package cn.org.bjca.mssp.msspjce.crypto.tls;

import cn.org.bjca.mssp.msspjce.crypto.InvalidCipherTextException;
import cn.org.bjca.mssp.msspjce.crypto.encodings.PKCS1Encoding;
import cn.org.bjca.mssp.msspjce.crypto.engines.RSABlindedEngine;
import cn.org.bjca.mssp.msspjce.crypto.params.ParametersWithRandom;
import cn.org.bjca.mssp.msspjce.crypto.params.RSAKeyParameters;
import java.io.IOException;
import java.io.OutputStream;

/* loaded from: classes2.dex */
public class TlsRSAUtils {
    public static byte[] generateEncryptedPreMasterSecret(TlsContext tlsContext, RSAKeyParameters rSAKeyParameters, OutputStream outputStream) throws IOException {
        byte[] bArr = new byte[48];
        tlsContext.getSecureRandom().nextBytes(bArr);
        TlsUtils.writeVersion(tlsContext.getClientVersion(), bArr, 0);
        PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSABlindedEngine());
        pKCS1Encoding.init(true, new ParametersWithRandom(rSAKeyParameters, tlsContext.getSecureRandom()));
        try {
            byte[] processBlock = pKCS1Encoding.processBlock(bArr, 0, bArr.length);
            if (TlsUtils.isSSL(tlsContext)) {
                outputStream.write(processBlock);
            } else {
                TlsUtils.writeOpaque16(processBlock, outputStream);
            }
            return bArr;
        } catch (InvalidCipherTextException e) {
            throw new TlsFatalAlert((short) 80);
        }
    }

    public static byte[] safeDecryptPreMasterSecret(TlsContext tlsContext, TlsEncryptionCredentials tlsEncryptionCredentials, byte[] bArr) {
        ProtocolVersion clientVersion = tlsContext.getClientVersion();
        byte[] bArr2 = new byte[48];
        tlsContext.getSecureRandom().nextBytes(bArr2);
        byte[] bArr3 = TlsUtils.EMPTY_BYTES;
        try {
            bArr3 = tlsEncryptionCredentials.decryptPreMasterSecret(bArr);
        } catch (Exception e) {
        }
        if (bArr3.length != 48) {
            TlsUtils.writeVersion(clientVersion, bArr2, 0);
            return bArr2;
        }
        if (0 == 0 || !clientVersion.isEqualOrEarlierVersionOf(ProtocolVersion.TLSv10)) {
            TlsUtils.writeVersion(clientVersion, bArr3, 0);
        }
        return bArr3;
    }
}
