package weblogic.security.SSL;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import weblogic.math.Bignum;
import weblogic.security.CoderException;
import weblogic.security.DiffieHellman;
import weblogic.security.RSApkcs1;
import weblogic.security.RandomBitsSource;
import weblogic.security.Utils;
import weblogic.utils.Hex;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic.jar:weblogic/security/SSL/ClientKeyExchange.class */
public final class ClientKeyExchange extends HandshakeMessage {
    public SSLState state;
    public Biguint gx;
    public DiffieHellman dh;
    public ServerKeyExchange skx;
    public Bignum k;
    public SSLCertificate serverCert;
    public byte[] pms;
    public byte[] encryptedPMS;

    public ClientKeyExchange(ServerKeyExchange serverKeyExchange, SSLState sSLState) {
        this(serverKeyExchange, (RandomBitsSource) null, sSLState);
    }

    public ClientKeyExchange(ServerKeyExchange serverKeyExchange, RandomBitsSource randomBitsSource, SSLState sSLState) {
        this.state = sSLState;
        this.skx = serverKeyExchange;
        if (randomBitsSource == null) {
            this.gx = new Biguint();
            return;
        }
        this.dh = new DiffieHellman(this.skx.p.val, this.skx.g.val, randomBitsSource);
        this.gx = new Biguint(this.dh.myValue());
        this.k = this.dh.getKey(this.skx.gx.val);
    }

    public ClientKeyExchange(SSLCertificate sSLCertificate, SSLState sSLState) {
        this(sSLCertificate, (RandomBitsSource) null, sSLState);
    }

    public ClientKeyExchange(SSLCertificate sSLCertificate, RandomBitsSource randomBitsSource, SSLState sSLState) {
        this.state = sSLState;
        this.serverCert = sSLCertificate;
        if (randomBitsSource != null) {
            byte[] bArr = new byte[46];
            randomBitsSource.randomBytes(bArr);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                new ProtocolVersion().output(byteArrayOutputStream);
                byteArrayOutputStream.write(bArr);
            } catch (IOException e) {
            }
            this.pms = byteArrayOutputStream.toByteArray();
            try {
                RSApkcs1 rSApkcs1 = new RSApkcs1();
                rSApkcs1.initialize(randomBitsSource, 0);
                if (this.serverCert.state.skx == null) {
                    rSApkcs1.setEncryptionKey(this.serverCert.getPublicKey());
                } else {
                    rSApkcs1.setEncryptionKey(this.serverCert.state.skx.getPublicKey());
                }
                this.encryptedPMS = rSApkcs1.encrypt(this.pms);
            } catch (CoderException e2) {
            }
        }
    }

    @Override // weblogic.security.Streamable
    public void output(OutputStream outputStream) throws IOException {
        Utils.output24bit(length() - 3, outputStream);
        if (this.state.currentCS.keyExchange == 2) {
            this.gx.output(outputStream);
        } else {
            outputStream.write(this.encryptedPMS);
        }
    }

    @Override // weblogic.security.Streamable
    public void input(InputStream inputStream) throws IOException {
        int input24bit = Utils.input24bit(inputStream);
        if (this.state.currentCS.keyExchange == 2) {
            this.gx.input(inputStream);
            this.k = this.skx.dh.getKey(this.gx.val);
            return;
        }
        this.encryptedPMS = new byte[input24bit];
        Utils.inputByteArray(this.encryptedPMS, inputStream);
        try {
            RSApkcs1 rSApkcs1 = new RSApkcs1();
            if (this.state.skx == null) {
                rSApkcs1.setDecryptionKey(this.serverCert.getPrivateKey());
            } else {
                rSApkcs1.setDecryptionKey(this.state.skx.getPrivateKey());
            }
            this.pms = rSApkcs1.decrypt(this.encryptedPMS);
        } catch (CoderException e) {
            this.pms = new byte[48];
            this.state.rng.randomBytes(this.pms);
        }
    }

    @Override // weblogic.security.Streamable
    public int length() {
        return 3 + (this.skx != null ? this.gx.length() : this.encryptedPMS.length);
    }

    public byte[] preMasterSecret() {
        if (this.state.currentCS.keyExchange == 2) {
            return new Biguint(this.k).toByteArray();
        }
        byte[] bArr = new byte[this.pms.length];
        System.arraycopy(this.pms, 0, bArr, 0, this.pms.length);
        return bArr;
    }

    public void erasePMS() {
        if (this.state.currentCS.keyExchange == 2) {
            this.k = new Bignum(0);
        } else {
            Utils.setArray(this.pms, (byte) 0);
        }
    }

    public String toString() {
        return this.state.currentCS.keyExchange == 2 ? new StringBuffer().append("gx = ").append(this.gx).append(", dh = ").append(this.dh).append(", skx = {").append(this.skx).append("}, k = ").append(this.k).toString() : new StringBuffer().append("pms = ").append(Hex.dump(this.pms)).toString();
    }
}
