package com.certicom.tls.ciphersuite;

import com.certicom.tls.interfaceimpl.ProtocolVersion;
import com.certicom.tls.interfaceimpl.ProtocolVersions;
import com.certicom.tls.provider.Cipher;
import com.certicom.tls.provider.CryptoLabels;
import com.certicom.tls.provider.Mac;
import com.certicom.tls.provider.MessageDigest;
import com.certicom.tls.provider.spec.GenericKey;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import weblogic.security.utils.SSLSetup;

/* loaded from: input_file:weblogic.jar:com/certicom/tls/ciphersuite/SecurityParameters.class */
public final class SecurityParameters implements CryptoLabels, CryptoNames, ProtocolVersions {
    private byte[] readMacSecret;
    private byte[] writeMacSecret;
    private byte[] readCipherSecret;
    private byte[] writeCipherSecret;
    private byte[] readIV;
    private byte[] writeIV;
    private byte[] clientRandom;
    private byte[] serverRandom;
    private int challengeLength;
    private byte[] masterSecret;
    private CipherSuite cipherSuite;
    private ProtocolVersion protocolVersion;

    public SecurityParameters(CipherSuite cipherSuite, byte[] bArr, byte[] bArr2, byte[] bArr3, ProtocolVersion protocolVersion, boolean z) throws NoSuchAlgorithmException {
        this.masterSecret = bArr;
        this.cipherSuite = cipherSuite;
        this.protocolVersion = protocolVersion;
        this.clientRandom = bArr2;
        this.serverRandom = bArr3;
        deriveKeys(bArr2, bArr3, z);
    }

    public SecurityParameters(CipherSuite cipherSuite, byte[] bArr, byte[] bArr2, byte[] bArr3, ProtocolVersion protocolVersion, int i, boolean z) throws NoSuchAlgorithmException {
        this.masterSecret = bArr;
        this.cipherSuite = cipherSuite;
        this.protocolVersion = protocolVersion;
        this.clientRandom = bArr2;
        this.serverRandom = bArr3;
        this.challengeLength = i;
        if (!protocolVersion.equals(ProtocolVersions.SSL20)) {
            throw new NoSuchAlgorithmException();
        }
        makeSSL2Keys(z);
    }

    public Cipher createReadCipher() throws NoSuchAlgorithmException {
        String cipherAlgorithm = this.cipherSuite.getCipherAlgorithm();
        Cipher cipher = Cipher.getInstance(cipherAlgorithm);
        if (cipherAlgorithm.startsWith(CryptoNames.DES)) {
            convertDESKey(this.readCipherSecret);
        }
        cipher.init(2, new GenericKey(this.readCipherSecret, cipherAlgorithm), this.readIV);
        return cipher;
    }

    private static void convertDESKey(byte[] bArr) {
        for (int i = 0; i < bArr.length; i++) {
            int i2 = 0;
            for (int i3 = 0; i3 < 7; i3++) {
                if (((bArr[i] >> (i3 + 1)) & 1) != 0) {
                    i2++;
                }
            }
            if ((i2 & 1) == 0) {
                int i4 = i;
                bArr[i4] = (byte) (bArr[i4] | 1);
            } else {
                int i5 = i;
                bArr[i5] = (byte) (bArr[i5] & 254);
            }
        }
    }

    public Cipher createWriteCipher() throws NoSuchAlgorithmException {
        String cipherAlgorithm = this.cipherSuite.getCipherAlgorithm();
        Cipher cipher = Cipher.getInstance(cipherAlgorithm);
        if (cipherAlgorithm.startsWith(CryptoNames.DES)) {
            convertDESKey(this.writeCipherSecret);
        }
        cipher.init(1, new GenericKey(this.writeCipherSecret, cipherAlgorithm), this.writeIV);
        return cipher;
    }

    public Mac createReadMac() throws NoSuchAlgorithmException {
        try {
            Mac mac = getMac();
            mac.init(new GenericKey((byte[]) this.readMacSecret.clone()));
            return mac;
        } catch (InvalidKeyException e) {
            if (!SSLSetup.getDebugEaten()) {
                return null;
            }
            SSLSetup.debug(3, e, "........... Eating Exception ..........");
            return null;
        }
    }

    public Mac createWriteMac() throws NoSuchAlgorithmException {
        try {
            Mac mac = getMac();
            mac.init(new GenericKey((byte[]) this.writeMacSecret.clone()));
            return mac;
        } catch (InvalidKeyException e) {
            if (!SSLSetup.getDebugEaten()) {
                return null;
            }
            SSLSetup.debug(3, e, "........... Eating Exception ..........");
            return null;
        }
    }

