package com.nickoh.snooper;

import com.nickoh.asn.BerUtilities;
import com.nickoh.asn.Oid;
import com.nickoh.asn.X509Certificate;
import com.nickoh.util.NickohLogHandler;
import java.io.ByteArrayOutputStream;
import java.util.logging.Logger;
import sun.security.x509.X509CertImpl;

/* loaded from: input_file:com/nickoh/snooper/SSLDecoder.class */
public class SSLDecoder extends Decoder {
    private static final String moduleVersion = "1.0";
    public static final int initialCacheSize = 8192;
    protected ByteArrayOutputStream cache;
    public static final byte SSLV2_HANDSHAKE_PROTOCOL = Byte.MIN_VALUE;
    public static final byte SSL3_RT_CHANGE_CIPHER_SPEC = 20;
    public static final byte SSL3_RT_ALERT = 21;
    public static final byte SSL3_RT_HANDSHAKE = 22;
    public static final byte SSL3_RT_APPLICATION_DATA = 23;
    public static final byte SSL3_AL_WARNING = 1;
    public static final byte SSL3_AL_FATAL = 2;
    public static final byte SSL3_AD_CLOSE_NOTIFY = 0;
    public static final byte SSL3_AD_UNEXPECTED_MESSAGE = 10;
    public static final byte SSL3_AD_BAD_RECORD_MAC = 20;
    public static final byte SSL3_AD_DECOMPRESSION_FAILURE = 30;
    public static final byte SSL3_AD_HANDSHAKE_FAILURE = 40;
    public static final byte SSL3_AD_NO_CERTIFICATE = 41;
    public static final byte SSL3_AD_BAD_CERTIFICATE = 42;
    public static final byte SSL3_AD_UNSUPPORTED_CERTIFICATE = 43;
    public static final byte SSL3_AD_CERTIFICATE_REVOKED = 44;
    public static final byte SSL3_AD_CERTIFICATE_EXPIRED = 45;
    public static final byte SSL3_AD_CERTIFICATE_UNKNOWN = 46;
    public static final byte SSL3_AD_ILLEGAL_PARAMETER = 47;
    public static final byte SSL3_MT_HELLO_REQUEST = 0;
    public static final byte SSL3_MT_CLIENT_HELLO = 1;
    public static final byte SSL3_MT_SERVER_HELLO = 2;
    public static final byte SSL3_MT_CERTIFICATE = 11;
    public static final byte SSL3_MT_SERVER_KEY_EXCHANGE = 12;
    public static final byte SSL3_MT_CERTIFICATE_REQUEST = 13;
    public static final byte SSL3_MT_SERVER_DONE = 14;
    public static final byte SSL3_MT_CERTIFICATE_VERIFY = 15;
    public static final byte SSL3_MT_CLIENT_KEY_EXCHANGE = 16;
    public static final byte SSL3_MT_FINISHED = 20;
    public static final byte SSL3_CT_RSA_SIGN = 1;
    public static final byte SSL3_CT_DSS_SIGN = 2;
    public static final byte SSL3_CT_RSA_FIXED_DH = 3;
    public static final byte SSL3_CT_DSS_FIXED_DH = 4;
    public static final byte SSL3_CT_RSA_EPHEMERAL_DH = 5;
    public static final byte SSL3_CT_DSS_EPHEMERAL_DH = 6;
    public static final byte SSL3_CT_FORTEZZA_DMS = 20;
    public static final byte SSL3_CT_NUMBER = 7;
    public static final byte TLS1_AD_DECRYPTION_FAILED = 21;
    public static final byte TLS1_AD_RECORD_OVERFLOW = 22;
    public static final byte TLS1_AD_UNKNOWN_CA = 48;
    public static final byte TLS1_AD_ACCESS_DENIED = 49;
    public static final byte TLS1_AD_DECODE_ERROR = 50;
