package com.sun.net.ssl.internal.ssl;

import COM.rsa.asn1.SunJSSE_bh;
import com.sun.net.ssl.X509TrustManager;
import com.sun.net.ssl.internal.ssl.HandshakeMessage;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLProtocolException;
import org.hsqldb.Trace;
import org.mortbay.html.Element;

/* compiled from: DashoA6275 */
/* loaded from: input_file:seasar/lib/jsse.jar:com/sun/net/ssl/internal/ssl/ClientHandshaker.class */
final class ClientHandshaker extends Handshaker {
    private PublicKey a;
    private byte[] b;
    private BigInteger c;
    private SunJSSE_u d;
    private SunJSSE_n e;
    private boolean f;

    ClientHandshaker(SSLSocketImpl sSLSocketImpl) throws NoSuchAlgorithmException {
        this(sSLSocketImpl, null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ClientHandshaker(SSLSocketImpl sSLSocketImpl, SSLContextImpl sSLContextImpl) throws NoSuchAlgorithmException {
        super(sSLSocketImpl, sSLContextImpl, true);
    }

    @Override // com.sun.net.ssl.internal.ssl.Handshaker
    boolean a(int i, boolean z) {
        switch (i) {
            case 1:
            case 2:
            case 5:
                return true;
            case 3:
            case 4:
            default:
                return false;
            case 6:
                return true;
            case 7:
                return true;
        }
    }

    @Override // com.sun.net.ssl.internal.ssl.Handshaker
    protected boolean canUseCipherSuite(String str) {
        return isEnabled(str);
    }

    private int a(SunJSSE_i sunJSSE_i, int i, int i2, int i3, String str) {
        if (isEnabled(str)) {
            int i4 = i3 + 1;
            sunJSSE_i.e[i3] = (byte) i;
            i3 = i4 + 1;
            sunJSSE_i.e[i4] = (byte) i2;
        }
        return i3;
    }

    private void a(BigInteger bigInteger, BigInteger bigInteger2) {
        this.d = new SunJSSE_u(bigInteger, bigInteger2);
        this.d.a(this.g.e(), SunJSSE_bh.p);
    }

    @Override // com.sun.net.ssl.internal.ssl.Handshaker
    protected HandshakeMessage getKickstartMessage() throws SSLException {
        SunJSSE_i sunJSSE_i = new SunJSSE_i(this.g.e());
        this.h = sunJSSE_i.c;
        this.j = this.g.c().a(((Handshaker) this).a.e());
        if (Handshaker.m != null && Debug.isOn("session")) {
            if (this.j != null) {
                System.out.println(new StringBuffer("%% Client cached ").append(this.j).append(this.j.e() ? Element.noAttributes : " (not rejoinable)").toString());
            } else {
                System.out.println("%% No cached client session");
            }
        }
        if (this.j != null) {
            if (!isEnabled(this.j.getCipherSuite())) {
                if (Handshaker.m != null && Debug.isOn("session")) {
                    System.out.println("%% can't resume, cipher disabled");
                }
                this.j = null;
            }
            if (this.j != null) {
                if (Handshaker.m != null && (Debug.isOn("handshake") || Debug.isOn("session"))) {
                    System.out.println(new StringBuffer("%% Try resuming ").append(this.j).append(" from port ").append(((Handshaker) this).a.getLocalPort()).toString());
                }
                sunJSSE_i.d = this.j.d();
                CipherSpec a = this.j.a();
                byte b = a.a;
                sunJSSE_i.a = b;
                ((CipherSpec) this).a = b;
                byte b2 = a.b;
                sunJSSE_i.b = b2;
                ((CipherSpec) this).b = b2;
                ((Handshaker) this).a.a(((CipherSpec) this).a, ((CipherSpec) this).b);
                super.e.r.a(((CipherSpec) this).a, ((CipherSpec) this).b);
            }
            if (!this.l) {
                if (this.j == null) {
                    throw new SSLException("Can't reuse existing SSL client session");
                }
                sunJSSE_i.e = this.j.a().getCipherSuite();
                return sunJSSE_i;
            }
        }
        if (this.j == null) {
            if (!this.l) {
                throw new SSLException("No existing session to resume.");
            }
            sunJSSE_i.d = SSLSessionImpl.a.d();
        }
        sunJSSE_i.e = new byte[2 * this.ak.length];
        a(sunJSSE_i, 0, 25, a(sunJSSE_i, 0, 23, a(sunJSSE_i, 0, 27, a(sunJSSE_i, 0, 26, a(sunJSSE_i, 0, 24, a(sunJSSE_i, 0, 1, a(sunJSSE_i, 0, 2, a(sunJSSE_i, 0, 17, a(sunJSSE_i, 0, 3, a(sunJSSE_i, 0, 19, a(sunJSSE_i, 0, 18, a(sunJSSE_i, 0, 10, a(sunJSSE_i, 0, 9, a(sunJSSE_i, 0, 4, a(sunJSSE_i, 0, 5, 0, "SSL_RSA_WITH_RC4_128_SHA"), "SSL_RSA_WITH_RC4_128_MD5"), "SSL_RSA_WITH_DES_CBC_SHA"), "SSL_RSA_WITH_3DES_EDE_CBC_SHA"), "SSL_DHE_DSS_WITH_DES_CBC_SHA"), "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"), "SSL_RSA_EXPORT_WITH_RC4_40_MD5"), "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"), "SSL_RSA_WITH_NULL_SHA"), "SSL_RSA_WITH_NULL_MD5"), "SSL_DH_anon_WITH_RC4_128_MD5"), "SSL_DH_anon_WITH_DES_CBC_SHA"), "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"), "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"), "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA");
        return sunJSSE_i;
    }

