package com.huawei.svn.sdk.thirdpart.ssl;

import android.util.Log;
import com.libra.virtualview.common.ExprCommon;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.NullCipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.SSLProtocolException;

/* loaded from: classes.dex */
public class ConnectionStateSSLv3 extends ConnectionState {
    private final byte[] mac_material_part = new byte[3];
    private final byte[] mac_read_secret;
    private final byte[] mac_write_secret;
    private final MessageDigest messageDigest;
    private final byte[] pad_1;
    private final byte[] pad_2;

    /* JADX INFO: Access modifiers changed from: protected */
    public ConnectionStateSSLv3(SSLSessionImpl sSLSessionImpl) {
        try {
            CipherSuite cipherSuite = sSLSessionImpl.cipherSuite;
            boolean isExportable = cipherSuite.isExportable();
            this.hash_size = cipherSuite.getMACLength();
            int i = isExportable ? cipherSuite.keyMaterial : cipherSuite.expandedKeyMaterial;
            int i2 = cipherSuite.ivSize;
            this.block_size = cipherSuite.getBlockSize();
            String bulkEncryptionAlgorithm = cipherSuite.getBulkEncryptionAlgorithm();
            Log.d("SDK", "SSLv3 algName:" + bulkEncryptionAlgorithm);
            String hashName = cipherSuite.getHashName();
            if (this.logger != null) {
                this.logger.println("ConnectionStateSSLv3.create:");
                this.logger.println("  cipher suite name: " + sSLSessionImpl.getCipherSuite());
                this.logger.println("  encryption alg name: " + bulkEncryptionAlgorithm);
                this.logger.println("  hash alg name: " + hashName);
                this.logger.println("  hash size: " + this.hash_size);
                this.logger.println("  block size: " + this.block_size);
                this.logger.println("  IV size:" + i2);
                this.logger.println("  key size: " + i);
            }
            byte[] bArr = sSLSessionImpl.clientRandom;
            byte[] bArr2 = sSLSessionImpl.serverRandom;
            byte[] bArr3 = new byte[(this.hash_size * 2) + (i * 2) + (i2 * 2)];
            byte[] bArr4 = new byte[bArr.length + bArr2.length];
            System.arraycopy(bArr2, 0, bArr4, 0, bArr2.length);
            System.arraycopy(bArr, 0, bArr4, bArr2.length, bArr.length);
            PRF.computePRF_SSLv3(bArr3, sSLSessionImpl.master_secret, bArr4);
            byte[] bArr5 = new byte[this.hash_size];
            byte[] bArr6 = new byte[this.hash_size];
            byte[] bArr7 = new byte[i];
            byte[] bArr8 = new byte[i];
            boolean z = !sSLSessionImpl.isServer;
            System.arraycopy(bArr3, 0, bArr5, 0, this.hash_size);
            System.arraycopy(bArr3, this.hash_size, bArr6, 0, this.hash_size);
            System.arraycopy(bArr3, this.hash_size * 2, bArr7, 0, i);
            System.arraycopy(bArr3, (this.hash_size * 2) + i, bArr8, 0, i);
            IvParameterSpec ivParameterSpec = null;
            IvParameterSpec ivParameterSpec2 = null;
            if (isExportable) {
                if (this.logger != null) {
                    this.logger.println("ConnectionStateSSLv3: is_exportable");
                }
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                messageDigest.update(bArr7);
                messageDigest.update(bArr);
                messageDigest.update(bArr2);
                bArr7 = messageDigest.digest();
                messageDigest.update(bArr8);
                messageDigest.update(bArr2);
                messageDigest.update(bArr);
                bArr8 = messageDigest.digest();
                i = cipherSuite.expandedKeyMaterial;
                if (this.block_size != 0) {
                    messageDigest.update(bArr);
                    messageDigest.update(bArr2);
                    ivParameterSpec = new IvParameterSpec(messageDigest.digest(), 0, i2);
                    messageDigest.update(bArr2);
                    messageDigest.update(bArr);
                    ivParameterSpec2 = new IvParameterSpec(messageDigest.digest(), 0, i2);
                }
            } else if (this.block_size != 0) {
                ivParameterSpec = new IvParameterSpec(bArr3, (this.hash_size * 2) + (i * 2), i2);
                ivParameterSpec2 = new IvParameterSpec(bArr3, (this.hash_size * 2) + (i * 2) + i2, i2);
            }
            if (this.logger != null) {
                this.logger.println("is exportable: " + isExportable);
                this.logger.println("master_secret");
                this.logger.print(sSLSessionImpl.master_secret);
                this.logger.println("client_random");
                this.logger.print(bArr);
                this.logger.println("server_random");
                this.logger.print(bArr2);
                this.logger.println("client_mac_secret");
                this.logger.print(bArr5);
                this.logger.println("server_mac_secret");
                this.logger.print(bArr6);
                this.logger.println("client_key");
                this.logger.print(bArr7, 0, i);
                this.logger.println("server_key");
                this.logger.print(bArr8, 0, i);
                if (ivParameterSpec != null) {
                    this.logger.println("client_iv");
                    this.logger.print(ivParameterSpec.getIV());
                    this.logger.println("server_iv");
                    this.logger.print(ivParameterSpec2.getIV());
                } else {
                    this.logger.println("no IV.");
                }
            }
            if (bulkEncryptionAlgorithm == null) {
                this.encCipher = new NullCipher();
                this.decCipher = new NullCipher();
            } else {
                this.encCipher = Cipher.getInstance(bulkEncryptionAlgorithm);
                this.decCipher = Cipher.getInstance(bulkEncryptionAlgorithm);
                if (z) {
                    this.encCipher.init(1, new SecretKeySpec(bArr7, 0, i, bulkEncryptionAlgorithm), ivParameterSpec);
                    this.decCipher.init(2, new SecretKeySpec(bArr8, 0, i, bulkEncryptionAlgorithm), ivParameterSpec2);
                } else {
                    this.encCipher.init(1, new SecretKeySpec(bArr8, 0, i, bulkEncryptionAlgorithm), ivParameterSpec2);
                    this.decCipher.init(2, new SecretKeySpec(bArr7, 0, i, bulkEncryptionAlgorithm), ivParameterSpec);
                }
            }
            this.messageDigest = MessageDigest.getInstance(hashName);
            if (z) {
                this.mac_write_secret = bArr5;
                this.mac_read_secret = bArr6;
            } else {
                this.mac_write_secret = bArr6;
                this.mac_read_secret = bArr5;
            }
            if (hashName.equals("MD5")) {
                this.pad_1 = SSLv3Constants.MD5pad1;
                this.pad_2 = SSLv3Constants.MD5pad2;
            } else {
                this.pad_1 = SSLv3Constants.SHApad1;
                this.pad_2 = SSLv3Constants.SHApad2;
            }
        } catch (RuntimeException e) {
            throw new AlertException((byte) 80, new SSLProtocolException("Error during computation of security parameters"));
        } catch (Exception e2) {
            throw new AlertException((byte) 80, new SSLProtocolException("Error during computation of security parameters"));
        }
    }