    public static final byte TLS1_AD_DECRYPT_ERROR = 51;
    public static final byte TLS1_AD_EXPORT_RESTRICTION = 60;
    public static final byte TLS1_AD_PROTOCOL_VERSION = 70;
    public static final byte TLS1_AD_INSUFFICIENT_SECURITY = 71;
    public static final byte TLS1_AD_INTERNAL_ERROR = 80;
    public static final byte TLS1_AD_USER_CANCELLED = 90;
    public static final byte TLS1_AD_NO_RENEGOTIATION = 100;
    private X509Certificate x509 = null;
    private static Logger logger = NickohLogHandler.getLogger();
    public static final String[][] cipherSuites = {new String[]{"000000", "SSL2 NULL-MD5"}, new String[]{"010080", "SSL2 RC4-MD5"}, new String[]{"020080", "SSL2 EXP-RC4-MD5"}, new String[]{"030080", "SSL2 RC2-CBC-MD5"}, new String[]{"040080", "SSL2 EXP-RC2-CBC-MD5"}, new String[]{"050080", "SSL2 IDEA-CBC-MD5"}, new String[]{"060040", "SSL2 DES-CBC-MD5"}, new String[]{"060140", "SSL2 DES-CBC-SHA"}, new String[]{"0700c0", "SSL2 DES-CBC3-MD5"}, new String[]{"0701c0", "SSL2 DES-CBC3-SHA"}, new String[]{"080080", "SSL2 RC4-64-MD5"}, new String[]{"ff0800", "SSL2 DES-CFB-M1"}, new String[]{"ff0810", "SSL2 NULL-MD5"}, new String[]{"000001", "SSL3 NULL-MD5"}, new String[]{"000002", "SSL3 NULL-SHA"}, new String[]{"000003", "SSL3 EXP-RC4-MD5"}, new String[]{"000004", "SSL3 RC4-MD5"}, new String[]{"000005", "SSL3 RC4-SHA"}, new String[]{"000006", "SSL3 EXP-RC2-CBC-MD5"}, new String[]{"000007", "SSL3 IDEA-CBC-SHA"}, new String[]{"000008", "SSL3 EXP-DES-CBC-SHA"}, new String[]{"000009", "SSL3 DES-CBC-SHA"}, new String[]{"00000A", "SSL3 DES-CBC3-SHA"}, new String[]{"00000B", "SSL3 EXP-DH-DSS-DES-CBC-SHA"}, new String[]{"00000C", "SSL3 DH-DSS-DES-CBC-SHA"}, new String[]{"00000D", "SSL3 DH-DSS-DES-CBC3-SHA"}, new String[]{"00000E", "SSL3 EXP-DH-RSA-DES-CBC-SHA"}, new String[]{"00000F", "SSL3 DH-RSA-DES-CBC-SHA"}, new String[]{"000010", "SSL3 DH-RSA-DES-CBC3-SHA"}, new String[]{"000011", "SSL3 EXP-EDH-DSS-DES-CBC-SHA"}, new String[]{"000012", "SSL3 EDH-DSS-DES-CBC-SHA"}, new String[]{"000013", "SSL3 EDH-DSS-DES-CBC3-SHA"}, new String[]{"000014", "SSL3 EXP-EDH-RSA-DES-CBC-SHA"}, new String[]{"000015", "SSL3 EDH-RSA-DES-CBC-SHA"}, new String[]{"000016", "SSL3 EDH-RSA-DES-CBC3-SHA"}, new String[]{"000017", "SSL3 EXP-ADH-RC4-MD5"}, new String[]{"000018", "SSL3 ADH-RC4-MD5"}, new String[]{"000019", "SSL3 EXP-ADH-DES-CBC-SHA"}, new String[]{"00001A", "SSL3 ADH-DES-CBC-SHA"}, new String[]{"00001B", "SSL3 ADH-DES-CBC3-SHA"}, new String[]{"00001C", "SSL3 FZA-NULL-SHA"}, new String[]{"00001D", "SSL3 FZA-FZA-CBC-SHA"}, new String[]{"00001E", "SSL3 FZA-RC4-SHA"}, new String[]{"000060", "TLS EXP1024-RC4-MD5"}, new String[]{"000061", "TLS EXP1024-RC2-CBC-MD5"}, new String[]{"000062", "TLS EXP1024-DES-CBC-SHA"}, new String[]{"000063", "TLS EXP1024-DHE-DSS-DES-CBC-SHA"}, new String[]{"000064", "TLS EXP1024-RC4-SHA"}, new String[]{"000065", "TLS EXP1024-DHE-DSS-RC4-SHA"}, new String[]{"000066", "TLS DHE-DSS-RC4-SHA"}};

