package org.openjsse.sun.security.ssl;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.ProviderException;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.SSLHandshakeException;
import org.openjsse.sun.security.ssl.CipherSuite;
import sun.security.internal.spec.TlsKeyMaterialParameterSpec;
import sun.security.internal.spec.TlsKeyMaterialSpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* JADX WARN: Enum visitor error
jadx.core.utils.exceptions.JadxRuntimeException: Init of enum field 'SSL30' uses external variables
	at jadx.core.dex.visitors.EnumVisitor.createEnumFieldByConstructor(EnumVisitor.java:451)
	at jadx.core.dex.visitors.EnumVisitor.processEnumFieldByRegister(EnumVisitor.java:395)
	at jadx.core.dex.visitors.EnumVisitor.extractEnumFieldsFromFilledArray(EnumVisitor.java:324)
	at jadx.core.dex.visitors.EnumVisitor.extractEnumFieldsFromInsn(EnumVisitor.java:262)
	at jadx.core.dex.visitors.EnumVisitor.convertToEnum(EnumVisitor.java:151)
	at jadx.core.dex.visitors.EnumVisitor.visit(EnumVisitor.java:100)
 */
/* JADX WARN: Failed to restore enum class, 'enum' modifier and super class removed */
/* loaded from: classes2.dex */
public final class SSLTrafficKeyDerivation implements SSLKeyDerivationGenerator {
    private static final /* synthetic */ SSLTrafficKeyDerivation[] $VALUES;
    public static final SSLTrafficKeyDerivation SSL30;
    public static final SSLTrafficKeyDerivation TLS10;
    public static final SSLTrafficKeyDerivation TLS12;
    public static final SSLTrafficKeyDerivation TLS13;
    final SSLKeyDerivationGenerator keyDerivationGenerator;
    final String name;

    /* renamed from: org.openjsse.sun.security.ssl.SSLTrafficKeyDerivation$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion;

        static {
            int[] iArr = new int[ProtocolVersion.values().length];
            $SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion = iArr;
            try {
                iArr[ProtocolVersion.SSL30.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion[ProtocolVersion.TLS10.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion[ProtocolVersion.TLS11.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion[ProtocolVersion.DTLS10.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion[ProtocolVersion.TLS12.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion[ProtocolVersion.DTLS12.ordinal()] = 6;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                $SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion[ProtocolVersion.TLS13.ordinal()] = 7;
            } catch (NoSuchFieldError unused7) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public enum KeySchedule {
        TlsKey("key", false),
        TlsIv("iv", true),
        TlsUpdateNplus1("traffic upd", false);

        private final boolean isIv;
        private final byte[] label;

        KeySchedule(String str, boolean z8) {
            this.label = ("tls13 " + str).getBytes();
            this.isIv = z8;
        }

        public String getAlgorithm(CipherSuite cipherSuite, String str) {
            return this.isIv ? str : cipherSuite.bulkCipher.algorithm;
        }

        public int getKeyLength(CipherSuite cipherSuite) {
            if (this == TlsUpdateNplus1) {
                return cipherSuite.hashAlg.hashLength;
            }
            boolean z8 = this.isIv;
            SSLCipher sSLCipher = cipherSuite.bulkCipher;
            return z8 ? sSLCipher.ivSize : sSLCipher.keySize;
        }
    }

    /* loaded from: classes2.dex */
    public static final class LegacyTrafficKeyDerivation implements SSLKeyDerivation {
        private final HandshakeContext context;
        private final TlsKeyMaterialSpec keyMaterialSpec;
        private final SecretKey masterSecret;