    private Mac getMac() throws NoSuchAlgorithmException {
        String macAlgorithm = this.cipherSuite.getMacAlgorithm();
        Mac mac = null;
        if (this.protocolVersion.equals(ProtocolVersions.TLS10)) {
            if (macAlgorithm.equals("SHA")) {
                macAlgorithm = "HMACSHA1";
            } else if (macAlgorithm.equals("MD5")) {
                macAlgorithm = "HMACMD5";
            }
            mac = Mac.getInstance(macAlgorithm);
        } else if (this.protocolVersion.equals(ProtocolVersions.SSL30)) {
            if (macAlgorithm.equals("SHA")) {
                mac = Mac.getInstance(CryptoNames.SSL3MAC_SHA);
            } else if (macAlgorithm.equals("MD5")) {
                mac = Mac.getInstance(CryptoNames.SSL3MAC_MD5);
            }
        } else if (this.protocolVersion.equals(ProtocolVersions.SSL20)) {
            if (macAlgorithm.equals("SHA")) {
                mac = Mac.getInstance(CryptoNames.SSL2MAC_SHA);
            } else if (macAlgorithm.equals("MD5")) {
                mac = Mac.getInstance(CryptoNames.SSL2MAC_MD5);
            }
        }
        return mac;
    }

    public void forget() {
    }

    private static byte[] SSL3_PRF_ITERATION(byte[] bArr, byte[] bArr2, byte[] bArr3, int i) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        MessageDigest messageDigest2 = MessageDigest.getInstance("SHA");
        int i2 = 65 + i;
        byte[] bArr4 = new byte[i + 1];
        for (int i3 = 0; i3 <= i; i3++) {
            bArr4[i3] = (byte) i2;
        }
        messageDigest2.update(bArr4);
        messageDigest2.update(bArr);
        messageDigest2.update(bArr2);
        messageDigest2.update(bArr3);
        messageDigest.update(bArr);
        return messageDigest.digest(messageDigest2.digest());
    }

    public static byte[] SSL3_PRF(byte[] bArr, byte[] bArr2, byte[] bArr3, int i) throws NoSuchAlgorithmException {
        byte[] bArr4 = new byte[i];
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(i + 16);
        int i2 = 0;
        int i3 = 0;
        while (i2 < i) {
            try {
                byteArrayOutputStream.write(SSL3_PRF_ITERATION(bArr, bArr2, bArr3, i3));
                i2 += 16;
                i3++;
            } catch (IOException e) {
                if (SSLSetup.getDebugEaten()) {
                    SSLSetup.debug(3, e, "........... Eating Exception ..........");
                }
            }
        }
        System.arraycopy(byteArrayOutputStream.toByteArray(), 0, bArr4, 0, i);
        return bArr4;
    }

    public static byte[] TLS_PRF(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, int i) throws NoSuchAlgorithmException {
        byte[] bArr5 = new byte[bArr3.length + bArr4.length];
        System.arraycopy(bArr3, 0, bArr5, 0, bArr3.length);
        System.arraycopy(bArr4, 0, bArr5, bArr3.length, bArr4.length);
        return TLS_PRF(bArr, bArr2, bArr5, i);
    }

    public static byte[] TLS_PRF(byte[] bArr, byte[] bArr2, byte[] bArr3, int i) throws NoSuchAlgorithmException {
        int length = bArr.length / 2;
        int i2 = bArr.length % 2 == 0 ? length : length + 1;
        byte[] bArr4 = new byte[i2];
        byte[] bArr5 = new byte[i2];
        System.arraycopy(bArr, 0, bArr4, 0, i2);
        System.arraycopy(bArr, length, bArr5, 0, i2);
        GenericKey genericKey = new GenericKey(bArr4);
        GenericKey genericKey2 = new GenericKey(bArr5);
        Mac mac = Mac.getInstance(CryptoNames.HMAC_MD5);
        Mac mac2 = Mac.getInstance(CryptoNames.HMAC_SHA);
        try {
            mac.init(genericKey);
            mac2.init(genericKey2);
        } catch (InvalidKeyException e) {
            if (SSLSetup.getDebugEaten()) {
                SSLSetup.debug(3, e, "........... Eating Exception ..........");
            }
        }
        byte[] bArr6 = new byte[bArr2.length + bArr3.length];
        System.arraycopy(bArr2, 0, bArr6, 0, bArr2.length);
        System.arraycopy(bArr3, 0, bArr6, bArr2.length, bArr3.length);
        byte[] p_hash = p_hash(mac, bArr6, i);
        byte[] p_hash2 = p_hash(mac2, bArr6, i);
        byte[] bArr7 = new byte[i];
        for (int i3 = 0; i3 < bArr7.length; i3++) {
            bArr7[i3] = (byte) (p_hash[i3] ^ p_hash2[i3]);
        }
        return bArr7;
    }