    public SSLDecoder() {
        this.cache = null;
        this.cache = new ByteArrayOutputStream(8192);
    }

    public static int byteToInt(byte b) {
        return b & 255;
    }

    protected void checkForCompleteMessage() {
        boolean z;
        while (this.cache.size() >= 2) {
            byte[] byteArray = this.cache.toByteArray();
            switch (byteArray[0]) {
                case Byte.MIN_VALUE:
                    z = parseSSLV2Handshake(byteArray);
                    break;
                case 20:
                    z = parseSSL3ChangeCipherSpec(byteArray);
                    break;
                case 21:
                    z = parseSSL3Alert(byteArray);
                    break;
                case 22:
                    z = parseSSL3Handshake(byteArray);
                    break;
                case 23:
                    z = parseSSL3ApplicationData(byteArray);
                    break;
                default:
                    displayMessage(new StringBuffer("\n\n").append(getTimestamp()).append(" : ").append(this.decoderName).append("\n").toString());
                    displayMessage(new StringBuffer("Unrecognized SSL message ( code#").append((int) byteArray[0]).append(")\n").toString());
                    String decodeLDAPMessage = LDAPDecoder.decodeLDAPMessage(byteArray);
                    if (decodeLDAPMessage.startsWith("Error : ")) {
                        String decodeTLV = ASN1Decoder.decodeTLV(byteArray, 0, byteArray.length, 4);
                        if (decodeTLV.startsWith("Error : ")) {
                            displayMessage(new StringBuffer("Message contents : \n").append(HexDecoder.hexify(byteArray, byteArray.length, "    ")).toString());
                        } else {
                            displayMessage(new StringBuffer("Decoding message as ASN.1 gives : \n").append(decodeTLV).toString());
                        }
                    } else {
                        displayMessage(new StringBuffer("Decoding message as LDAP gives: \n").append(decodeLDAPMessage).toString());
                    }
                    z = false;
                    break;
            }
            if (!z) {
                return;
            }
        }
    }

    public static String decodeCipherName(byte[] bArr, int i, boolean z) {
        int byteToInt = (byteToInt(bArr[i]) * 256) + byteToInt(bArr[i + 1]);
        if (z) {
            byteToInt = (byteToInt * 256) + byteToInt(bArr[i + 2]);
        }
        String stringBuffer = new StringBuffer("Unknown cipher : 0x").append(Integer.toHexString(byteToInt)).toString();
        int i2 = 0;
        while (true) {
            if (i2 >= cipherSuites.length) {
                break;
            }
            if (byteToInt == Integer.parseInt(cipherSuites[i2][0], 16)) {
                stringBuffer = cipherSuites[i2][1];
                break;
            }
            i2++;
        }
        return stringBuffer;
    }

    @Override // com.nickoh.snooper.Decoder
    public synchronized void decodeData(byte[] bArr) {
        decodeData(bArr, bArr.length);
    }

    @Override // com.nickoh.snooper.Decoder
    public synchronized void decodeData(byte[] bArr, int i) {
        if (this.cache.size() == 0) {
            setTimestamp();
        }
        this.cache.write(bArr, 0, i);
        checkForCompleteMessage();
    }

    @Override // com.nickoh.snooper.Decoder
    public String getName() {
        return "SSL Decoder";
    }

    @Override // com.nickoh.snooper.Decoder
    public String getVersion() {
        return "V1.0";
    }

    protected String parseDN(byte[] bArr, int i, int i2) {
        String str = null;
        int dataOffset = BerUtilities.dataOffset(bArr, i);
        int componentLength = BerUtilities.getComponentLength(bArr, dataOffset);
        int dataOffset2 = BerUtilities.dataOffset(bArr, dataOffset);
        while (true) {
            int i3 = dataOffset2;
            if (i3 >= i + i2) {
                return str;
            }
            int dataOffset3 = BerUtilities.dataOffset(bArr, i3);
            int componentLength2 = BerUtilities.getComponentLength(bArr, dataOffset3);
            Oid oid = new Oid(bArr, dataOffset3, componentLength2);
            String string = BerUtilities.getString(bArr, dataOffset3 + componentLength2);
            str = str == null ? new StringBuffer(String.valueOf(oid.toString())).append("=").append(string).toString() : new StringBuffer(String.valueOf(str)).append(", ").append(oid.toString()).append("=").append(string).toString();
            dataOffset += componentLength;
            componentLength = BerUtilities.getComponentLength(bArr, dataOffset);
            dataOffset2 = BerUtilities.dataOffset(bArr, dataOffset);
        }
    }

