package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.tls.DTLSReliableHandshake;
import org.spongycastle.crypto.tls.SessionParameters;
import org.spongycastle.util.Arrays;

/* loaded from: classes2.dex */
public class DTLSClientProtocol extends DTLSProtocol {

    /* loaded from: classes2.dex */
    public static class ClientHandshakeState {

        /* renamed from: g, reason: collision with root package name */
        public TlsClient f18895g = null;

        /* renamed from: h, reason: collision with root package name */
        public TlsClientContextImpl f18896h = null;
        public TlsSession k = null;

        /* renamed from: e, reason: collision with root package name */
        public SessionParameters f18893e = null;

        /* renamed from: d, reason: collision with root package name */
        public SessionParameters.Builder f18892d = null;
        public int[] n = null;
        public short[] o = null;

        /* renamed from: a, reason: collision with root package name */
        public Hashtable f18889a = null;
        public Hashtable p = null;
        public byte[] m = null;
        public boolean l = false;
        public boolean q = false;
        public boolean r = false;
        public boolean s = false;

        /* renamed from: j, reason: collision with root package name */
        public TlsKeyExchange f18898j = null;

        /* renamed from: f, reason: collision with root package name */
        public TlsAuthentication f18894f = null;

        /* renamed from: c, reason: collision with root package name */
        public CertificateStatus f18891c = null;

        /* renamed from: b, reason: collision with root package name */
        public CertificateRequest f18890b = null;

        /* renamed from: i, reason: collision with root package name */
        public TlsCredentials f18897i = null;
    }

    public DTLSClientProtocol(SecureRandom secureRandom) {
        super(secureRandom);
    }

    public static byte[] a(byte[] bArr, byte[] bArr2) {
        int ai = TlsUtils.ai(bArr, 34) + 35;
        int i2 = ai + 1;
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, ai);
        TlsUtils.dk(bArr2.length);
        TlsUtils.dm(bArr2.length, bArr3, ai);
        System.arraycopy(bArr2, 0, bArr3, i2, bArr2.length);
        System.arraycopy(bArr, i2, bArr3, bArr2.length + i2, bArr.length - i2);
        return bArr3;
    }

    public Certificate b(ClientHandshakeState clientHandshakeState, byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate c2 = Certificate.c(byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
        clientHandshakeState.f18898j.f(c2);
        clientHandshakeState.f18894f = clientHandshakeState.f18895g.ak();
        clientHandshakeState.f18894f.b(c2);
        return c2;
    }