    private static byte[] p_hash(Mac mac, byte[] bArr, int i) {
        int macLength = mac.getMacLength();
        int i2 = i / macLength;
        if (i % macLength != 0) {
            i2++;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(i2 * macLength);
        byte[] bArr2 = (byte[]) bArr.clone();
        for (int i3 = 0; i3 < i2; i3++) {
            try {
                bArr2 = mac.doFinal(bArr2);
                mac.update(bArr2);
                byteArrayOutputStream.write(mac.doFinal(bArr));
            } catch (IOException e) {
                if (SSLSetup.getDebugEaten()) {
                    SSLSetup.debug(3, e, "........... Eating Exception ..........");
                }
                System.out.println(e);
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    private final void deriveKeys(byte[] bArr, byte[] bArr2, boolean z) throws NoSuchAlgorithmException {
        byte[][] makeKeys = makeKeys(bArr, bArr2);
        if (this.cipherSuite.isExportable() && this.cipherSuite.getTag() != 9) {
            makeKeysExportable(makeKeys, bArr, bArr2);
        }
        assignKeys(makeKeys, z);
    }

    private final void makeKeysExportable(byte[][] bArr, byte[] bArr2, byte[] bArr3) throws NoSuchAlgorithmException {
        int blockSize = Cipher.getInstance(this.cipherSuite.getCipherAlgorithm()).getBlockSize();
        int cipherKeyLength = this.cipherSuite.getCipherKeyLength();
        if (this.protocolVersion.equals(ProtocolVersions.TLS10)) {
            bArr[2] = TLS_PRF(bArr[2], CryptoLabels.CLIENT_WRITE_KEY, bArr2, bArr3, cipherKeyLength);
            bArr[3] = TLS_PRF(bArr[3], CryptoLabels.SERVER_WRITE_KEY, bArr2, bArr3, cipherKeyLength);
            byte[] TLS_PRF = TLS_PRF(new byte[0], CryptoLabels.IV_BLOCK, bArr2, bArr3, 2 * blockSize);
            System.arraycopy(TLS_PRF, 0, bArr[4], 0, blockSize);
            System.arraycopy(TLS_PRF, blockSize, bArr[5], 0, blockSize);
            return;
        }
        if (!this.protocolVersion.equals(ProtocolVersions.SSL30)) {
            throw new NoSuchAlgorithmException();
        }
        int cipherKeyLength2 = this.cipherSuite.getCipherKeyLength();
        byte[] bArr4 = new byte[cipherKeyLength2];
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(bArr[2]);
        messageDigest.update(bArr2);
        messageDigest.update(bArr3);
        if (this.cipherSuite.getCipherAlgorithm().equals(CryptoNames.DES)) {
            System.arraycopy(messageDigest.digest(), 0, bArr4, 0, this.cipherSuite.getCipherKeyLength());
            bArr[2] = bArr4;
        } else {
            bArr[2] = messageDigest.digest();
        }
        messageDigest.update(bArr[3]);
        messageDigest.update(bArr3);
        messageDigest.update(bArr2);
        byte[] bArr5 = new byte[cipherKeyLength2];
        if (this.cipherSuite.getCipherAlgorithm().equals(CryptoNames.DES)) {
            System.arraycopy(messageDigest.digest(), 0, bArr5, 0, this.cipherSuite.getCipherKeyLength());
            bArr[3] = bArr5;
        } else {
            bArr[3] = messageDigest.digest();
        }
        messageDigest.update(bArr2);
        messageDigest.update(bArr3);
        if (this.cipherSuite.getCipherAlgorithm().equals(CryptoNames.DES)) {
            System.arraycopy(messageDigest.digest(), 0, bArr[4], 0, blockSize);
        } else {
            bArr[4] = messageDigest.digest();
        }
        messageDigest.update(bArr3);
        messageDigest.update(bArr2);
        if (this.cipherSuite.getCipherAlgorithm().equals(CryptoNames.DES)) {
            System.arraycopy(messageDigest.digest(), 0, bArr[5], 0, blockSize);
        } else {
            bArr[5] = messageDigest.digest();
        }
    }

