package org.apache.harmony.xnet.provider.jsse;

import com.android.internal.telephony.cdma.sms.UserData;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.SSLProtocolException;
import org.apache.harmony.xnet.provider.jsse.Logger;

/* loaded from: classes2.dex */
public class ConnectionStateTLS extends ConnectionState {
    public final Mac decMac;
    public final Mac encMac;
    public final byte[] mac_material_header = {0, 3, 1, 0, 0};
    public static byte[] KEY_EXPANSION_LABEL = {107, 101, 121, UserData.UNENCODABLE_7_BIT_CHAR, 101, 120, 112, 97, 110, 115, 105, 111, 110};
    public static byte[] CLIENT_WRITE_KEY_LABEL = {99, 108, 105, 101, 110, 116, UserData.UNENCODABLE_7_BIT_CHAR, 119, 114, 105, 116, 101, UserData.UNENCODABLE_7_BIT_CHAR, 107, 101, 121};
    public static byte[] SERVER_WRITE_KEY_LABEL = {115, 101, 114, 118, 101, 114, UserData.UNENCODABLE_7_BIT_CHAR, 119, 114, 105, 116, 101, UserData.UNENCODABLE_7_BIT_CHAR, 107, 101, 121};
    public static byte[] IV_BLOCK_LABEL = {73, 86, UserData.UNENCODABLE_7_BIT_CHAR, 98, 108, 111, 99, 107};