    @Override // com.sun.net.ssl.internal.ssl.Handshaker
    void a(byte b) throws SSLProtocolException {
        String a = SSLSocketImpl.a(b);
        if (Handshaker.m != null && Debug.isOn("handshake")) {
            System.out.println(new StringBuffer("SSL - handshake alert: ").append(a).toString());
        }
        throw new SSLProtocolException(new StringBuffer("handshake alert:  ").append(a).toString());
    }

    @Override // com.sun.net.ssl.internal.ssl.Handshaker
    protected void processMessage(byte b, int i) throws IOException, NoSuchAlgorithmException {
        if (((Handshaker) this).f > b && b != 0 && ((Handshaker) this).f != 1) {
            throw new SSLProtocolException(new StringBuffer("Handshake message sequence violation, ").append((int) b).toString());
        }
        switch (b) {
            case 0:
                a(new SunJSSE_h(super.d));
                break;
            case 1:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 8:
            case 9:
            case 10:
            case 15:
            case 16:
            case 17:
            case Trace.SERIALIZATION_FAILURE /* 18 */:
            case 19:
            default:
                throw new SSLProtocolException(new StringBuffer("Illegal client handshake msg, ").append((int) b).toString());
            case 2:
                a(new SunJSSE_j(super.d));
                break;
            case 11:
                if (this.o == 7) {
                    ((Handshaker) this).a.a((byte) 10, "unexpected server cert chain");
                }
                a(new HandshakeMessage.CertificateMsg(super.d));
                this.a = this.j.getPeerCertificateChain()[0].getPublicKey();
                break;
            case 12:
                this.f = true;
                switch (this.o) {
                    case 1:
                    case 2:
                        try {
                            a(new SunJSSE_l(super.d, i));
                            break;
                        } catch (InvalidKeyException e) {
                            throw new SSLException(new StringBuffer("Server key, ").append(e).toString());
                        } catch (SignatureException e2) {
                            throw new SSLException(new StringBuffer("Server key, ").append(e2).toString());
                        }
                    case 3:
                    case 4:
                    default:
                        throw new SSLProtocolException(new StringBuffer("unsupported key exchange algorithm = ").append(this.o).toString());
                    case 5:
                    case 6:
                        try {
                            a(new HandshakeMessage.DH_ServerKeyExchange(super.d, this.a, this.h.a, this.i.a, i));
                            break;
                        } catch (InvalidKeyException e3) {
                            throw new SSLException(new StringBuffer("Server key, ").append(e3).toString());
                        } catch (SignatureException e4) {
                            throw new SSLException(new StringBuffer("Server key, ").append(e4).toString());
                        }
                    case 7:
                        a(new HandshakeMessage.DH_ServerKeyExchange(super.d));
                        break;
                }
            case Trace.UNKNOWN_FUNCTION /* 13 */:
                this.e = new SunJSSE_n(super.d);
                if (Handshaker.m != null && Debug.isOn("handshake")) {
                    this.e.a(System.out);
                    break;
                }
                break;
            case Trace.NEED_AGGREGATE /* 14 */:
                a(new SunJSSE_o(super.d));
                break;
            case 20:
                a(new HandshakeMessage.Finished(((CipherSpec) this).a, ((CipherSpec) this).b, super.d));
                break;
        }
        if (((Handshaker) this).f < b) {
            ((Handshaker) this).f = b;
        }
    }