    protected boolean parseSSL3Alert(byte[] bArr) {
        if (bArr.length < 7) {
            return false;
        }
        displayMessage(new StringBuffer("\n\n").append(getTimestamp()).append(" : ").append(this.decoderName).append("\n").toString());
        displayMessage("SSLV3_ALERT :\n");
        displayMessage(new StringBuffer("  Version : ").append((int) bArr[1]).append("\n").toString());
        int byteToInt = (256 * byteToInt(bArr[3])) + byteToInt(bArr[4]);
        int i = byteToInt + 5;
        if (byteToInt != 2) {
            displayMessage("  ---contents of alert appear to be encrypted\n");
        } else {
            displayMessage(new StringBuffer("  Level   : ").append(byteToInt(bArr[5])).append(" ").toString());
            switch (bArr[5]) {
                case 1:
                    displayMessage("(warning)\n");
                    break;
                case 2:
                    displayMessage("(fatal)\n");
                    break;
                default:
                    displayMessage("(unrecognized level code)\n");
                    break;
            }
            displayMessage("  Desc.   : ");
            switch (bArr[6]) {
                case 0:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("closing connection\n").append("             (SSL3_AD_CLOSE_NOTIFY").toString());
                    break;
                case 10:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received improper message\n").append("             (SSL3_AD_UNEXPECTED_MESSAGE").toString());
                    break;
                case 20:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received message that couldn't be authenticated\n").append("             (SSL3_AD_BAD_RECORD_MAC").toString());
                    break;
                case 21:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("decrypted invalid/illegal message\n").append("             (TLS1_AD_DECRYPTION_FAILED").toString());
                    break;
                case 22:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received message > (2^14 + 2048) bytes\n").append("             (TLS1_AD_RECORD_OVERFLOW").toString());
                    break;
                case SSL3_AD_DECOMPRESSION_FAILURE /* 30 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received data it couldn't compress\n").append("             (SSL3_AD_DECOMPRESSION_FAILURE").toString());
                    break;
                case SSL3_AD_HANDSHAKE_FAILURE /* 40 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("could not negotiate acceptable security\n").append("             (SSL3_AD_HANDSHAKE_FAILURE").toString());
                    break;
                case SSL3_AD_NO_CERTIFICATE /* 41 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("has no certificate for server's CertificateRequest\n").append("             (SSL3_AD_NO_CERTIFICATE").toString());
                    break;
                case SSL3_AD_BAD_CERTIFICATE /* 42 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received corrupt certificate\n").append("             (SSL3_AD_BAD_CERTIFICATE").toString());
                    break;
                case SSL3_AD_UNSUPPORTED_CERTIFICATE /* 43 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received unsupported certificate\n").append("             (SSL3_AD_UNSUPPORTED_CERTIFICATE").toString());
                    break;
                case SSL3_AD_CERTIFICATE_REVOKED /* 44 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received certificate that has been revoked\n").append("             (SSL3_AD_CERTIFICATE_REVOKED").toString());
                    break;
                case SSL3_AD_CERTIFICATE_EXPIRED /* 45 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received certificate that has expired\n").append("             (SSL3_AD_CERTIFICATE_EXPIRED").toString());
                    break;
                case SSL3_AD_CERTIFICATE_UNKNOWN /* 46 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("has unspecified problem with certificate it received\n").append("             (SSL3_AD_CERTIFICATE_UNKNOWN").toString());
                    break;
                case SSL3_AD_ILLEGAL_PARAMETER /* 47 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received handshake with illegal parameter\n").append("             (SSL3_AD_ILLEGAL_PARAMETER").toString());
                    break;
                case 48:
                    displayMessage("Sending party could't identify/trust CA of certificate\n             (TLS1_AD_UNKNOWN_CA");
                    break;
                case 49:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("received certificate with insufficient access rights\n").append("             (TLS1_AD_ACCESS_DENIED").toString());
                    break;
                case 50:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("couldn't decode message\n").append("             (TLS1_AD_DECODE_ERROR").toString());
                    break;
                case 51:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("couldn't complete handshake because of decryption error\n").append("             (TLS1_AD_DECRYPT_ERROR").toString());
                    break;
                case 60:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("detected negotiation parameter contravening U.S. export restrictions\n").append("             (TLS1_AD_EXPORT_RESTRICTION").toString());
                    break;
                case 70:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("cannot support requested TLS protocol\n").append("             (TLS1_AD_PROTOCOL_VERSION").toString());
                    break;
                case 71:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("requires cipher suites more secure than client supports\n").append("             (TLS1_AD_INSUFFICIENT_SECURITY").toString());
                    break;
                case 80:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("had internal error\n").append("             (TLS1_AD_INTERNAL_ERROR").toString());
                    break;
                case TLS1_AD_USER_CANCELLED /* 90 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("wishes to cancel handshake negotiation\n").append("             (TLS1_AD_USER_CANCELLED").toString());
                    break;
                case TLS1_AD_NO_RENEGOTIATION /* 100 */:
                    displayMessage(new StringBuffer(String.valueOf("Sending party ")).append("unable to renegotiate TLS handshake\n").append("             (TLS1_AD_NO_RENEGOTIATION").toString());
                    break;
                default:
                    displayMessage("unknown code (");
                    break;
            }
            displayMessage(new StringBuffer(" [").append(byteToInt(bArr[6])).append("])\n").toString());
        }
        this.cache.reset();
        if (bArr.length <= i) {
            return true;
        }
        this.cache.write(bArr, i, bArr.length - i);
        return true;
    }

