package ru.CryptoPro.ssl;

import java.io.IOException;
import java.io.PrintStream;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.net.ssl.SSLKeyException;
import javax.net.ssl.SSLProtocolException;
import ru.CryptoPro.JCP.Util.GetProperty;

/* loaded from: classes4.dex */
final class cl_85 extends cl_48 {
    private static final String r = "com.sun.net.ssl.rsaPreMasterSecretFix";
    private static final boolean s = GetProperty.getBooleanProperty(r, false);
    SecretKey q;
    private cl_84 t;
    private byte[] u;

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_85(cl_84 cl_84Var, cl_84 cl_84Var2, SecureRandom secureRandom, PublicKey publicKey) throws IOException {
        byte b;
        byte b2;
        if (!publicKey.getAlgorithm().equals("RSA")) {
            throw new SSLKeyException("Public key not of type RSA");
        }
        this.t = cl_84Var;
        if (s || cl_84Var2.n >= cl_84.g.n) {
            byte b3 = cl_84Var2.o;
            b = cl_84Var2.p;
            b2 = b3;
        } else {
            b2 = cl_84Var.o;
            b = cl_84Var.p;
        }
        try {
            KeyGenerator d = cl_73.d(cl_84Var.n >= cl_84.h.n ? "JavaTls12RsaPremasterSecret" : "JavaTlsRsaPremasterSecret");
            d.init(new ru.CryptoPro.ssl.pc_3.pc_1.cl_4(b2, b), secureRandom);
            this.q = d.generateKey();
            Cipher a = cl_73.a("RSA/ECB/PKCS1Padding");
            a.init(3, publicKey, secureRandom);
            this.u = a.wrap(this.q);
        } catch (GeneralSecurityException e) {
            throw ((SSLKeyException) new SSLKeyException("RSA premaster secret error").initCause(e));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_85(cl_84 cl_84Var, cl_84 cl_84Var2, SecureRandom secureRandom, cl_47 cl_47Var, int i, PrivateKey privateKey) throws IOException {
        byte[] bArr;
        BadPaddingException badPaddingException;
        if (!privateKey.getAlgorithm().equals("RSA")) {
            throw new SSLKeyException("Private key not of type RSA");
        }
        if (cl_84Var.n >= cl_84.f.n) {
            this.u = cl_47Var.g();
        } else {
            byte[] bArr2 = new byte[i];
            this.u = bArr2;
            if (cl_47Var.read(bArr2) != i) {
                throw new SSLProtocolException("SSL: read PreMasterSecret: short read");
            }
        }
        try {
            Cipher a = cl_73.a("RSA/ECB/PKCS1Padding");
            a.init(2, privateKey);
            badPaddingException = null;
            bArr = a.doFinal(this.u);
        } catch (BadPaddingException e) {
            bArr = null;
            badPaddingException = e;
        } catch (IllegalBlockSizeException unused) {
            throw new SSLProtocolException("Unable to process PreMasterSecret, may be too big");
        } catch (Exception e2) {
            SSLLogger.warning("RSA premaster secret decryption error:");
            SSLLogger.thrown(e2);
            throw new RuntimeException("Could not generate dummy secret", e2);
        }
        this.q = a(cl_84Var, cl_84Var2, secureRandom, bArr, badPaddingException);
    }

    private SecretKey a(cl_84 cl_84Var, cl_84 cl_84Var2, SecureRandom secureRandom, byte[] bArr, Exception exc) {
        this.t = cl_84Var2;
        if (secureRandom == null) {
            secureRandom = new SecureRandom();
        }
        byte[] bArr2 = new byte[48];
        secureRandom.nextBytes(bArr2);
        if (exc != null || bArr == null) {
            if (exc != null) {
                SSLLogger.warning("Error decrypting premaster secret:");
                SSLLogger.thrown(exc);
            }
            return a(cl_84Var2, bArr2, secureRandom);
        }
        if (bArr.length != 48) {
            SSLLogger.fine("incorrect length of premaster secret: ", Integer.valueOf(bArr.length));
            return a(cl_84Var2, bArr2, secureRandom);
        }
        if (cl_84Var2.o != bArr[0] || cl_84Var2.p != bArr[1]) {
            if (cl_84Var2.n <= cl_84.f.n && cl_84Var.o == bArr[0] && cl_84Var.p == bArr[1]) {
                this.t = cl_84Var;
            } else {
                SSLLogger.finer("Mismatching Protocol Versions, ClientHello.client_version is " + cl_84Var2 + ", while PreMasterSecret.client_version is " + cl_84.a(bArr[0], bArr[1]));
                bArr = bArr2;
            }
        }
        return a(cl_84Var2, bArr, secureRandom);
    }

    private static SecretKey a(cl_84 cl_84Var, byte[] bArr, SecureRandom secureRandom) {
        SSLLogger.fine("Generating a random fake premaster secret");
        try {
            KeyGenerator d = cl_73.d(cl_84Var.n >= cl_84.h.n ? "JavaTls12RsaPremasterSecret" : "JavaTlsRsaPremasterSecret");
            d.init(new ru.CryptoPro.ssl.pc_3.pc_1.cl_4(cl_84Var.o, cl_84Var.p, bArr), secureRandom);
            return d.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            SSLLogger.warning("RSA premaster secret generation error:");
            SSLLogger.thrown(e);
            throw new RuntimeException("Could not generate dummy secret", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // ru.CryptoPro.ssl.cl_48
    public int a() {
        return 16;
    }

    @Override // ru.CryptoPro.ssl.cl_48
    void a(PrintStream printStream) throws IOException {
        printStream.println("*** ClientKeyExchange, RSA PreMasterSecret, " + this.t);
    }

    @Override // ru.CryptoPro.ssl.cl_48
    void a(cl_63 cl_63Var) throws IOException {
        int i = this.t.n;
        int i2 = cl_84.f.n;
        byte[] bArr = this.u;
        if (i >= i2) {
            cl_63Var.b(bArr);
        } else {
            cl_63Var.write(bArr);
        }
    }

    @Override // ru.CryptoPro.ssl.cl_48
    int c() {
        int i = this.t.n;
        int i2 = cl_84.f.n;
        byte[] bArr = this.u;
        return i >= i2 ? bArr.length + 2 : bArr.length;
    }

    @Override // ru.CryptoPro.ssl.cl_48
    String d() {
        return "*** ClientKeyExchange, RSA PreMasterSecret, " + this.t;
    }
}
