package com.rsa.ssl.common;

import com.rsa.jsafe.JSAFE_Exception;
import com.rsa.jsafe.JSAFE_MessageDigest;
import com.rsa.ssl.AlertException;
import com.rsa.ssl.AlertedException;
import com.rsa.ssl.SSLException;
import com.rsa.ssl.SSLParams;
import com.rsa.ssl.SSLSession;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InterruptedIOException;
import java.io.OutputStream;
import java.net.Socket;
import java.net.SocketException;

/* loaded from: input_file:lib/external/sslj.jar:com/rsa/ssl/common/ClientProtocol.class */
public class ClientProtocol implements Protocol {
    private SSLParams a;
    InputStream b;
    OutputStream c;
    JSAFE_MessageDigest d;
    JSAFE_MessageDigest e;
    String f;
    SSLSession g;

    public ClientProtocol(SSLParams sSLParams) throws SSLException {
        this.a = sSLParams;
        try {
            this.d = JSAFE_MessageDigest.getInstance("MD5", "Java");
            this.d.digestInit();
            this.e = JSAFE_MessageDigest.getInstance("SHA1", "Java");
            this.e.digestInit();
        } catch (JSAFE_Exception e) {
            throw new SSLException("An error in the crypto-module occured during initialization");
        }
    }

    public SSLObjectItem sendHello(InputStream inputStream, OutputStream outputStream, String str, Socket socket) throws InterruptedIOException, SSLException, AlertedException {
        this.f = str;
        byte[] bArr = new byte[0];
        int[] versions = this.a.getVersions();
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        int i = 0;
        SSLObjectItem sSLObjectItem = new SSLObjectItem();
        for (int i2 = 0; i2 < versions.length; i2++) {
            if (versions[i2] > i) {
                i = versions[i2];
            }
            if (versions[i2] == 2) {
                z = true;
            } else if (versions[i2] == 768) {
                z2 = true;
            } else if (versions[i2] == 769) {
                z3 = true;
            }
        }
        HelloInformation helloInformation = null;
        try {
            boolean z4 = false;
            this.g = this.a.getSessionByAddress(str);
            if (this.g != null) {
                z4 = true;
                int version = this.g.getVersion();
                if (version == 2) {
                    helloInformation = SSLV2Loader.sendV2Hello(2, outputStream, this.a, str, this.d, this.e, this.g);
                } else if (version == 768) {
                    helloInformation = SSLV3Loader.sendV3Hello(768, outputStream, this.a, str, this.d, this.e, this.g);
                } else if (version == 769) {
                    helloInformation = TLSV1Loader.sendTLS1Hello(SSLParams.TLSV1, outputStream, this.a, str, this.d, this.e, this.g);
                } else {
                    this.a.removeSession(this.g.getID());
                    z4 = false;
                }
            }
            if (!z4) {
                if (z) {
                    helloInformation = SSLV2Loader.sendV2Hello(i, outputStream, this.a, str, this.d, this.e, this.g);
                } else if (z2) {
                    helloInformation = SSLV3Loader.sendV3Hello(i, outputStream, this.a, str, this.d, this.e, this.g);
                } else if (z3) {
                    helloInformation = TLSV1Loader.sendTLS1Hello(i, outputStream, this.a, str, this.d, this.e, this.g);
                }
            }
            byte[] random = helloInformation.getRandom();
            try {
                int read = InterruptedIOHelper.read(socket, inputStream);
                if (read == -1) {
                    this.a.removeSession(helloInformation.getSessionID());
                    throw new SSLException("Could not establish connection");
                }
                if ((this.a.getDebug() & 2) == 2) {
                    this.a.getDebugOutput().println(new StringBuffer().append("DATA: ").append(DebugFormatter.intToHex(read, 1)).toString());
                }
                if (read == 22) {
                    if ((this.a.getDebug() & 4) == 4) {
                        this.a.getDebugOutput().println("First byte of header indicates either SSLV3 or TLSV1");
                    }
                    try {
                        byte[] bArr2 = new byte[5];
                        bArr2[0] = 22;
                        InterruptedIOHelper.read(socket, inputStream, bArr2, 1, bArr2.length - 1);
                        int i3 = (bArr2[1] << 8) | bArr2[2];
                        if ((i3 == 768 && z2) || (i3 == 768 && z3)) {
                            IOStore startSSL3ClientProtocol = SSLV3Loader.startSSL3ClientProtocol(inputStream, outputStream, str, socket, bArr2, random, i, this.a, this.g, this.d, this.e, sSLObjectItem);
                            this.b = startSSL3ClientProtocol.getInputStream();
                            this.c = startSSL3ClientProtocol.getOutputStream();
                            sSLObjectItem.setVersion(768);
                        } else {
                            if ((i3 != 769 || !z3) && (i3 != 769 || !z2)) {
                                inputStream.close();
                                outputStream.close();
                                throw new SSLException(new StringBuffer().append("Unknown protocol version ").append(DebugFormatter.intToHex(i3, 3)).toString());
                            }
                            IOStore startTLS1ClientProtocol = TLSV1Loader.startTLS1ClientProtocol(inputStream, outputStream, str, socket, bArr2, random, i, this.a, this.g, this.d, this.e, sSLObjectItem);
                            this.b = startTLS1ClientProtocol.getInputStream();
                            this.c = startTLS1ClientProtocol.getOutputStream();
                            sSLObjectItem.setVersion(SSLParams.TLSV1);
                        }
                    } catch (AlertException e) {
                        throw new AlertedException(e.getMessage(), e.getLevel(), e.getDescription());
                    } catch (AlertedException e2) {
                        throw e2;
                    } catch (IOException e3) {
                        e3.printStackTrace();
                        this.a.removeSession(helloInformation.getSessionID());
                        throw new SSLException(e3.getMessage());
                    } catch (Exception e4) {
                        e4.printStackTrace();
                        this.a.removeSession(helloInformation.getSessionID());
                        throw new SSLException("Bad hello.  Probably not an SSL connection");
                    }
                } else {
                    if (read == 21) {
                        try {
                            InterruptedIOHelper.read(socket, inputStream, new byte[4]);
                            int read2 = InterruptedIOHelper.read(socket, inputStream);
                            int read3 = InterruptedIOHelper.read(socket, inputStream);
                            throw new AlertedException(AlertedException.getDescription(read3), read2, read3);
                        } catch (AlertedException e5) {
                            throw e5;
                        } catch (IOException e6) {
                            throw new SSLException("Could not establish the SSL connection");
                        }
                    }
                    if (read < 128 || !z) {
                        try {
                            inputStream.close();
                            outputStream.close();
                        } catch (IOException e7) {
                        }
                        throw new SSLException("Unknown protocol");
                    }
                    try {
                        IOStore startSSL2ClientProtocol = SSLV2Loader.startSSL2ClientProtocol(inputStream, outputStream, str, socket, helloInformation, i, this.a, new byte[]{(byte) read, (byte) InterruptedIOHelper.read(socket, inputStream)}, sSLObjectItem);
                        this.b = startSSL2ClientProtocol.getInputStream();
                        this.c = startSSL2ClientProtocol.getOutputStream();
                        sSLObjectItem.setVersion(2);
                    } catch (AlertException e8) {
                        throw new AlertedException(e8.getMessage(), e8.getLevel(), e8.getDescription());
                    } catch (SSLException e9) {
                        this.a.removeSession(helloInformation.getSessionID());
                        e9.fillInStackTrace();
                        throw e9;
                    } catch (Exception e10) {
                        this.a.removeSession(helloInformation.getSessionID());
                        e10.printStackTrace();
                        throw new SSLException(new StringBuffer().append("Bad hello.  Probably not an SSL connection.\n").append(e10.getMessage()).toString());
                    }
                }
                return sSLObjectItem;
            } catch (IOException e11) {
                this.a.removeSession(helloInformation.getSessionID());
                throw new SSLException(new StringBuffer().append("Connection closed before handshake could be established: ").append(e11.getMessage()).toString());
            }
        } catch (IOException e12) {
            if (helloInformation != null) {
                this.a.removeSession(helloInformation.getSessionID());
            }
            throw new SSLException(new StringBuffer().append("An IOException occured while saying hello: ").append(e12.getMessage()).toString());
        }
    }

