package iaik.security.ssl;

import iaik.security.ssl.provider.SecurityProvider;
import java.io.IOException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import javax.crypto.Cipher;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: iaik/security/ssl/ServerKeyExchange */
/* loaded from: input_file:iaik/security/ssl/ServerKeyExchange.class */
public abstract class ServerKeyExchange extends HandshakeMessage {
    static final int rsa = 1;

    /* renamed from: ý, reason: contains not printable characters */
    static final int f196 = 2;
    static final int fortezza_dms = 3;

    /* renamed from: Ķ, reason: contains not printable characters */
    static final int f197 = 0;

    /* renamed from: ķ, reason: contains not printable characters */
    static final int f198 = 20;

    /* renamed from: ĸ, reason: contains not printable characters */
    static final int f199 = 36;

    /* renamed from: ě, reason: contains not printable characters */
    byte[] f200;

    /* renamed from: Ĝ, reason: contains not printable characters */
    byte[] f201;

    /* renamed from: Ĺ, reason: contains not printable characters */
    byte[] f202;

    /* renamed from: ë, reason: contains not printable characters */
    byte[] f203;

    /* renamed from: ĺ, reason: contains not printable characters */
    int f204;

    /* renamed from: ê, reason: contains not printable characters */
    SecurityProvider f205;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:iaik/security/ssl/ServerKeyExchange$SSLRSASignature.class */
    public class SSLRSASignature extends Signature {

        /* renamed from: Ù, reason: contains not printable characters */
        private final ServerKeyExchange f206;
        protected MessageDigest md5;
        protected MessageDigest sha;

        /* renamed from: ĵ, reason: contains not printable characters */
        private Key f207;

        public SSLRSASignature(ServerKeyExchange serverKeyExchange) throws NoSuchAlgorithmException {
            super("SSL/RSA Signature");
            this.f206 = serverKeyExchange;
            this.f206 = serverKeyExchange;
            this.md5 = serverKeyExchange.f205.getMessageDigest("MD5");
            this.sha = serverKeyExchange.f205.getMessageDigest("SHA");
        }

        @Override // java.security.SignatureSpi
        protected void engineInitVerify(PublicKey publicKey) {
            this.f207 = publicKey;
        }

        @Override // java.security.SignatureSpi
        protected void engineInitSign(PrivateKey privateKey) {
            this.f207 = privateKey;
        }

        @Override // java.security.SignatureSpi
        protected byte[] engineSign() throws SignatureException {
            byte[] bArr = new byte[ServerKeyExchange.f199];
            System.arraycopy(this.md5.digest(), ServerKeyExchange.f197, bArr, ServerKeyExchange.f197, 16);
            System.arraycopy(this.sha.digest(), ServerKeyExchange.f197, bArr, 16, 20);
            try {
                Cipher cipher = this.f206.f205.getCipher("RSA/1/PKCS1Padding");
                cipher.init(1, this.f207);
                return cipher.doFinal(bArr, ServerKeyExchange.f197, bArr.length);
            } catch (Exception unused) {
                throw new SignatureException("Error encrypting digest.");
            }
        }

        @Override // java.security.SignatureSpi
        protected boolean engineVerify(byte[] bArr) throws SignatureException {
            byte[] bArr2 = new byte[ServerKeyExchange.f199];
            System.arraycopy(this.md5.digest(), ServerKeyExchange.f197, bArr2, ServerKeyExchange.f197, 16);
            System.arraycopy(this.sha.digest(), ServerKeyExchange.f197, bArr2, 16, 20);
            try {
                Cipher cipher = this.f206.f205.getCipher("RSA/1/PKCS1Padding");
                cipher.init(2, this.f207);
                return Utils.equalsBlock(bArr2, cipher.doFinal(bArr));
            } catch (Exception unused) {
                throw new SignatureException();
            }
        }

        @Override // java.security.SignatureSpi
        protected void engineUpdate(byte b) {
            this.md5.update(b);
            this.sha.update(b);
        }

        @Override // java.security.SignatureSpi
        protected void engineUpdate(byte[] bArr, int i, int i2) {
            this.md5.update(bArr, i, i2);
            this.sha.update(bArr, i, i2);
        }

        @Override // java.security.SignatureSpi
        protected void engineSetParameter(String str, Object obj) {
            throw new RuntimeException("Method not supported!");
        }

        @Override // java.security.SignatureSpi
        protected Object engineGetParameter(String str) {
            throw new RuntimeException("Method not supported!");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ServerKeyExchange(CipherSuite cipherSuite) {
        super(12);
        this.f205 = SSLContext.getSecurityProvider();
        String keyExchangeAlgorithm = cipherSuite.getKeyExchangeAlgorithm();
        this.f204 = f197;
        if (keyExchangeAlgorithm.endsWith("RSA") || keyExchangeAlgorithm.endsWith("RSA_EXPORT")) {
            this.f204 = f199;
        }
        if (keyExchangeAlgorithm.endsWith("DSS") || keyExchangeAlgorithm.endsWith("DSS_EXPORT")) {
            this.f204 = 20;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean verifySignature(PublicKey publicKey) {
        Signature signature;
        try {
            if (this.f204 == 0) {
                return true;
            }
            if (this.f204 == f199) {
                signature = new SSLRSASignature(this);
            } else {
                if (this.f204 != 20) {
                    throw new RuntimeException("Internal Error in ServerKeyExchange!");
                }
                signature = this.f205.getSignature("DSA");
            }
            signature.initVerify(publicKey);
            signature.update(this.f200);
            signature.update(this.f201);
            signature.update(this.f202);
            return signature.verify(this.f203);
        } catch (Exception unused) {
            throw new RuntimeException("Error verifying signature.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] signKey(SSLServerContext sSLServerContext) {
        Signature signature;
        PrivateKey dSAPrivateKey;
        try {
            if (this.f204 == 0) {
                return new byte[f197];
            }
            if (this.f204 == f199) {
                signature = new SSLRSASignature(this);
                dSAPrivateKey = sSLServerContext.getRSAPrivateKey();
            } else {
                if (this.f204 != 20) {
                    throw new RuntimeException("Internal Error in ServerKeyExchange!");
                }
                signature = this.f205.getSignature("DSA");
                dSAPrivateKey = sSLServerContext.getDSAPrivateKey();
            }
            signature.initSign(dSAPrivateKey);
            signature.update(this.f200);
            signature.update(this.f201);
            signature.update(this.f202);
            return signature.sign();
        } catch (Exception unused) {
            throw new RuntimeException("Error creating signature.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // iaik.security.ssl.SSLMessage
    public void writeTo(OutputRecord outputRecord) throws IOException {
        outputRecord.writeUInt8(12);
        outputRecord.writeUInt24(2 + this.f202.length + this.f203.length);
        outputRecord.write(this.f202);
        outputRecord.writeUInt16Array(this.f203);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract void readFrom(InputRecord inputRecord) throws IOException;

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract Key getTemporaryKey();

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract void createSignature(SSLServerContext sSLServerContext) throws SSLException;
}