    protected boolean parseSSL3ApplicationData(byte[] bArr) {
        int byteToInt;
        int byteToInt2;
        if (bArr.length < 5 || bArr.length < (byteToInt2 = (byteToInt = (256 * byteToInt(bArr[3])) + byteToInt(bArr[4])) + 5)) {
            return false;
        }
        displayMessage(new StringBuffer("\n\n").append(getTimestamp()).append(" : ").append(this.decoderName).append("\n").toString());
        displayMessage("SSLV3_Application data :\n");
        displayMessage(new StringBuffer("  Version : ").append((int) bArr[2]).append("\n").toString());
        displayMessage(new StringBuffer("  Length  : 0x").append(Integer.toHexString(byteToInt)).append("\n").toString());
        this.cache.reset();
        if (bArr.length <= byteToInt2) {
            return true;
        }
        this.cache.write(bArr, byteToInt2, bArr.length - byteToInt2);
        return true;
    }

    protected boolean parseSSL3ChangeCipherSpec(byte[] bArr) {
        if (bArr.length < 6) {
            return false;
        }
        displayMessage(new StringBuffer("\n\n").append(getTimestamp()).append(" : ").append(this.decoderName).append("\n").toString());
        displayMessage("SSLV3 Change Cipher Spec :\n");
        displayMessage(new StringBuffer("  Version : ").append((int) bArr[1]).append("\n").toString());
        displayMessage(new StringBuffer("  CCS     : ").append((int) bArr[5]).append("\n").toString());
        this.cache.reset();
        if (bArr.length <= 6) {
            return true;
        }
        this.cache.write(bArr, 6, bArr.length - 6);
        return true;
    }

    protected boolean parseSSL3Handshake(byte[] bArr) {
        int byteToInt;
        int byteToInt2;
        if (bArr.length < 5 || bArr.length < (byteToInt2 = (byteToInt = (256 * byteToInt(bArr[3])) + byteToInt(bArr[4])) + 5)) {
            return false;
        }
        displayMessage(new StringBuffer("\n\n").append(getTimestamp()).append(" : ").append(this.decoderName).append("\n").toString());
        displayMessage("SSLV3_HANDSHAKE :\n");
        displayMessage(new StringBuffer("  Version : ").append((int) bArr[2]).append("\n").toString());
        displayMessage(new StringBuffer("  Length  : 0x").append(Integer.toHexString(byteToInt)).append("\n").toString());
        int i = 5;
        int i2 = 0;
        while (i < byteToInt2) {
            i2++;
            displayMessage(new StringBuffer("  Handshake #").append(i2).append(" :\n").toString());
            byte b = bArr[i];
            int byteToInt3 = (((byteToInt(bArr[i + 1]) * 256) + byteToInt(bArr[i + 2])) * 256) + byteToInt(bArr[i + 3]);
            displayMessage("    Handshake type : ");
            switch (b) {
                case 0:
                    displayMessage("HelloRequest (SSL3_MT_HELLO_REQUEST)\n");
                    break;
                case 1:
                    displayMessage("ClientHello (SSL3_MT_CLIENT_HELLO)\n");
                    parseV3ClientHello(bArr, i, byteToInt3);
                    break;
                case 2:
                    displayMessage("ServerHello (SSL3_MT_SERVER_HELLO)\n");
                    parseV3ServerHello(bArr, i, byteToInt3);
                    break;
                case 3:
                case 4:
                case 5:
                case 6:
                case 7:
                case 8:
                case 9:
                case 10:
                case LDAPDecoder.LDAP_UNDEFINED_TYPE /* 17 */:
                case LDAPDecoder.LDAP_INAPPROPRIATE_MATCHING /* 18 */:
                case 19:
                default:
                    if (byteToInt != 56) {
                        displayMessage(new StringBuffer(" unknown handshake type (").append(byteToInt(b)).append(")\n").toString());
                        break;
                    } else {
                        displayMessage("Likely to be a compressed/encrypted Finished (SSL3_MT_FINISHED) message\n");
                        break;
                    }
                case 11:
                    displayMessage("Certificate (SSL3_MT_CERTIFICATE)\n");
                    parseV3Certificate(bArr, i, byteToInt3);
                    break;
                case 12:
                    displayMessage("ServerKeyExchange (SSL3_MT_SERVER_KEY_EXCHANGE)\n");
                    parseV3ServerKeyExchange(bArr, i, byteToInt3);
                    break;
                case 13:
                    displayMessage("CertificateRequest (SSL3_MT_CERTIFICATE_REQUEST)\n");
                    parseV3CertificateRequest(bArr, i, byteToInt3);
                    break;
                case 14:
                    displayMessage("ServerHelloDone (SSL3_MT_SERVER_DONE)\n");
                    break;
                case 15:
                    displayMessage("CertificateVerify (SSL3_MT_CERTIFICATE_VERIFY)\n");
                    parseV3CertificateVerify(bArr, i, byteToInt3);
                    break;
                case 16:
                    displayMessage("ClientKeyExchange (SSL3_MT_CLIENT_KEY_EXCHANGE)\n");
                    parseV3ClientKeyExchange(bArr, i, byteToInt3);
                    break;
                case 20:
                    displayMessage("Finished (SSL3_MT_FINISHED)\n");
                    break;
            }
            i = i + 4 + byteToInt3;
        }
        this.cache.reset();
        if (bArr.length <= byteToInt2) {
            return true;
        }
        this.cache.write(bArr, byteToInt2, bArr.length - byteToInt2);
        return true;
    }

