package org.metastatic.jessie.provider;

import ch.qos.logback.classic.turbo.ReconfigureOnChangeFilter;
import gnu.crypto.Registry;
import gnu.crypto.cipher.IBlockCipher;
import gnu.crypto.hash.HashFactory;
import gnu.crypto.hash.IMessageDigest;
import gnu.crypto.key.IKeyAgreementParty;
import gnu.crypto.key.IncomingMessage;
import gnu.crypto.key.KeyAgreementException;
import gnu.crypto.key.KeyAgreementFactory;
import gnu.crypto.key.OutgoingMessage;
import gnu.crypto.key.dh.DiffieHellmanKeyAgreement;
import gnu.crypto.key.dh.ElGamalKeyAgreement;
import gnu.crypto.key.dh.GnuDHPrivateKey;
import gnu.crypto.key.dh.GnuDHPublicKey;
import gnu.crypto.key.srp6.SRP6KeyAgreement;
import gnu.crypto.key.srp6.SRPPublicKey;
import gnu.crypto.mac.IMac;
import gnu.crypto.mode.IMode;
import gnu.crypto.prng.ARCFour;
import gnu.crypto.prng.IRandom;
import gnu.crypto.prng.LimitReachedException;
import gnu.crypto.sasl.srp.SRPAuthInfoProvider;
import gnu.crypto.sasl.srp.SRPRegistry;
import gnu.crypto.sig.ISignature;
import gnu.crypto.sig.SignatureFactory;
import gnu.crypto.sig.dss.DSSSignature;
import gnu.crypto.sig.rsa.EME_PKCS1_V1_5;
import gnu.crypto.sig.rsa.RSA;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintStream;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.SocketException;
import java.nio.channels.SocketChannel;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Properties;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLProtocolException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.ConfirmationCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextInputCallback;
import joptsimple.internal.Strings;
import org.metastatic.callbacks.DefaultCallbackHandler;
import org.metastatic.jessie.SRPTrustManager;
import org.metastatic.jessie.provider.Alert;
import org.metastatic.jessie.provider.CertificateRequest;
import org.metastatic.jessie.provider.Extension;
import org.metastatic.jessie.provider.Handshake;
import org.metastatic.jessie.provider.Session;

/* loaded from: input_file:org/metastatic/jessie/provider/SSLSocket.class */
public final class SSLSocket extends javax.net.ssl.SSLSocket {
    private Socket underlyingSocket;
    private int underlyingPort;
    private boolean autoClose;
    SessionContext sessionContext;
    public Session session;
    LinkedList handshakeListeners;
    private boolean clientMode;
    private boolean wantClientAuth;
    private boolean needClientAuth;
    private boolean createSessions;
    private boolean handshakeDone;
    private String remoteHost;
    private InputStream socketIn;
    private OutputStream socketOut;
    private InputStream applicationIn;
    private OutputStream applicationOut;
    private InputStream handshakeIn;
    private OutputStream handshakeOut;
    RecordInput recordInput;
    private long handshakeTime;
    private SocketChannel channel;
    private static final byte[] SENDER_CLIENT;
    private static final byte[] SENDER_SERVER;
    private static boolean DEBUG_HANDSHAKE_LAYER = true;
    private static boolean DEBUG_KEY_EXCHANGE = true;
    private static final PrintStream debug = System.err;
    static SortedSet supportedProtocols = new TreeSet();
    static List supportedSuites = new ArrayList(30);

    public SSLSocket(Socket socket, String str, int i, boolean z) throws IOException {
        this.underlyingSocket = socket;
        this.remoteHost = str;
        this.underlyingPort = i;
        this.autoClose = z;
        initialize();
    }

    public SSLSocket(Socket socket, SocketChannel socketChannel) throws IOException {
        this.underlyingSocket = socket;
        this.channel = socketChannel;
        initialize();
    }

    public SSLSocket() throws IOException {
        initialize();
    }

    public SSLSocket(InetAddress inetAddress, int i) throws IOException {
        super(inetAddress, i);
        initialize();
        this.remoteHost = inetAddress.getHostName();
        if (this.remoteHost == null) {
            this.remoteHost = inetAddress.getHostAddress();
        }
    }

    public SSLSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        super(inetAddress, i, inetAddress2, i2);
        initialize();
        this.remoteHost = inetAddress.getHostName();
        if (this.remoteHost == null) {
            this.remoteHost = inetAddress.getHostAddress();
        }
    }

    public SSLSocket(String str, int i) throws IOException {
        super(str, i);
        initialize();
        this.remoteHost = str;
    }

    public SSLSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
        super(str, i, inetAddress, i2);
        initialize();
        this.remoteHost = str;
    }

    private void initialize() {
        this.session = new Session();
        this.session.enabledSuites = new ArrayList(supportedSuites);
        this.session.enabledProtocols = new TreeSet(supportedProtocols);
        this.session.protocol = ProtocolVersion.TLS_1;
        this.session.params.setVersion(ProtocolVersion.TLS_1);
        this.handshakeListeners = new LinkedList();
        this.handshakeDone = false;
    }

    @Override // javax.net.ssl.SSLSocket
    public void addHandshakeCompletedListener(HandshakeCompletedListener handshakeCompletedListener) {
        synchronized (this.handshakeListeners) {
            if (handshakeCompletedListener == null) {
                throw new NullPointerException();
            }
            if (!this.handshakeListeners.contains(handshakeCompletedListener)) {
                this.handshakeListeners.add(handshakeCompletedListener);
            }
        }
    }

    @Override // javax.net.ssl.SSLSocket
    public void removeHandshakeCompletedListener(HandshakeCompletedListener handshakeCompletedListener) {
        synchronized (this.handshakeListeners) {
            this.handshakeListeners.remove(handshakeCompletedListener);
        }
    }

    @Override // javax.net.ssl.SSLSocket
    public String[] getEnabledProtocols() {
        String[] strArr;
        synchronized (this.session.enabledProtocols) {
            try {
                strArr = (String[]) Util.transform(this.session.enabledProtocols.toArray(), String.class, "toString", null);
            } catch (Exception e) {
                RuntimeException runtimeException = new RuntimeException(e.getMessage());
                runtimeException.initCause(e);
                throw runtimeException;
            }
        }
        return strArr;
    }

    @Override // javax.net.ssl.SSLSocket
    public void setEnabledProtocols(String[] strArr) {
        if (strArr == null || strArr.length == 0) {
            throw new IllegalArgumentException();
        }
        for (int i = 0; i < strArr.length; i++) {
            if (!strArr[i].equalsIgnoreCase("SSLv3") && !strArr[i].equalsIgnoreCase("TLSv1") && !strArr[i].equalsIgnoreCase("TLSv1.1")) {
                throw new IllegalArgumentException("unsupported protocol: " + strArr[i]);
            }
        }
        synchronized (this.session.enabledProtocols) {
            this.session.enabledProtocols.clear();
            for (int i2 = 0; i2 < strArr.length; i2++) {
                if (strArr[i2].equalsIgnoreCase("SSLv3")) {
                    this.session.enabledProtocols.add(ProtocolVersion.SSL_3);
                } else if (strArr[i2].equalsIgnoreCase("TLSv1")) {
                    this.session.enabledProtocols.add(ProtocolVersion.TLS_1);
                } else {
                    this.session.enabledProtocols.add(ProtocolVersion.TLS_1_1);
                }
            }
        }
    }

    @Override // javax.net.ssl.SSLSocket
    public String[] getSupportedProtocols() {
        return new String[]{"TLSv1", "SSLv3"};
    }

    @Override // javax.net.ssl.SSLSocket
    public String[] getEnabledCipherSuites() {
        String[] strArr;
        synchronized (this.session.enabledSuites) {
            try {
                strArr = (String[]) Util.transform(this.session.enabledSuites.toArray(), String.class, "toString", null);
            } catch (Exception e) {
                RuntimeException runtimeException = new RuntimeException(e.getMessage());
                runtimeException.initCause(e);
                throw runtimeException;
            }
        }
        return strArr;
    }

    @Override // javax.net.ssl.SSLSocket
    public void setEnabledCipherSuites(String[] strArr) {
        if (strArr == null || strArr.length == 0) {
            throw new IllegalArgumentException();
        }
        for (int i = 0; i < strArr.length; i++) {
            if (CipherSuite.forName(strArr[i]) == null) {
                throw new IllegalArgumentException("unsupported suite: " + strArr[i]);
            }
        }
        synchronized (this.session.enabledSuites) {
            this.session.enabledSuites.clear();
            for (String str : strArr) {
                CipherSuite forName = CipherSuite.forName(str);
                if (!this.session.enabledSuites.contains(forName)) {
                    this.session.enabledSuites.add(forName);
                }
            }
        }
    }

    @Override // javax.net.ssl.SSLSocket
    public String[] getSupportedCipherSuites() {
        return (String[]) CipherSuite.availableSuiteNames().toArray(new String[52]);
    }

    @Override // javax.net.ssl.SSLSocket
    public SSLSession getSession() {
        return this.session;
    }

    @Override // javax.net.ssl.SSLSocket
    public boolean getEnableSessionCreation() {
        return this.createSessions;
    }

    @Override // javax.net.ssl.SSLSocket
    public void setEnableSessionCreation(boolean z) {
        this.createSessions = z;
    }

    @Override // javax.net.ssl.SSLSocket
    public boolean getNeedClientAuth() {
        return this.needClientAuth;
    }

    @Override // javax.net.ssl.SSLSocket
    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    @Override // javax.net.ssl.SSLSocket
    public boolean getWantClientAuth() {
        return this.wantClientAuth;
    }

    @Override // javax.net.ssl.SSLSocket
    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    @Override // javax.net.ssl.SSLSocket
    public boolean getUseClientMode() {
        return this.clientMode;
    }

    @Override // javax.net.ssl.SSLSocket
    public void setUseClientMode(boolean z) {
        this.clientMode = z;
    }

    @Override // javax.net.ssl.SSLSocket
    public synchronized void startHandshake() throws IOException {
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println("startHandshake called in " + Thread.currentThread());
            this.handshakeTime = System.currentTimeMillis();
        }
        if (this.handshakeDone) {
            if (this.clientMode) {
                this.handshakeDone = false;
                doClientHandshake();
                return;
            } else {
                new Handshake(Handshake.Type.HELLO_REQUEST, null).write(this.handshakeOut, this.session.protocol);
                this.handshakeOut.flush();
                return;
            }
        }
        if (this.recordInput == null) {
            setupIO();
        }
        if (this.clientMode) {
            doClientHandshake();
            return;
        }
        try {
            doServerHandshake();
        } catch (ArrayIndexOutOfBoundsException e) {
            throwDecryptError();
        } catch (MacException e2) {
            throwDecryptError();
        }
    }

    @Override // java.net.Socket
    public InetAddress getInetAddress() {
        return this.underlyingSocket != null ? this.underlyingSocket.getInetAddress() : super.getInetAddress();
    }

    @Override // java.net.Socket
    public InetAddress getLocalAddress() {
        return this.underlyingSocket != null ? this.underlyingSocket.getLocalAddress() : super.getLocalAddress();
    }

    @Override // java.net.Socket
    public int getPort() {
        return this.underlyingSocket != null ? this.underlyingSocket.getPort() : super.getPort();
    }

    @Override // java.net.Socket
    public int getLocalPort() {
        return this.underlyingSocket != null ? this.underlyingSocket.getLocalPort() : super.getLocalPort();
    }

    @Override // java.net.Socket
    public InputStream getInputStream() throws IOException {
        if (this.applicationIn == null) {
            setupIO();
        }
        return this.applicationIn;
    }

    @Override // java.net.Socket
    public OutputStream getOutputStream() throws IOException {
        if (this.applicationOut == null) {
            setupIO();
        }
        return this.applicationOut;
    }

    @Override // java.net.Socket
    public void setTcpNoDelay(boolean z) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setTcpNoDelay(z);
        } else {
            super.setTcpNoDelay(z);
        }
    }

    @Override // java.net.Socket
    public boolean getTcpNoDelay() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getTcpNoDelay() : super.getTcpNoDelay();
    }

