package com.android.org.conscrypt;

import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.RSAKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.Vector;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: input_file:com/android/org/conscrypt/HandshakeProtocol.class */
public abstract class HandshakeProtocol {
    public static final int NEED_UNWRAP = 1;
    public static final int NOT_HANDSHAKING = 2;
    public static final int FINISHED = 3;
    public static final int NEED_TASK = 4;
    protected SSLRecordProtocol recordProtocol;
    protected SSLParametersImpl parameters;
    protected boolean nonBlocking;
    protected SSLSessionImpl session;
    protected ClientHello clientHello;
    protected ServerHello serverHello;
    protected CertificateMessage serverCert;
    protected ServerKeyExchange serverKeyExchange;
    protected CertificateRequest certificateRequest;
    protected ServerHelloDone serverHelloDone;
    protected CertificateMessage clientCert;
    protected ClientKeyExchange clientKeyExchange;
    protected CertificateVerify certificateVerify;
    protected Finished clientFinished;
    protected Finished serverFinished;
    protected byte[] preMasterSecret;
    protected Exception delegatedTaskErr;
    public SSLEngineImpl engineOwner;
    public SSLSocketImpl socketOwner;
    protected int status = 2;
    protected HandshakeIODataStream io_stream = new HandshakeIODataStream();
    protected Vector<DelegatedTask> delegatedTasks = new Vector<>();
    protected boolean changeCipherSpecReceived = false;
    protected boolean isResuming = false;
    private byte[] verify_data = new byte[12];
    private byte[] master_secret_bytes = {109, 97, 115, 116, 101, 114, 32, 115, 101, 99, 114, 101, 116};
    private boolean needSendCCSpec = false;
    protected boolean needSendHelloRequest = false;

    /* JADX INFO: Access modifiers changed from: protected */
    public HandshakeProtocol(Object obj) {
        if (obj instanceof SSLEngineImpl) {
            this.engineOwner = (SSLEngineImpl) obj;
            this.nonBlocking = true;
            this.parameters = this.engineOwner.sslParameters;
        } else if (obj instanceof SSLSocketImpl) {
            this.socketOwner = (SSLSocketImpl) obj;
            this.nonBlocking = false;
            this.parameters = this.socketOwner.sslParameters;
        }
    }

    public void setRecordProtocol(SSLRecordProtocol sSLRecordProtocol) {
        this.recordProtocol = sSLRecordProtocol;
    }

    public abstract void start();

    /* JADX INFO: Access modifiers changed from: protected */
    public void stop() {
        clearMessages();
        this.status = 2;
    }

    public SSLEngineResult.HandshakeStatus getStatus() {
        if (this.io_stream.hasData() || this.needSendCCSpec || this.needSendHelloRequest || this.delegatedTaskErr != null) {
            return SSLEngineResult.HandshakeStatus.NEED_WRAP;
        }
        if (!this.delegatedTasks.isEmpty()) {
            return SSLEngineResult.HandshakeStatus.NEED_TASK;
        }
        switch (this.status) {
            case 1:
                return SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
            case 3:
                this.status = 2;
                clearMessages();
                return SSLEngineResult.HandshakeStatus.FINISHED;
            default:
                return SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING;
        }
    }

    public SSLSessionImpl getSession() {
        return this.session;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendChangeCipherSpec() {
        this.needSendCCSpec = true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendHelloRequest() {
        this.needSendHelloRequest = true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public abstract void receiveChangeCipherSpec();

    abstract void makeFinished();

    public abstract void unwrap(byte[] bArr);

    public abstract void unwrapSSLv2(byte[] bArr);

    public byte[] wrap() {
        if (this.delegatedTaskErr != null) {
            Exception exc = this.delegatedTaskErr;
            this.delegatedTaskErr = null;
            fatalAlert((byte) 40, "Error occured in delegated task:" + exc.getMessage(), exc);
        }
        if (this.io_stream.hasData()) {
            return this.recordProtocol.wrap((byte) 22, this.io_stream);
        }
        if (this.needSendCCSpec) {
            makeFinished();
            this.needSendCCSpec = false;
            return this.recordProtocol.getChangeCipherSpecMesage(getSession());
        }
        if (!this.needSendHelloRequest) {
            return null;
        }
        this.needSendHelloRequest = false;
        return this.recordProtocol.wrap((byte) 22, new byte[]{0, 0, 0, 0}, 0, 4);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendWarningAlert(byte b) {
        this.recordProtocol.alert((byte) 1, b);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void fatalAlert(byte b, String str) {
        throw new AlertException(b, new SSLHandshakeException(str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void fatalAlert(byte b, String str, Exception exc) {
        throw new AlertException(b, new SSLException(str, exc));
    }