    protected boolean parseSSLV2Handshake(byte[] bArr) {
        BerUtilities.getLengthField(bArr, 1);
        int componentLength = BerUtilities.getComponentLength(bArr, 0);
        if (componentLength > bArr.length) {
            return false;
        }
        displayMessage(new StringBuffer("\n\n").append(getTimestamp()).append(" : ").append(this.decoderName).append("\n").toString());
        displayMessage("SSLV2_HANDSHAKE :\n");
        int dataOffset = BerUtilities.dataOffset(bArr, 0);
        int byteToInt = byteToInt(bArr[dataOffset]);
        switch (byteToInt) {
            case 1:
                displayMessage("  ClientHello ");
                displayMessage(new StringBuffer(" major-version = ").append(byteToInt(bArr[dataOffset + 1])).append(", minor-version = ").append(byteToInt(bArr[dataOffset + 2])).append("\n").toString());
                int byteToInt2 = (256 * byteToInt(bArr[dataOffset + 3])) + byteToInt(bArr[dataOffset + 4]);
                int byteToInt3 = (256 * byteToInt(bArr[dataOffset + 5])) + byteToInt(bArr[dataOffset + 6]);
                int byteToInt4 = (256 * byteToInt(bArr[dataOffset + 7])) + byteToInt(bArr[dataOffset + 8]);
                int i = dataOffset + 9;
                int i2 = i + byteToInt2;
                int i3 = i2 + byteToInt3;
                int i4 = byteToInt2 / 3;
                displayMessage(new StringBuffer("  Client proposes ").append(i4).append(" cipher suites :\n").toString());
                for (int i5 = 0; i5 < i4; i5++) {
                    displayMessage(new StringBuffer("     #").append(i5 + 1).append(" : ").append(decodeCipherName(bArr, i + (i5 * 3), true)).append("\n").toString());
                }
                displayMessage(new StringBuffer("  Session id (size 0x").append(Integer.toHexString(byteToInt3)).append(") : \n").toString());
                displayMessage(HexDecoder.hexify(bArr, i2, byteToInt3, "    "));
                displayMessage(new StringBuffer("  Challenge (size 0x").append(Integer.toHexString(byteToInt4)).append(") :\n").toString());
                displayMessage(HexDecoder.hexify(bArr, i3, byteToInt4, "    "));
                break;
            default:
                displayMessage(new StringBuffer("Unknown message type : 0x").append(Integer.toHexString(byteToInt)).append("\n").toString());
                break;
        }
        this.cache.reset();
        if (bArr.length <= componentLength) {
            return true;
        }
        this.cache.write(bArr, componentLength, bArr.length - componentLength);
        return true;
    }

