package crysec.SSL;

import crysec.BlockCipher;
import crysec.HMAC;
import crysec.MessageDigest;
import crysec.Utils;
import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.OutputStream;

/* loaded from: input_file:crysec/SSL/GenericCipher.class */
final class GenericCipher {
    static final int MAX_LENGTH = 18432;
    public SSLState state;
    public int type;
    public byte[] content;
    public int off;
    public int len;
    public byte[] MAC;
    public int padLen;

    public GenericCipher(int i, SSLState sSLState) {
        this.state = sSLState;
        this.type = i;
    }

    public GenericCipher(int i, byte[] bArr, int i2, int i3, SSLState sSLState) {
        this(sSLState);
        init(i, bArr, i2, i3);
    }

    public GenericCipher(SSLState sSLState) {
        this.content = new byte[256];
        this.state = sSLState;
    }

    public boolean checkMAC() {
        return Utils.areEqual(this.MAC, generateMAC(this.state.inSeqNum, this.state.readMACalg, true, this.state.readMACsecret));
    }

    public byte[] generateMAC(byte[] bArr, int i, boolean z, byte[] bArr2) {
        MessageDigest messageDigest;
        MessageDigest messageDigest2;
        if (i == 0) {
            return null;
        }
        if (this.state.version.equals(ProtocolVersion.TLS1)) {
            HMAC hmac = z ? this.state.readHMAC : this.state.writeHMAC;
            hmac.init();
            hmac.update(bArr);
            hmac.update((byte) this.type);
            hmac.update((byte) 3);
            hmac.update((byte) 1);
            hmac.update((byte) (this.len >> 8));
            hmac.update((byte) this.len);
            hmac.update(this.content, this.off, this.len);
            hmac.computeCurrent();
            return hmac.digestBits;
        }
        if (z) {
            messageDigest = this.state.readMACalgs[i][0];
            messageDigest2 = this.state.readMACalgs[i][1];
        } else {
            messageDigest = this.state.writeMACalgs[i][0];
            messageDigest2 = this.state.writeMACalgs[i][1];
        }
        messageDigest.init();
        messageDigest2.init();
        messageDigest.update(bArr2);
        messageDigest.update(SSLState.pad2[i]);
        messageDigest2.update(bArr2);
        messageDigest2.update(SSLState.pad1[i]);
        messageDigest2.update(bArr);
        messageDigest2.update((byte) this.type);
        messageDigest2.update((byte) (this.len >> 8));
        messageDigest2.update((byte) this.len);
        messageDigest2.update(this.content, this.off, this.len);
        messageDigest2.computeCurrent();
        messageDigest.update(messageDigest2.digestBits);
        messageDigest.computeCurrent();
        return messageDigest.digestBits;
    }

    public void init(int i) {
        this.type = i;
    }

    public void init(int i, byte[] bArr, int i2, int i3) {
        this.type = i;
        this.content = bArr;
        this.off = i2;
        this.len = i3;
        this.MAC = generateMAC(this.state.outSeqNum, this.state.writeMACalg, false, this.state.writeMACsecret);
        if (this.state.writeCipher == null || !(this.state.writeCipher instanceof BlockCipher)) {
            this.padLen = -1;
            return;
        }
        this.padLen = 8 - (((i3 + this.MAC.length) + 1) % 8);
        if (this.padLen == 8) {
            this.padLen = 0;
        }
    }

