package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;

/* loaded from: classes2.dex */
public class TlsServerProtocol extends TlsProtocol {

    /* renamed from: a, reason: collision with root package name */
    public CertificateRequest f19207a;

    /* renamed from: b, reason: collision with root package name */
    public TlsCredentials f19208b;

    /* renamed from: c, reason: collision with root package name */
    public TlsHandshakeHash f19209c;

    /* renamed from: d, reason: collision with root package name */
    public TlsKeyExchange f19210d;

    /* renamed from: e, reason: collision with root package name */
    public TlsServer f19211e;

    /* renamed from: f, reason: collision with root package name */
    public TlsServerContextImpl f19212f;

    /* renamed from: g, reason: collision with root package name */
    public short f19213g;

    public TlsServerProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.f19211e = null;
        this.f19212f = null;
        this.f19210d = null;
        this.f19208b = null;
        this.f19207a = null;
        this.f19213g = (short) -1;
        this.f19209c = null;
    }

    public TlsServerProtocol(SecureRandom secureRandom) {
        super(secureRandom);
        this.f19211e = null;
        this.f19212f = null;
        this.f19210d = null;
        this.f19208b = null;
        this.f19207a = null;
        this.f19213g = (short) -1;
        this.f19209c = null;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void cj(short s) {
        if (s != 41) {
            super.cj(s);
        } else {
            if (!TlsUtils.bm(i()) || this.f19207a == null) {
                return;
            }
            q(Certificate.f18834a);
        }
    }

    public void dl(ByteArrayInputStream byteArrayInputStream) {
        Certificate c2 = Certificate.c(byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
        q(c2);
    }

    public void dm(ByteArrayInputStream byteArrayInputStream) {
        byte[] ab;
        if (this.f19207a == null) {
            throw new IllegalStateException();
        }
        DigitallySigned c2 = DigitallySigned.c(i(), byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
        try {
            SignatureAndHashAlgorithm d2 = c2.d();
            if (TlsUtils.du(i())) {
                TlsUtils.aq(this.f19207a.h(), d2);
                ab = this.f19209c.o(d2.d());
            } else {
                ab = this.au.ab();
            }
            AsymmetricKeyParameter b2 = PublicKeyFactory.b(this.as.e(0).k());
            TlsSigner ae = TlsUtils.ae(this.f19213g);
            ae.c(i());
            if (ae.l(d2, c2.f(), b2, ab)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (TlsFatalAlert e2) {
            throw e2;
        } catch (Exception e3) {
            throw new TlsFatalAlert((short) 51, e3);
        }
    }

    public void dn(ByteArrayInputStream byteArrayInputStream) {
        ProtocolVersion aa = TlsUtils.aa(byteArrayInputStream);
        this.at.ap(aa);
        if (aa.m()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] dd = TlsUtils.dd(32, byteArrayInputStream);
        if (TlsUtils.dv(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int j2 = TlsUtils.j(byteArrayInputStream);
        if (j2 < 2 || (j2 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.bc = TlsUtils.cd(j2 / 2, byteArrayInputStream);
        short ag = TlsUtils.ag(byteArrayInputStream);
        if (ag < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.bd = TlsUtils.ce(ag, byteArrayInputStream);
        this.ao = TlsProtocol.br(byteArrayInputStream);
        this.au.f19107j = TlsExtensionsUtils.ad(this.ao);
        h().q(aa);
        this.f19211e.ah(aa);
        this.f19211e.ar(Arrays.u(this.bc, CipherSuite.jj));
        this.au.f19105h = dd;
        this.f19211e.aj(this.bc);
        this.f19211e.ak(this.bd);
        if (Arrays.u(this.bc, 255)) {
            this.bm = true;
        }
        byte[] bq = TlsUtils.bq(this.ao, TlsProtocol.t);
        if (bq != null) {
            this.bm = true;
            if (!Arrays.ay(bq, TlsProtocol.by(TlsUtils.f19223b))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.f19211e.af(this.bm);
        Hashtable hashtable = this.ao;
        if (hashtable != null) {
            this.f19211e.ap(hashtable);
        }
    }

