package weblogic.security.SSL;

import java.util.Hashtable;
import weblogic.logging.LogOutputStream;
import weblogic.management.tools.AutoRefresher;
import weblogic.security.CipherCBC;
import weblogic.security.CipherException;
import weblogic.security.Key;
import weblogic.security.MD5RandomBitsSource;
import weblogic.security.MessageDigest;
import weblogic.security.MessageDigestUtils;
import weblogic.security.RandomBitsSource;
import weblogic.security.SymmetricCipher;
import weblogic.security.Utils;
import weblogic.security.WLMessageDigest;
import weblogic.security.acl.TTLCache;
import weblogic.utils.Hex;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic.jar:weblogic/security/SSL/SSLState.class */
public final class SSLState {
    public SSLSocket socket;
    public SSLParams params;
    public boolean client;
    public boolean handshakeInProgress;
    public boolean finishedReceived;
    public boolean closed;
    public boolean closeSent;
    public boolean renegotiated;
    public long inSeqNum;
    public long outSeqNum;
    public int compressionMethod;
    public CipherSpec currentCS;
    public SessionID sessionID;
    public Hashtable sessionCacheRef;
    public byte[] masterSecret;
    public byte[] clientMACsecret;
    public byte[] serverMACsecret;
    public byte[] clientKey;
    public byte[] serverKey;
    public byte[] clientIV;
    public byte[] serverIV;
    public SymmetricCipher readCipher;
    public SymmetricCipher writeCipher;
    public byte[] readMACsecret;
    public byte[] writeMACsecret;
    public int readMACalg;
    public int writeMACalg;
    public Random serverRandom;
    public Random clientRandom;
    public ServerKeyExchange skx;
    public SSLCertificate serverCert;
    public SSLCertificate clientCert;
    public byte[] preMasterSecret;
    public RandomBitsSource rng;
    public static boolean debug = false;
    private static LogOutputStream debugLog = new LogOutputStream("SSL");
    public static int MAX_RESUMABLE_SESSION = AutoRefresher.DEFAULT_SLEEP_INTERVAL;
    public MessageDigest md5Handshake;
    public MessageDigest shaHandshake;
    public byte[] md5HashClient;
    public byte[] shaHashClient;
    public byte[] md5HashServer;
    public byte[] shaHashServer;

    public SSLState(SSLSocket sSLSocket, boolean z) {
        this(sSLSocket, z, new SSLParams());
    }

    public SSLState(SSLSocket sSLSocket, boolean z, SSLParams sSLParams) {
        this.compressionMethod = 0;
        this.socket = sSLSocket;
        this.client = z;
        this.renegotiated = false;
        this.closeSent = false;
        this.closed = false;
        this.finishedReceived = false;
        this.handshakeInProgress = false;
        this.outSeqNum = 0L;
        this.inSeqNum = 0L;
        this.currentCS = new CipherSpec();
        byte[] bArr = new byte[0];
        this.clientMACsecret = bArr;
        this.serverMACsecret = bArr;
        this.clientKey = bArr;
        this.serverKey = bArr;
        enableReadCipher();
        enableWriteCipher();
        setParams(sSLParams);
        this.md5Handshake = WLMessageDigest.getInstance("MD5");
        this.shaHandshake = WLMessageDigest.getInstance("SHA");
    }

    public void setParams(SSLParams sSLParams) {
        this.params = sSLParams;
        debug = this.params.debug;
        if (this.params.rng != null) {
            this.rng = this.params.rng;
        }
        if (this.rng == null) {
            this.rng = new MD5RandomBitsSource();
            ((MD5RandomBitsSource) this.rng).seed();
        }
        if (this.client) {
            this.clientCert = this.params.clientCert;
        } else {
            this.serverCert = this.params.serverCert;
        }
        if (this.params.sessionParams == null || !this.client) {
            return;
        }
        setSessionParams(this.params.sessionParams);
    }

    public void computeMasterSecret() {
        this.masterSecret = new byte[48];
        for (int i = 0; i < 3; i++) {
            MessageDigest wLMessageDigest = WLMessageDigest.getInstance("MD5");
            MessageDigest wLMessageDigest2 = WLMessageDigest.getInstance("SHA");
            for (int i2 = 0; i2 < i + 1; i2++) {
                wLMessageDigest2.update((byte) (65 + i));
            }
            wLMessageDigest2.update(this.preMasterSecret);
            wLMessageDigest2.update(Utils.toBytes(this.clientRandom));
            wLMessageDigest2.update(Utils.toBytes(this.serverRandom));
            wLMessageDigest.update(this.preMasterSecret);
            wLMessageDigest.update(wLMessageDigest2.digest());
            System.arraycopy(wLMessageDigest.digest(), 0, this.masterSecret, i * 16, 16);
        }
        Utils.setArray(this.preMasterSecret, (byte) 0);
    }

