
                }
            }
        } catch (CoderException e2) {
            this.state.socket.sendAlert(2, 40);
            this.state.socket.abort();
            throw new IOException(e2.toString());
        } catch (Exception e3) {
            this.state.socket.sendAlert(2, 40);
            this.state.socket.abort();
            throw new IOException(e3.toString());
        }
    }

    public String toString() {
        return this.state.currentCS.keyExchange == 2 ? new StringBuffer("p = ").append(this.p).append(", g = ").append(this.g).append(", gx = ").append(this.gx).append(", dh = ").append(this.dh).toString() : new StringBuffer("modulus = ").append(this.modulus).append(", exponent = ").append(this.exponent).toString();
    }

    public byte[] preMasterSecret(ClientKeyExchange clientKeyExchange) {
        return new Biguint(this.dh.a(clientKeyExchange.gx.val)).toByteArray();
    }

    @Override // com.novell.service.security.net.ssl.HandshakeMessage, com.novell.service.security.net.ssl.Streamable
    public void output(OutputStream outputStream) throws IOException {
        Utils.output24bit(length() - 3, outputStream);
        if (this.paramBytes == null) {
            computeParamBytes();
        }
        if (this.sigBytes == null) {
            computeSigBytes();
        }
        outputStream.write(this.paramBytes);
        if (this.sigBytes.length != 0) {
            Utils.outputShort((short) this.sigBytes.length, outputStream);
            outputStream.write(this.sigBytes);
        }
    }

    @Override // com.novell.service.security.net.ssl.HandshakeMessage, com.novell.service.security.net.ssl.Streamable
    public int length() {
        if (this.paramBytes == null) {
            computeParamBytes();
        }
        if (this.sigBytes == null) {
            try {
                computeSigBytes();
            } catch (IOException e) {
                e.printStackTrace();
                return 3;
            }
        }
        return 3 + this.paramBytes.length + (this.sigBytes.length == 0 ? 0 : 2 + this.sigBytes.length);
    }

    @Override // com.novell.service.security.net.ssl.HandshakeMessage, com.novell.service.security.net.ssl.Streamable
    public void input(InputStream inputStream) throws IOException {
        Utils.input24bit(inputStream);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (this.state.currentCS.keyExchange == 2) {
            this.p = getInt(inputStream, byteArrayOutputStream);
            this.g = getInt(inputStream, byteArrayOutputStream);
            this.gx = getInt(inputStream, byteArrayOutputStream);
        } else {
            this.modulus = getInt(inputStream, byteArrayOutputStream);
            this.exponent = getInt(inputStream, byteArrayOutputStream);
        }
        this.paramBytes = byteArrayOutputStream.toByteArray();
        if (this.state.currentCS.serverCertType != 0) {
            this.sigBytes = new byte[Utils.inputShort(inputStream)];
            Utils.inputByteArray(this.sigBytes, inputStream);
            verifySignature();
        }
    }

    public h getPublicKey() {
        return new h(this.modulus.val, this.exponent.val);
    }

    Biguint getInt(InputStream inputStream, OutputStream outputStream) throws IOException {
        int inputShort = Utils.inputShort(inputStream);
        byte[] bArr = new byte[inputShort];
        Utils.inputByteArray(bArr, inputStream);
        Utils.outputShort((short) inputShort, outputStream);
        outputStream.write(bArr);
        return new Biguint(bArr);
    }

    void computeSigBytes() throws IOException {
        this.sigBytes = new byte[0];
        if (this.state.currentCS.serverCertType != 1) {
            if (this.state.currentCS.serverCertType == 3) {
                try {
                    java.security.Signature signature = java.security.Signature.getInstance("DSA");
                    signature.initSign(this.state.serverCert.getPrivateKey());
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    this.state.clientRandom.output(byteArrayOutputStream);
                    this.state.serverRandom.output(byteArrayOutputStream);
                    byteArrayOutputStream.write(this.paramBytes);
                    signature.update(byteArrayOutputStream.toByteArray());
                    this.sigBytes = signature.sign();
                    return;
                } catch (Exception e) {
                    throw new IOException(e.toString());
                }
            }
            return;
        }
        try {
            f fVar = new f(2);
            fVar.b((j) this.state.serverCert.getPrivateKey());
            DigestOutputStream digestOutputStream = new DigestOutputStream(new NullOutputStream(), new MD5());
            this.state.clientRandom.output(digestOutputStream);
            this.state.serverRandom.output(digestOutputStream);
            digestOutputStream.write(this.paramBytes);
            DigestOutputStream digestOutputStream2 = new DigestOutputStream(new NullOutputStream(), new SHA());
            this.state.clientRandom.output(digestOutputStream2);
            this.state.serverRandom.output(digestOutputStream2);
            digestOutputStream2.write(this.paramBytes);
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            byteArrayOutputStream2.write(digestOutputStream.computeCurrent());
            byteArrayOutputStream2.write(digestOutputStream2.computeCurrent());
            this.sigBytes = fVar.c(byteArrayOutputStream2.toByteArray());
        } catch (Exception e2) {
            throw new IOException(e2.toString());
        }
    }

    void computeParamBytes() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (this.state.currentCS.keyExchange == 2) {
                this.p.output(byteArrayOutputStream);
                this.g.output(byteArrayOutputStream);
                this.gx.output(byteArrayOutputStream);
            } else {
                this.modulus.output(byteArrayOutputStream);
                this.exponent.output(byteArrayOutputStream);
            }
            this.paramBytes = byteArrayOutputStream.toByteArray();
        } catch (IOException unused) {
        }
    }

    public ServerKeyExchange(SSLState sSLState) {
        this.state = sSLState;
    }

    public ServerKeyExchange(RandomBitsSource randomBitsSource, BigInteger bigInteger, BigInteger bigInteger2, SSLState sSLState) {
        this.state = sSLState;
        this.rbs = randomBitsSource;
        this.p = new Biguint(bigInteger);
        this.g = new Biguint(bigInteger2);
        this.dh = new w(this.p.val, this.g.val, this.rbs);
        this.gx = new Biguint(this.dh.a());
    }

    public ServerKeyExchange(h hVar, SSLState sSLState) {
        this.state = sSLState;
        this.modulus = new Biguint(hVar.j());
        this.exponent = new Biguint(hVar.a());
    }
}