    private void c() throws IOException {
        HandshakeMessage.Finished finished;
        try {
        } catch (CloneNotSupportedException unused) {
            finished = ((CipherSpec) this).b == 0 ? new HandshakeMessage.Finished(((CipherSpec) this).a, ((CipherSpec) this).b, ((Handshaker) this).b[1], super.c[1], HandshakeMessage.Finished.c, this.j.c()) : new HandshakeMessage.Finished(((CipherSpec) this).a, ((CipherSpec) this).b, ((Handshaker) this).b[1], super.c[1], "client finished", this.j.c());
            ((Handshaker) this).b[1] = null;
            super.c[1] = null;
        }
        if (((Handshaker) this).b[0] == null) {
            throw new CloneNotSupportedException("minor hack");
        }
        finished = ((CipherSpec) this).b == 0 ? new HandshakeMessage.Finished(((CipherSpec) this).a, ((CipherSpec) this).b, (MessageDigest) ((Handshaker) this).b[0].clone(), (MessageDigest) super.c[0].clone(), HandshakeMessage.Finished.c, this.j.c()) : new HandshakeMessage.Finished(((CipherSpec) this).a, ((CipherSpec) this).b, (MessageDigest) ((Handshaker) this).b[0].clone(), (MessageDigest) super.c[0].clone(), "client finished", this.j.c());
        sendChangeCipherSpec(finished);
        ((Handshaker) this).f = 19;
    }

    private void a(HandshakeMessage.CertificateMsg certificateMsg) throws IOException {
        boolean isServerTrusted;
        if (Handshaker.m != null && Debug.isOn("handshake")) {
            certificateMsg.a(System.out);
        }
        X509Certificate[] certificateChain = certificateMsg.getCertificateChain();
        if (certificateChain.length == 0) {
            ((Handshaker) this).a.a((byte) 42, "null cert chain");
        }
        X509TrustManager h = this.g.h();
        if (h instanceof JsseX509TrustManager) {
            String cipherSuite = this.j.getCipherSuite();
            String substring = cipherSuite.substring(cipherSuite.indexOf(95) + 1, cipherSuite.indexOf("_WITH"));
            if (substring.startsWith("RSA_EXPORT") && !this.f) {
                substring = "RSA";
            }
            isServerTrusted = ((JsseX509TrustManager) h).isServerTrusted(certificateChain, substring);
        } else {
            isServerTrusted = h.isServerTrusted(certificateChain);
        }
        if (isServerTrusted) {
            this.j.a(certificateChain);
        } else {
            ((Handshaker) this).a.a((byte) 46, "untrusted server cert chain");
        }
    }

    private void a(HandshakeMessage.Finished finished) throws IOException {
        boolean verify;
        if (Handshaker.m != null && Debug.isOn("handshake")) {
            finished.a(System.out);
        }
        try {
            verify = ((CipherSpec) this).b == 0 ? finished.verify((MessageDigest) ((Handshaker) this).b[0].clone(), (MessageDigest) super.c[0].clone(), HandshakeMessage.Finished.d, this.j.c()) : finished.verify((MessageDigest) ((Handshaker) this).b[0].clone(), (MessageDigest) super.c[0].clone(), "server finished", this.j.c());
        } catch (CloneNotSupportedException unused) {
            verify = ((CipherSpec) this).b == 0 ? finished.verify(((Handshaker) this).b[0], super.c[0], HandshakeMessage.Finished.d, this.j.c()) : finished.verify(((Handshaker) this).b[0], super.c[0], "server finished", this.j.c());
            ((Handshaker) this).b[0] = null;
            super.c[0] = null;
        }
        if (!verify) {
            ((Handshaker) this).a.a((byte) 47, "server 'finished' message doesn't verify");
        }
        if (this.k) {
            super.d.digestNow();
            c();
        }
        if (!((Handshaker) this).a.c() || !this.j.e()) {
            if (Handshaker.m == null || !Debug.isOn("session")) {
                return;
            }
            System.out.println(new StringBuffer("%% Didn't cache non-resumable client session: ").append(this.j).toString());
            return;
        }
        this.g.c().a(this.j);
        if (Handshaker.m == null || !Debug.isOn("session")) {
            return;
        }
        System.out.println(new StringBuffer("%% Cached client session: ").append(this.j).toString());
    }