    public void computeSecrets() {
        CipherSpec cipherSpec = this.currentCS;
        int i = CipherSpec.hashSize[this.currentCS.MACalgorithm];
        int i2 = this.currentCS.keyMaterial;
        int i3 = this.currentCS.expKeyMaterial;
        int i4 = this.currentCS.IVsize;
        boolean z = this.currentCS.isExportable;
        byte[] bytes = Utils.toBytes(this.clientRandom);
        byte[] bytes2 = Utils.toBytes(this.serverRandom);
        this.clientMACsecret = new byte[i];
        this.serverMACsecret = new byte[i];
        this.clientKey = new byte[i2];
        this.serverKey = new byte[i2];
        this.clientIV = new byte[i4];
        this.serverIV = new byte[i4];
        int i5 = (((2 * ((i + i2) + (z ? 0 : i4))) - 1) / 16) + 1;
        byte[] bArr = new byte[i5 * 16];
        for (int i6 = 0; i6 < i5; i6++) {
            MessageDigest wLMessageDigest = WLMessageDigest.getInstance("MD5");
            MessageDigest wLMessageDigest2 = WLMessageDigest.getInstance("SHA");
            for (int i7 = 0; i7 < i6 + 1; i7++) {
                wLMessageDigest2.update((byte) (65 + i6));
                if (debug) {
                    print(new StringBuffer().append("").append((char) (65 + i6)).toString());
                }
            }
            if (debug) {
                println();
            }
            wLMessageDigest2.update(this.masterSecret);
            wLMessageDigest2.update(bytes2);
            wLMessageDigest2.update(bytes);
            wLMessageDigest.update(this.masterSecret);
            wLMessageDigest.update(wLMessageDigest2.digest());
            System.arraycopy(wLMessageDigest.digest(), 0, bArr, i6 * 16, 16);
        }
        if (debug) {
            println(new StringBuffer().append("key block = ").append(Utils.toHexString(bArr)).toString());
        }
        System.arraycopy(bArr, 0, this.clientMACsecret, 0, i);
        System.arraycopy(bArr, i, this.serverMACsecret, 0, i);
        System.arraycopy(bArr, 2 * i, this.clientKey, 0, i2);
        System.arraycopy(bArr, (2 * i) + i2, this.serverKey, 0, i2);
        if (z) {
            MessageDigest wLMessageDigest3 = WLMessageDigest.getInstance("MD5");
            wLMessageDigest3.update(bytes);
            wLMessageDigest3.update(bytes2);
            System.arraycopy(wLMessageDigest3.digest(), 0, this.clientIV, 0, i4);
            wLMessageDigest3.reset();
            wLMessageDigest3.update(bytes2);
            wLMessageDigest3.update(bytes);
            System.arraycopy(wLMessageDigest3.digest(), 0, this.serverIV, 0, i4);
        } else {
            System.arraycopy(bArr, 2 * (i + i2), this.clientIV, 0, i4);
            System.arraycopy(bArr, (2 * (i + i2)) + i4, this.serverIV, 0, i4);
        }
        if (z) {
            MessageDigest wLMessageDigest4 = WLMessageDigest.getInstance("MD5");
            wLMessageDigest4.update(this.clientKey);
            wLMessageDigest4.update(Utils.toBytes(this.clientRandom));
            wLMessageDigest4.update(Utils.toBytes(this.serverRandom));
            this.clientKey = new byte[i3];
            System.arraycopy(wLMessageDigest4.digest(), 0, this.clientKey, 0, i3);
            wLMessageDigest4.reset();
            wLMessageDigest4.update(this.serverKey);
            wLMessageDigest4.update(Utils.toBytes(this.serverRandom));
            wLMessageDigest4.update(Utils.toBytes(this.clientRandom));
            this.serverKey = new byte[i3];
            System.arraycopy(wLMessageDigest4.digest(), 0, this.serverKey, 0, i3);
        }
        if (debug) {
            println(new StringBuffer().append("Client MAC secret = ").append(Utils.toHexString(this.clientMACsecret)).toString());
            println(new StringBuffer().append("Server MAC secret = ").append(Utils.toHexString(this.serverMACsecret)).toString());
            println(new StringBuffer().append("Client key = ").append(Utils.toHexString(this.clientKey)).toString());
            println(new StringBuffer().append("Server key = ").append(Utils.toHexString(this.serverKey)).toString());
            println(new StringBuffer().append("Client IV = ").append(Utils.toHexString(this.clientIV)).toString());
            println(new StringBuffer().append("Server IV = ").append(Utils.toHexString(this.serverIV)).toString());
        }
    }