    @Override // java.net.Socket
    public void setSoLinger(boolean z, int i) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setSoLinger(z, i);
        } else {
            super.setSoLinger(z, i);
        }
    }

    @Override // java.net.Socket
    public int getSoLinger() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getSoLinger() : super.getSoLinger();
    }

    @Override // java.net.Socket
    public void sendUrgentData(int i) throws IOException {
        throw new UnsupportedOperationException("not implemented");
    }

    @Override // java.net.Socket
    public void setSoTimeout(int i) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setSoTimeout(i);
        } else {
            super.setSoTimeout(i);
        }
    }

    @Override // java.net.Socket
    public int getSoTimeout() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getSoTimeout() : super.getSoTimeout();
    }

    @Override // java.net.Socket
    public void setSendBufferSize(int i) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setSendBufferSize(i);
        } else {
            super.setSendBufferSize(i);
        }
    }

    @Override // java.net.Socket
    public int getSendBufferSize() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getSendBufferSize() : super.getSendBufferSize();
    }

    @Override // java.net.Socket
    public void setReceiveBufferSize(int i) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setReceiveBufferSize(i);
        } else {
            super.setReceiveBufferSize(i);
        }
    }

    @Override // java.net.Socket
    public int getReceiveBufferSize() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getReceiveBufferSize() : super.getReceiveBufferSize();
    }

    @Override // java.net.Socket, java.io.Closeable, java.lang.AutoCloseable
    public synchronized void close() throws IOException {
        System.out.println("Close 0");
        if (this.recordInput == null) {
            if (this.underlyingSocket == null) {
                super.close();
                return;
            } else {
                if (this.autoClose) {
                    this.underlyingSocket.close();
                    return;
                }
                return;
            }
        }
        sendAlert(new Alert(Alert.Level.WARNING, Alert.Description.CLOSE_NOTIFY));
        System.out.println("Close 1");
        long currentTimeMillis = System.currentTimeMillis() + ReconfigureOnChangeFilter.DEFAULT_REFRESH_PERIOD;
        while (this.session.currentAlert == null && !this.recordInput.pollClose()) {
            System.out.println("Close 2");
            Thread.yield();
            System.out.println("Close 2'");
            if (currentTimeMillis <= System.currentTimeMillis()) {
                break;
            }
        }
        System.out.println("Close 3");
        boolean z = this.session.currentAlert != null && this.session.currentAlert.getDescription() == Alert.Description.CLOSE_NOTIFY;
        this.recordInput = null;
        if (this.underlyingSocket == null) {
            super.close();
        } else if (this.autoClose) {
            this.underlyingSocket.close();
        }
        if (z) {
            System.out.println("Close 4");
        } else {
            this.session.invalidate();
            throw new SSLException("did not receive close notify");
        }
    }

    @Override // java.net.Socket
    public String toString() {
        return this.underlyingSocket != null ? SSLSocket.class.getName() + " [ " + this.underlyingSocket + " ]" : SSLSocket.class.getName() + " [ " + super.toString() + " ]";
    }

    @Override // java.net.Socket
    public void connect(SocketAddress socketAddress) throws IOException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.connect(socketAddress);
        } else {
            super.connect(socketAddress);
        }
    }

    @Override // java.net.Socket
    public void connect(SocketAddress socketAddress, int i) throws IOException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.connect(socketAddress, i);
        } else {
            super.connect(socketAddress, i);
        }
    }

    @Override // java.net.Socket
    public void bind(SocketAddress socketAddress) throws IOException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.bind(socketAddress);
        } else {
            super.bind(socketAddress);
        }
    }

    @Override // java.net.Socket
    public SocketAddress getLocalSocketAddress() {
        return this.underlyingSocket != null ? this.underlyingSocket.getLocalSocketAddress() : super.getLocalSocketAddress();
    }

    @Override // java.net.Socket
    public SocketChannel getChannel() {
        return this.channel;
    }

    @Override // java.net.Socket
    public boolean isBound() {
        return this.underlyingSocket != null ? this.underlyingSocket.isBound() : super.isBound();
    }

    @Override // java.net.Socket
    public boolean isClosed() {
        return this.underlyingSocket != null ? this.underlyingSocket.isClosed() : super.isClosed();
    }

    @Override // java.net.Socket
    public void setOOBInline(boolean z) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setOOBInline(z);
        } else {
            super.setOOBInline(z);
        }
    }

    @Override // java.net.Socket
    public boolean getOOBInline() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getOOBInline() : super.getOOBInline();
    }

    @Override // java.net.Socket
    public void setKeepAlive(boolean z) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setKeepAlive(z);
        } else {
            super.setKeepAlive(z);
        }
    }

    @Override // java.net.Socket
    public boolean getKeepAlive() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getKeepAlive() : super.getKeepAlive();
    }

    @Override // java.net.Socket
    public void setTrafficClass(int i) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setTrafficClass(i);
        } else {
            super.setTrafficClass(i);
        }
    }

    @Override // java.net.Socket
    public int getTrafficClass() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getTrafficClass() : super.getTrafficClass();
    }

    @Override // java.net.Socket
    public void setReuseAddress(boolean z) throws SocketException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.setReuseAddress(z);
        } else {
            super.setReuseAddress(z);
        }
    }

    @Override // java.net.Socket
    public boolean getReuseAddress() throws SocketException {
        return this.underlyingSocket != null ? this.underlyingSocket.getReuseAddress() : super.getReuseAddress();
    }

    @Override // java.net.Socket
    public void shutdownInput() throws IOException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.shutdownInput();
        } else {
            super.shutdownInput();
        }
    }

    @Override // java.net.Socket
    public void shutdownOutput() throws IOException {
        if (this.underlyingSocket != null) {
            this.underlyingSocket.shutdownOutput();
        } else {
            super.shutdownOutput();
        }
    }

    @Override // java.net.Socket
    public boolean isConnected() {
        return this.underlyingSocket != null ? this.underlyingSocket.isConnected() : super.isConnected();
    }

    @Override // java.net.Socket
    public boolean isInputShutdown() {
        return this.underlyingSocket != null ? this.underlyingSocket.isInputShutdown() : super.isInputShutdown();
    }

    @Override // java.net.Socket
    public boolean isOutputShutdown() {
        return this.underlyingSocket != null ? this.underlyingSocket.isOutputShutdown() : super.isOutputShutdown();
    }

    protected void finalize() {
        if (this.session.currentAlert == null) {
            try {
                close();
            } catch (Exception e) {
            }
        }
    }

    public void setSessionContext(SessionContext sessionContext) {
        this.sessionContext = sessionContext;
    }

    public void setEnabledCipherSuites(List list) {
        this.session.enabledSuites = list;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setEnabledProtocols(SortedSet sortedSet) {
        this.session.enabledProtocols = sortedSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSRPTrustManager(SRPTrustManager sRPTrustManager) {
        this.session.srpTrustManager = sRPTrustManager;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setTrustManager(X509TrustManager x509TrustManager) {
        this.session.trustManager = x509TrustManager;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setKeyManager(X509KeyManager x509KeyManager) {
        this.session.keyManager = x509KeyManager;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setRandom(SecureRandom secureRandom) {
        this.session.random = secureRandom;
    }

    void sendAlert(Alert alert) throws IOException {
        new RecordOutputStream(this.socketOut, ContentType.ALERT, this.session.params).write(alert.getEncoded());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Alert checkAlert() {
        return this.session.currentAlert;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void checkHandshakeDone() throws IOException {
        if (!this.handshakeDone) {
            startHandshake();
        }
        Alert alert = this.session.currentAlert;
        if (alert != null && alert.getLevel() == Alert.Level.FATAL) {
            throw new AlertException(alert, false);
        }
        if (this.handshakeIn.available() <= 0 || this.clientMode) {
            return;
        }
        this.handshakeDone = false;
        startHandshake();
    }

    private void changeCipherSpec() throws IOException {
        new RecordOutputStream(this.socketOut, ContentType.CHANGE_CIPHER_SPEC, this.session.params).write(1);
    }

    private void readChangeCipherSpec() throws IOException {
        if (new RecordInputStream(this.recordInput, ContentType.CHANGE_CIPHER_SPEC).read() != 1) {
            throw new SSLProtocolException("bad change cipher spec message");
        }
    }

    private synchronized void setupIO() throws IOException {
        if (this.recordInput != null) {
            return;
        }
        if (this.underlyingSocket != null) {
            this.socketIn = this.underlyingSocket.getInputStream();
            this.socketOut = this.underlyingSocket.getOutputStream();
        } else {
            this.socketIn = super.getInputStream();
            this.socketOut = super.getOutputStream();
        }
        this.recordInput = new RecordInput(this.socketIn, this.session);
        this.applicationIn = new SSLSocketInputStream(new RecordInputStream(this.recordInput, ContentType.APPLICATION_DATA), this);
        this.applicationOut = new SSLSocketOutputStream(new RecordOutputStream(this.socketOut, ContentType.APPLICATION_DATA, this.session.params), this);
        this.handshakeIn = new SSLSocketInputStream(new RecordInputStream(this.recordInput, ContentType.HANDSHAKE), this, false);
        this.handshakeOut = new BufferedOutputStream(new SSLSocketOutputStream(new RecordOutputStream(this.socketOut, ContentType.HANDSHAKE, this.session.params), this, false), 8096);
    }

    private void handshakeCompleted() {
        this.handshakeDone = true;
        HandshakeCompletedEvent handshakeCompletedEvent = new HandshakeCompletedEvent(this, this.session);
        Iterator it = this.handshakeListeners.iterator();
        while (it.hasNext()) {
            try {
                ((HandshakeCompletedListener) it.next()).handshakeCompleted(handshakeCompletedEvent);
            } catch (Throwable th) {
            }
        }
        if (this.createSessions) {
            synchronized (this.session) {
                this.sessionContext.addSession(this.session.sessionId, this.session);
                this.session.access();
            }
        }
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println("Handshake finished in " + Thread.currentThread());
            this.handshakeTime = System.currentTimeMillis() - this.handshakeTime;
            debug.println("Elapsed time " + (this.handshakeTime / 1000) + "s");
        }
    }