    private void a(SunJSSE_j sunJSSE_j) throws IOException {
        this.f = false;
        if (Handshaker.m != null && Debug.isOn("handshake")) {
            sunJSSE_j.a(System.out);
        }
        if (sunJSSE_j.a != 3 || sunJSSE_j.b > 1) {
            throw new SSLProtocolException(new StringBuffer("version mismatch, server is v").append((int) sunJSSE_j.a).append(".").append((int) sunJSSE_j.b).toString());
        }
        ((CipherSpec) this).a = sunJSSE_j.a;
        ((CipherSpec) this).b = sunJSSE_j.b;
        ((Handshaker) this).a.a(((CipherSpec) this).a, ((CipherSpec) this).b);
        super.e.r.a(((CipherSpec) this).a, ((CipherSpec) this).b);
        this.i = sunJSSE_j.c;
        if (this.j != null) {
            if (this.j.d().equals(sunJSSE_j.d)) {
                CipherSpec a = this.j.a();
                byte[] cipherSuite = a.getCipherSuite();
                if (sunJSSE_j.e[0] != cipherSuite[0] || sunJSSE_j.e[1] != cipherSuite[1] || sunJSSE_j.a != a.a || sunJSSE_j.b != a.b) {
                    throw new SSLProtocolException("Server returned wrong cipher suite for session");
                }
                this.k = true;
                ((Handshaker) this).f = 19;
                if (Handshaker.m != null && Debug.isOn("session")) {
                    System.out.println(new StringBuffer("%% Server resumed ").append(this.j).toString());
                }
            } else {
                this.j = null;
                if (!this.l) {
                    throw new SSLException("New session creation was disabled");
                }
            }
        }
        if (!c(sunJSSE_j.e[0], sunJSSE_j.e[1])) {
            ((Handshaker) this).a.a((byte) 47, new StringBuffer("Can't support cipher suite [").append((int) sunJSSE_j.e[0]).append(", ").append((int) sunJSSE_j.e[1]).append("]").toString());
        } else if (sunJSSE_j.f != 0) {
            ((Handshaker) this).a.a((byte) 47, new StringBuffer("compression type not supported, ").append((int) sunJSSE_j.f).toString());
        }
        if (this.j != null) {
            try {
                a(this.j.c());
            } catch (NoSuchAlgorithmException e) {
                throw new SSLException(new StringBuffer("Missing algorithm: ").append(e.getMessage()).toString());
            }
        } else {
            this.j = new SSLSessionImpl(this, sunJSSE_j.d, ((Handshaker) this).a.e(), ((Handshaker) this).a.getPort());
            if (Handshaker.m == null || !Debug.isOn("handshake")) {
                return;
            }
            System.out.println(new StringBuffer("** ").append(this.j.a()).toString());
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:21:0x00bd  */
    /* JADX WARN: Removed duplicated region for block: B:24:0x0107  */
    /* JADX WARN: Removed duplicated region for block: B:30:0x00e2  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void a(com.sun.net.ssl.internal.ssl.SunJSSE_o r10) throws java.io.IOException, java.security.NoSuchAlgorithmException {
        /*
            Method dump skipped, instructions count: 840
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.net.ssl.internal.ssl.ClientHandshaker.a(com.sun.net.ssl.internal.ssl.SunJSSE_o):void");
    }

    private void a(SunJSSE_h sunJSSE_h) throws IOException {
        if (Handshaker.m != null && Debug.isOn("handshake")) {
            sunJSSE_h.a(System.out);
        }
        if (((Handshaker) this).f < 1) {
            kickstart();
        }
    }

    private void a(HandshakeMessage.DH_ServerKeyExchange dH_ServerKeyExchange) throws IOException, NoSuchAlgorithmException {
        if (Handshaker.m != null && Debug.isOn("handshake")) {
            dH_ServerKeyExchange.a(System.out);
        }
        if (this.o == 4 || this.o == 3) {
            ((Handshaker) this).a.a((byte) 10, "not supporting DH certs for key exchange now");
        }
        a(dH_ServerKeyExchange.getModulus(), dH_ServerKeyExchange.getBase());
        this.c = dH_ServerKeyExchange.getServerPublicKey();
    }

    private void a(SunJSSE_l sunJSSE_l) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        if (Handshaker.m != null && Debug.isOn("handshake")) {
            sunJSSE_l.a(System.out);
        }
        if (!(this.a instanceof RSAPublicKey)) {
            throw new InvalidKeyException("server key not an RSA key");
        }
        if (!sunJSSE_l.a((RSAPublicKey) this.a, this.h, this.i)) {
            ((Handshaker) this).a.a((byte) 40, "server key exchange invalid");
        }
        this.a = sunJSSE_l.a();
    }
}
