package net.luminis.tls.engine.impl;

import at.favre.lib.hkdf.HKDF;
import at.favre.lib.hkdf.HkdfMacFactory;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.XECPublicKey;
import javax.crypto.KeyAgreement;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import net.luminis.tls.BinderCalculator;
import net.luminis.tls.TlsConstants;
import net.luminis.tls.log.Logger;
import net.luminis.tls.util.ByteUtils;

/* loaded from: classes.dex */
public class TlsState implements BinderCalculator {
    private static final Charset ISO_8859_1 = Charset.forName("ISO-8859-1");
    private static String labelPrefix = "tls13 ";
    private byte[] binderKey;
    private byte[] clientApplicationTrafficSecret;
    private byte[] clientEarlyTrafficSecret;
    private byte[] clientHandshakeTrafficSecret;
    private PrivateKey clientPrivateKey;
    private byte[] earlySecret;
    private final byte[] emptyHash;
    private byte[] handshakeSecret;
    private final MessageDigest hashFunction;
    private final short hashLength;
    private final HKDF hkdf;
    private final short iv_length;
    private final short keyLength;
    private byte[] masterSecret;
    private final byte[] psk;
    private boolean pskSelected;
    private byte[] resumptionMasterSecret;
    private byte[] serverApplicationTrafficSecret;
    private byte[] serverHandshakeTrafficSecret;
    private PublicKey serverSharedKey;
    private byte[] sharedSecret;
    private final TranscriptHash transcriptHash;

    public TlsState(TranscriptHash transcriptHash, int i, int i2) {
        this(transcriptHash, null, i, i2);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public TlsState(TranscriptHash transcriptHash, byte[] bArr, int i, int i2) {
        this.iv_length = (short) 12;
        this.psk = bArr;
        this.transcriptHash = transcriptHash;
        this.keyLength = (short) i;
        int i3 = (short) i2;
        this.hashLength = i3;
        StringBuilder OO00OO00000000000000 = com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("SHA-");
        OO00OO00000000000000.append(i3 * 8);
        String sb = OO00OO00000000000000.toString();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(sb);
            this.hashFunction = messageDigest;
            StringBuilder OO00OO000000000000002 = com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("HmacSHA");
            OO00OO000000000000002.append(i3 * 8);
            this.hkdf = HKDF.from(new HkdfMacFactory.Default(OO00OO000000000000002.toString(), null));
            byte[] digest = messageDigest.digest(new byte[0]);
            this.emptyHash = digest;
            com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(digest, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Empty hash: "));
            computeEarlySecret(bArr == null ? new byte[i3] : bArr);
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException(com.android.tools.r8.O0000000000000000000.O0O00O00000000000000("Missing ", sb, " support"));
        }
    }

    private byte[] computeEarlySecret(byte[] bArr) {
        this.earlySecret = this.hkdf.extract(new byte[this.hashLength], bArr);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.earlySecret, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Early secret: "));
        this.binderKey = hkdfExpandLabel(this.earlySecret, "res binder", this.emptyHash, this.hashLength);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.binderKey, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Binder key: "));
        return this.earlySecret;
    }

    public void computeApplicationSecrets() {
        computeApplicationSecrets(this.handshakeSecret);
    }

    public void computeApplicationSecrets(byte[] bArr) {
        byte[] serverHash = this.transcriptHash.getServerHash(TlsConstants.HandshakeType.finished);
        byte[] hkdfExpandLabel = hkdfExpandLabel(bArr, "derived", this.emptyHash, this.hashLength);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Derived secret: "));
        this.masterSecret = this.hkdf.extract(hkdfExpandLabel, new byte[this.hashLength]);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.masterSecret, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Master secret: "));
        this.clientApplicationTrafficSecret = hkdfExpandLabel(this.masterSecret, "c ap traffic", serverHash, this.hashLength);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.clientApplicationTrafficSecret, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Client application traffic secret: "));
        this.serverApplicationTrafficSecret = hkdfExpandLabel(this.masterSecret, "s ap traffic", serverHash, this.hashLength);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.serverApplicationTrafficSecret, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Server application traffic secret: "));
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel(this.clientApplicationTrafficSecret, "key", "", this.keyLength), com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Client application key: "));
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel(this.serverApplicationTrafficSecret, "key", "", this.keyLength), com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Server application key: "));
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel(this.clientApplicationTrafficSecret, "iv", "", (short) 12), com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Client application iv: "));
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel(this.serverApplicationTrafficSecret, "iv", "", (short) 12), com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Server application iv: "));
    }

    public void computeEarlyTrafficSecret() {
        this.clientEarlyTrafficSecret = hkdfExpandLabel(this.earlySecret, "c e traffic", this.transcriptHash.getHash(TlsConstants.HandshakeType.client_hello), this.hashLength);
    }