    public void enableReadCipher() {
        this.readCipher = this.client ? this.currentCS.serverCipher : this.currentCS.clientCipher;
        this.readCipher.setKey(new Key(this.client ? this.serverKey : this.clientKey));
        if (this.readCipher instanceof CipherCBC) {
            try {
                ((CipherCBC) this.readCipher).setIV(this.client ? this.serverIV : this.clientIV);
            } catch (CipherException e) {
            }
        }
        this.readMACalg = this.currentCS.MACalgorithm;
        this.readMACsecret = this.client ? this.serverMACsecret : this.clientMACsecret;
    }

    public void enableWriteCipher() {
        this.writeCipher = this.client ? this.currentCS.clientCipher : this.currentCS.serverCipher;
        this.writeCipher.setKey(new Key(this.client ? this.clientKey : this.serverKey));
        if (this.writeCipher instanceof CipherCBC) {
            try {
                ((CipherCBC) this.writeCipher).setIV(this.client ? this.clientIV : this.serverIV);
            } catch (CipherException e) {
            }
        }
        this.writeMACalg = this.currentCS.MACalgorithm;
        this.writeMACsecret = this.client ? this.clientMACsecret : this.serverMACsecret;
    }

    public static void println(String str) {
        if (!debug || str == null) {
            return;
        }
        debugLog.info(str);
    }

    public static void println(Object obj) {
        println(obj.toString());
    }

    public static void print(String str) {
        if (!debug || str == null) {
            return;
        }
        debugLog.info(str);
    }

    public static void println() {
        if (debug) {
            debugLog.info("\n");
        }
    }

    public void finishHandshake() {
        byte[] bArr = new byte[48];
        byte[] bArr2 = new byte[48];
        Utils.setArray(bArr, (byte) 54);
        Utils.setArray(bArr2, (byte) 92);
        MessageDigest messageDigest = (MessageDigest) this.md5Handshake.clone();
        MessageDigest wLMessageDigest = WLMessageDigest.getInstance("MD5");
        MessageDigestUtils.update(messageDigest, Finished.client);
        messageDigest.update(this.masterSecret);
        messageDigest.update(bArr);
        wLMessageDigest.update(this.masterSecret);
        wLMessageDigest.update(bArr2);
        wLMessageDigest.update(messageDigest.digest());
        this.md5HashClient = wLMessageDigest.digest();
        MessageDigest messageDigest2 = (MessageDigest) this.md5Handshake.clone();
        MessageDigest wLMessageDigest2 = WLMessageDigest.getInstance("MD5");
        MessageDigestUtils.update(messageDigest2, Finished.server);
        messageDigest2.update(this.masterSecret);
        messageDigest2.update(bArr);
        wLMessageDigest2.update(this.masterSecret);
        wLMessageDigest2.update(bArr2);
        wLMessageDigest2.update(messageDigest2.digest());
        this.md5HashServer = wLMessageDigest2.digest();
        byte[] bArr3 = new byte[40];
        byte[] bArr4 = new byte[40];
        Utils.setArray(bArr3, (byte) 54);
        Utils.setArray(bArr4, (byte) 92);
        MessageDigest messageDigest3 = (MessageDigest) this.shaHandshake.clone();
        MessageDigest wLMessageDigest3 = WLMessageDigest.getInstance("SHA");
        MessageDigestUtils.update(messageDigest3, Finished.client);
        messageDigest3.update(this.masterSecret);
        messageDigest3.update(bArr3);
        wLMessageDigest3.update(this.masterSecret);
        wLMessageDigest3.update(bArr4);
        wLMessageDigest3.update(messageDigest3.digest());
        this.shaHashClient = wLMessageDigest3.digest();
        MessageDigest messageDigest4 = (MessageDigest) this.shaHandshake.clone();
        MessageDigest wLMessageDigest4 = WLMessageDigest.getInstance("SHA");
        MessageDigestUtils.update(messageDigest4, Finished.server);
        messageDigest4.update(this.masterSecret);
        messageDigest4.update(bArr3);
        wLMessageDigest4.update(this.masterSecret);
        wLMessageDigest4.update(bArr4);
        wLMessageDigest4.update(messageDigest4.digest());
        this.shaHashServer = wLMessageDigest4.digest();
    }