    protected void parseV3Certificate(byte[] bArr, int i, int i2) {
        displayMessage(new StringBuffer("    Certificate chain length : ").append((((byteToInt(bArr[i + 4]) * 256) + byteToInt(bArr[i + 5])) * 256) + byteToInt(bArr[i + 6])).append("\n").toString());
        int i3 = 0;
        int i4 = i;
        int i5 = 7;
        while (true) {
            int i6 = i4 + i5;
            if (i6 >= i2 + i) {
                return;
            }
            int byteToInt = (((byteToInt(bArr[i6]) * 256) + byteToInt(bArr[i6 + 1])) * 256) + byteToInt(bArr[i6 + 2]);
            i3++;
            displayMessage(new StringBuffer("      Certificate #").append(i3).append(" :\n").toString());
            boolean z = true;
            try {
                byte[] bArr2 = new byte[byteToInt];
                System.arraycopy(bArr, i6 + 3, bArr2, 0, byteToInt);
                displayMessage(new X509CertImpl(bArr2).toString());
                z = false;
            } catch (Exception e) {
            }
            if (z) {
                this.x509 = new X509Certificate(bArr, i6 + 3, byteToInt);
                try {
                    displayMessage(new StringBuffer("        Version : ").append(this.x509.getVersionNumber()).append("\n").toString());
                    displayMessage(new StringBuffer("        Serial #: ").append(this.x509.getSerialNumber()).append("\n").toString());
                    String oid = this.x509.getAlgorithmId().toString();
                    if (oid.equalsIgnoreCase("1.2.840.113549.1.1.4")) {
                        oid = new StringBuffer(String.valueOf(oid)).append(" (MD5 with RSA encryption)").toString();
                    }
                    if (oid.equalsIgnoreCase("1.2.840.113549.1.1.1")) {
                        oid = new StringBuffer(String.valueOf(oid)).append(" (RSA encryption)").toString();
                    }
                    displayMessage(new StringBuffer("        Signature Algorithm : ").append(oid).append("\n").toString());
                    displayMessage(new StringBuffer("        Issuer  : ").append(this.x509.getIssuer()).append("\n").toString());
                    displayMessage("        Validity:\n");
                    displayMessage(new StringBuffer("          Not before ").append(this.x509.getNotBefore()).append("\n").toString());
                    displayMessage(new StringBuffer("          Not after ").append(this.x509.getNotAfter()).append("\n").toString());
                    displayMessage(new StringBuffer("        Subject : ").append(this.x509.getSubject()).append("\n").toString());
                    String oid2 = this.x509.getPkiAlgorithmId().toString();
                    if (oid2.equalsIgnoreCase("1.2.840.113549.1.1.4")) {
                        oid2 = new StringBuffer(String.valueOf(oid2)).append(" (MD5 with RSA encryption)").toString();
                    }
                    if (oid2.equalsIgnoreCase("1.2.840.113549.1.1.1")) {
                        oid2 = new StringBuffer(String.valueOf(oid2)).append(" (RSA encryption)").toString();
                    }
                    displayMessage("        Subject Public Key Info :\n");
                    displayMessage(new StringBuffer("          PKI algorithm : ").append(oid2).append("\n").toString());
                    displayMessage(new StringBuffer("          public key : \n").append(this.x509.getSubjectPublicKey()).append("\n").toString());
                } catch (Exception e2) {
                    logger.info(new StringBuffer("exception ").append(e2).toString());
                    displayMessage(new StringBuffer("\n      Could not decode certificate #").append(i3).append(e2).append("\n      will try dumping ASN.1 :\n").toString());
                    displayMessage(ASN1Decoder.decodeTLV(bArr, i6 + 3, i6 + 3 + byteToInt, 8));
                }
            }
            displayMessage("      ==============================================\n");
            i4 = i6 + 3;
            i5 = byteToInt;
        }
    }

    protected void parseV3CertificateRequest(byte[] bArr, int i, int i2) {
        byte b = bArr[i + 4];
        int i3 = i + 5 + b;
        int byteToInt = (256 * byteToInt(bArr[i3])) + byteToInt(bArr[i3 + 1]);
        displayMessage(new StringBuffer("    Number of acceptable certificate types : ").append((int) b).append("\n").toString());
        for (int i4 = 0; i4 < b; i4++) {
            displayMessage(new StringBuffer("      #").append(i4).append(" : ").toString());
            switch (bArr[5 + i4]) {
                case 1:
                    displayMessage("RSA signing and key exchange (SSL3_CT_RSA_SIGN)\n");
                    break;
                case 2:
                    displayMessage("DSA signing only (SSL3_CT_DSS_SIGN)\n");
                    break;
                case 3:
                    displayMessage("RSA signing with fixed Diffie-Hellman key exchange (SSL3_CT_RSA_FIXED_DH)\n");
                    break;
                case 4:
                    displayMessage("DSA signing with fixed Diffie-Hellman key exchange (SSL3_CT_DSS_FIXED_DH)\n");
                    break;
                case 5:
                    displayMessage("RSA signing with ephemeral Diffie-Hellman key exchange (SSL3_CT_RSA_EPHEMERAL_DH)\n");
                    break;
                case 6:
                    displayMessage("DSA signing with ephemeral Diffie-Hellman key exchange (SSL3_CT_DSS_EPHEMERAL_DH)\n");
                    break;
                case 7:
                    displayMessage("SSL3_CT_NUMBER\n");
                    break;
                case 8:
                case 9:
                case 10:
                case 11:
                case 12:
                case 13:
                case 14:
                case 15:
                case 16:
                case LDAPDecoder.LDAP_UNDEFINED_TYPE /* 17 */:
                case LDAPDecoder.LDAP_INAPPROPRIATE_MATCHING /* 18 */:
                case 19:
                default:
                    displayMessage(new StringBuffer("Unknown certificate type (").append((int) bArr[5 + i4]).append(")\n").toString());
                    break;
                case 20:
                    displayMessage("Fortezza/DMS signing and key exchange (SSL3_CT_FORTEZZA_DMS)\n");
                    break;
            }
        }
        int i5 = 0;
        int i6 = i3;
        while (true) {
            int i7 = i6 + 2;
            if (i7 >= i2 + i) {
                return;
            }
            int byteToInt2 = (256 * byteToInt(bArr[i7])) + byteToInt(bArr[i7 + 1]);
            i5++;
            displayMessage(new StringBuffer("    CA #").append(i5).append(" : ").toString());
            try {
                displayMessage(new StringBuffer(String.valueOf(parseDN(bArr, i7 + 2, byteToInt2))).append("\n").toString());
            } catch (Exception e) {
                displayMessage(new StringBuffer("couldn't be parsed (").append(e).append(")\n").toString());
            }
            i6 = i7 + byteToInt2;
        }
    }