        public LegacyTrafficKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
            CipherSuite.HashAlg hashAlg;
            String str;
            this.context = handshakeContext;
            this.masterSecret = secretKey;
            CipherSuite cipherSuite = handshakeContext.negotiatedCipherSuite;
            ProtocolVersion protocolVersion = handshakeContext.negotiatedProtocol;
            int i8 = cipherSuite.macAlg.size;
            boolean z8 = cipherSuite.exportable;
            SSLCipher sSLCipher = cipherSuite.bulkCipher;
            int i9 = z8 ? sSLCipher.expandedKeySize : 0;
            byte b9 = protocolVersion.major;
            byte b10 = protocolVersion.minor;
            if (protocolVersion.isDTLS) {
                if (protocolVersion.id == ProtocolVersion.DTLS10.id) {
                    ProtocolVersion protocolVersion2 = ProtocolVersion.TLS11;
                    b9 = protocolVersion2.major;
                    b10 = protocolVersion2.minor;
                    hashAlg = CipherSuite.HashAlg.H_NONE;
                    str = "SunTlsKeyMaterial";
                } else {
                    ProtocolVersion protocolVersion3 = ProtocolVersion.TLS12;
                    byte b11 = protocolVersion3.major;
                    byte b12 = protocolVersion3.minor;
                    hashAlg = cipherSuite.hashAlg;
                    str = "SunTls12KeyMaterial";
                    b10 = b12;
                    b9 = b11;
                }
            } else if (protocolVersion.id >= ProtocolVersion.TLS12.id) {
                hashAlg = cipherSuite.hashAlg;
                str = "SunTls12KeyMaterial";
            } else {
                hashAlg = CipherSuite.HashAlg.H_NONE;
                str = "SunTlsKeyMaterial";
            }
            int i10 = sSLCipher.ivSize;
            CipherType cipherType = sSLCipher.cipherType;
            AlgorithmParameterSpec tlsKeyMaterialParameterSpec = new TlsKeyMaterialParameterSpec(secretKey, b9 & 255, b10 & 255, handshakeContext.clientHelloRandom.randomBytes, handshakeContext.serverHelloRandom.randomBytes, sSLCipher.algorithm, sSLCipher.keySize, i9, cipherType == CipherType.AEAD_CIPHER ? sSLCipher.fixedIvSize : (cipherType == CipherType.BLOCK_CIPHER && protocolVersion.useTLS11PlusSpec()) ? 0 : i10, i8, hashAlg.name, hashAlg.hashLength, hashAlg.blockSize);
            try {
                KeyGenerator keyGenerator = JsseJce.getKeyGenerator(str);
                keyGenerator.init(tlsKeyMaterialParameterSpec);
                this.keyMaterialSpec = keyGenerator.generateKey();
            } catch (GeneralSecurityException e9) {
                throw new ProviderException(e9);
            }
        }

        @Override // org.openjsse.sun.security.ssl.SSLKeyDerivation
        public SecretKey deriveKey(String str, AlgorithmParameterSpec algorithmParameterSpec) {
            return getTrafficKey(str);
        }

        public SecretKey getTrafficKey(String str) {
            str.getClass();
            char c9 = 65535;
            switch (str.hashCode()) {
                case -1716638551:
                    if (str.equals("serverWriteIv")) {
                        c9 = 0;
                        break;
                    }
                    break;
                case -1702941973:
                    if (str.equals("clientWriteKey")) {
                        c9 = 1;
                        break;
                    }
                    break;
                case -1676186013:
                    if (str.equals("serverWriteKey")) {
                        c9 = 2;
                        break;
                    }
                    break;
                case -1622415813:
                    if (str.equals("clientMacKey")) {
                        c9 = 3;
                        break;
                    }
                    break;
                case 1720625075:
                    if (str.equals("serverMacKey")) {
                        c9 = 4;
                        break;
                    }
                    break;
                case 2023276321:
                    if (str.equals("clientWriteIv")) {
                        c9 = 5;
                        break;
                    }
                    break;
            }
            switch (c9) {
                case 0:
                    IvParameterSpec serverIv = this.keyMaterialSpec.getServerIv();
                    if (serverIv == null) {
                        return null;
                    }
                    return new SecretKeySpec(serverIv.getIV(), "TlsIv");
                case 1:
                    return this.keyMaterialSpec.getClientCipherKey();
                case 2:
                    return this.keyMaterialSpec.getServerCipherKey();
                case 3:
                    return this.keyMaterialSpec.getClientMacKey();
                case 4:
                    return this.keyMaterialSpec.getServerMacKey();
                case 5:
                    IvParameterSpec clientIv = this.keyMaterialSpec.getClientIv();
                    if (clientIv == null) {
                        return null;
                    }
                    return new SecretKeySpec(clientIv.getIV(), "TlsIv");
                default:
                    return null;
            }
        }
    }