    private void doClientHandshake() throws IOException {
        Object jCEMac;
        Object jCEMac2;
        boolean z;
        boolean z2;
        boolean z3;
        IRandom tLSRandom;
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println("starting client handshake in " + Thread.currentThread());
        }
        IMessageDigest hashFactory = HashFactory.getInstance(Registry.MD5_HASH);
        IMessageDigest hashFactory2 = HashFactory.getInstance(Registry.SHA160_HASH);
        DigestInputStream digestInputStream = new DigestInputStream(this.handshakeIn, hashFactory, hashFactory2);
        DigestOutputStream digestOutputStream = new DigestOutputStream(this.handshakeOut, hashFactory, hashFactory2);
        Session session = null;
        byte[] bArr = new byte[0];
        LinkedList linkedList = null;
        String str = null;
        CertificateType certificateType = CertificateType.X509;
        Enumeration ids = this.sessionContext.getIds();
        while (true) {
            if (!ids.hasMoreElements()) {
                break;
            }
            byte[] bArr2 = (byte[]) ids.nextElement();
            session = (Session) this.sessionContext.getSession(bArr2);
            if (session != null && this.session.enabledProtocols.contains(session.protocol) && session.getPeerHost().equals(this.remoteHost)) {
                bArr = bArr2;
                break;
            }
        }
        Iterator it = this.session.enabledSuites.iterator();
        while (it.hasNext()) {
            if (((CipherSuite) it.next()).getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                linkedList = new LinkedList();
                str = askUserName(this.remoteHost);
                byte[] bytes = str.getBytes("UTF-8");
                if (bytes.length > 255) {
                    handshakeFailure();
                    throw new SSLException("SRP username too long");
                }
                linkedList.add(new Extension(Extension.Type.SRP, Util.concat(new byte[]{(byte) bytes.length}, bytes)));
            }
        }
        try {
            int parseInt = Integer.parseInt(Util.getSecurityProperty("jessie.fragment.length"));
            byte[] bArr3 = new byte[1];
            if (parseInt == 512) {
                bArr3[0] = 1;
            } else if (parseInt == 1024) {
                bArr3[0] = 2;
            } else if (parseInt == 2048) {
                bArr3[0] = 3;
            } else {
                if (parseInt != 4096) {
                    throw new NumberFormatException();
                }
                bArr3[0] = 4;
            }
            if (linkedList == null) {
                linkedList = new LinkedList();
            }
            linkedList.add(new Extension(Extension.Type.MAX_FRAGMENT_LENGTH, bArr3));
        } catch (NumberFormatException e) {
        }
        ProtocolVersion protocolVersion = this.session.protocol;
        Random random = new Random(Util.unixTime(), this.session.random.generateSeed(28));
        this.session.protocol = (ProtocolVersion) this.session.enabledProtocols.last();
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(CompressionMethod.ZLIB);
        arrayList.add(CompressionMethod.NULL);
        Handshake handshake = new Handshake(Handshake.Type.CLIENT_HELLO, new ClientHello(this.session.protocol, random, bArr, this.session.enabledSuites, arrayList, linkedList));
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println(handshake);
        }
        handshake.write(digestOutputStream, protocolVersion);
        digestOutputStream.flush();
        Handshake read = Handshake.read(digestInputStream);
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println(read);
        }
        if (read.getType() != Handshake.Type.SERVER_HELLO) {
            throwUnexpectedMessage();
        }
        ServerHello serverHello = (ServerHello) read.getBody();
        Random random2 = serverHello.getRandom();
        ProtocolVersion version = serverHello.getVersion();
        if (!this.session.enabledProtocols.contains(version)) {
            r26 = null;
            for (ProtocolVersion protocolVersion2 : this.session.enabledProtocols) {
                if (protocolVersion2.compareTo(version) > 0) {
                    break;
                }
            }
            version = protocolVersion2;
        }
        if (version == null) {
            Alert alert = new Alert(Alert.Level.FATAL, serverHello.getVersion() == ProtocolVersion.SSL_3 ? Alert.Description.HANDSHAKE_FAILURE : Alert.Description.PROTOCOL_VERSION);
            sendAlert(alert);
            this.session.currentAlert = alert;
            fatal();
            throw new AlertException(alert, true);
        }
        if (serverHello.getExtensions() != null) {
            for (Extension extension : serverHello.getExtensions()) {
                if (extension.getType() == Extension.Type.MAX_FRAGMENT_LENGTH) {
                    this.session.params.setFragmentLength(Extensions.getMaxFragmentLength(extension).intValue());
                } else if (extension.getType() == Extension.Type.CERT_TYPE) {
                    certificateType = Extensions.getServerCertType(extension);
                }
            }
        }
        CipherSuite resolve = serverHello.getCipherSuite().resolve(version);
        boolean z4 = true;
        if (bArr.length <= 0 || !Arrays.equals(bArr, serverHello.getSessionId())) {
            this.sessionContext.removeSession(new Session.ID(bArr));
        } else {
            SecurityParameters securityParameters = this.session.params;
            this.session = (Session) session.clone();
            this.session.params = securityParameters;
            this.recordInput.setSession(this.session);
            resolve = this.session.cipherSuite;
            z4 = false;
        }
        if (z4) {
            this.session.peerHost = this.remoteHost;
            this.session.sessionId = new Session.ID(serverHello.getSessionId());
            this.session.cipherSuite = resolve;
        }
        this.session.params.reset();
        this.session.currentAlert = null;
        this.session.valid = true;
        this.session.protocol = version;
        if (z4) {
            PublicKey publicKey = null;
            PublicKey publicKey2 = null;
            KeyPair keyPair = null;
            IKeyAgreementParty iKeyAgreementParty = null;
            OutgoingMessage outgoingMessage = null;
            if (resolve.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                String askPassword = askPassword(str);
                if (DEBUG_KEY_EXCHANGE) {
                    debug.println("password read is '" + askPassword + Strings.SINGLE_QUOTE);
                }
                byte[] bytes2 = askPassword.getBytes("UTF-8");
                iKeyAgreementParty = KeyAgreementFactory.getPartyAInstance(Registry.SRP_TLS_KA);
                HashMap hashMap = new HashMap();
                hashMap.put(SRP6KeyAgreement.HASH_FUNCTION, Registry.SHA160_HASH);
                hashMap.put(SRP6KeyAgreement.USER_IDENTITY, str);
                hashMap.put(SRP6KeyAgreement.USER_PASSWORD, bytes2);
                try {
                    iKeyAgreementParty.init(hashMap);
                    outgoingMessage = iKeyAgreementParty.processMessage(null);
                } catch (KeyAgreementException e2) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e2.printStackTrace(debug);
                    }
                    throwHandshakeFailure();
                }
            }
            if (resolve.getSignature() != "anon") {
                Handshake read2 = Handshake.read(digestInputStream, certificateType);
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println(read2);
                }
                if (read2.getType() != Handshake.Type.CERTIFICATE) {
                    throwUnexpectedMessage();
                }
                X509Certificate[] certificates = ((Certificate) read2.getBody()).getCertificates();
                try {
                    this.session.trustManager.checkServerTrusted(certificates, resolve.getAuthType());
                } catch (InvalidKeyException e3) {
                    throwHandshakeFailure();
                } catch (Exception e4) {
                    if (!checkCertificates(certificates)) {
                        peerUnverified(certificates);
                        SSLPeerUnverifiedException sSLPeerUnverifiedException = new SSLPeerUnverifiedException("could not verify peer certificate: " + certificates[0].getSubjectDN());
                        sSLPeerUnverifiedException.initCause(e4);
                        throw sSLPeerUnverifiedException;
                    }
                    this.session.peerCerts = certificates;
                    this.session.peerVerified = true;
                }
                if (resolve.getSignature() == "RSA" && !(certificates[0].getPublicKey() instanceof RSAPublicKey)) {
                    throw new InvalidKeyException("improper public key");
                }
                if (resolve.getKeyExchange() == "DH" && !(certificates[0].getPublicKey() instanceof DHPublicKey)) {
                    throw new InvalidKeyException("improper public key");
                }
                if (resolve.getKeyExchange() == "DHE") {
                    if (resolve.getSignature() == "RSA" && !(certificates[0].getPublicKey() instanceof RSAPublicKey)) {
                        throw new InvalidKeyException("improper public key");
                    }
                    if (resolve.getSignature() == "DSS" && !(certificates[0].getPublicKey() instanceof DSAPublicKey)) {
                        throw new InvalidKeyException("improper public key");
                    }
                }
                this.session.peerCerts = certificates;
                this.session.peerVerified = true;
                publicKey = certificates[0].getPublicKey();
                publicKey2 = publicKey;
            }
            Handshake read3 = Handshake.read(digestInputStream, resolve, publicKey);
            if (read3.getType() == Handshake.Type.SERVER_KEY_EXCHANGE) {
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println(read3);
                }
                ServerKeyExchange serverKeyExchange = (ServerKeyExchange) read3.getBody();
                publicKey2 = serverKeyExchange.getPublicKey();
                if (resolve.getSignature() != "anon") {
                    ISignature iSignature = null;
                    if (resolve.getSignature() == "RSA") {
                        iSignature = new SSLRSASignature();
                    } else if (resolve.getSignature() == "DSS") {
                        iSignature = SignatureFactory.getInstance("dss");
                    }
                    iSignature.setupVerify(Collections.singletonMap(ISignature.VERIFIER_KEY, publicKey));
                    byte[] encoded = random.getEncoded();
                    iSignature.update(encoded, 0, encoded.length);
                    byte[] encoded2 = random2.getEncoded();
                    iSignature.update(encoded2, 0, encoded2.length);
                    if (resolve.getKeyExchange() == "RSA") {
                        updateSig(iSignature, ((RSAPublicKey) publicKey2).getModulus());
                        updateSig(iSignature, ((RSAPublicKey) publicKey2).getPublicExponent());
                    } else if (resolve.getKeyExchange() == "DHE") {
                        updateSig(iSignature, ((DHPublicKey) publicKey2).getParams().getP());
                        updateSig(iSignature, ((DHPublicKey) publicKey2).getParams().getG());
                        updateSig(iSignature, ((DHPublicKey) publicKey2).getY());
                    } else if (resolve.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                        updateSig(iSignature, ((SRPPublicKey) publicKey2).getN());
                        updateSig(iSignature, ((SRPPublicKey) publicKey2).getG());
                        byte[] sRPSalt = serverKeyExchange.getSRPSalt();
                        iSignature.update((byte) sRPSalt.length);
                        iSignature.update(sRPSalt, 0, sRPSalt.length);
                        updateSig(iSignature, ((SRPPublicKey) publicKey2).getY());
                    }
                    if (!iSignature.verify(serverKeyExchange.getSignature().getSigValue())) {
                        throwHandshakeFailure();
                    }
                }
                if (resolve.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                    try {
                        OutgoingMessage outgoingMessage2 = new OutgoingMessage();
                        outgoingMessage2.writeMPI(((SRPPublicKey) publicKey2).getN());
                        outgoingMessage2.writeMPI(((SRPPublicKey) publicKey2).getG());
                        outgoingMessage2.writeMPI(new BigInteger(1, serverKeyExchange.getSRPSalt()));
                        outgoingMessage2.writeMPI(((SRPPublicKey) publicKey2).getY());
                        outgoingMessage = iKeyAgreementParty.processMessage(new IncomingMessage(outgoingMessage2.toByteArray()));
                        if (DEBUG_KEY_EXCHANGE) {
                            debug.println(iKeyAgreementParty.isComplete());
                        }
                    } catch (KeyAgreementException e5) {
                        if (DEBUG_KEY_EXCHANGE) {
                            e5.printStackTrace(debug);
                        }
                        throwHandshakeFailure();
                    }
                }
                read3 = Handshake.read(digestInputStream, resolve, publicKey);
            }
            CertificateRequest certificateRequest = null;
            if (read3.getType() == Handshake.Type.CERTIFICATE_REQUEST) {
                if (resolve.getSignature() == "anon") {
                    throwHandshakeFailure();
                }
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println(read3);
                }
                certificateRequest = (CertificateRequest) read3.getBody();
                read3 = Handshake.read(digestInputStream);
            }
            if (read3.getType() != Handshake.Type.SERVER_HELLO_DONE) {
                throwUnexpectedMessage();
            }
            if (DEBUG_HANDSHAKE_LAYER) {
                debug.println(read3);
            }
            if (certificateRequest != null) {
                String chooseClientAlias = this.session.keyManager.chooseClientAlias(certificateRequest.getTypeStrings(), certificateRequest.getAuthorities(), null);
                if (chooseClientAlias == null && version == ProtocolVersion.SSL_3) {
                    sendAlert(new Alert(Alert.Level.WARNING, Alert.Description.NO_CERTIFICATE));
                } else {
                    X509Certificate[] certificateChain = this.session.keyManager.getCertificateChain(chooseClientAlias);
                    PrivateKey privateKey = this.session.keyManager.getPrivateKey(chooseClientAlias);
                    if (certificateChain == null) {
                        certificateChain = new X509Certificate[0];
                    }
                    Handshake handshake2 = new Handshake(Handshake.Type.CERTIFICATE, new Certificate(certificateChain));
                    if (DEBUG_HANDSHAKE_LAYER) {
                        debug.println(handshake2);
                    }
                    handshake2.write(digestOutputStream, version);
                    digestOutputStream.flush();
                    if (certificateChain.length > 0) {
                        this.session.localCerts = certificateChain;
                        keyPair = new KeyPair(certificateChain[0].getPublicKey(), privateKey);
                    }
                }
            }
            byte[] bArr4 = null;
            ClientKeyExchange clientKeyExchange = null;
            if (resolve.getKeyExchange() == "RSA") {
                bArr4 = Util.concat(((ProtocolVersion) this.session.enabledProtocols.last()).getEncoded(), new byte[46]);
                try {
                    CSPRNG.SYSTEM_RANDOM.nextBytes(bArr4, bArr4.length - 46, 46);
                    clientKeyExchange = new ClientKeyExchange(Util.trim(RSA.encrypt((RSAPublicKey) publicKey2, new BigInteger(1, EME_PKCS1_V1_5.getInstance((RSAPublicKey) publicKey2).encode(bArr4, CSPRNG.SYSTEM_RANDOM)))));
                } catch (LimitReachedException e6) {
                    internalError();
                    RuntimeException runtimeException = new RuntimeException(e6.getMessage());
                    runtimeException.initCause(e6);
                    throw runtimeException;
                }
            } else if (resolve.getKeyExchange().startsWith("DH")) {
                if (keyPair == null || !(keyPair.getPublic() instanceof DHPublicKey)) {
                    GnuDHPrivateKey gnuDHPrivateKey = new GnuDHPrivateKey(null, ((DHPublicKey) publicKey2).getParams().getP(), ((DHPublicKey) publicKey2).getParams().getG(), null);
                    iKeyAgreementParty = KeyAgreementFactory.getPartyBInstance("dh");
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put(DiffieHellmanKeyAgreement.KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY, gnuDHPrivateKey);
                    hashMap2.put(DiffieHellmanKeyAgreement.SOURCE_OF_RANDOMNESS, CSPRNG.SYSTEM_RANDOM);
                    try {
                        iKeyAgreementParty.init(hashMap2);
                        OutgoingMessage outgoingMessage3 = new OutgoingMessage();
                        outgoingMessage3.writeMPI(((DHPublicKey) publicKey2).getY());
                        clientKeyExchange = new ClientKeyExchange(new IncomingMessage(iKeyAgreementParty.processMessage(new IncomingMessage(outgoingMessage3.toByteArray())).toByteArray()).readMPI());
                    } catch (KeyAgreementException e7) {