    /* renamed from: do, reason: not valid java name */
    public void m95do(ByteArrayInputStream byteArrayInputStream) {
        this.f19210d.k(byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
        this.f19209c = this.at.an();
        this.au.m = TlsProtocol.bw(i(), this.f19209c, null);
        TlsProtocol.bv(i(), this.f19210d);
        this.at.ag(j().k(), j().j());
        if (this.bo) {
            return;
        }
        dj();
    }

    public void dp() {
        byte[] bArr = new byte[4];
        TlsUtils.az((short) 14, bArr, 0);
        TlsUtils.cp(0, bArr, 1);
        db(bArr, 0, bArr.length);
    }

    public void dq() {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion ao = this.f19211e.ao();
        if (!ao.q(i().m())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.at.af(ao);
        this.at.ap(ao);
        this.at.aj(true);
        h().u(ao);
        TlsUtils.au(ao, handshakeMessage);
        handshakeMessage.write(this.au.k);
        TlsUtils.dq(TlsUtils.f19223b, handshakeMessage);
        int u = this.f19211e.u();
        if (!Arrays.u(this.bc, u) || u == 0 || CipherSuite.jk(u) || !TlsUtils.bi(u, i().t())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.au.f19102e = u;
        short aa = this.f19211e.aa();
        if (!Arrays.y(this.bd, aa)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.au.f19099b = aa;
        TlsUtils.ak(u, handshakeMessage);
        TlsUtils.ay(aa, handshakeMessage);
        this.be = this.f19211e.v();
        boolean z = false;
        if (this.bm) {
            if (TlsUtils.bq(this.be, TlsProtocol.t) == null) {
                this.be = TlsExtensionsUtils.h(this.be);
                this.be.put(TlsProtocol.t, TlsProtocol.by(TlsUtils.f19223b));
            }
        }
        if (this.au.f19107j) {
            this.be = TlsExtensionsUtils.h(this.be);
            TlsExtensionsUtils.ac(this.be);
        }
        Hashtable hashtable = this.be;
        if (hashtable != null) {
            this.au.f19104g = TlsExtensionsUtils.v(hashtable);
            this.au.f19103f = ce(this.ao, this.be, (short) 80);
            this.au.f19100c = TlsExtensionsUtils.ah(this.be);
            this.bn = !this.bk && TlsUtils.bk(this.be, TlsExtensionsUtils.f19183f, (short) 80);
            if (!this.bk && TlsUtils.bk(this.be, TlsProtocol.v, (short) 80)) {
                z = true;
            }
            this.bo = z;
            TlsProtocol.bt(handshakeMessage, this.be);
        }
        this.au.f19106i = TlsProtocol.bq(i(), this.au.p());
        this.au.l = 12;
        cf();
        handshakeMessage.b();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public AbstractTlsContext h() {
        return this.f19212f;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public TlsContext i() {
        return this.f19212f;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public TlsPeer j() {
        return this.f19211e;
    }

    public void k(CertificateRequest certificateRequest) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.f(handshakeMessage);
        handshakeMessage.b();
    }