    /* loaded from: classes2.dex */
    public static final class S30TrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private S30TrafficKeyDerivationGenerator() {
        }

        public /* synthetic */ S30TrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openjsse.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
            return new LegacyTrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    /* loaded from: classes2.dex */
    public static final class T10TrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private T10TrafficKeyDerivationGenerator() {
        }

        public /* synthetic */ T10TrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openjsse.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
            return new LegacyTrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    /* loaded from: classes2.dex */
    public static final class T12TrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private T12TrafficKeyDerivationGenerator() {
        }

        public /* synthetic */ T12TrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openjsse.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
            return new LegacyTrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    /* loaded from: classes2.dex */
    public static final class T13TrafficKeyDerivation implements SSLKeyDerivation {
        private final CipherSuite cs;
        private final SecretKey secret;

        public T13TrafficKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
            this.secret = secretKey;
            this.cs = handshakeContext.negotiatedCipherSuite;
        }

        private static byte[] createHkdfInfo(byte[] bArr, int i8) {
            byte[] bArr2 = new byte[bArr.length + 4];
            ByteBuffer wrap = ByteBuffer.wrap(bArr2);
            try {
                Record.putInt16(wrap, i8);
                Record.putBytes8(wrap, bArr);
                Record.putInt8(wrap, 0);
                return bArr2;
            } catch (IOException e9) {
                throw new RuntimeException("Unexpected exception", e9);
            }
        }

        @Override // org.openjsse.sun.security.ssl.SSLKeyDerivation
        public SecretKey deriveKey(String str, AlgorithmParameterSpec algorithmParameterSpec) {
            KeySchedule valueOf = KeySchedule.valueOf(str);
            try {
                return new HKDF(this.cs.hashAlg.name).expand(this.secret, createHkdfInfo(valueOf.label, valueOf.getKeyLength(this.cs)), valueOf.getKeyLength(this.cs), valueOf.getAlgorithm(this.cs, str));
            } catch (GeneralSecurityException e9) {
                throw ((SSLHandshakeException) new SSLHandshakeException("Could not generate secret").initCause(e9));
            }
        }
    }

    /* loaded from: classes2.dex */
    public static final class T13TrafficKeyDerivationGenerator implements SSLKeyDerivationGenerator {
        private T13TrafficKeyDerivationGenerator() {
        }

        public /* synthetic */ T13TrafficKeyDerivationGenerator(AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.openjsse.sun.security.ssl.SSLKeyDerivationGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
            return new T13TrafficKeyDerivation(handshakeContext, secretKey);
        }
    }

    static {
        AnonymousClass1 anonymousClass1 = null;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation = new SSLTrafficKeyDerivation("SSL30", 0, "kdf_ssl30", new S30TrafficKeyDerivationGenerator(anonymousClass1));
        SSL30 = sSLTrafficKeyDerivation;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation2 = new SSLTrafficKeyDerivation("TLS10", 1, "kdf_tls10", new T10TrafficKeyDerivationGenerator(anonymousClass1));
        TLS10 = sSLTrafficKeyDerivation2;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation3 = new SSLTrafficKeyDerivation("TLS12", 2, "kdf_tls12", new T12TrafficKeyDerivationGenerator(anonymousClass1));
        TLS12 = sSLTrafficKeyDerivation3;
        SSLTrafficKeyDerivation sSLTrafficKeyDerivation4 = new SSLTrafficKeyDerivation("TLS13", 3, "kdf_tls13", new T13TrafficKeyDerivationGenerator(anonymousClass1));
        TLS13 = sSLTrafficKeyDerivation4;
        $VALUES = new SSLTrafficKeyDerivation[]{sSLTrafficKeyDerivation, sSLTrafficKeyDerivation2, sSLTrafficKeyDerivation3, sSLTrafficKeyDerivation4};
    }

    private SSLTrafficKeyDerivation(String str, int i8, String str2, SSLKeyDerivationGenerator sSLKeyDerivationGenerator) {
        this.name = str2;
        this.keyDerivationGenerator = sSLKeyDerivationGenerator;
    }

    public static SSLTrafficKeyDerivation valueOf(String str) {
        return (SSLTrafficKeyDerivation) Enum.valueOf(SSLTrafficKeyDerivation.class, str);
    }

    public static SSLTrafficKeyDerivation valueOf(ProtocolVersion protocolVersion) {
        switch (AnonymousClass1.$SwitchMap$org$openjsse$sun$security$ssl$ProtocolVersion[protocolVersion.ordinal()]) {
            case 1:
                return SSL30;
            case 2:
            case 3:
            case 4:
                return TLS10;
            case 5:
            case 6:
                return TLS12;
            case 7:
                return TLS13;
            default:
                return null;
        }
    }

    public static SSLTrafficKeyDerivation[] values() {
        return (SSLTrafficKeyDerivation[]) $VALUES.clone();
    }

    @Override // org.openjsse.sun.security.ssl.SSLKeyDerivationGenerator
    public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext, SecretKey secretKey) {
        return this.keyDerivationGenerator.createKeyDerivation(handshakeContext, secretKey);
    }
}