    private final void makeSSL2Keys(boolean z) throws NoSuchAlgorithmException {
        int cipherKeyLength = this.cipherSuite.getCipherKeyLength();
        int blockSize = Cipher.getInstance(this.cipherSuite.getCipherAlgorithm()).getBlockSize();
        String macAlgorithm = this.cipherSuite.getMacAlgorithm();
        byte[] bArr = new byte[this.challengeLength];
        System.arraycopy(this.clientRandom, this.clientRandom.length - this.challengeLength, bArr, 0, this.challengeLength);
        MessageDigest messageDigest = MessageDigest.getInstance(macAlgorithm);
        messageDigest.update(this.masterSecret);
        messageDigest.update((byte) 48);
        messageDigest.update(bArr);
        messageDigest.update(this.serverRandom);
        byte[] digest = messageDigest.digest();
        MessageDigest messageDigest2 = MessageDigest.getInstance(macAlgorithm);
        messageDigest2.update(this.masterSecret);
        messageDigest2.update((byte) (48 + 1));
        messageDigest2.update(bArr);
        messageDigest2.update(this.serverRandom);
        byte[] digest2 = messageDigest2.digest();
        this.readCipherSecret = new byte[cipherKeyLength];
        this.writeCipherSecret = new byte[cipherKeyLength];
        this.writeMacSecret = new byte[cipherKeyLength];
        this.readMacSecret = new byte[cipherKeyLength];
        if (z) {
            System.arraycopy(digest, 0, this.readCipherSecret, 0, cipherKeyLength);
            System.arraycopy(digest2, 0, this.writeCipherSecret, 0, cipherKeyLength);
        } else {
            System.arraycopy(digest2, 0, this.readCipherSecret, 0, cipherKeyLength);
            System.arraycopy(digest, 0, this.writeCipherSecret, 0, cipherKeyLength);
        }
        System.arraycopy(this.writeCipherSecret, 0, this.writeMacSecret, 0, cipherKeyLength);
        System.arraycopy(this.readCipherSecret, 0, this.readMacSecret, 0, cipherKeyLength);
        if (blockSize != 0) {
            this.readIV = new byte[blockSize];
            this.writeIV = new byte[blockSize];
            System.arraycopy(this.masterSecret, cipherKeyLength, this.readIV, 0, blockSize);
            System.arraycopy(this.masterSecret, cipherKeyLength, this.writeIV, 0, blockSize);
        }
    }

    /* JADX WARN: Type inference failed for: r0v51, types: [byte[], byte[][]] */
    private final byte[][] makeKeys(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException {
        byte[] SSL3_PRF;
        int macLength = Mac.getInstance(this.cipherSuite.getMacAlgorithm()).getMacLength();
        int cipherKeyMaterialLength = this.cipherSuite.getCipherKeyMaterialLength();
        int blockSize = Cipher.getInstance(this.cipherSuite.getCipherAlgorithm()).getBlockSize();
        int i = (2 * macLength) + (2 * cipherKeyMaterialLength) + (2 * blockSize);
        if (this.protocolVersion.equals(ProtocolVersions.TLS10)) {
            SSL3_PRF = TLS_PRF(this.masterSecret, CryptoLabels.KEY_EXPANSION, bArr2, bArr, i);
        } else {
            if (!this.protocolVersion.equals(ProtocolVersions.SSL30)) {
                throw new NoSuchAlgorithmException();
            }
            SSL3_PRF = SSL3_PRF(this.masterSecret, bArr2, bArr, i);
        }
        byte[] bArr3 = new byte[macLength];
        byte[] bArr4 = new byte[macLength];
        byte[] bArr5 = new byte[cipherKeyMaterialLength];
        byte[] bArr6 = new byte[cipherKeyMaterialLength];
        byte[] bArr7 = new byte[blockSize];
        byte[] bArr8 = new byte[blockSize];
        System.arraycopy(SSL3_PRF, 0, bArr3, 0, macLength);
        System.arraycopy(SSL3_PRF, macLength, bArr4, 0, macLength);
        System.arraycopy(SSL3_PRF, 2 * macLength, bArr5, 0, cipherKeyMaterialLength);
        System.arraycopy(SSL3_PRF, (2 * macLength) + cipherKeyMaterialLength, bArr6, 0, cipherKeyMaterialLength);
        System.arraycopy(SSL3_PRF, (2 * macLength) + (2 * cipherKeyMaterialLength), bArr7, 0, blockSize);
        System.arraycopy(SSL3_PRF, (2 * macLength) + (2 * cipherKeyMaterialLength) + blockSize, bArr8, 0, blockSize);
        return new byte[]{bArr3, bArr4, bArr5, bArr6, bArr7, bArr8};
    }

    private final void assignKeys(byte[][] bArr, boolean z) {
        if (z) {
            this.readMacSecret = bArr[1];
            this.writeMacSecret = bArr[0];
            this.readCipherSecret = bArr[3];
            this.writeCipherSecret = bArr[2];
            this.readIV = bArr[5];
            this.writeIV = bArr[4];
            return;
        }
        this.readMacSecret = bArr[0];
        this.writeMacSecret = bArr[1];
        this.readCipherSecret = bArr[2];
        this.writeCipherSecret = bArr[3];
        this.readIV = bArr[4];
        this.writeIV = bArr[5];
    }

    public String toString() {
        return null;
    }
}