                        if (DEBUG_KEY_EXCHANGE) {
                            e7.printStackTrace(debug);
                        }
                        internalError();
                        RuntimeException runtimeException2 = new RuntimeException(e7.getMessage());
                        runtimeException2.initCause(e7);
                        throw runtimeException2;
                    }
                } else {
                    iKeyAgreementParty = KeyAgreementFactory.getPartyBInstance(Registry.ELGAMAL_KA);
                    HashMap hashMap3 = new HashMap();
                    hashMap3.put(ElGamalKeyAgreement.KA_ELGAMAL_RECIPIENT_PRIVATE_KEY, keyPair.getPrivate());
                    try {
                        iKeyAgreementParty.init(hashMap3);
                        clientKeyExchange = new ClientKeyExchange(new byte[0]);
                    } catch (KeyAgreementException e8) {
                        if (DEBUG_KEY_EXCHANGE) {
                            e8.printStackTrace(debug);
                        }
                        internalError();
                        RuntimeException runtimeException3 = new RuntimeException(e8.getMessage());
                        runtimeException3.initCause(e8);
                        throw runtimeException3;
                    }
                }
            } else if (resolve.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                BigInteger bigInteger = null;
                try {
                    bigInteger = new IncomingMessage(outgoingMessage.toByteArray()).readMPI();
                    if (DEBUG_KEY_EXCHANGE) {
                        debug.println("client A=" + bigInteger);
                    }
                } catch (KeyAgreementException e9) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e9.printStackTrace(debug);
                    }
                    throwHandshakeFailure();
                }
                clientKeyExchange = new ClientKeyExchange(bigInteger);
            } else if (resolve.getKeyExchange() == "PSK") {
                String property = Security.getProperty("jessie.psk.identity");
                clientKeyExchange = new ClientKeyExchange(property.getBytes());
                bArr4 = initPSKPreMasterSecret(property);
            }
            Handshake handshake3 = new Handshake(Handshake.Type.CLIENT_KEY_EXCHANGE, clientKeyExchange);
            if (DEBUG_HANDSHAKE_LAYER) {
                debug.println(handshake3);
            }
            handshake3.write(digestOutputStream, version);
            if (resolve.getKeyExchange().startsWith("DH")) {
                try {
                    bArr4 = iKeyAgreementParty.getSharedSecret();
                } catch (KeyAgreementException e10) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e10.printStackTrace(debug);
                    }
                    internalError();
                    RuntimeException runtimeException4 = new RuntimeException(e10.getMessage());
                    runtimeException4.initCause(e10);
                    throw runtimeException4;
                }
            } else {
                try {
                    if (resolve.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                        bArr4 = iKeyAgreementParty.getSharedSecret();
                    }
                } catch (KeyAgreementException e11) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e11.printStackTrace(debug);
                    }
                    throwHandshakeFailure();
                } finally {
                }
            }
            if (DEBUG_KEY_EXCHANGE) {
                debug.println("preMasterSecret= " + Util.toHexString(bArr4, ':'));
                debug.println("client.random  = " + Util.toHexString(random.getEncoded(), ':'));
                debug.println("server.random  = " + Util.toHexString(random2.getEncoded(), ':'));
            }
            if (version == ProtocolVersion.SSL_3) {
                tLSRandom = new SSLRandom();
                HashMap hashMap4 = new HashMap();
                hashMap4.put("jessie.sslprng.secret", bArr4);
                hashMap4.put("jessie.sslprng.seed", Util.concat(random.getEncoded(), random2.getEncoded()));
                tLSRandom.init(hashMap4);
            } else {
                tLSRandom = new TLSRandom();
                HashMap hashMap5 = new HashMap();
                hashMap5.put("jessie.tls.prng.secret", bArr4);
                hashMap5.put("jessie.tls.prng.seed", Util.concat("master secret".getBytes("UTF-8"), Util.concat(random.getEncoded(), random2.getEncoded())));
                tLSRandom.init(hashMap5);
            }
            this.session.masterSecret = new byte[48];
            try {
                tLSRandom.nextBytes(this.session.masterSecret, 0, 48);
                for (int i = 0; i < bArr4.length; i++) {
                    bArr4[i] = 0;
                }
                if (DEBUG_KEY_EXCHANGE) {
                    debug.println("masterSecret=" + Util.toHexString(this.session.masterSecret, ':'));
                }
                if (certificateRequest != null && keyPair != null) {
                    IMessageDigest iMessageDigest = (IMessageDigest) hashFactory.clone();
                    IMessageDigest iMessageDigest2 = (IMessageDigest) hashFactory2.clone();
                    PrivateKey privateKey2 = keyPair.getPrivate();
                    Object obj = null;
                    String str2 = null;
                    try {
                        if (privateKey2 instanceof DSAPrivateKey) {
                            obj = DSSSignature.sign((DSAPrivateKey) privateKey2, iMessageDigest2.digest(), CSPRNG.SYSTEM_RANDOM);
                            str2 = "DSS";
                        } else {
                            if (!(privateKey2 instanceof RSAPrivateKey)) {
                                throw new InvalidKeyException("no appropriate key");
                            }
                            SSLRSASignature sSLRSASignature = new SSLRSASignature(iMessageDigest, iMessageDigest2);
                            sSLRSASignature.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, privateKey2));
                            obj = sSLRSASignature.sign();
                            str2 = "RSA";
                        }
                    } catch (Exception e12) {
                        throwHandshakeFailure();
                    }
                    Handshake handshake4 = new Handshake(Handshake.Type.CERTIFICATE_VERIFY, new CertificateVerify(obj, str2));
                    if (DEBUG_HANDSHAKE_LAYER) {
                        debug.println(handshake4);
                    }
                    handshake4.write(digestOutputStream, version);
                }
                digestOutputStream.flush();
            } catch (LimitReachedException e13) {
                internalError();
                RuntimeException runtimeException5 = new RuntimeException(e13.getMessage());
                runtimeException5.initCause(e13);
                throw runtimeException5;
            }
        }
        try {
            byte[][] generateKeys = generateKeys(random2.getEncoded(), random.getEncoded(), version);
            this.session.params.setVersion(version);
            Object obj2 = null;
            Object obj3 = null;
            try {
                if (this.session.params instanceof GNUSecurityParameters) {
                    HashMap hashMap6 = new HashMap();
                    jCEMac = CipherSuite.getMac(resolve.getMac());
                    jCEMac2 = CipherSuite.getMac(resolve.getMac());
                    hashMap6.put(IMac.MAC_KEY_MATERIAL, generateKeys[0]);
                    ((IMac) jCEMac).init(hashMap6);
                    hashMap6.put(IMac.MAC_KEY_MATERIAL, generateKeys[1]);
                    ((IMac) jCEMac2).init(hashMap6);
                    if (resolve.getCipher() == "RC4") {
                        obj3 = new ARCFour();
                        obj2 = new ARCFour();
                        hashMap6.clear();
                        hashMap6.put(ARCFour.ARCFOUR_KEY_MATERIAL, generateKeys[2]);
                        ((ARCFour) obj3).init(hashMap6);
                        hashMap6.put(ARCFour.ARCFOUR_KEY_MATERIAL, generateKeys[3]);
                        ((ARCFour) obj2).init(hashMap6);
                    } else if (!resolve.isStreamCipher()) {
                        obj3 = CipherSuite.getCipher(resolve.getCipher());
                        obj2 = CipherSuite.getCipher(resolve.getCipher());
                        hashMap6.clear();
                        hashMap6.put(IBlockCipher.KEY_MATERIAL, generateKeys[2]);
                        hashMap6.put(IMode.IV, generateKeys[4]);
                        hashMap6.put(IMode.STATE, new Integer(1));
                        ((IMode) obj3).init(hashMap6);
                        hashMap6.put(IBlockCipher.KEY_MATERIAL, generateKeys[3]);
                        hashMap6.put(IMode.IV, generateKeys[5]);
                        hashMap6.put(IMode.STATE, new Integer(2));
                        ((IMode) obj2).init(hashMap6);
                    }
                } else {
                    jCEMac = CipherSuite.getJCEMac(resolve.getMac());
                    jCEMac2 = CipherSuite.getJCEMac(resolve.getMac());
                    obj3 = CipherSuite.getJCECipher(resolve.getCipher());
                    obj2 = CipherSuite.getJCECipher(resolve.getCipher());
                    ((Mac) jCEMac).init(new SecretKeySpec(generateKeys[0], resolve.getMac()));
                    ((Mac) jCEMac2).init(new SecretKeySpec(generateKeys[1], resolve.getMac()));
                    if (resolve.isStreamCipher()) {
                        ((Cipher) obj3).init(1, new SecretKeySpec(generateKeys[2], resolve.getCipher()));
                        ((Cipher) obj2).init(2, new SecretKeySpec(generateKeys[3], resolve.getCipher()));
                    } else {
                        ((Cipher) obj3).init(1, new SecretKeySpec(generateKeys[2], resolve.getCipher()), new IvParameterSpec(generateKeys[4]));
                        ((Cipher) obj2).init(2, new SecretKeySpec(generateKeys[3], resolve.getCipher()), new IvParameterSpec(generateKeys[5]));
                    }
                }
                if (z4) {
                    changeCipherSpec();
                    SecurityParameters securityParameters2 = this.session.params;
                    if (serverHello.getCompressionMethod() == CompressionMethod.ZLIB) {
                        z3 = true;
                    }
                    securityParameters2.setDeflating(z3);
                    this.session.params.setOutMac(jCEMac);
                    this.session.params.setOutCipher(obj3);
                    Handshake handshake5 = new Handshake(Handshake.Type.FINISHED, generateFinished(version, (IMessageDigest) hashFactory.clone(), (IMessageDigest) hashFactory2.clone(), true));
                    if (DEBUG_HANDSHAKE_LAYER) {
                        debug.println(handshake5);
                    }
                    handshake5.write(digestOutputStream, version);
                    digestOutputStream.flush();
                }
                if (this.session.currentAlert != null && this.session.currentAlert.getLevel() == Alert.Level.FATAL) {
                    fatal();
                    throw new AlertException(this.session.currentAlert, false);
                }
                synchronized (this.session.params) {
                    readChangeCipherSpec();
                    SecurityParameters securityParameters3 = this.session.params;
                    if (serverHello.getCompressionMethod() == CompressionMethod.ZLIB) {
                        z = true;
                    }
                    securityParameters3.setInflating(z);
                    this.session.params.setInMac(jCEMac2);
                    this.session.params.setInCipher(obj2);
                    this.session.params.notifyAll();
                }
                Finished generateFinished = generateFinished(version, (IMessageDigest) hashFactory.clone(), (IMessageDigest) hashFactory2.clone(), false);
                Handshake read4 = Handshake.read(digestInputStream, resolve, (PublicKey) null);
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println(read4);
                }
                if (read4.getType() != Handshake.Type.FINISHED) {
                    throwUnexpectedMessage();
                }
                Finished finished = (Finished) read4.getBody();
                if (version == ProtocolVersion.SSL_3) {
                    if (!Arrays.equals(finished.getMD5Hash(), generateFinished.getMD5Hash()) || !Arrays.equals(finished.getSHAHash(), generateFinished.getSHAHash())) {
                        throwHandshakeFailure();
                    }
                } else if (!Arrays.equals(finished.getVerifyData(), generateFinished.getVerifyData())) {
                    throwHandshakeFailure();
                }
                if (!z4) {
                    changeCipherSpec();
                    SecurityParameters securityParameters4 = this.session.params;
                    if (serverHello.getCompressionMethod() == CompressionMethod.ZLIB) {
                        z2 = true;
                    }
                    securityParameters4.setDeflating(z2);
                    this.session.params.setOutMac(jCEMac);
                    this.session.params.setOutCipher(obj3);
                    Handshake handshake6 = new Handshake(Handshake.Type.FINISHED, generateFinished(version, hashFactory, hashFactory2, true));
                    if (DEBUG_HANDSHAKE_LAYER) {
                        debug.println(handshake6);
                    }
                    handshake6.write(digestOutputStream, version);
                    digestOutputStream.flush();
                }
                handshakeCompleted();
            } catch (InvalidAlgorithmParameterException e14) {
                internalError();
                RuntimeException runtimeException6 = new RuntimeException(e14.getMessage());
                runtimeException6.initCause(e14);
                throw runtimeException6;
            } catch (InvalidKeyException e15) {
                internalError();
                RuntimeException runtimeException7 = new RuntimeException(e15.getMessage());
                runtimeException7.initCause(e15);
                throw runtimeException7;
            } catch (NoSuchAlgorithmException e16) {
                this.session.enabledSuites.remove(resolve);
                internalError();
                SSLException sSLException = new SSLException("suite " + resolve + " not available in this configuration");
                sSLException.initCause(e16);
                throw sSLException;
            } catch (NoSuchPaddingException e17) {
                this.session.enabledSuites.remove(resolve);
                internalError();
                SSLException sSLException2 = new SSLException("suite " + resolve + " not available in this configuration");
                sSLException2.initCause(e17);
                throw sSLException2;
            }
        } catch (Exception e18) {
            internalError();
            RuntimeException runtimeException8 = new RuntimeException(e18.getMessage());
            runtimeException8.initCause(e18);
            throw runtimeException8;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v700, types: [java.security.PrivateKey] */
    private void doServerHandshake() throws IOException {
        Object jCEMac;
        Object jCEMac2;
        boolean z;
        boolean z2;
        boolean z3;
        IRandom tLSRandom;
        boolean z4;
        Session.ID id;
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println("doing server handshake in " + Thread.currentThread());
        }
        if (this.remoteHost == null) {
            this.remoteHost = getInetAddress().getHostName();
        }
        if (this.remoteHost == null) {
            this.remoteHost = getInetAddress().getHostAddress();
        }
        IMessageDigest hashFactory = HashFactory.getInstance(Registry.MD5_HASH);
        IMessageDigest hashFactory2 = HashFactory.getInstance(Registry.SHA160_HASH);
        DigestInputStream digestInputStream = new DigestInputStream(this.handshakeIn, hashFactory, hashFactory2);
        DigestOutputStream digestOutputStream = new DigestOutputStream(this.handshakeOut, hashFactory, hashFactory2);
        Handshake read = Handshake.read(digestInputStream);
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println(read);
        }
        if (read.getType() != Handshake.Type.CLIENT_HELLO) {
            throwUnexpectedMessage();
        }
        ClientHello clientHello = (ClientHello) read.getBody();
        Random random = clientHello.getRandom();
        ProtocolVersion version = clientHello.getVersion();
        ProtocolVersion protocolVersion = (ProtocolVersion) this.session.enabledProtocols.last();
        CompressionMethod compressionMethod = clientHello.getCompressionMethods().contains(CompressionMethod.ZLIB) ? CompressionMethod.ZLIB : CompressionMethod.NULL;
        if (!this.session.enabledProtocols.contains(version) && version.compareTo(protocolVersion) < 0) {
            Alert alert = new Alert(Alert.Level.FATAL, Alert.Description.PROTOCOL_VERSION);
            sendAlert(alert);
            this.session.currentAlert = alert;
            throw new AlertException(alert, true);
        }
        LinkedList linkedList = null;
        String str = null;
        if (clientHello.getExtensions() != null) {
            for (Extension extension : clientHello.getExtensions()) {
                if (extension.getType() == Extension.Type.SERVER_NAME) {
                    if (linkedList == null) {