    @Override // com.huawei.svn.sdk.thirdpart.ssl.ConnectionState
    protected byte[] decrypt(byte b, byte[] bArr, int i, int i2) {
        byte[] bArr2;
        byte[] update = this.decCipher.update(bArr, i, i2);
        if (update == null) {
            return null;
        }
        if (this.block_size != 0) {
            int i3 = update[update.length - 1] & 255;
            for (int i4 = 0; i4 < i3; i4++) {
                if ((update[(update.length - 2) - i4] & 255) != i3) {
                    throw new AlertException(ExprCommon.OPCODE_JMP, new SSLProtocolException("Received message has bad padding"));
                }
            }
            bArr2 = new byte[((update.length - this.hash_size) - i3) - 1];
        } else {
            bArr2 = new byte[update.length - this.hash_size];
        }
        this.mac_material_part[0] = b;
        this.mac_material_part[1] = (byte) ((65280 & bArr2.length) >> 8);
        this.mac_material_part[2] = (byte) (bArr2.length & 255);
        this.messageDigest.update(this.mac_read_secret);
        this.messageDigest.update(this.pad_1);
        this.messageDigest.update(this.read_seq_num);
        this.messageDigest.update(this.mac_material_part);
        this.messageDigest.update(update, 0, bArr2.length);
        byte[] digest = this.messageDigest.digest();
        this.messageDigest.update(this.mac_read_secret);
        this.messageDigest.update(this.pad_2);
        this.messageDigest.update(digest);
        byte[] digest2 = this.messageDigest.digest();
        if (this.logger != null) {
            this.logger.println("Decrypted:");
            this.logger.print(update);
            this.logger.println("Expected mac value:");
            this.logger.print(digest2);
        }
        for (int i5 = 0; i5 < this.hash_size; i5++) {
            if (digest2[i5] != update[bArr2.length + i5]) {
                throw new AlertException((byte) 20, new SSLProtocolException("Bad record MAC"));
            }
        }
        System.arraycopy(update, 0, bArr2, 0, bArr2.length);
        incSequenceNumber(this.read_seq_num);
        return bArr2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.huawei.svn.sdk.thirdpart.ssl.ConnectionState
    public byte[] encrypt(byte b, byte[] bArr, int i, int i2) {
        int i3 = 0;
        try {
            int i4 = this.hash_size + i2;
            if (this.block_size != 0) {
                i4++;
                i3 = getPaddingSize(i4);
            }
            byte[] bArr2 = new byte[i4 + i3];
            System.arraycopy(bArr, i, bArr2, 0, i2);
            this.mac_material_part[0] = b;
            this.mac_material_part[1] = (byte) ((65280 & i2) >> 8);
            this.mac_material_part[2] = (byte) (i2 & 255);
            this.messageDigest.update(this.mac_write_secret);
            this.messageDigest.update(this.pad_1);
            this.messageDigest.update(this.write_seq_num);
            this.messageDigest.update(this.mac_material_part);
            this.messageDigest.update(bArr, i, i2);
            byte[] digest = this.messageDigest.digest();
            this.messageDigest.update(this.mac_write_secret);
            this.messageDigest.update(this.pad_2);
            this.messageDigest.update(digest);
            System.arraycopy(this.messageDigest.digest(), 0, bArr2, i2, this.hash_size);
            if (this.block_size != 0) {
                Arrays.fill(bArr2, i4 - 1, bArr2.length, (byte) i3);
            }
            if (this.logger != null) {
                this.logger.println("SSLRecordProtocol.encrypt: " + (this.block_size != 0 ? "GenericBlockCipher with padding[" + i3 + "]:" : "GenericStreamCipher:"));
                this.logger.print(bArr2);
            }
            byte[] bArr3 = new byte[this.encCipher.getOutputSize(bArr2.length)];
            this.encCipher.update(bArr2, 0, bArr2.length, bArr3);
            incSequenceNumber(this.write_seq_num);
            return bArr3;
        } catch (GeneralSecurityException e) {
            throw new AlertException((byte) 80, new SSLProtocolException("Error during the encryption"));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.huawei.svn.sdk.thirdpart.ssl.ConnectionState
    public void shutdown() {
        Arrays.fill(this.mac_write_secret, (byte) 0);
        Arrays.fill(this.mac_read_secret, (byte) 0);
        super.shutdown();
    }
}
