package org.openeuler.sun.security.ssl;

import com.mg.aigwxz.iiLl11LI;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.ProviderException;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.SSLHandshakeException;
import org.openeuler.sun.security.internal.spec.TlsKeyMaterialParameterSpec;
import org.openeuler.sun.security.internal.spec.TlsKeyMaterialSpec;
import org.openeuler.sun.security.ssl.CipherSuite;
import p010IIL11.p011ILII1.p012iiLl11LI.p017iiLl11LI.ILL;

/* JADX INFO: Access modifiers changed from: package-private */
/* JADX WARN: Enum visitor error
jadx.core.utils.exceptions.JadxRuntimeException: Init of enum field 'SSL30' uses external variables
	at jadx.core.dex.visitors.EnumVisitor.createEnumFieldByConstructor(EnumVisitor.java:451)
	at jadx.core.dex.visitors.EnumVisitor.processEnumFieldByRegister(EnumVisitor.java:395)
	at jadx.core.dex.visitors.EnumVisitor.extractEnumFieldsFromFilledArray(EnumVisitor.java:324)
	at jadx.core.dex.visitors.EnumVisitor.extractEnumFieldsFromInsn(EnumVisitor.java:262)
	at jadx.core.dex.visitors.EnumVisitor.convertToEnum(EnumVisitor.java:151)
	at jadx.core.dex.visitors.EnumVisitor.visit(EnumVisitor.java:100)
 */
/* JADX WARN: Failed to restore enum class, 'enum' modifier and super class removed */
/* loaded from: classes5.dex */
public final class SSLTrafficKeyDerivation implements SSLKeyDerivationGenerator {
    private static final /* synthetic */ SSLTrafficKeyDerivation[] $VALUES;
    public static final SSLTrafficKeyDerivation GMTLS;
    public static final SSLTrafficKeyDerivation SSL30;
    public static final SSLTrafficKeyDerivation TLS10;
    public static final SSLTrafficKeyDerivation TLS12;
    public static final SSLTrafficKeyDerivation TLS13;
    final SSLKeyDerivationGenerator keyDerivationGenerator;
    final String name;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.openeuler.sun.security.ssl.SSLTrafficKeyDerivation$1, reason: invalid class name */
    /* loaded from: classes5.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$openeuler$sun$security$ssl$ProtocolVersion;

        static {
            int[] iArr = new int[ProtocolVersion.values().length];
            $SwitchMap$org$openeuler$sun$security$ssl$ProtocolVersion = iArr;
            try {
                iArr[ProtocolVersion.SSL30.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$org$openeuler$sun$security$ssl$ProtocolVersion[ProtocolVersion.TLS10.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$org$openeuler$sun$security$ssl$ProtocolVersion[ProtocolVersion.TLS11.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$org$openeuler$sun$security$ssl$ProtocolVersion[ProtocolVersion.GMTLS.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$org$openeuler$sun$security$ssl$ProtocolVersion[ProtocolVersion.TLS12.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$org$openeuler$sun$security$ssl$ProtocolVersion[ProtocolVersion.TLS13.ordinal()] = 6;
            } catch (NoSuchFieldError unused6) {
            }
        }
    }

    /* loaded from: classes5.dex */
    private static final class GMTLSTrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private GMTLSTrafficKeyDerivationGenerator() {
        }

        /* synthetic */ GMTLSTrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openeuler.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) throws IOException {
            return new LegacyTrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    /* loaded from: classes5.dex */
    private enum KeySchedule {
        TlsKey(iiLl11LI.l1IllL, false),
        TlsIv("iv", true),
        TlsUpdateNplus1("traffic upd", false);

        private final boolean isIv;
        private final byte[] label;

        KeySchedule(String str, boolean z) {
            this.label = ("tls13 " + str).getBytes();
            this.isIv = z;
        }

        String getAlgorithm(CipherSuite cipherSuite, String str) {
            return this.isIv ? str : cipherSuite.bulkCipher.algorithm;
        }

        int getKeyLength(CipherSuite cipherSuite) {
            if (this == TlsUpdateNplus1) {
                return cipherSuite.hashAlg.hashLength;
            }
            boolean z = this.isIv;
            SSLCipher sSLCipher = cipherSuite.bulkCipher;
            return z ? sSLCipher.ivSize : sSLCipher.keySize;
        }
    }

    /* loaded from: classes5.dex */
    static final class LegacyTrafficKeyDerivation implements SSLKeyDerivation {
        private final HandshakeContext context;
        private final TlsKeyMaterialSpec keyMaterialSpec;
        private final SecretKey masterSecret;

        LegacyTrafficKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
            CipherSuite.HashAlg hashAlg;
            String str;
            this.context = handshakeContext;
            this.masterSecret = secretKey;
            CipherSuite cipherSuite = handshakeContext.negotiatedCipherSuite;
            ProtocolVersion protocolVersion = handshakeContext.negotiatedProtocol;
            int i = cipherSuite.macAlg.size;
            boolean z = cipherSuite.exportable;
            SSLCipher sSLCipher = cipherSuite.bulkCipher;
            int i2 = z ? sSLCipher.expandedKeySize : 0;
            byte b = protocolVersion.major;
            byte b2 = protocolVersion.minor;
            int i3 = protocolVersion.f23492id;
            if (i3 == ProtocolVersion.GMTLS.f23492id || handshakeContext.t12WithGMCipherSuite) {
                hashAlg = CipherSuite.HashAlg.H_SM3;
                str = "GMTlsKeyMaterial";
            } else if (i3 >= ProtocolVersion.TLS12.f23492id) {
                hashAlg = cipherSuite.hashAlg;
                str = "SunTls12KeyMaterial";
            } else {
                hashAlg = CipherSuite.HashAlg.H_NONE;
                str = "SunTlsKeyMaterial";
            }
            String str2 = str;
            int i4 = sSLCipher.ivSize;
            CipherType cipherType = sSLCipher.cipherType;
            TlsKeyMaterialParameterSpec tlsKeyMaterialParameterSpec = new TlsKeyMaterialParameterSpec(secretKey, b & 255, b2 & 255, handshakeContext.clientHelloRandom.randomBytes, handshakeContext.serverHelloRandom.randomBytes, sSLCipher.algorithm, sSLCipher.keySize, i2, cipherType == CipherType.AEAD_CIPHER ? sSLCipher.fixedIvSize : (cipherType == CipherType.BLOCK_CIPHER && protocolVersion.useTLS11PlusSpec()) ? 0 : i4, i, hashAlg.name, hashAlg.hashLength, hashAlg.blockSize);
            try {
                KeyGenerator keyGenerator = JsseJce.getKeyGenerator(str2);
                keyGenerator.init(tlsKeyMaterialParameterSpec);
                this.keyMaterialSpec = (TlsKeyMaterialSpec) keyGenerator.generateKey();
            } catch (GeneralSecurityException e) {
                throw new ProviderException(e);
            }
        }

        @Override // org.openeuler.sun.security.ssl.SSLKeyDerivation
        public SecretKey deriveKey(String str, AlgorithmParameterSpec algorithmParameterSpec) throws IOException {
            return getTrafficKey(str);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public SecretKey getTrafficKey(String str) {
            str.hashCode();
            char c = 65535;
            switch (str.hashCode()) {
                case -1716638551:
                    if (str.equals("serverWriteIv")) {
                        c = 0;
                        break;
                    }
                    break;
                case -1702941973:
                    if (str.equals("clientWriteKey")) {
                        c = 1;
                        break;
                    }
                    break;
                case -1676186013:
                    if (str.equals("serverWriteKey")) {
                        c = 2;
                        break;
                    }
                    break;
                case -1622415813:
                    if (str.equals("clientMacKey")) {
                        c = 3;
                        break;
                    }
                    break;
                case 1720625075:
                    if (str.equals("serverMacKey")) {
                        c = 4;
                        break;
                    }
                    break;
                case 2023276321:
                    if (str.equals("clientWriteIv")) {
                        c = 5;
                        break;
                    }
                    break;
            }
            switch (c) {
                case 0:
                    IvParameterSpec serverIv = this.keyMaterialSpec.getServerIv();
                    if (serverIv == null) {
                        return null;
                    }
                    return new SecretKeySpec(serverIv.getIV(), "TlsIv");
                case 1:
                    return this.keyMaterialSpec.getClientCipherKey();
                case 2:
                    return this.keyMaterialSpec.getServerCipherKey();
                case 3:
                    return this.keyMaterialSpec.getClientMacKey();
                case 4:
                    return this.keyMaterialSpec.getServerMacKey();
                case 5:
                    IvParameterSpec clientIv = this.keyMaterialSpec.getClientIv();
                    if (clientIv == null) {
                        return null;
                    }
                    return new SecretKeySpec(clientIv.getIV(), "TlsIv");
                default:
                    return null;
            }
        }
    }

    /* loaded from: classes5.dex */
    private static final class S30TrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private S30TrafficKeyDerivationGenerator() {
        }

        /* synthetic */ S30TrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openeuler.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) throws IOException {
            return new LegacyTrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    /* loaded from: classes5.dex */
    private static final class T10TrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private T10TrafficKeyDerivationGenerator() {
        }