                        linkedList = new LinkedList();
                    }
                    linkedList.add(extension);
                } else if (extension.getType() == Extension.Type.MAX_FRAGMENT_LENGTH) {
                    this.session.params.setFragmentLength(Extensions.getMaxFragmentLength(extension).intValue());
                    if (linkedList == null) {
                        linkedList = new LinkedList();
                    }
                    linkedList.add(extension);
                } else if (extension.getType() == Extension.Type.SRP) {
                    if (linkedList == null) {
                        linkedList = new LinkedList();
                    }
                    str = new String(extension.getValue(), 1, extension.getValue()[0] & 255, "UTF-8");
                    this.session.putValue("srp-username", str);
                }
            }
        }
        CipherSuite selectSuite = selectSuite(clientHello.getCipherSuites(), version);
        if (selectSuite == null) {
            return;
        }
        IKeyAgreementParty iKeyAgreementParty = null;
        OutgoingMessage outgoingMessage = null;
        if (selectSuite.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
            if (str == null) {
                Alert alert2 = new Alert(Alert.Level.FATAL, Alert.Description.MISSING_SRP_USERNAME);
                sendAlert(alert2);
                throw new AlertException(alert2, true);
            }
            SRPAuthInfoProvider sRPAuthInfoProvider = new SRPAuthInfoProvider();
            HashMap hashMap = new HashMap();
            hashMap.put(SRPRegistry.PASSWORD_DB, this.session.srpTrustManager.getPasswordFile());
            sRPAuthInfoProvider.activate(hashMap);
            if (!sRPAuthInfoProvider.contains(str)) {
                Alert alert3 = new Alert(Alert.Level.FATAL, Alert.Description.UNKNOWN_SRP_USERNAME);
                sendAlert(alert3);
                throw new AlertException(alert3, true);
            }
            iKeyAgreementParty = KeyAgreementFactory.getPartyBInstance(Registry.SRP_TLS_KA);
            HashMap hashMap2 = new HashMap();
            hashMap2.put(SRP6KeyAgreement.HASH_FUNCTION, Registry.SHA160_HASH);
            hashMap2.put(SRP6KeyAgreement.HOST_PASSWORD_DB, sRPAuthInfoProvider);
            try {
                iKeyAgreementParty.init(hashMap2);
                OutgoingMessage outgoingMessage2 = new OutgoingMessage();
                outgoingMessage2.writeString(str);
                outgoingMessage = iKeyAgreementParty.processMessage(new IncomingMessage(outgoingMessage2.toByteArray()));
            } catch (KeyAgreementException e) {
                throwHandshakeFailure();
            }
        }
        boolean z5 = true;
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println("saved sessions = " + this.sessionContext);
        }
        if (this.sessionContext.containsSessionID(new Session.ID(clientHello.getSessionId()))) {
            Session session = this.session;
            this.session = (Session) this.sessionContext.getSession(clientHello.getSessionId());
            if (!clientHello.getCipherSuites().contains(this.session.cipherSuite)) {
                throwHandshakeFailure();
            }
            if (this.session.getPeerHost().equals(this.remoteHost) && session.enabledProtocols.contains(this.session.protocol)) {
                this.session = (Session) this.session.clone();
                selectSuite = this.session.cipherSuite;
                z5 = false;
                this.recordInput.setSession(this.session);
                this.session.currentAlert = null;
                this.session.params = session.params;
            } else {
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println("rejected session");
                    debug.println("hosts equal? " + this.session.getPeerHost().equals(this.remoteHost));
                    debug.println("same suites? " + session.enabledProtocols.contains(this.session.protocol));
                }
                this.session = session;
                this.session.peerHost = this.remoteHost;
                z5 = true;
            }
        } else if (DEBUG_HANDSHAKE_LAYER) {
            debug.println("rejected session");
            debug.println("have session id? " + this.sessionContext.containsSessionID(new Session.ID(clientHello.getSessionId())));
            debug.println("saved sessions = " + this.sessionContext);
        }
        if (z5) {
            byte[] bArr = new byte[32];
            do {
                this.session.random.nextBytes(bArr);
                id = new Session.ID(bArr);
            } while (this.sessionContext.containsSessionID(id));
            this.session.sessionId = id;
        }
        this.session.valid = true;
        this.session.peerHost = this.remoteHost;
        this.session.cipherSuite = selectSuite;
        this.session.protocol = version;
        this.session.params.setVersion(version);
        Random random2 = new Random(Util.unixTime(), this.session.random.generateSeed(28));
        Handshake handshake = new Handshake(Handshake.Type.SERVER_HELLO, new ServerHello(version, random2, this.session.getId(), selectSuite, compressionMethod, linkedList));
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println(handshake);
        }
        handshake.write(digestOutputStream, version);
        digestOutputStream.flush();
        if (z5) {
            X509Certificate[] x509CertificateArr = null;
            RSAPrivateKey rSAPrivateKey = null;
            if (selectSuite.getSignature() != "anon") {
                String chooseServerAlias = this.session.keyManager.chooseServerAlias(selectSuite.getAuthType(), null, null);
                x509CertificateArr = this.session.keyManager.getCertificateChain(chooseServerAlias);
                rSAPrivateKey = this.session.keyManager.getPrivateKey(chooseServerAlias);
                if (x509CertificateArr == null || rSAPrivateKey == null) {
                    throwHandshakeFailure();
                }
                this.session.localCerts = x509CertificateArr;
                Handshake handshake2 = new Handshake(Handshake.Type.CERTIFICATE, new Certificate(x509CertificateArr));
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println(handshake2);
                }
                handshake2.write(digestOutputStream, version);
                digestOutputStream.flush();
            }
            KeyPair keyPair = x509CertificateArr != null ? new KeyPair(x509CertificateArr[0].getPublicKey(), rSAPrivateKey) : null;
            KeyPair keyPair2 = keyPair;
            ServerKeyExchange serverKeyExchange = null;
            if (selectSuite.getKeyExchange() == "RSA" && selectSuite.isExportable() && rSAPrivateKey.getModulus().bitLength() > 512) {
                keyPair2 = KeyPool.generateRSAKeyPair();
                RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair2.getPublic();
                Signature signature = null;
                if (selectSuite.getSignature() != "anon") {
                    SSLRSASignature sSLRSASignature = new SSLRSASignature();
                    sSLRSASignature.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, keyPair.getPrivate()));
                    byte[] encoded = random.getEncoded();
                    sSLRSASignature.update(encoded, 0, encoded.length);
                    byte[] encoded2 = random2.getEncoded();
                    sSLRSASignature.update(encoded2, 0, encoded2.length);
                    updateSig(sSLRSASignature, rSAPublicKey.getModulus());
                    updateSig(sSLRSASignature, rSAPublicKey.getPublicExponent());
                    signature = new Signature(sSLRSASignature.sign(), "RSA");
                }
                serverKeyExchange = new ServerKeyExchange(rSAPublicKey, signature);
            } else if (selectSuite.getKeyExchange() == "DH") {
                iKeyAgreementParty = KeyAgreementFactory.getPartyBInstance(Registry.ELGAMAL_KA);
                HashMap hashMap3 = new HashMap();
                hashMap3.put(ElGamalKeyAgreement.KA_ELGAMAL_RECIPIENT_PRIVATE_KEY, rSAPrivateKey);
                try {
                    iKeyAgreementParty.init(hashMap3);
                } catch (KeyAgreementException e2) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e2.printStackTrace(debug);
                    }
                    internalError();
                    RuntimeException runtimeException = new RuntimeException(e2.getMessage());
                    runtimeException.initCause(e2);
                    throw runtimeException;
                }
            } else if (selectSuite.getKeyExchange() == "DHE") {
                iKeyAgreementParty = KeyAgreementFactory.getPartyAInstance("dh");
                HashMap hashMap4 = new HashMap();
                GnuDHPrivateKey params = DiffieHellman.getParams();
                hashMap4.put(DiffieHellmanKeyAgreement.KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY, params);
                hashMap4.put(DiffieHellmanKeyAgreement.SOURCE_OF_RANDOMNESS, CSPRNG.SYSTEM_RANDOM);
                try {
                    iKeyAgreementParty.init(hashMap4);
                    GnuDHPublicKey gnuDHPublicKey = new GnuDHPublicKey(null, params.getParams().getP(), params.getParams().getG(), new IncomingMessage(iKeyAgreementParty.processMessage(null).toByteArray()).readMPI());
                    Signature signature2 = null;
                    if (selectSuite.getSignature() != "anon") {
                        ISignature sSLRSASignature2 = selectSuite.getSignature() == "RSA" ? new SSLRSASignature() : SignatureFactory.getInstance("dss");
                        sSLRSASignature2.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, keyPair.getPrivate()));
                        byte[] encoded3 = random.getEncoded();
                        sSLRSASignature2.update(encoded3, 0, encoded3.length);
                        byte[] encoded4 = random2.getEncoded();
                        sSLRSASignature2.update(encoded4, 0, encoded4.length);
                        updateSig(sSLRSASignature2, gnuDHPublicKey.getParams().getP());
                        updateSig(sSLRSASignature2, gnuDHPublicKey.getParams().getG());
                        updateSig(sSLRSASignature2, gnuDHPublicKey.getY());
                        signature2 = new Signature(sSLRSASignature2.sign(), selectSuite.getSignature());
                    }
                    serverKeyExchange = new ServerKeyExchange(gnuDHPublicKey, signature2);
                } catch (KeyAgreementException e3) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e3.printStackTrace(debug);
                    }
                    internalError();
                    RuntimeException runtimeException2 = new RuntimeException(e3.getMessage());
                    runtimeException2.initCause(e3);
                    throw runtimeException2;
                }
            } else if (selectSuite.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                BigInteger bigInteger = null;
                BigInteger bigInteger2 = null;
                BigInteger bigInteger3 = null;
                BigInteger bigInteger4 = null;
                try {
                    IncomingMessage incomingMessage = new IncomingMessage(outgoingMessage.toByteArray());
                    bigInteger = incomingMessage.readMPI();
                    bigInteger2 = incomingMessage.readMPI();
                    bigInteger3 = incomingMessage.readMPI();
                    bigInteger4 = incomingMessage.readMPI();
                } catch (KeyAgreementException e4) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e4.printStackTrace(debug);
                    }
                    throwHandshakeFailure();
                }
                Signature signature3 = null;
                byte[] trim = Util.trim(bigInteger3);
                if (selectSuite.getSignature() != "anon") {
                    ISignature sSLRSASignature3 = selectSuite.getSignature() == "RSA" ? new SSLRSASignature() : SignatureFactory.getInstance("dss");
                    sSLRSASignature3.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, keyPair.getPrivate()));
                    byte[] encoded5 = random.getEncoded();
                    sSLRSASignature3.update(encoded5, 0, encoded5.length);
                    byte[] encoded6 = random2.getEncoded();
                    sSLRSASignature3.update(encoded6, 0, encoded6.length);
                    updateSig(sSLRSASignature3, bigInteger);
                    updateSig(sSLRSASignature3, bigInteger2);
                    sSLRSASignature3.update((byte) trim.length);
                    sSLRSASignature3.update(trim, 0, trim.length);
                    updateSig(sSLRSASignature3, bigInteger4);
                    signature3 = new Signature(sSLRSASignature3.sign(), selectSuite.getSignature());
                }
                serverKeyExchange = new ServerKeyExchange(new SRPPublicKey(bigInteger, bigInteger2, bigInteger4), signature3, trim);
            }
            if (serverKeyExchange != null) {
                Handshake handshake3 = new Handshake(Handshake.Type.SERVER_KEY_EXCHANGE, serverKeyExchange);
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println(handshake3);
                }
                handshake3.write(digestOutputStream, version);
                digestOutputStream.flush();
            }
            if (this.wantClientAuth || this.needClientAuth) {
                try {
                    new Handshake(Handshake.Type.CERTIFICATE_REQUEST, new CertificateRequest(new CertificateRequest.ClientType[]{CertificateRequest.ClientType.RSA_SIGN, CertificateRequest.ClientType.DSS_SIGN, CertificateRequest.ClientType.RSA_FIXED_DH, CertificateRequest.ClientType.DSS_FIXED_DH}, (Principal[]) Util.transform(this.session.trustManager.getAcceptedIssuers(), Principal.class, "getSubjectDN", null))).write(digestOutputStream, version);
                    digestOutputStream.flush();
                } catch (Exception e5) {
                    internalError();
                    RuntimeException runtimeException3 = new RuntimeException(e5.getMessage());
                    runtimeException3.initCause(e5);
                    throw runtimeException3;
                }
            }
            Handshake handshake4 = new Handshake(Handshake.Type.SERVER_HELLO_DONE, null);
            if (DEBUG_HANDSHAKE_LAYER) {
                debug.println(handshake4);
            }
            handshake4.write(digestOutputStream, version);
            digestOutputStream.flush();
            Handshake read2 = selectSuite.getKeyExchange() == "RSA" ? Handshake.read(digestInputStream, selectSuite, keyPair2.getPublic()) : Handshake.read(digestInputStream, selectSuite, (PublicKey) null);
            boolean z6 = false;
            X509Certificate[] x509CertificateArr2 = null;
            PublicKey publicKey = null;
            if (read2.getType() == Handshake.Type.CERTIFICATE) {
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println(read2);
                }
                x509CertificateArr2 = ((Certificate) read2.getBody()).getCertificates();
                try {
                    this.session.trustManager.checkClientTrusted(x509CertificateArr2, selectSuite.getAuthType());
                    this.session.peerCerts = x509CertificateArr2;
                    this.session.peerVerified = true;
                    publicKey = x509CertificateArr2[0].getPublicKey();
                } catch (Exception e6) {
                }
                if ((publicKey instanceof DSAPublicKey) || (publicKey instanceof RSAPublicKey)) {
                    z4 = true;
                }
                z6 = z4;
                read2 = selectSuite.getKeyExchange().startsWith("DH") ? Handshake.read(digestInputStream, selectSuite, publicKey) : Handshake.read(digestInputStream, selectSuite, keyPair2.getPublic());
            }
            if (!this.session.peerVerified && this.needClientAuth) {
                throwHandshakeFailure();
            }
            if (read2.getType() != Handshake.Type.CLIENT_KEY_EXCHANGE) {
                throwUnexpectedMessage();
            }
            if (DEBUG_HANDSHAKE_LAYER) {
                debug.println(read2);
            }
            ClientKeyExchange clientKeyExchange = (ClientKeyExchange) read2.getBody();
            byte[] bArr2 = null;
            if (selectSuite.getKeyExchange() == "RSA") {
                try {
                    bArr2 = EME_PKCS1_V1_5.getInstance((RSAPrivateKey) keyPair2.getPrivate()).decode(Util.concat(new byte[1], RSA.decrypt(keyPair2.getPrivate(), new BigInteger(1, (byte[]) clientKeyExchange.getExchangeObject())).toByteArray()));
                } catch (Exception e7) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e7.printStackTrace(debug);
                    }
                    bArr2 = Util.concat(version.getEncoded(), new byte[46]);
                    try {
                        CSPRNG.SYSTEM_RANDOM.nextBytes(bArr2, bArr2.length - 46, 46);
                    } catch (LimitReachedException e8) {
                    }
                }
            } else if (selectSuite.getKeyExchange().startsWith("DH")) {
                try {
                    OutgoingMessage outgoingMessage3 = new OutgoingMessage();
                    if (publicKey == null) {
                        outgoingMessage3.writeMPI((BigInteger) clientKeyExchange.getExchangeObject());
                    } else {
                        outgoingMessage3.writeMPI(((DHPublicKey) publicKey).getY());
                    }
                    iKeyAgreementParty.processMessage(new IncomingMessage(outgoingMessage3.toByteArray()));
                    bArr2 = iKeyAgreementParty.getSharedSecret();