    public ConnectionStateTLS(SSLSessionImpl sSLSessionImpl) {
        IvParameterSpec ivParameterSpec;
        byte[] bArr;
        int i;
        IvParameterSpec ivParameterSpec2;
        try {
            CipherSuite cipherSuite = sSLSessionImpl.cipherSuite;
            this.hash_size = cipherSuite.getMACLength();
            boolean isExportable = cipherSuite.isExportable();
            int i2 = isExportable ? cipherSuite.keyMaterial : cipherSuite.expandedKeyMaterial;
            int blockSize = cipherSuite.getBlockSize();
            String bulkEncryptionAlgorithm = cipherSuite.getBulkEncryptionAlgorithm();
            String hmacName = cipherSuite.getHmacName();
            if (this.logger != null) {
                this.logger.println("ConnectionStateTLS.create:");
                this.logger.println("  cipher suite name: " + cipherSuite.getName());
                this.logger.println("  encryption alg name: " + bulkEncryptionAlgorithm);
                this.logger.println("  mac alg name: " + hmacName);
                this.logger.println("  hash size: " + this.hash_size);
                this.logger.println("  block size: " + blockSize);
                this.logger.println("  IV size (== block size):" + blockSize);
                this.logger.println("  key size: " + i2);
            }
            byte[] bArr2 = sSLSessionImpl.clientRandom;
            byte[] bArr3 = sSLSessionImpl.serverRandom;
            int i3 = blockSize * 2;
            byte[] bArr4 = new byte[(this.hash_size * 2) + (i2 * 2) + i3];
            byte[] bArr5 = new byte[bArr2.length + bArr3.length];
            System.arraycopy(bArr3, 0, bArr5, 0, bArr3.length);
            System.arraycopy(bArr2, 0, bArr5, bArr3.length, bArr2.length);
            PRF.computePRF(bArr4, sSLSessionImpl.master_secret, KEY_EXPANSION_LABEL, bArr5);
            byte[] bArr6 = new byte[this.hash_size];
            byte[] bArr7 = new byte[this.hash_size];
            byte[] bArr8 = new byte[i2];
            byte[] bArr9 = new byte[i2];
            boolean z = true;
            boolean z2 = !sSLSessionImpl.isServer;
            if (blockSize <= 0) {
                z = false;
            }
            this.is_block_cipher = z;
            System.arraycopy(bArr4, 0, bArr6, 0, this.hash_size);
            System.arraycopy(bArr4, this.hash_size, bArr7, 0, this.hash_size);
            System.arraycopy(bArr4, this.hash_size * 2, bArr8, 0, i2);
            System.arraycopy(bArr4, (this.hash_size * 2) + i2, bArr9, 0, i2);
            IvParameterSpec ivParameterSpec3 = null;
            if (isExportable) {
                System.arraycopy(bArr2, 0, bArr5, 0, bArr2.length);
                System.arraycopy(bArr3, 0, bArr5, bArr2.length, bArr3.length);
                byte[] bArr10 = new byte[cipherSuite.expandedKeyMaterial];
                byte[] bArr11 = new byte[cipherSuite.expandedKeyMaterial];
                PRF.computePRF(bArr10, bArr8, CLIENT_WRITE_KEY_LABEL, bArr5);
                PRF.computePRF(bArr11, bArr9, SERVER_WRITE_KEY_LABEL, bArr5);
                if (this.is_block_cipher) {
                    byte[] bArr12 = new byte[i3];
                    PRF.computePRF(bArr12, null, IV_BLOCK_LABEL, bArr5);
                    ivParameterSpec3 = new IvParameterSpec(bArr12, 0, blockSize);
                    ivParameterSpec2 = new IvParameterSpec(bArr12, blockSize, blockSize);
                } else {
                    ivParameterSpec2 = null;
                }
                bArr8 = bArr10;
                IvParameterSpec ivParameterSpec4 = ivParameterSpec2;
                bArr9 = bArr11;
                ivParameterSpec = ivParameterSpec4;
            } else if (this.is_block_cipher) {
                ivParameterSpec3 = new IvParameterSpec(bArr4, (this.hash_size + i2) * 2, blockSize);
                ivParameterSpec = new IvParameterSpec(bArr4, ((this.hash_size + i2) * 2) + blockSize, blockSize);
            } else {
                ivParameterSpec = null;
            }
            if (this.logger != null) {
                this.logger.println("is exportable: " + isExportable);
                this.logger.println("master_secret");
                i = 1;
                this.logger.print(sSLSessionImpl.master_secret);
                this.logger.println("client_random");
                this.logger.print(bArr2);
                this.logger.println("server_random");
                this.logger.print(bArr3);
                this.logger.println("client_mac_secret");
                bArr = bArr6;
                this.logger.print(bArr);
                this.logger.println("server_mac_secret");
                this.logger.print(bArr7);
                this.logger.println("client_key");
                this.logger.print(bArr8);
                this.logger.println("server_key");
                this.logger.print(bArr9);
                if (ivParameterSpec3 == null) {
                    this.logger.println("no IV.");
                } else {
                    this.logger.println("client_iv");
                    this.logger.print(ivParameterSpec3.getIV());
                    this.logger.println("server_iv");
                    this.logger.print(ivParameterSpec.getIV());
                }
            } else {
                bArr = bArr6;
                i = 1;
            }
            this.encCipher = Cipher.getInstance(bulkEncryptionAlgorithm);
            this.decCipher = Cipher.getInstance(bulkEncryptionAlgorithm);
            this.encMac = Mac.getInstance(hmacName);
            this.decMac = Mac.getInstance(hmacName);
            if (z2) {
                this.encCipher.init(i, new SecretKeySpec(bArr8, bulkEncryptionAlgorithm), ivParameterSpec3);
                this.decCipher.init(2, new SecretKeySpec(bArr9, bulkEncryptionAlgorithm), ivParameterSpec);
                this.encMac.init(new SecretKeySpec(bArr, hmacName));
                this.decMac.init(new SecretKeySpec(bArr7, hmacName));
                return;
            }
            this.encCipher.init(i, new SecretKeySpec(bArr9, bulkEncryptionAlgorithm), ivParameterSpec);
            this.decCipher.init(2, new SecretKeySpec(bArr8, bulkEncryptionAlgorithm), ivParameterSpec3);
            this.encMac.init(new SecretKeySpec(bArr7, hmacName));
            this.decMac.init(new SecretKeySpec(bArr, hmacName));
        } catch (Exception e) {
            e.printStackTrace();
            throw new AlertException(AlertProtocol.INTERNAL_ERROR, new SSLProtocolException("Error during computation of security parameters"));
        }
    }