    public SessionParams getSessionParams() {
        SessionParams sessionParams = new SessionParams();
        sessionParams.sessionID = this.sessionID;
        sessionParams.peerCertificate = this.client ? this.serverCert : this.clientCert;
        sessionParams.cipherSuite = this.currentCS.cipherSuite;
        sessionParams.masterSecret = new byte[this.masterSecret.length];
        System.arraycopy(this.masterSecret, 0, sessionParams.masterSecret, 0, this.masterSecret.length);
        return sessionParams;
    }

    public void setSessionParams(SessionParams sessionParams) {
        this.sessionID = sessionParams.sessionID;
        if (this.client) {
            this.serverCert = sessionParams.peerCertificate;
        } else {
            this.clientCert = sessionParams.peerCertificate;
        }
        this.currentCS = new CipherSpec(sessionParams.cipherSuite);
        this.masterSecret = new byte[sessionParams.masterSecret.length];
        System.arraycopy(sessionParams.masterSecret, 0, this.masterSecret, 0, this.masterSecret.length);
    }

    public void cacheSession() {
        if (this.params.getUseResumableSessionsTTLCache()) {
            getResumableSessionsTTLCache().put(this.sessionID, getSessionParams());
        } else {
            this.params.setClientResumableSession(this.sessionID, getSessionParams());
        }
    }

    public SessionParams getCachedSession(Object obj) {
        if (obj == null) {
            return null;
        }
        if (!this.params.getUseResumableSessionsTTLCache()) {
            if (this.params.getClientResumableSessionID() == null || !((SessionID) obj).equals(this.params.getClientResumableSessionID())) {
                return null;
            }
            return this.params.getClientResumableSessionParams();
        }
        getResumableSessionsTTLCache();
        Object obj2 = getResumableSessionsTTLCache().get(obj);
        if (obj2 instanceof SessionParams) {
            return (SessionParams) obj2;
        }
        return null;
    }

    protected TTLCache getResumableSessionsTTLCache() {
        TTLCache resumableSessionTTLCache = this.params.getResumableSessionTTLCache();
        if (resumableSessionTTLCache == null) {
            resumableSessionTTLCache = new TTLCache(65537, 600000L);
            this.params.setResumableSessionCache(resumableSessionTTLCache);
        }
        return resumableSessionTTLCache;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void removeSessionFromCache() {
        if (this.sessionID == null) {
            return;
        }
        if (this.params.getUseResumableSessionsTTLCache()) {
            getResumableSessionsTTLCache().remove(this.sessionID);
        } else {
            this.params.setClientResumableSession(null, null);
        }
    }

    public void eraseSecrets() {
        Utils.setArray(this.preMasterSecret, (byte) 0);
        Utils.setArray(this.masterSecret, (byte) 0);
        Utils.setArray(this.clientMACsecret, (byte) 0);
        Utils.setArray(this.serverMACsecret, (byte) 0);
        Utils.setArray(this.clientKey, (byte) 0);
        Utils.setArray(this.serverKey, (byte) 0);
        Utils.setArray(this.clientIV, (byte) 0);
        Utils.setArray(this.serverIV, (byte) 0);
        Utils.setArray(this.readMACsecret, (byte) 0);
        Utils.setArray(this.writeMACsecret, (byte) 0);
        if (this.readCipher != null) {
            this.readCipher.eraseKeys();
        }
        if (this.writeCipher != null) {
            this.writeCipher.eraseKeys();
        }
        this.writeCipher = null;
        this.readCipher = null;
        this.socket = null;
        this.params = null;
        this.currentCS = null;
        this.sessionID = null;
        this.sessionCacheRef = null;
        this.masterSecret = null;
        this.clientMACsecret = null;
        this.serverMACsecret = null;
        this.clientKey = null;
        this.serverKey = null;
        this.clientIV = null;
        this.serverIV = null;
        this.readCipher = null;
        this.writeCipher = null;
        this.readMACsecret = null;
        this.writeMACsecret = null;
        this.serverRandom = null;
        this.clientRandom = null;
        this.skx = null;
        if (this.serverCert != null) {
            this.serverCert.state = null;
            this.serverCert = null;
        }
        if (this.clientCert != null) {
            this.clientCert.state = null;
            this.clientCert = null;
        }
        this.preMasterSecret = null;
        this.rng = null;
        this.md5Handshake = null;
        this.shaHandshake = null;
        this.md5HashClient = null;
        this.shaHashClient = null;
        this.md5HashServer = null;
        this.shaHashServer = null;
        if (debug) {
            println("Secrets erased");
        }
    }