                } catch (KeyAgreementException e9) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e9.printStackTrace(debug);
                    }
                    internalError();
                    RuntimeException runtimeException4 = new RuntimeException(e9.getMessage());
                    runtimeException4.initCause(e9);
                    throw runtimeException4;
                }
            } else if (selectSuite.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                BigInteger bigInteger5 = (BigInteger) clientKeyExchange.getExchangeObject();
                if (DEBUG_KEY_EXCHANGE) {
                    debug.println("client A=" + bigInteger5);
                }
                try {
                    OutgoingMessage outgoingMessage4 = new OutgoingMessage();
                    outgoingMessage4.writeMPI(bigInteger5);
                    iKeyAgreementParty.processMessage(new IncomingMessage(outgoingMessage4.toByteArray()));
                    bArr2 = iKeyAgreementParty.getSharedSecret();
                } catch (KeyAgreementException e10) {
                    if (DEBUG_KEY_EXCHANGE) {
                        e10.printStackTrace(debug);
                    }
                    throwHandshakeFailure();
                } finally {
                }
            } else if (selectSuite.getKeyExchange() == "PSK") {
                bArr2 = initPSKPreMasterSecret(Util.toAsciiString((byte[]) clientKeyExchange.getExchangeObject()));
            }
            if (DEBUG_KEY_EXCHANGE) {
                debug.println("preMasterSecret= " + Util.toHexString(bArr2, ':'));
                debug.println("client.random  = " + Util.toHexString(random.getEncoded(), ':'));
                debug.println("server.random  = " + Util.toHexString(random2.getEncoded(), ':'));
            }
            if (version == ProtocolVersion.SSL_3) {
                tLSRandom = new SSLRandom();
                HashMap hashMap5 = new HashMap();
                hashMap5.put("jessie.sslprng.secret", bArr2);
                hashMap5.put("jessie.sslprng.seed", Util.concat(random.getEncoded(), random2.getEncoded()));
                tLSRandom.init(hashMap5);
            } else {
                tLSRandom = new TLSRandom();
                HashMap hashMap6 = new HashMap();
                hashMap6.put("jessie.tls.prng.secret", bArr2);
                hashMap6.put("jessie.tls.prng.seed", Util.concat("master secret".getBytes("UTF-8"), Util.concat(random.getEncoded(), random2.getEncoded())));
                tLSRandom.init(hashMap6);
            }
            this.session.masterSecret = new byte[48];
            try {
                tLSRandom.nextBytes(this.session.masterSecret, 0, 48);
                for (int i = 0; i < bArr2.length; i++) {
                    bArr2[i] = 0;
                }
                if (DEBUG_KEY_EXCHANGE) {
                    debug.println("masterSecret=" + Util.toHexString(this.session.masterSecret, ':'));
                }
                if (z6 && (this.wantClientAuth || this.needClientAuth)) {
                    Handshake read3 = Handshake.read(digestInputStream);
                    if (read3.getType() != Handshake.Type.CERTIFICATE_VERIFY) {
                        throwUnexpectedMessage();
                    }
                    CertificateVerify certificateVerify = (CertificateVerify) read3.getBody();
                    if (x509CertificateArr2 != null && x509CertificateArr2.length > 0) {
                        IMessageDigest iMessageDigest = (IMessageDigest) hashFactory.clone();
                        IMessageDigest iMessageDigest2 = (IMessageDigest) hashFactory2.clone();
                        PublicKey publicKey2 = x509CertificateArr2[0].getPublicKey();
                        if (publicKey2 instanceof RSAPublicKey) {
                            SSLRSASignature sSLRSASignature4 = new SSLRSASignature(iMessageDigest, iMessageDigest2);
                            sSLRSASignature4.setupVerify(Collections.singletonMap(ISignature.VERIFIER_KEY, publicKey2));
                            if (!sSLRSASignature4.verify(certificateVerify.getSigValue())) {
                                handshakeFailure();
                                throw new SSLHandshakeException("client certificate verify failed");
                            }
                        } else if (publicKey2 instanceof DSAPublicKey) {
                            try {
                                if (!DSSSignature.verify((DSAPublicKey) publicKey2, iMessageDigest2.digest(), (BigInteger[]) certificateVerify.getSigValue())) {
                                    throw new Exception("client's certificate could not be verified");
                                }
                            } catch (Exception e11) {
                                handshakeFailure();
                                SSLHandshakeException sSLHandshakeException = new SSLHandshakeException(e11.getMessage());
                                sSLHandshakeException.initCause(e11);
                                throw sSLHandshakeException;
                            }
                        }
                    }
                }
            } catch (LimitReachedException e12) {
                internalError();
                RuntimeException runtimeException5 = new RuntimeException();
                runtimeException5.initCause(e12);
                throw runtimeException5;
            }
        }
        try {
            byte[][] generateKeys = generateKeys(random2.getEncoded(), random.getEncoded(), version);
            Object obj = null;
            Object obj2 = null;
            try {
                if (this.session.params instanceof GNUSecurityParameters) {
                    HashMap hashMap7 = new HashMap();
                    jCEMac = CipherSuite.getMac(selectSuite.getMac());
                    jCEMac2 = CipherSuite.getMac(selectSuite.getMac());
                    hashMap7.put(IMac.MAC_KEY_MATERIAL, generateKeys[1]);
                    ((IMac) jCEMac).init(hashMap7);
                    hashMap7.put(IMac.MAC_KEY_MATERIAL, generateKeys[0]);
                    ((IMac) jCEMac2).init(hashMap7);
                    if (selectSuite.getCipher() == "RC4") {
                        obj2 = new ARCFour();
                        obj = new ARCFour();
                        hashMap7.clear();
                        hashMap7.put(ARCFour.ARCFOUR_KEY_MATERIAL, generateKeys[3]);
                        ((ARCFour) obj2).init(hashMap7);
                        hashMap7.put(ARCFour.ARCFOUR_KEY_MATERIAL, generateKeys[2]);
                        ((ARCFour) obj).init(hashMap7);
                    } else if (!selectSuite.isStreamCipher()) {
                        obj2 = CipherSuite.getCipher(selectSuite.getCipher());
                        obj = CipherSuite.getCipher(selectSuite.getCipher());
                        hashMap7.clear();
                        hashMap7.put(IBlockCipher.KEY_MATERIAL, generateKeys[3]);
                        hashMap7.put(IMode.IV, generateKeys[5]);
                        hashMap7.put(IMode.STATE, new Integer(1));
                        ((IMode) obj2).init(hashMap7);
                        hashMap7.put(IBlockCipher.KEY_MATERIAL, generateKeys[2]);
                        hashMap7.put(IMode.IV, generateKeys[4]);
                        hashMap7.put(IMode.STATE, new Integer(2));
                        ((IMode) obj).init(hashMap7);
                    }
                } else {
                    jCEMac = CipherSuite.getJCEMac(selectSuite.getMac());
                    jCEMac2 = CipherSuite.getJCEMac(selectSuite.getMac());
                    obj2 = CipherSuite.getJCECipher(selectSuite.getCipher());
                    obj = CipherSuite.getJCECipher(selectSuite.getCipher());
                    ((Mac) jCEMac).init(new SecretKeySpec(generateKeys[1], selectSuite.getMac()));
                    ((Mac) jCEMac2).init(new SecretKeySpec(generateKeys[0], selectSuite.getMac()));
                    if (selectSuite.isStreamCipher()) {
                        ((Cipher) obj2).init(1, new SecretKeySpec(generateKeys[3], selectSuite.getCipher()));
                        ((Cipher) obj).init(2, new SecretKeySpec(generateKeys[2], selectSuite.getCipher()));
                    } else {
                        ((Cipher) obj2).init(1, new SecretKeySpec(generateKeys[3], selectSuite.getCipher()), new IvParameterSpec(generateKeys[5]));
                        ((Cipher) obj).init(2, new SecretKeySpec(generateKeys[2], selectSuite.getCipher()), new IvParameterSpec(generateKeys[4]));
                    }
                }
                if (!z5) {
                    changeCipherSpec();
                    SecurityParameters securityParameters = this.session.params;
                    if (compressionMethod == CompressionMethod.ZLIB) {
                        z3 = true;
                    }
                    securityParameters.setDeflating(z3);
                    this.session.params.setOutMac(jCEMac);
                    this.session.params.setOutCipher(obj2);
                    Handshake handshake5 = new Handshake(Handshake.Type.FINISHED, generateFinished(version, (IMessageDigest) hashFactory.clone(), (IMessageDigest) hashFactory2.clone(), false));
                    if (DEBUG_HANDSHAKE_LAYER) {
                        debug.println(handshake5);
                    }
                    handshake5.write(digestOutputStream, version);
                    digestOutputStream.flush();
                }
                if (this.session.currentAlert != null && this.session.currentAlert.getLevel() == Alert.Level.FATAL) {
                    fatal();
                    throw new AlertException(this.session.currentAlert, false);
                }
                synchronized (this.session.params) {
                    readChangeCipherSpec();
                    SecurityParameters securityParameters2 = this.session.params;
                    if (compressionMethod == CompressionMethod.ZLIB) {
                        z = true;
                    }
                    securityParameters2.setInflating(z);
                    this.session.params.setInMac(jCEMac2);
                    this.session.params.setInCipher(obj);
                    this.session.params.notifyAll();
                }
                Finished generateFinished = generateFinished(version, (IMessageDigest) hashFactory.clone(), (IMessageDigest) hashFactory2.clone(), true);
                Handshake read4 = Handshake.read(digestInputStream, selectSuite, (PublicKey) null);
                if (read4.getType() != Handshake.Type.FINISHED) {
                    throwUnexpectedMessage();
                }
                if (DEBUG_HANDSHAKE_LAYER) {
                    debug.println(read4);
                }
                Finished finished = (Finished) read4.getBody();
                if (version == ProtocolVersion.SSL_3) {
                    if (!Arrays.equals(finished.getMD5Hash(), generateFinished.getMD5Hash()) || !Arrays.equals(finished.getSHAHash(), generateFinished.getSHAHash())) {
                        throwHandshakeFailure();
                    }
                } else if (!Arrays.equals(finished.getVerifyData(), generateFinished.getVerifyData())) {
                    throwHandshakeFailure();
                }
                if (z5) {
                    changeCipherSpec();
                    SecurityParameters securityParameters3 = this.session.params;
                    if (compressionMethod == CompressionMethod.ZLIB) {
                        z2 = true;
                    }
                    securityParameters3.setDeflating(z2);
                    this.session.params.setOutMac(jCEMac);
                    this.session.params.setOutCipher(obj2);
                    Handshake handshake6 = new Handshake(Handshake.Type.FINISHED, generateFinished(version, hashFactory, hashFactory2, false));
                    if (DEBUG_HANDSHAKE_LAYER) {
                        debug.println(handshake6);
                    }
                    handshake6.write(digestOutputStream, version);
                    digestOutputStream.flush();
                }
                handshakeCompleted();
            } catch (InvalidAlgorithmParameterException e13) {
                internalError();
                RuntimeException runtimeException6 = new RuntimeException(e13.getMessage());
                runtimeException6.initCause(e13);
                throw runtimeException6;
            } catch (InvalidKeyException e14) {
                internalError();
                new RuntimeException(e14.getMessage()).initCause(e14);
                throw new RuntimeException(String.valueOf(e14));
            } catch (NoSuchAlgorithmException e15) {
                this.session.enabledSuites.remove(selectSuite);
                internalError();
                SSLException sSLException = new SSLException("suite " + selectSuite + " not available in this configuration");
                sSLException.initCause(e15);
                throw sSLException;
            } catch (NoSuchPaddingException e16) {
                this.session.enabledSuites.remove(selectSuite);
                internalError();
                SSLException sSLException2 = new SSLException("suite " + selectSuite + " not available in this configuration");
                sSLException2.initCause(e16);
                throw sSLException2;
            }
        } catch (Exception e17) {
            internalError();
            RuntimeException runtimeException7 = new RuntimeException(e17.getMessage());
            runtimeException7.initCause(e17);
            throw runtimeException7;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v18, types: [byte[], byte[][]] */
    private byte[][] generateKeys(byte[] bArr, byte[] bArr2, ProtocolVersion protocolVersion) throws LimitReachedException, IOException {
        IRandom tLSRandom;
        CipherSuite cipherSuite = this.session.cipherSuite;
        int i = cipherSuite.getMac().indexOf("MD5") >= 0 ? 16 : 20;
        int keyLength = cipherSuite.getKeyLength();
        int i2 = 0;
        if (cipherSuite.getCipher().indexOf("DES") >= 0) {
            i2 = 8;
        } else if (cipherSuite.getCipher() == "AES") {
            i2 = 16;
        }
        ?? r0 = {new byte[i], new byte[i], new byte[keyLength], new byte[keyLength], new byte[i2], new byte[i2]};
        if (protocolVersion == ProtocolVersion.SSL_3) {
            tLSRandom = new SSLRandom();
            HashMap hashMap = new HashMap();
            hashMap.put("jessie.sslprng.secret", this.session.masterSecret);
            hashMap.put("jessie.sslprng.seed", Util.concat(bArr, bArr2));
            tLSRandom.init(hashMap);
        } else {
            tLSRandom = new TLSRandom();
            HashMap hashMap2 = new HashMap();
            hashMap2.put("jessie.tls.prng.secret", this.session.masterSecret);
            hashMap2.put("jessie.tls.prng.seed", Util.concat("key expansion".getBytes("UTF-8"), Util.concat(bArr, bArr2)));
            tLSRandom.init(hashMap2);
        }
        for (int i3 = 0; i3 < r0.length; i3++) {
            tLSRandom.nextBytes(r0[i3], 0, r0[i3].length);
        }
        if (cipherSuite.isExportable()) {
            int i4 = cipherSuite.getCipher() == "DES" ? 8 : 16;
            if (protocolVersion == ProtocolVersion.SSL_3) {
                IMessageDigest hashFactory = HashFactory.getInstance(Registry.MD5_HASH);
                hashFactory.update(r0[2], 0, r0[2].length);
                hashFactory.update(bArr2, 0, bArr2.length);
                hashFactory.update(bArr, 0, bArr.length);
                r0[2] = Util.trim(hashFactory.digest(), i4);
                hashFactory.update(r0[3], 0, r0[3].length);
                hashFactory.update(bArr, 0, bArr.length);
                hashFactory.update(bArr2, 0, bArr2.length);
                r0[3] = Util.trim(hashFactory.digest(), i4);
                if (!cipherSuite.isStreamCipher()) {
                    hashFactory.update(bArr2, 0, bArr2.length);
                    hashFactory.update(bArr, 0, bArr.length);
                    r0[4] = Util.trim(hashFactory.digest(), i2);
                    hashFactory.update(bArr, 0, bArr.length);
                    hashFactory.update(bArr2, 0, bArr2.length);
                    r0[5] = Util.trim(hashFactory.digest(), i2);
                }
            } else {
                HashMap hashMap3 = new HashMap();
                hashMap3.put("jessie.tls.prng.secret", r0[2]);
                hashMap3.put("jessie.tls.prng.seed", Util.concat("client write key".getBytes("UTF-8"), Util.concat(bArr2, bArr)));
                tLSRandom.init(hashMap3);
                r0[2] = new byte[i4];
                tLSRandom.nextBytes(r0[2], 0, i4);
                hashMap3.put("jessie.tls.prng.secret", r0[3]);
                hashMap3.put("jessie.tls.prng.seed", Util.concat("server write key".getBytes("UTF-8"), Util.concat(bArr2, bArr)));
                tLSRandom.init(hashMap3);
                r0[3] = new byte[i4];
                tLSRandom.nextBytes(r0[3], 0, i4);
                if (!cipherSuite.isStreamCipher()) {
                    hashMap3.put("jessie.tls.prng.secret", new byte[0]);
                    hashMap3.put("jessie.tls.prng.seed", Util.concat("IV block".getBytes("UTF-8"), Util.concat(bArr2, bArr)));
                    tLSRandom.init(hashMap3);
                    tLSRandom.nextBytes(r0[4], 0, r0[4].length);
                    tLSRandom.nextBytes(r0[5], 0, r0[5].length);
                }
            }
        }
        if (DEBUG_KEY_EXCHANGE) {
            debug.println("Generated keys:");
            for (int i5 = 0; i5 < r0.length; i5++) {
                debug.println(i5 + "=" + Util.toHexString(r0[i5], ':'));
            }
        }
        return r0;
    }

