package com.claymoresystems.ptls;

import com.claymoresystems.crypto.Blindable;
import com.claymoresystems.crypto.DHPrivateKey;
import com.claymoresystems.crypto.DHPublicKey;
import com.claymoresystems.crypto.PKCS1Pad;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.Key;
import xjava.security.Cipher;
import xjava.security.interfaces.CryptixRSAPrivateKey;
import xjava.security.interfaces.CryptixRSAPublicKey;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BOOT-INF/lib/oscarJDBC16-1.0.jar:com/claymoresystems/ptls/SSLClientKeyExchange.class */
public class SSLClientKeyExchange extends SSLPDU {
    SSLopaque client_data = new SSLopaque(-65535);

    @Override // com.claymoresystems.ptls.SSLPDU, com.claymoresystems.ptls.SSLEncoded
    public int encode(SSLConn sSLConn, OutputStream outputStream) throws IOException {
        switch (sSLConn.hs.cipher_suite.getKeyExchangeAlg()) {
            case 1:
                DHPublicKey dHPublicKey = (DHPublicKey) sSLConn.hs.peerEncryptionKey;
                DHPrivateKey dHPrivateKey = DHPrivateKey.getInstance();
                dHPrivateKey.initPrivateKey(dHPublicKey.getg(), dHPublicKey.getp(), sSLConn.hs.rng);
                this.client_data.value = dHPrivateKey.getYBytes();
                sSLConn.hs.pre_master_secret = dHPrivateKey.keyAgree(dHPublicKey, true);
                return this.client_data.encode(sSLConn, outputStream);
            case 2:
                try {
                    sSLConn.hs.pre_master_secret = new byte[48];
                    sSLConn.hs.rng.nextBytes(sSLConn.hs.pre_master_secret);
                    sSLConn.hs.pre_master_secret[0] = 3;
                    sSLConn.hs.pre_master_secret[1] = (byte) (sSLConn.max_ssl_version & 255);
                    Cipher cipher = Cipher.getInstance("RSA", "Cryptix");
                    if (sSLConn.hs.peerEncryptionKey == null) {
                        sSLConn.hs.peerEncryptionKey = sSLConn.hs.peerSignatureKey;
                    }
                    cipher.initEncrypt(sSLConn.hs.peerEncryptionKey);
                    byte[] pkcs1PadBuf = PKCS1Pad.pkcs1PadBuf(sSLConn.hs.rng, sSLConn.hs.pre_master_secret, sSLConn.hs.peerEncryptionKey);
                    SSLDebug.debug(8, "RSA input", pkcs1PadBuf);
                    byte[] crypt = cipher.crypt(pkcs1PadBuf);
                    this.client_data.value = crypt;
                    SSLDebug.debug(8, "PreMasterSecret", sSLConn.hs.pre_master_secret);
                    SSLDebug.debug(8, "EncryptedPreMasterSecret", crypt);
                    if (sSLConn.ssl_version >= 769) {
                        return this.client_data.encode(sSLConn, outputStream);
                    }
                    outputStream.write(crypt);
                    return crypt.length;
                } catch (Exception e) {
                    e.printStackTrace();
                    throw new InternalError(e.toString());
                }
            default:
                throw new InternalError("Inconsistent algorithm");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.claymoresystems.ptls.SSLPDU, com.claymoresystems.ptls.SSLEncoded
    public int decode(SSLConn sSLConn, InputStream inputStream) throws IOException {
        int read;
        byte[] bArr;
        Key key;
        Key key2;
        switch (sSLConn.hs.cipher_suite.getKeyExchangeAlg()) {
            case 1:
                read = this.client_data.decode(sSLConn, inputStream);
                sSLConn.hs.peerEncryptionKey = new DHPublicKey(new BigInteger(1, this.client_data.value));
                sSLConn.hs.pre_master_secret = sSLConn.hs.dhEphemeral.keyAgree((DHPublicKey) sSLConn.hs.peerEncryptionKey, false);
                break;
            case 2:
                if (sSLConn.ssl_version >= 769) {
                    read = this.client_data.decode(sSLConn, inputStream);
                    bArr = this.client_data.value;
                } else {
                    byte[] bArr2 = new byte[512];
                    read = inputStream.read(bArr2);
                    if (read < 0) {
                        throw new SSLException("Short RSA key");
                    }
                    bArr = new byte[read];
                    System.arraycopy(bArr2, 0, bArr, 0, read);
                }
                try {
                    Cipher cipher = Cipher.getInstance("RSABlind");
                    if (sSLConn.hs.rsaEphemeral == null) {
                        key = sSLConn.ctx.getPrivateKey();
                        key2 = sSLConn.ctx.getPublicKey();
                    } else {
                        key = sSLConn.hs.rsaEphemeral;
                        key2 = sSLConn.hs.rsaEphemeralPublic;
                    }
                    cipher.initDecrypt(key);
                    ((Blindable) cipher).setBlindingInfo(sSLConn.hs.rng, (CryptixRSAPublicKey) key2);
                    sSLConn.hs.pre_master_secret = PKCS1Pad.pkcs1UnpadBuf(cipher.crypt(bArr), 1, (CryptixRSAPrivateKey) key);
                    if (sSLConn.hs.pre_master_secret.length == 48) {
                        SSLDebug.debug(8, "Checking client offered version against RSA block for rollback " + sSLConn.hs.client_offered_version);
                        if (sSLConn.hs.pre_master_secret[0] != ((sSLConn.hs.client_offered_version >> 8) & 255) || sSLConn.hs.pre_master_secret[1] != (sSLConn.hs.client_offered_version & 255)) {
                            if (sSLConn.hs.pre_master_secret[0] != 3 || sSLConn.hs.pre_master_secret[1] != 0 || sSLConn.hs.client_offered_version != 769 || sSLConn.ssl_version != 768) {
                                throw new Exception("Bad PMS version number");
                            }
                            SSLDebug.debug(8, "Accepting rollback to SSLv3 from TLS since this is a common SSLv3/TLS bug");
                        }
                        break;
                    } else {
                        throw new Exception("Bad PMS length");
                    }
                } catch (Exception e) {
                    sSLConn.hs.pre_master_secret = new byte[48];
                    SSLDebug.debug(8, "Bad padding. Randomizing PMS");
                    sSLConn.ctx.rng.nextBytes(sSLConn.hs.pre_master_secret);
                    break;
                }
            default:
                throw new InternalError("Inconsistent algorithm");
        }
        return read;
    }
}
