package iaik.security.ssl;

import com.sun.identity.authentication.modules.radius.client.Packet;
import java.io.ByteArrayInputStream;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
import java.security.MessageDigest;
import java.util.zip.DataFormatException;
import javax.crypto.Cipher;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:119465-02/SUNWamsci/reloc/SUNWam/lib/iaik_ssl.jar:iaik/security/ssl/o.class */
public class o extends ByteArrayInputStream {
    int i;
    int h;
    int m;
    int n;
    int l;
    boolean d;
    private int b;
    private int q;
    private int p;
    private int r;
    private CompressionMethod o;
    private n e;
    private Cipher f;
    private int j;
    private int c;
    private m g;
    private SSLTransport a;
    InputStream k;
    static final int z = 18713;
    private static final int x = 4;
    private static final int u = 3;
    private static final int v = 2;
    private static final int w = 1;
    static final int s = 5;
    private static final boolean t = false;
    private static final boolean y = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(MessageDigest messageDigest, MessageDigest messageDigest2) {
        int i = ((ByteArrayInputStream) this).pos - this.j;
        if (i > 0) {
            messageDigest.update(((ByteArrayInputStream) this).buf, this.j, i);
            messageDigest2.update(((ByteArrayInputStream) this).buf, this.j, i);
            this.j = ((ByteArrayInputStream) this).pos;
        }
    }

    private int b(byte[] bArr, int i, int i2) throws IOException {
        int i3 = bArr[(i + i2) - 1] & Packet.RESERVED;
        if (this.r < 769) {
            if (i3 <= this.q) {
                return (i2 - i3) - 1;
            }
            this.g.a(2, 20);
            throw new SSLException(new StringBuffer("SSLv3 padding length error: ").append(i3).toString());
        }
        if (i3 > i2) {
            throw new SSLException(new StringBuffer("Padding length error: ").append(i3).append(" > ").append(i2).toString());
        }
        for (int i4 = ((i + i2) - i3) - 1; i4 < (i + i2) - 1; i4++) {
            if ((bArr[i4] & Packet.RESERVED) != i3) {
                this.g.a(2, 51);
                throw new SSLException(new StringBuffer("Padding error: ").append((int) bArr[i4]).append(" != padding value ").append(i3).toString());
            }
        }
        return (i2 - i3) - 1;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(int i) {
        this.r = i;
        if (i >= 768) {
            this.c = 3;
        } else {
            this.c = 2;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(byte[] bArr) {
        if (bArr.length >= ((ByteArrayInputStream) this).buf.length) {
            ((ByteArrayInputStream) this).buf = bArr;
        } else {
            System.arraycopy(bArr, 0, ((ByteArrayInputStream) this).buf, 0, bArr.length);
        }
        ((ByteArrayInputStream) this).pos = 0;
        ((ByteArrayInputStream) this).count = bArr.length;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] j() throws IOException {
        byte[] bArr = new byte[i()];
        a(bArr);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int i() throws IOException {
        int read = read();
        if (read == -1) {
            throw new SSLException("Invalid SSL message (EOF)!");
        }
        return read;
    }

    int h() throws IOException {
        return (d() << 16) | d();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] g() throws IOException {
        byte[] bArr = new byte[f()];
        a(bArr);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int f() throws IOException {
        return (d() << 8) | i();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] e() throws IOException {
        byte[] bArr = new byte[d()];
        a(bArr);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int d() throws IOException {
        return (i() << 8) | i();
    }

    private int b(boolean z2) throws IOException {
        int i = z2 ? 2 : 0;
        Utils.a(this.k, ((ByteArrayInputStream) this).buf, i, 5 - i);
        this.d = false;
        int i2 = ((((ByteArrayInputStream) this).buf[1] & 255) << 8) | (((ByteArrayInputStream) this).buf[2] & 255);
        int i3 = ((((ByteArrayInputStream) this).buf[3] & 255) << 8) | (((ByteArrayInputStream) this).buf[4] & 255);
        if ((i2 & 65280) != 768 || (this.r != 0 && i2 != this.r)) {
            this.g.a(2, 50);
            throw new SSLException(new StringBuffer("Record version mismatch: ").append(Utils.toString(i2)).toString());
        }
        if (5 + i3 > ((ByteArrayInputStream) this).buf.length) {
            this.g.a(2, 22);
            throw new SSLException(new StringBuffer("Invalid SSL message, too long: ").append(i3).toString());
        }
        Utils.a(this.k, ((ByteArrayInputStream) this).buf, 5, i3);
        if (((ByteArrayInputStream) this).buf[0] == 23) {
            this.l++;
            this.n += i3 + 5;
        } else {
            this.h++;
            this.i += i3 + 5;
        }
        try {
            if (this.f != null) {
                i3 = this.f.update(((ByteArrayInputStream) this).buf, 5, i3, ((ByteArrayInputStream) this).buf, 5);
                if (this.p == 2) {
                    i3 = b(((ByteArrayInputStream) this).buf, 5, i3);
                }
            }
            if (this.e != null) {
                i3 = this.e.c(((ByteArrayInputStream) this).buf, 5, i3);
                if (i3 < 0) {
                    this.g.a(2, 20);
                    throw new SSLException("Bad Record MAC.");
                }
            }
            if (this.o != null) {
                i3 = this.o.decompress(((ByteArrayInputStream) this).buf, 5, i3, ((ByteArrayInputStream) this).buf, 5);
            }
            ((ByteArrayInputStream) this).count = 5 + i3;
            ((ByteArrayInputStream) this).pos = 5;
            this.j = 5;
            if (((ByteArrayInputStream) this).buf[0] == 23) {
                this.m += i3;
            }
            return ((ByteArrayInputStream) this).buf[0];
        } catch (SSLException e) {
            throw e;
        } catch (DataFormatException e2) {
            throw new SSLException(new StringBuffer("Unable to decompress incoming SSL message: ").append(e2.toString()).toString());
        } catch (Exception e3) {
            throw new SSLException(new StringBuffer("Unable to process incoming SSL message: ").append(e3.toString()).toString());
        }
    }