    private Finished generateFinished(ProtocolVersion protocolVersion, IMessageDigest iMessageDigest, IMessageDigest iMessageDigest2, boolean z) {
        if (protocolVersion != ProtocolVersion.SSL_3) {
            try {
                byte[] concat = Util.concat((z ? "client finished" : "server finished").getBytes("UTF-8"), Util.concat(iMessageDigest.digest(), iMessageDigest2.digest()));
                TLSRandom tLSRandom = new TLSRandom();
                HashMap hashMap = new HashMap();
                hashMap.put("jessie.tls.prng.secret", this.session.masterSecret);
                hashMap.put("jessie.tls.prng.seed", concat);
                tLSRandom.init(hashMap);
                byte[] bArr = new byte[12];
                try {
                    tLSRandom.nextBytes(bArr, 0, 12);
                    return new Finished(bArr);
                } catch (LimitReachedException e) {
                    RuntimeException runtimeException = new RuntimeException(e.getMessage());
                    runtimeException.initCause(e);
                    throw runtimeException;
                }
            } catch (UnsupportedEncodingException e2) {
                RuntimeException runtimeException2 = new RuntimeException(e2.getMessage());
                runtimeException2.initCause(e2);
                throw runtimeException2;
            }
        }
        if (z) {
            iMessageDigest.update(SENDER_CLIENT, 0, 4);
        } else {
            iMessageDigest.update(SENDER_SERVER, 0, 4);
        }
        byte[] bArr2 = this.session.masterSecret;
        iMessageDigest.update(bArr2, 0, bArr2.length);
        for (int i = 0; i < 48; i++) {
            iMessageDigest.update((byte) 54);
        }
        byte[] digest = iMessageDigest.digest();
        iMessageDigest.update(bArr2, 0, bArr2.length);
        for (int i2 = 0; i2 < 48; i2++) {
            iMessageDigest.update((byte) 92);
        }
        iMessageDigest.update(digest, 0, digest.length);
        if (z) {
            iMessageDigest2.update(SENDER_CLIENT, 0, 4);
        } else {
            iMessageDigest2.update(SENDER_SERVER, 0, 4);
        }
        iMessageDigest2.update(bArr2, 0, bArr2.length);
        for (int i3 = 0; i3 < 40; i3++) {
            iMessageDigest2.update((byte) 54);
        }
        byte[] digest2 = iMessageDigest2.digest();
        iMessageDigest2.update(bArr2, 0, bArr2.length);
        for (int i4 = 0; i4 < 40; i4++) {
            iMessageDigest2.update((byte) 92);
        }
        iMessageDigest2.update(digest2, 0, digest2.length);
        return new Finished(iMessageDigest.digest(), iMessageDigest2.digest());
    }