    public InputStream getInputStream() {
        return this.b;
    }

    public OutputStream getOutputStream() {
        return this.c;
    }

    public static SSLObjectItem startRenegotiate(SSLParams sSLParams, int i, InputStream inputStream, OutputStream outputStream, SSLSession sSLSession, String str) throws SSLException, AlertedException {
        switch (i) {
            case 2:
                throw new SSLException("Renegotiation not supported with SSL Version 2");
            case 768:
                return SSLV3Loader.renegClient(sSLParams, inputStream, outputStream, sSLSession, str);
            case SSLParams.TLSV1 /* 769 */:
                return TLSV1Loader.renegClient(sSLParams, inputStream, outputStream, sSLSession, str);
            default:
                throw new SSLException("Could not renegotiate because we can not determine version");
        }
    }

    @Override // com.rsa.ssl.common.Protocol
    public SSLObjectItem startHandshake(InputStream inputStream, OutputStream outputStream, Socket socket) throws SocketException, InterruptedIOException, SSLException, AlertedException {
        if (!(inputStream instanceof BufferedInputStream)) {
            inputStream = new BufferedInputStream(inputStream, 1024);
        }
        if (!(outputStream instanceof BufferedOutputStream)) {
            outputStream = new BufferedOutputStream(outputStream, 1024);
        }
        if ((this.a.getDebug() & 1) == 1) {
            this.a.getDebugOutput().println(new StringBuffer().append("connecting to ").append(socket.getInetAddress()).toString());
        }
        return sendHello(inputStream, outputStream, socket.getInetAddress().getHostAddress(), socket);
    }

    @Override // com.rsa.ssl.common.Protocol
    public InputStream getSecureInputStream() {
        return this.b;
    }

    @Override // com.rsa.ssl.common.Protocol
    public OutputStream getSecureOutputStream() {
        return this.c;
    }

    @Override // com.rsa.ssl.common.Protocol
    public SSLObjectItem renegotiate(SSLParams sSLParams, int i, InputStream inputStream, OutputStream outputStream, SSLSession sSLSession, String str) throws SSLException, AlertedException {
        return startRenegotiate(sSLParams, i, inputStream, outputStream, sSLSession, str);
    }
}