    private int a(boolean z2) throws IOException {
        int i;
        int i2;
        int i3;
        if (!z2) {
            try {
                Utils.a(this.k, ((ByteArrayInputStream) this).buf, 0, 2);
            } catch (EOFException unused) {
                this.a.a(true, false);
                return SSLContext.CERTTYPE_RSA_ENCRYPT;
            }
        }
        this.d = false;
        int i4 = ((((ByteArrayInputStream) this).buf[0] & 255) << 8) | (((ByteArrayInputStream) this).buf[1] & 255);
        if ((i4 & 32768) != 0) {
            i = 2;
            i2 = i4 & 32767;
            if (i2 > ((ByteArrayInputStream) this).buf.length) {
                byte[] bArr = new byte[32768];
                bArr[0] = ((ByteArrayInputStream) this).buf[0];
                bArr[1] = ((ByteArrayInputStream) this).buf[1];
                ((ByteArrayInputStream) this).buf = bArr;
            }
            Utils.a(this.k, ((ByteArrayInputStream) this).buf, 2, i2);
            i3 = 0;
        } else {
            i = 3;
            i2 = i4 & 16383;
            Utils.a(this.k, ((ByteArrayInputStream) this).buf, 2, i2 + 1);
            i3 = ((ByteArrayInputStream) this).buf[2] & 255;
        }
        ((ByteArrayInputStream) this).pos = i;
        if (this.f != null) {
            try {
                this.f.update(((ByteArrayInputStream) this).buf, ((ByteArrayInputStream) this).pos, i2, ((ByteArrayInputStream) this).buf, ((ByteArrayInputStream) this).pos);
                int a = this.e.a();
                ((ByteArrayInputStream) this).pos = i + a;
                int i5 = i2 - a;
                if (this.e.c(((ByteArrayInputStream) this).buf, ((ByteArrayInputStream) this).pos, i5) < 0) {
                    throw new SSLException("V2 mac verification error");
                }
                i2 = i5 - i3;
            } catch (Exception e) {
                throw new SSLException(new StringBuffer("V2 message decryption error: ").append(e).toString());
            }
        }
        ((ByteArrayInputStream) this).count = ((ByteArrayInputStream) this).pos + i2;
        this.j = i;
        this.b++;
        return SSLContext.CERTTYPE_RSA_ENCRYPT;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int c() throws IOException {
        this.d = true;
        boolean z2 = false;
        if (this.c == 1) {
            Utils.a(this.k, ((ByteArrayInputStream) this).buf, 0, 2);
            this.d = false;
            z2 = true;
            if (((ByteArrayInputStream) this).buf[0] == 22 || ((ByteArrayInputStream) this).buf[0] == 21) {
                this.c = 3;
            } else {
                if ((((ByteArrayInputStream) this).buf[0] & 128) == 0 || (((ByteArrayInputStream) this).buf[0] & Byte.MAX_VALUE) >= 4) {
                    throw new SSLException("Invalid SSL message, peer seems to be talking plain!");
                }
                this.c = 2;
            }
        }
        if (this.c == 2) {
            return a(z2);
        }
        if (this.c == 3) {
            return b(z2);
        }
        throw new RuntimeException("Internal error: unknown record version");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int a(byte[] bArr, int i, int i2) throws IOException {
        int read = read(bArr, i, i2);
        if (read != i2) {
            throw new SSLException("Invalid SSL message (EOF)!");
        }
        return read;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int a(byte[] bArr) throws IOException {
        return a(bArr, 0, bArr.length);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean b() throws IOException {
        return this.k.available() > 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int a() {
        return this.b;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(Cipher cipher, n nVar, int i, CompressionMethod compressionMethod) {
        this.f = cipher;
        if (this.f != null) {
            this.q = this.f.getBlockSize();
        }
        this.e = nVar;
        this.p = i;
        if (compressionMethod.getID() != 0) {
            this.o = compressionMethod;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public o(SSLTransport sSLTransport) throws IOException {
        super(new byte[z]);
        this.a = sSLTransport;
        this.k = this.a.d();
        this.g = this.a.c();
        this.c = 1;
        this.r = 0;
    }
}