    private Alert unexpectedMessage() throws IOException {
        Alert alert = new Alert(Alert.Level.FATAL, Alert.Description.UNEXPECTED_MESSAGE);
        sendAlert(alert);
        fatal();
        return alert;
    }

    private void throwUnexpectedMessage() throws IOException {
        throw new AlertException(unexpectedMessage(), true);
    }

    private Alert handshakeFailure() throws IOException {
        Alert alert = new Alert(Alert.Level.FATAL, Alert.Description.HANDSHAKE_FAILURE);
        sendAlert(alert);
        fatal();
        return alert;
    }

    private void throwHandshakeFailure() throws IOException {
        throw new AlertException(handshakeFailure(), true);
    }

    private Alert decryptError() throws IOException {
        Alert alert = new Alert(Alert.Level.FATAL, Alert.Description.DECRYPT_ERROR);
        sendAlert(alert);
        fatal();
        return alert;
    }

    private void throwDecryptError() throws IOException {
        throw new AlertException(decryptError(), true);
    }

    private Alert unknownPskIdentity() throws IOException {
        Alert alert = new Alert(Alert.Level.FATAL, Alert.Description.UNKNOWN_PSK_IDENTITY);
        sendAlert(alert);
        fatal();
        return alert;
    }

    private void throwUnknownPskIdentity() throws IOException {
        throw new AlertException(unknownPskIdentity(), true);
    }

    private Alert internalError() throws IOException {
        Alert alert = new Alert(Alert.Level.FATAL, Alert.Description.INTERNAL_ERROR);
        sendAlert(alert);
        fatal();
        return alert;
    }

    private void throwInternalError() throws IOException {
        throw new AlertException(internalError(), true);
    }

    private Alert peerUnverified(X509Certificate[] x509CertificateArr) throws IOException {
        Alert alert = new Alert(Alert.Level.FATAL, Alert.Description.HANDSHAKE_FAILURE);
        sendAlert(alert);
        fatal();
        return alert;
    }

    private void throwPeerUnverified(X509Certificate[] x509CertificateArr) throws IOException {
        peerUnverified(x509CertificateArr);
        throw new SSLPeerUnverifiedException("could not verify: " + x509CertificateArr[0].getSubjectDN());
    }

    private CipherSuite selectSuite(List list, ProtocolVersion protocolVersion) throws IOException {
        if (DEBUG_HANDSHAKE_LAYER) {
            debug.println("selectSuite req=" + list + " avail=" + this.session.enabledSuites);
        }
        boolean z = false;
        Iterator it = list.iterator();
        while (it.hasNext()) {
            CipherSuite cipherSuite = (CipherSuite) it.next();
            for (CipherSuite cipherSuite2 : this.session.enabledSuites) {
                if (cipherSuite2.equals(cipherSuite)) {
                    if (DEBUG_HANDSHAKE_LAYER) {
                        debug.println(cipherSuite2 + " == " + cipherSuite);
                    }
                    if (cipherSuite2.getSignature() == "anon" || this.session.keyManager == null || this.session.keyManager.chooseServerAlias(cipherSuite2.getAuthType(), null, null) != null) {
                        if (cipherSuite2.getKeyExchange() == Registry.SASL_SRP_MECHANISM) {
                            if (this.session.getValue("srp-username") == null) {
                                if (DEBUG_HANDSHAKE_LAYER) {
                                    debug.println("no SRP username");
                                }
                                z = true;
                            } else if (this.session.srpTrustManager == null) {
                                if (DEBUG_HANDSHAKE_LAYER) {
                                    debug.println("no SRP password file");
                                }
                            }
                        }
                        return cipherSuite2.resolve(protocolVersion);
                    }
                    if (DEBUG_HANDSHAKE_LAYER) {
                        debug.println(cipherSuite2 + ": no certificate/private key");
                    }
                }
            }
        }
        if (z) {
            sendAlert(new Alert(Alert.Level.WARNING, Alert.Description.MISSING_SRP_USERNAME));
            return null;
        }
        Alert alert = new Alert(Alert.Level.FATAL, Alert.Description.INSUFFICIENT_SECURITY);
        sendAlert(alert);
        fatal();
        throw new AlertException(alert, true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v10, types: [javax.security.auth.callback.CallbackHandler] */
    private String askUserName(String str) {
        DefaultCallbackHandler defaultCallbackHandler = new DefaultCallbackHandler();
        try {
            defaultCallbackHandler = (CallbackHandler) Class.forName(Util.getSecurityProperty("jessie.srp.user.handler")).newInstance();
        } catch (Exception e) {
        }
        TextInputCallback textInputCallback = new TextInputCallback("User name for " + str + ": ", Util.getProperty("user.name"));
        try {
            defaultCallbackHandler.handle(new Callback[]{textInputCallback});
        } catch (Exception e2) {
        }
        return textInputCallback.getText();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v9, types: [javax.security.auth.callback.CallbackHandler] */
    private String askPassword(String str) {
        DefaultCallbackHandler defaultCallbackHandler = new DefaultCallbackHandler();
        try {
            defaultCallbackHandler = (CallbackHandler) Class.forName(Util.getSecurityProperty("jessie.srp.password.handler")).newInstance();
        } catch (Exception e) {
        }
        PasswordCallback passwordCallback = new PasswordCallback(str + "'s password: ", false);
        try {
            defaultCallbackHandler.handle(new Callback[]{passwordCallback});
        } catch (Exception e2) {
        }
        return new String(passwordCallback.getPassword());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v15, types: [javax.security.auth.callback.CallbackHandler] */
    private boolean checkCertificates(X509Certificate[] x509CertificateArr) {
        DefaultCallbackHandler defaultCallbackHandler = new DefaultCallbackHandler();
        try {
            defaultCallbackHandler = (CallbackHandler) Class.forName(Util.getSecurityProperty("jessie.certificate.handler")).newInstance();
        } catch (Exception e) {
        }
        String property = Util.getProperty("line.separator");
        ConfirmationCallback confirmationCallback = new ConfirmationCallback("The server's certificate could not be verified. There is no proof" + property + "that this server is who it claims to be, or that their certificate" + property + "is valid. Do you wish to continue connecting?", 2, 0, 1);
        try {
            defaultCallbackHandler.handle(new Callback[]{confirmationCallback});
            return confirmationCallback.getSelectedIndex() == 0;
        } catch (Exception e2) {
            return false;
        }
    }

    private void updateSig(ISignature iSignature, BigInteger bigInteger) {
        byte[] trim = Util.trim(bigInteger);
        iSignature.update((byte) (trim.length >>> 8));
        iSignature.update((byte) trim.length);
        iSignature.update(trim, 0, trim.length);
    }

    private void fatal() throws IOException {
        if (this.session != null) {
            this.session.invalidate();
        }
        if (this.underlyingSocket != null) {
            this.underlyingSocket.close();
        } else {
            super.close();
        }
    }

    private byte[] initPSKPreMasterSecret(String str) throws FileNotFoundException, IOException {
        byte[] bArr = null;
        Properties properties = new Properties();
        properties.load(new FileInputStream(new File(Security.getProperty("jessie.psk.storage.file"))));
        if (properties.containsKey(str)) {
            bArr = Util.toByteArray(properties.getProperty(str));
        }
        if (bArr == null) {
            throwUnknownPskIdentity();
        }
        byte[] bArr2 = new byte[(2 * bArr.length) + 4];
        bArr2[0] = (byte) ((bArr.length >>> 8) & Registry.SASL_ONE_BYTE_MAX_LIMIT);
        bArr2[1] = (byte) (bArr.length & Registry.SASL_ONE_BYTE_MAX_LIMIT);
        bArr2[bArr.length + 2] = bArr2[0];
        bArr2[bArr.length + 3] = bArr2[1];
        System.arraycopy(bArr, 0, bArr2, bArr.length + 4, bArr.length);
        return bArr2;
    }

    static {
        supportedProtocols.add(ProtocolVersion.TLS_1);
        supportedProtocols.add(ProtocolVersion.SSL_3);
        supportedSuites.add(CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_RSA_WITH_RC4_128_MD5);
        supportedSuites.add(CipherSuite.TLS_RSA_WITH_RC4_128_SHA);
        supportedSuites.add(CipherSuite.TLS_DHE_DSS_WITH_DES_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DHE_RSA_WITH_DES_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_DSS_WITH_DES_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_RSA_WITH_DES_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_RSA_WITH_DES_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_RSA_EXPORT_WITH_DES40_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_RSA_EXPORT_WITH_RC4_40_MD5);
        supportedSuites.add(CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_RSA_WITH_NULL_MD5);
        supportedSuites.add(CipherSuite.TLS_RSA_WITH_NULL_SHA);
        supportedSuites.add(CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA);
        supportedSuites.add(CipherSuite.TLS_PSK_WITH_NULL_SHA);
        supportedSuites.add(CipherSuite.TLS_PSK_WITH_NULL_SHA_GEM);
        SENDER_CLIENT = new byte[]{67, 76, 78, 84};
        SENDER_SERVER = new byte[]{83, 82, 86, 82};
    }
}