    protected void parseV3CertificateVerify(byte[] bArr, int i, int i2) {
        switch (i2) {
            case 16:
                displayMessage("    MD5 hash : ");
                for (int i3 = 0; i3 < 16; i3++) {
                    displayMessage(new StringBuffer(String.valueOf(BerUtilities.byteToHex(bArr[i + i3 + 4]))).append(" ").toString());
                }
                displayMessage("\n");
                return;
            case LDAPDecoder.LDAP_UNDEFINED_TYPE /* 17 */:
            case LDAPDecoder.LDAP_INAPPROPRIATE_MATCHING /* 18 */:
            case 19:
            default:
                displayMessage(new StringBuffer("    Unknown hash type (length = ").append(i2).append(")\n").toString());
                return;
            case 20:
                displayMessage("    SHA hash : ");
                for (int i4 = 0; i4 < 20; i4++) {
                    displayMessage(new StringBuffer(String.valueOf(BerUtilities.byteToHex(bArr[i + i4 + 4]))).append(" ").toString());
                }
                displayMessage("\n");
                return;
        }
    }

    protected void parseV3ClientHello(byte[] bArr, int i, int i2) {
        displayMessage(new StringBuffer("    Version         : ").append((int) bArr[i + 4]).append("\n").toString());
        displayMessage("    client rand val : ");
        for (int i3 = 0; i3 < 32; i3++) {
            displayMessage(BerUtilities.byteToHex(bArr[i + i3 + 6]));
        }
        displayMessage("\n");
        int byteToInt = byteToInt(bArr[i + 38]);
        int i4 = i + 39;
        int i5 = i4 + byteToInt;
        int i6 = i5 + 2;
        int byteToInt2 = (256 * byteToInt(bArr[i5])) + byteToInt(bArr[i5 + 1]);
        int byteToInt3 = byteToInt(bArr[i6 + byteToInt2]);
        displayMessage(new StringBuffer("    Session id (size 0x").append(Integer.toHexString(byteToInt)).append(") :\n").toString());
        displayMessage(HexDecoder.hexify(bArr, i4, byteToInt, "    "));
        int i7 = byteToInt2 / 2;
        displayMessage(new StringBuffer("    Client proposes ").append(i7).append(" cipher suites :\n").toString());
        for (int i8 = 0; i8 < i7; i8++) {
            displayMessage(new StringBuffer("      #").append(i8 + 1).append(" : ").append(decodeCipherName(bArr, i6 + (i8 * 2), false)).append("\n").toString());
        }
        displayMessage(new StringBuffer("    Client proposes ").append(byteToInt3).append(" compression methods\n").toString());
        for (int i9 = 0; i9 < byteToInt3; i9++) {
            displayMessage(new StringBuffer("      #").append(i9 + 1).append(" : ").append(byteToInt(bArr[i9 + byteToInt3 + 1])).append("\n").toString());
        }
    }

    protected void parseV3ClientKeyExchange(byte[] bArr, int i, int i2) {
        displayMessage(new StringBuffer("    Length of data : ").append(i2).append(" bytes\n").toString());
    }

    protected void parseV3ServerHello(byte[] bArr, int i, int i2) {
        displayMessage(new StringBuffer("    Version         : ").append((int) bArr[i + 4]).append("\n").toString());
        displayMessage("    server rand val : ");
        for (int i3 = 0; i3 < 32; i3++) {
            displayMessage(new StringBuffer(String.valueOf(BerUtilities.byteToHex(bArr[i + i3 + 6]))).append(" ").toString());
        }
        displayMessage("\n");
        int byteToInt = byteToInt(bArr[i + 38]);
        int i4 = i + 39;
        int i5 = i4 + byteToInt;
        displayMessage(new StringBuffer("    Session id (size 0x").append(Integer.toHexString(byteToInt)).append(") :\n").toString());
        displayMessage(HexDecoder.hexify(bArr, i4, byteToInt, "   "));
        displayMessage(new StringBuffer("    Server chooses cipher : ").append(decodeCipherName(bArr, i5, false)).append("\n").toString());
        displayMessage(new StringBuffer("    Server chooses compression : ").append(byteToInt(bArr[i5 + 2])).append("\n").toString());
    }

    protected void parseV3ServerKeyExchange(byte[] bArr, int i, int i2) {
        displayMessage("    message format depends on cryptographic algorithms being used\n");
        displayMessage("    --- at present, full decoding of ServerKeyExchange is NYI\n");
    }
}