    public void input(BufferedInputStream bufferedInputStream) throws IOException {
        int inputShort = Utils.inputShort(bufferedInputStream);
        if (inputShort > MAX_LENGTH) {
            if (this.state.version.equals(ProtocolVersion.TLS1)) {
                this.state.socket.sendAlert(2, 50);
            } else {
                this.state.socket.sendAlert(2, 30);
            }
            this.state.socket.abort();
            throw new SSLException("fragment longer than 2^14+2048 bytes");
        }
        byte[] bArr = new byte[inputShort];
        byte[] bArr2 = new byte[inputShort];
        if (this.state.readCipher == null) {
            Utils.inputByteArray(bArr2, 0, inputShort, bufferedInputStream);
            this.padLen = -1;
        } else {
            Utils.inputByteArray(bArr, 0, inputShort, bufferedInputStream);
            this.state.readCipher.decrypt(bArr, 0, inputShort, bArr2, 0);
            if (this.state.readCipher instanceof BlockCipher) {
                this.padLen = bArr2[inputShort - 1] & 255;
            } else {
                this.padLen = -1;
            }
        }
        if (this.state.readMACalg == 0) {
            this.MAC = null;
        } else if (this.MAC == null || this.MAC.length != SSLState.hashSize[this.state.readMACalg]) {
            this.MAC = new byte[SSLState.hashSize[this.state.readMACalg]];
        }
        int length = this.MAC == null ? 0 : this.MAC.length;
        int i = inputShort - length;
        if (this.padLen >= 0) {
            i -= this.padLen + 1;
        }
        if (i < 0) {
            if (this.state.version.equals(ProtocolVersion.TLS1)) {
                this.state.socket.sendAlert(2, 21);
            } else {
                this.state.socket.sendAlert(2, 47);
            }
            this.state.socket.abort();
            throw new SSLException("Invalid encryption block");
        }
        if (this.padLen > 0 && this.state.version.equals(ProtocolVersion.TLS1)) {
            for (int i2 = i + length; i2 < i + length + this.padLen; i2++) {
                if (bArr2[i2] != ((byte) this.padLen)) {
                    this.state.socket.sendAlert(2, 21);
                    this.state.socket.abort();
                    throw new SSLException("Incorrect padding values.");
                }
            }
        }
        if (i > this.content.length) {
            this.content = new byte[i];
        }
        this.off = 0;
        this.len = i;
        System.arraycopy(bArr2, 0, this.content, 0, this.len);
        if (this.MAC != null) {
            System.arraycopy(bArr2, this.len, this.MAC, 0, this.MAC.length);
        }
        if (checkMAC()) {
            return;
        }
        this.state.socket.sendAlert(2, 20);
        this.state.socket.abort();
        throw new SSLException(new StringBuffer("Bad MAC on type ").append(this.type).append(", content ").append(Utils.toHexString(this.content, this.off, this.len)).toString());
    }

    public void output(OutputStream outputStream) throws IOException {
        int length = this.MAC == null ? 0 : this.MAC.length;
        int i = this.len + length + (this.padLen < 0 ? 0 : this.padLen + 1);
        int i2 = this.len;
        outputStream.write((byte) (i >> 8));
        outputStream.write((byte) i);
        if (i > MAX_LENGTH) {
            throw new IllegalStateException("fragment longer than 2^14+2048 bytes");
        }
        byte[] bArr = new byte[i];
        byte[] bArr2 = new byte[i];
        System.arraycopy(this.content, this.off, bArr, 0, this.len);
        if (this.MAC != null) {
            System.arraycopy(this.MAC, 0, bArr, i2, length);
            i2 += length;
        }
        if (this.padLen >= 0) {
            if (this.state.version.equals(ProtocolVersion.TLS1)) {
                int i3 = 0;
                while (i3 < this.padLen) {
                    bArr[i2] = (byte) this.padLen;
                    i3++;
                    i2++;
                }
            } else {
                int i4 = 0;
                while (i4 < this.padLen) {
                    bArr[i2] = 0;
                    i4++;
                    i2++;
                }
            }
            bArr[i2] = (byte) this.padLen;
        }
        if (this.state.writeCipher == null) {
            outputStream.write(bArr, 0, i);
        } else {
            this.state.writeCipher.encrypt(bArr, 0, i, bArr2, 0);
            outputStream.write(bArr2, 0, i);
        }
    }
}