    public void l(CertificateStatus certificateStatus) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.h(handshakeMessage);
        handshakeMessage.b();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0027. Please report as an issue. */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void m(short s, byte[] bArr) {
        CertificateStatus y;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate certificate = null;
        if (s == 1) {
            short s2 = this.az;
            if (s2 != 0) {
                if (s2 != 16) {
                    throw new TlsFatalAlert((short) 10);
                }
                dh();
                return;
            }
            dn(byteArrayInputStream);
            this.az = (short) 1;
            dq();
            this.az = (short) 2;
            this.at.aq();
            Vector w = this.f19211e.w();
            if (w != null) {
                ch(w);
            }
            this.az = (short) 3;
            this.f19210d = this.f19211e.ba();
            this.f19210d.g(i());
            this.f19208b = this.f19211e.ay();
            TlsCredentials tlsCredentials = this.f19208b;
            if (tlsCredentials == null) {
                this.f19210d.y();
            } else {
                this.f19210d.h(tlsCredentials);
                certificate = this.f19208b.e();
                ci(certificate);
            }
            this.az = (short) 4;
            if (certificate == null || certificate.g()) {
                this.bn = false;
            }
            if (this.bn && (y = this.f19211e.y()) != null) {
                l(y);
            }
            this.az = (short) 5;
            byte[] m = this.f19210d.m();
            if (m != null) {
                r(m);
            }
            this.az = (short) 6;
            if (this.f19208b != null) {
                this.f19207a = this.f19211e.x();
                if (this.f19207a != null) {
                    if (TlsUtils.du(i()) != (this.f19207a.h() != null)) {
                        throw new TlsFatalAlert((short) 80);
                    }
                    this.f19210d.aa(this.f19207a);
                    k(this.f19207a);
                    TlsUtils.aw(this.at.ac(), this.f19207a.h());
                }
            }
            this.az = (short) 7;
            dp();
            this.az = (short) 8;
            this.at.ac().q();
            return;
        }
        if (s == 11) {
            short s3 = this.az;
            if (s3 == 8) {
                this.f19211e.aq(null);
            } else if (s3 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.f19207a == null) {
                throw new TlsFatalAlert((short) 10);
            }
            dl(byteArrayInputStream);
            this.az = (short) 10;
            return;
        }
        if (s == 20) {
            short s4 = this.az;
            if (s4 != 11) {
                if (s4 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (s()) {
                throw new TlsFatalAlert((short) 10);
            }
            cg(byteArrayInputStream);
            this.az = (short) 13;
            if (this.bo) {
                n(this.f19211e.z());
                dj();
            }
            this.az = (short) 14;
            dk();
            this.az = (short) 15;
            this.az = (short) 16;
            dd();
            return;
        }
        if (s == 23) {
            if (this.az != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.f19211e.aq(TlsProtocol.bs(byteArrayInputStream));
            this.az = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.az != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!s()) {
                throw new TlsFatalAlert((short) 10);
            }
            dm(byteArrayInputStream);
            this.az = (short) 12;
            return;
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.az) {
            case 8:
                this.f19211e.aq(null);
            case 9:
                if (this.f19207a == null) {
                    this.f19210d.j();
                } else {
                    if (TlsUtils.du(i())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.bm(i())) {
                        q(Certificate.f18834a);
                    } else if (this.as == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                m95do(byteArrayInputStream);
                this.az = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    public void n(NewSessionTicket newSessionTicket) {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.e(handshakeMessage);
        handshakeMessage.b();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void o() {
        super.o();
        this.f19210d = null;
        this.f19208b = null;
        this.f19207a = null;
        this.f19209c = null;
    }

    public void p(TlsServer tlsServer) {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'tlsServer' cannot be null");
        }
        if (this.f19211e != null) {
            throw new IllegalStateException("'accept' can only be called once");
        }
        this.f19211e = tlsServer;
        this.au = new SecurityParameters();
        SecurityParameters securityParameters = this.au;
        securityParameters.f19098a = 0;
        this.f19212f = new TlsServerContextImpl(this.an, securityParameters);
        this.au.k = TlsProtocol.bx(tlsServer.ag(), this.f19212f.l());
        this.f19211e.ai(this.f19212f);
        this.at.ah(this.f19212f);
        this.at.aj(false);
        cu();
    }

    public void q(Certificate certificate) {
        if (this.f19207a == null) {
            throw new IllegalStateException();
        }
        if (this.as != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.as = certificate;
        if (certificate.g()) {
            this.f19210d.j();
        } else {
            this.f19213g = TlsUtils.ah(certificate, this.f19208b.e());
            this.f19210d.l(certificate);
        }
        this.f19211e.ab(certificate);
    }

    public void r(byte[] bArr) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.b();
    }

    public boolean s() {
        short s = this.f19213g;
        return s >= 0 && TlsUtils.bn(s);
    }
}