        /* synthetic */ T10TrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openeuler.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) throws IOException {
            return new LegacyTrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    /* loaded from: classes5.dex */
    private static final class T12TrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private T12TrafficKeyDerivationGenerator() {
        }

        /* synthetic */ T12TrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openeuler.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) throws IOException {
            return new LegacyTrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    /* loaded from: classes5.dex */
    static final class T13TrafficKeyDerivation implements SSLKeyDerivation {
        private final CipherSuite cs;
        private final SecretKey secret;

        T13TrafficKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
            this.secret = secretKey;
            this.cs = handshakeContext.negotiatedCipherSuite;
        }

        private static byte[] createHkdfInfo(byte[] bArr, int i) throws IOException {
            byte[] bArr2 = new byte[bArr.length + 4];
            ByteBuffer wrap = ByteBuffer.wrap(bArr2);
            try {
                l.iiIlLlIIl(wrap, i);
                l.LiliIlll(wrap, bArr);
                l.m48578ILL(wrap, 0);
                return bArr2;
            } catch (IOException e) {
                throw new RuntimeException("Unexpected exception", e);
            }
        }

        @Override // org.openeuler.sun.security.ssl.SSLKeyDerivation
        public SecretKey deriveKey(String str, AlgorithmParameterSpec algorithmParameterSpec) throws IOException {
            KeySchedule valueOf = KeySchedule.valueOf(str);
            try {
                return new HKDF(this.cs.hashAlg.name).expand(this.secret, createHkdfInfo(valueOf.label, valueOf.getKeyLength(this.cs)), valueOf.getKeyLength(this.cs), valueOf.getAlgorithm(this.cs, str));
            } catch (GeneralSecurityException e) {
                throw ((SSLHandshakeException) new SSLHandshakeException("Could not generate secret").initCause(e));
            }
        }
    }

    /* loaded from: classes5.dex */
    private static final class T13TrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private T13TrafficKeyDerivationGenerator() {
        }

        /* synthetic */ T13TrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openeuler.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) throws IOException {
            return new T13TrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    static {
        AnonymousClass1 anonymousClass1 = null;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation = new SSLTrafficKeyDerivation("SSL30", 0, "kdf_ssl30", new S30TrafficKeyDerivationGenerator(anonymousClass1));
        SSL30 = sSLTrafficKeyDerivation;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation2 = new SSLTrafficKeyDerivation("TLS10", 1, "kdf_tls10", new T10TrafficKeyDerivationGenerator(anonymousClass1));
        TLS10 = sSLTrafficKeyDerivation2;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation3 = new SSLTrafficKeyDerivation(ILL.f916LliiL, 2, "kdf_gmtls", new GMTLSTrafficKeyDerivationGenerator(anonymousClass1));
        GMTLS = sSLTrafficKeyDerivation3;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation4 = new SSLTrafficKeyDerivation("TLS12", 3, "kdf_tls12", new T12TrafficKeyDerivationGenerator(anonymousClass1));
        TLS12 = sSLTrafficKeyDerivation4;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation5 = new SSLTrafficKeyDerivation("TLS13", 4, "kdf_tls13", new T13TrafficKeyDerivationGenerator(anonymousClass1));
        TLS13 = sSLTrafficKeyDerivation5;
        $VALUES = new SSLTrafficKeyDerivation[]{sSLTrafficKeyDerivation, sSLTrafficKeyDerivation2, sSLTrafficKeyDerivation3, sSLTrafficKeyDerivation4, sSLTrafficKeyDerivation5};
    }

    private SSLTrafficKeyDerivation(String str, int i, String str2, SSLKeyDerivationGenerator sSLKeyDerivationGenerator) {
        this.name = str2;
        this.keyDerivationGenerator = sSLKeyDerivationGenerator;
    }

    public static SSLTrafficKeyDerivation valueOf(String str) {
        return (SSLTrafficKeyDerivation) Enum.valueOf(SSLTrafficKeyDerivation.class, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSLTrafficKeyDerivation valueOf(ProtocolVersion protocolVersion) {
        switch (AnonymousClass1.$SwitchMap$org$openeuler$sun$security$ssl$ProtocolVersion[protocolVersion.ordinal()]) {
            case 1:
                return SSL30;
            case 2:
            case 3:
                return TLS10;
            case 4:
                return GMTLS;
            case 5:
                return TLS12;
            case 6:
                return TLS13;
            default:
                return null;
        }
    }

    public static SSLTrafficKeyDerivation[] values() {
        return (SSLTrafficKeyDerivation[]) $VALUES.clone();
    }

    @Override // org.openeuler.sun.security.ssl.SSLKeyDerivationGenerator
    public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) throws IOException {
        return this.keyDerivationGenerator.createKeyDerivation(handshakeContext, secretKey);
    }
}