    protected void fatalAlert(byte b, SSLException sSLException) {
        throw new AlertException(b, sSLException);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void computerReferenceVerifyDataTLS(String str) {
        computerVerifyDataTLS(str, this.verify_data);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void computerVerifyDataTLS(String str, byte[] bArr) {
        byte[] digestMD5 = this.io_stream.getDigestMD5();
        byte[] digestSHA = this.io_stream.getDigestSHA();
        byte[] bArr2 = new byte[digestMD5.length + digestSHA.length];
        System.arraycopy((Object) digestMD5, 0, (Object) bArr2, 0, digestMD5.length);
        System.arraycopy((Object) digestSHA, 0, (Object) bArr2, digestMD5.length, digestSHA.length);
        try {
            PRF.computePRF(bArr, this.session.master_secret, str.getBytes(), bArr2);
        } catch (GeneralSecurityException e) {
            fatalAlert((byte) 80, "PRF error", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void computerReferenceVerifyDataSSLv3(byte[] bArr) {
        this.verify_data = new byte[36];
        computerVerifyDataSSLv3(bArr, this.verify_data);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void computerVerifyDataSSLv3(byte[] bArr, byte[] bArr2) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.MD5);
            MessageDigest messageDigest2 = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_1);
            try {
                byte[] messages = this.io_stream.getMessages();
                messageDigest.update(messages);
                messageDigest.update(bArr);
                messageDigest.update(this.session.master_secret);
                byte[] digest = messageDigest.digest(SSLv3Constants.MD5pad1);
                messageDigest.update(this.session.master_secret);
                messageDigest.update(SSLv3Constants.MD5pad2);
                System.arraycopy((Object) messageDigest.digest(digest), 0, (Object) bArr2, 0, 16);
                messageDigest2.update(messages);
                messageDigest2.update(bArr);
                messageDigest2.update(this.session.master_secret);
                byte[] digest2 = messageDigest2.digest(SSLv3Constants.SHApad1);
                messageDigest2.update(this.session.master_secret);
                messageDigest2.update(SSLv3Constants.SHApad2);
                System.arraycopy((Object) messageDigest2.digest(digest2), 0, (Object) bArr2, 16, 20);
            } catch (Exception e) {
                fatalAlert((byte) 80, "INTERNAL ERROR", e);
            }
        } catch (Exception e2) {
            fatalAlert((byte) 80, "Could not initialize the Digest Algorithms.", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void verifyFinished(byte[] bArr) {
        if (Arrays.equals(this.verify_data, bArr)) {
            return;
        }
        fatalAlert((byte) 40, "Incorrect FINISED");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void unexpectedMessage() {
        fatalAlert((byte) 10, "UNEXPECTED MESSAGE");
    }

    public void send(Message message) {
        this.io_stream.writeUint8(message.getType());
        this.io_stream.writeUint24(message.length());
        message.send(this.io_stream);
    }

    public void computerMasterSecret() {
        byte[] bArr = new byte[64];
        System.arraycopy((Object) this.clientHello.getRandom(), 0, (Object) bArr, 0, 32);
        System.arraycopy((Object) this.serverHello.getRandom(), 0, (Object) bArr, 32, 32);
        this.session.master_secret = new byte[48];
        if (this.serverHello.server_version[1] == 1) {
            try {
                PRF.computePRF(this.session.master_secret, this.preMasterSecret, this.master_secret_bytes, bArr);
            } catch (GeneralSecurityException e) {
                fatalAlert((byte) 80, "PRF error", e);
            }
        } else {
            PRF.computePRF_SSLv3(this.session.master_secret, this.preMasterSecret, bArr);
        }
        Arrays.fill(this.preMasterSecret, (byte) 0);
        this.preMasterSecret = null;
    }

    public Runnable getTask() {
        if (this.delegatedTasks.isEmpty()) {
            return null;
        }
        return this.delegatedTasks.remove(0);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void clearMessages() {
        this.io_stream.clearBuffer();
        this.clientHello = null;
        this.serverHello = null;
        this.serverCert = null;
        this.serverKeyExchange = null;
        this.certificateRequest = null;
        this.serverHelloDone = null;
        this.clientCert = null;
        this.clientKeyExchange = null;
        this.certificateVerify = null;
        this.clientFinished = null;
        this.serverFinished = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static int getRSAKeyLength(PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return (publicKey instanceof RSAKey ? ((RSAKey) publicKey).getModulus() : ((RSAPublicKeySpec) KeyFactory.getInstance("RSA").getKeySpec(publicKey, RSAPublicKeySpec.class)).getModulus()).bitLength();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void shutdown() {
        clearMessages();
        this.session = null;
        this.preMasterSecret = null;
        this.delegatedTasks.clear();
    }
}