    @Override // org.apache.harmony.xnet.provider.jsse.ConnectionState
    public byte[] decrypt(byte b, byte[] bArr, int i, int i2) {
        byte[] bArr2;
        byte[] update = this.decCipher.update(bArr, i, i2);
        if (this.is_block_cipher) {
            int i3 = update[update.length - 1];
            for (int i4 = 0; i4 < i3; i4++) {
                if (update[(update.length - 2) - i4] != i3) {
                    throw new AlertException(AlertProtocol.DECRYPTION_FAILED, new SSLProtocolException("Received message has bad padding"));
                }
            }
            bArr2 = new byte[((update.length - this.hash_size) - i3) - 1];
        } else {
            bArr2 = new byte[update.length - this.hash_size];
        }
        byte[] bArr3 = this.mac_material_header;
        bArr3[0] = b;
        bArr3[3] = (byte) ((65280 & bArr2.length) >> 8);
        bArr3[4] = (byte) (bArr2.length & 255);
        this.decMac.update(this.read_seq_num);
        this.decMac.update(this.mac_material_header);
        this.decMac.update(update, 0, bArr2.length);
        byte[] doFinal = this.decMac.doFinal();
        if (this.logger != null) {
            this.logger.println("Decrypted:");
            this.logger.print(update);
            this.logger.println("Expected mac value:");
            this.logger.print(doFinal);
        }
        for (int i5 = 0; i5 < this.hash_size; i5++) {
            if (doFinal[i5] != update[bArr2.length + i5]) {
                throw new AlertException((byte) 20, new SSLProtocolException("Bad record MAC"));
            }
        }
        System.arraycopy(update, 0, bArr2, 0, bArr2.length);
        incSequenceNumber(this.read_seq_num);
        return bArr2;
    }

    @Override // org.apache.harmony.xnet.provider.jsse.ConnectionState
    public byte[] encrypt(byte b, byte[] bArr, int i, int i2) {
        int i3;
        String str;
        try {
            int i4 = this.hash_size + i2;
            if (this.is_block_cipher) {
                i4++;
                i3 = (8 - (i4 & 7)) & 7;
            } else {
                i3 = 0;
            }
            int i5 = i4 + i3;
            byte[] bArr2 = new byte[i5];
            System.arraycopy(bArr, i, bArr2, 0, i2);
            this.mac_material_header[0] = b;
            this.mac_material_header[3] = (byte) ((65280 & i2) >> 8);
            this.mac_material_header[4] = (byte) (i2 & 255);
            this.encMac.update(this.write_seq_num);
            this.encMac.update(this.mac_material_header);
            this.encMac.update(bArr, i, i2);
            this.encMac.doFinal(bArr2, i2);
            if (this.is_block_cipher) {
                Arrays.fill(bArr2, i4 - 1, i5, (byte) i3);
            }
            if (this.logger != null) {
                Logger.Stream stream = this.logger;
                StringBuilder sb = new StringBuilder();
                sb.append("SSLRecordProtocol.do_encryption: Generic");
                if (this.is_block_cipher) {
                    str = "BlockCipher with padding[" + i3 + "]:";
                } else {
                    str = "StreamCipher:";
                }
                sb.append(str);
                stream.println(sb.toString());
                this.logger.print(bArr2);
            }
            byte[] bArr3 = new byte[this.encCipher.getOutputSize(i5)];
            this.encCipher.update(bArr2, 0, i5, bArr3);
            incSequenceNumber(this.write_seq_num);
            return bArr3;
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
            throw new AlertException(AlertProtocol.INTERNAL_ERROR, new SSLProtocolException("Error during the encryption"));
        }
    }
}