    protected void finalize() {
        eraseSecrets();
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n");
        stringBuffer.append("SSLState \n");
        stringBuffer.append(new StringBuffer().append(" inSeqNum            ").append(this.inSeqNum).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" outSeqNum           ").append(this.outSeqNum).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" sessionID           ").append(this.sessionID).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" currentCS           ").append(this.currentCS).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" client              ").append(this.client).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" handshakeInProgress ").append(this.handshakeInProgress).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" finishedReceived    ").append(this.finishedReceived).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" closed              ").append(this.closed).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" closeSent           ").append(this.closeSent).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" renegotiated        ").append(this.renegotiated).append("\n").toString());
        if (this.masterSecret == null) {
            stringBuffer.append(" masterSecret is null.\n");
        } else {
            stringBuffer.append(new StringBuffer().append(" masterSecret        ").append(Hex.dump(this.masterSecret)).toString());
        }
        stringBuffer.append(new StringBuffer().append(" serverMACsecret     ").append(Hex.dump(this.serverMACsecret)).toString());
        stringBuffer.append(new StringBuffer().append(" serverKey           ").append(Hex.dump(this.serverKey)).toString());
        if (this.serverIV == null) {
            stringBuffer.append(" serverIV is null.\n");
        } else {
            stringBuffer.append(new StringBuffer().append(" serverIV            ").append(Hex.dump(this.serverIV)).append("\n").toString());
        }
        stringBuffer.append(new StringBuffer().append(" clientMACsecret     ").append(Hex.dump(this.clientMACsecret)).toString());
        stringBuffer.append(new StringBuffer().append(" clientKey           ").append(Hex.dump(this.clientKey)).toString());
        if (this.clientIV == null) {
            stringBuffer.append(" clientIV is null.\n");
        } else {
            stringBuffer.append(new StringBuffer().append(" clientIV            ").append(Hex.dump(this.clientIV)).append("\n").toString());
        }
        stringBuffer.append(new StringBuffer().append(" readCipher          ").append(this.readCipher).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" writeCipher         ").append(this.writeCipher).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" readMACsecret       ").append(Hex.dump(this.readMACsecret)).toString());
        stringBuffer.append(new StringBuffer().append(" writeMACsecret      ").append(Hex.dump(this.writeMACsecret)).toString());
        stringBuffer.append(new StringBuffer().append(" readMACalg          ").append(this.readMACalg).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" writeMACalg         ").append(this.writeMACalg).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" serverRandom        ").append(this.serverRandom).append("\n").toString());
        stringBuffer.append(new StringBuffer().append(" clientRandom        ").append(this.clientRandom).append("\n").toString());
        if (this.preMasterSecret == null) {
            stringBuffer.append(" preMasterSecret is null.\n");
        } else {
            stringBuffer.append(new StringBuffer().append(" preMasterSecret  \n ").append(Hex.dump(this.preMasterSecret)).toString());
        }
        if (this.serverCert == null) {
            stringBuffer.append(" serverCert does not exist.\n");
        } else {
            stringBuffer.append(" serverCert exists.\n");
        }
        if (this.clientCert == null) {
            stringBuffer.append(" clientCert does not exist.\n");
        } else {
            stringBuffer.append(" clientCert exists.\n");
        }
        if (this.rng == null) {
            stringBuffer.append(" rng does not exist.\n");
        } else {
            stringBuffer.append(" rng exists.\n");
        }
        if (this.md5HashClient == null) {
            stringBuffer.append(" md5HashClient is null.\n");
        } else {
            stringBuffer.append(new StringBuffer().append(" md5HashClient       ").append(Hex.dump(this.md5HashClient)).toString());
        }
        if (this.shaHashClient == null) {
            stringBuffer.append(" shaHashClient is null.\n");
        } else {
            stringBuffer.append(new StringBuffer().append(" shaHashClient       ").append(Hex.dump(this.shaHashClient)).toString());
        }
        if (this.md5HashServer == null) {
            stringBuffer.append(" md5HashServer is null.\n");
        } else {
            stringBuffer.append(new StringBuffer().append(" md5HashServer       ").append(Hex.dump(this.md5HashServer)).toString());
        }
        if (this.shaHashServer == null) {
            stringBuffer.append(" shaHashServer is null.\n");
        } else {
            stringBuffer.append(new StringBuffer().append(" shaHashServer       ").append(Hex.dump(this.shaHashServer)).toString());
        }
        stringBuffer.append("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n");
        return stringBuffer.toString();
    }
}