    public void computeHandshakeSecrets() {
        byte[] hkdfExpandLabel = hkdfExpandLabel(this.earlySecret, "derived", this.emptyHash, this.hashLength);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Derived secret: "));
        this.handshakeSecret = this.hkdf.extract(hkdfExpandLabel, this.sharedSecret);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.handshakeSecret, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Handshake secret: "));
        byte[] hash = this.transcriptHash.getHash(TlsConstants.HandshakeType.server_hello);
        this.clientHandshakeTrafficSecret = hkdfExpandLabel(this.handshakeSecret, "c hs traffic", hash, this.hashLength);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.clientHandshakeTrafficSecret, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Client handshake traffic secret: "));
        this.serverHandshakeTrafficSecret = hkdfExpandLabel(this.handshakeSecret, "s hs traffic", hash, this.hashLength);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.serverHandshakeTrafficSecret, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Server handshake traffic secret: "));
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel(this.clientHandshakeTrafficSecret, "key", "", this.keyLength), com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Client handshake key: "));
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel(this.serverHandshakeTrafficSecret, "key", "", this.keyLength), com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Server handshake key: "));
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel(this.clientHandshakeTrafficSecret, "iv", "", (short) 12), com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Client handshake iv: "));
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(hkdfExpandLabel(this.serverHandshakeTrafficSecret, "iv", "", (short) 12), com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Server handshake iv: "));
    }

    public byte[] computePSK(byte[] bArr) {
        return hkdfExpandLabel(this.resumptionMasterSecret, "resumption", bArr, this.hashLength);
    }

    @Override // net.luminis.tls.BinderCalculator
    public byte[] computePskBinder(byte[] bArr) {
        StringBuilder OO00OO00000000000000 = com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("HmacSHA");
        OO00OO00000000000000.append(this.hashLength * 8);
        String sb = OO00OO00000000000000.toString();
        try {
            this.hashFunction.reset();
            this.hashFunction.update(bArr);
            byte[] digest = this.hashFunction.digest();
            SecretKeySpec secretKeySpec = new SecretKeySpec(hkdfExpandLabel(this.binderKey, "finished", "", this.hashLength), sb);
            Mac mac = Mac.getInstance(sb);
            mac.init(secretKeySpec);
            mac.update(digest);
            return mac.doFinal();
        } catch (InvalidKeyException unused) {
            throw new RuntimeException();
        } catch (NoSuchAlgorithmException unused2) {
            throw new RuntimeException(com.android.tools.r8.O0000000000000000000.O0O00O00000000000000("Missing ", sb, " support"));
        }
    }

    public void computeResumptionMasterSecret() {
        this.resumptionMasterSecret = hkdfExpandLabel(this.masterSecret, "res master", this.transcriptHash.getClientHash(TlsConstants.HandshakeType.finished), this.hashLength);
        com.android.tools.r8.O0000000000000000000.OO0O00O0000000000000(this.resumptionMasterSecret, com.android.tools.r8.O0000000000000000000.OO00OO00000000000000("Resumption master secret: "));
    }

    public void computeSharedSecret() {
        KeyAgreement keyAgreement;
        try {
            PublicKey publicKey = this.serverSharedKey;
            if (publicKey instanceof ECPublicKey) {
                keyAgreement = KeyAgreement.getInstance("ECDH");
            } else {
                if (!(publicKey instanceof XECPublicKey)) {
                    throw new RuntimeException("Unsupported key type");
                }
                keyAgreement = KeyAgreement.getInstance("XDH");
            }
            keyAgreement.init(this.clientPrivateKey);
            keyAgreement.doPhase(this.serverSharedKey, true);
            this.sharedSecret = keyAgreement.generateSecret();
            Logger.debug("Shared key: " + ByteUtils.bytesToHex(this.sharedSecret));
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            throw new RuntimeException("Unsupported crypto: " + e);
        }
    }

    public byte[] getClientApplicationTrafficSecret() {
        return this.clientApplicationTrafficSecret;
    }

    public byte[] getClientEarlyTrafficSecret() {
        return this.clientEarlyTrafficSecret;
    }

    public byte[] getClientHandshakeTrafficSecret() {
        return this.clientHandshakeTrafficSecret;
    }

    public short getHashLength() {
        return this.hashLength;
    }

    public byte[] getServerApplicationTrafficSecret() {
        return this.serverApplicationTrafficSecret;
    }

    public byte[] getServerHandshakeTrafficSecret() {
        return this.serverHandshakeTrafficSecret;
    }

    public byte[] hkdfExpandLabel(byte[] bArr, String str, String str2, short s) {
        return hkdfExpandLabel(bArr, str, str2.getBytes(ISO_8859_1), s);
    }

    public byte[] hkdfExpandLabel(byte[] bArr, String str, byte[] bArr2, short s) {
        int length = labelPrefix.length() + 3;
        Charset charset = ISO_8859_1;
        ByteBuffer allocate = ByteBuffer.allocate(length + str.getBytes(charset).length + 1 + bArr2.length);
        allocate.putShort(s);
        allocate.put((byte) (labelPrefix.length() + str.getBytes().length));
        allocate.put(labelPrefix.getBytes(charset));
        allocate.put(str.getBytes(charset));
        allocate.put((byte) bArr2.length);
        allocate.put(bArr2);
        return this.hkdf.expand(bArr, allocate.array(), s);
    }

    public void setNoPskSelected() {
        if (this.psk == null || this.pskSelected) {
            return;
        }
        computeEarlySecret(new byte[this.hashLength]);
    }

    public void setOwnKey(PrivateKey privateKey) {
        this.clientPrivateKey = privateKey;
    }

    public void setPeerKey(PublicKey publicKey) {
        this.serverSharedKey = publicKey;
    }

    public void setPskSelected(int i) {
        this.pskSelected = true;
    }
}