    public DTLSTransport c(ClientHandshakeState clientHandshakeState, DTLSRecordLayer dTLSRecordLayer) {
        DTLSReliableHandshake.Message message;
        Certificate certificate;
        SecurityParameters n = clientHandshakeState.f18896h.n();
        DTLSReliableHandshake dTLSReliableHandshake = new DTLSReliableHandshake(clientHandshakeState.f18896h, dTLSRecordLayer);
        byte[] j2 = j(clientHandshakeState, clientHandshakeState.f18895g);
        dTLSRecordLayer.ai(ProtocolVersion.f19077e);
        dTLSReliableHandshake.t((short) 1, j2);
        DTLSReliableHandshake.Message q = dTLSReliableHandshake.q();
        while (q.e() == 3) {
            if (!dTLSRecordLayer.y().q(clientHandshakeState.f18896h.m())) {
                throw new TlsFatalAlert((short) 47);
            }
            dTLSRecordLayer.ac(null);
            byte[] a2 = a(j2, k(clientHandshakeState, q.f()));
            dTLSReliableHandshake.x();
            dTLSReliableHandshake.t((short) 1, a2);
            q = dTLSReliableHandshake.q();
        }
        if (q.e() != 2) {
            throw new TlsFatalAlert((short) 10);
        }
        ProtocolVersion y = dTLSRecordLayer.y();
        f(clientHandshakeState, y);
        dTLSRecordLayer.ai(y);
        n(clientHandshakeState, q.f());
        dTLSReliableHandshake.w();
        DTLSProtocol.t(dTLSRecordLayer, n.f19103f);
        if (clientHandshakeState.l) {
            n.f19101d = Arrays.aa(clientHandshakeState.f18893e.n());
            dTLSRecordLayer.ad(clientHandshakeState.f18895g.j());
            TlsClientContextImpl tlsClientContextImpl = clientHandshakeState.f18896h;
            w(dTLSReliableHandshake.u((short) 20), TlsUtils.bt(tlsClientContextImpl, ExporterLabel.f18985b, TlsProtocol.bw(tlsClientContextImpl, dTLSReliableHandshake.r(), null)));
            TlsClientContextImpl tlsClientContextImpl2 = clientHandshakeState.f18896h;
            dTLSReliableHandshake.t((short) 20, TlsUtils.bt(tlsClientContextImpl2, ExporterLabel.f18984a, TlsProtocol.bw(tlsClientContextImpl2, dTLSReliableHandshake.r(), null)));
            dTLSReliableHandshake.s();
            clientHandshakeState.f18896h.r(clientHandshakeState.k);
            clientHandshakeState.f18895g.ac();
            return new DTLSTransport(dTLSRecordLayer);
        }
        e(clientHandshakeState);
        byte[] bArr = clientHandshakeState.m;
        if (bArr.length > 0) {
            clientHandshakeState.k = new TlsSessionImpl(bArr, null);
        }
        DTLSReliableHandshake.Message q2 = dTLSReliableHandshake.q();
        if (q2.e() == 23) {
            p(clientHandshakeState, q2.f());
            q2 = dTLSReliableHandshake.q();
        } else {
            clientHandshakeState.f18895g.p(null);
        }
        clientHandshakeState.f18898j = clientHandshakeState.f18895g.ah();
        clientHandshakeState.f18898j.g(clientHandshakeState.f18896h);
        if (q2.e() == 11) {
            certificate = b(clientHandshakeState, q2.f());
            message = dTLSReliableHandshake.q();
        } else {
            clientHandshakeState.f18898j.y();
            message = q2;
            certificate = null;
        }
        if (certificate == null || certificate.g()) {
            clientHandshakeState.r = false;
        }
        if (message.e() == 22) {
            l(clientHandshakeState, message.f());
            message = dTLSReliableHandshake.q();
        }
        if (message.e() == 12) {
            o(clientHandshakeState, message.f());
            message = dTLSReliableHandshake.q();
        } else {
            clientHandshakeState.f18898j.n();
        }
        if (message.e() == 13) {
            g(clientHandshakeState, message.f());
            TlsUtils.aw(dTLSReliableHandshake.r(), clientHandshakeState.f18890b.h());
            message = dTLSReliableHandshake.q();
        }
        if (message.e() != 14) {
            throw new TlsFatalAlert((short) 10);
        }
        if (message.f().length != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        dTLSReliableHandshake.r().q();
        Vector x = clientHandshakeState.f18895g.x();
        if (x != null) {
            dTLSReliableHandshake.t((short) 23, DTLSProtocol.u(x));
        }
        CertificateRequest certificateRequest = clientHandshakeState.f18890b;
        if (certificateRequest != null) {
            clientHandshakeState.f18897i = clientHandshakeState.f18894f.a(certificateRequest);
            TlsCredentials tlsCredentials = clientHandshakeState.f18897i;
            Certificate e2 = tlsCredentials != null ? tlsCredentials.e() : null;
            if (e2 == null) {
                e2 = Certificate.f18834a;
            }
            dTLSReliableHandshake.t((short) 11, DTLSProtocol.v(e2));
        }
        TlsCredentials tlsCredentials2 = clientHandshakeState.f18897i;
        if (tlsCredentials2 != null) {
            clientHandshakeState.f18898j.ac(tlsCredentials2);
        } else {
            clientHandshakeState.f18898j.j();
        }
        dTLSReliableHandshake.t((short) 16, h(clientHandshakeState));
        TlsHandshakeHash v = dTLSReliableHandshake.v();
        n.m = TlsProtocol.bw(clientHandshakeState.f18896h, v, null);
        TlsProtocol.bv(clientHandshakeState.f18896h, clientHandshakeState.f18898j);
        dTLSRecordLayer.ad(clientHandshakeState.f18895g.j());
        TlsCredentials tlsCredentials3 = clientHandshakeState.f18897i;
        if (tlsCredentials3 != null && (tlsCredentials3 instanceof TlsSignerCredentials)) {
            TlsSignerCredentials tlsSignerCredentials = (TlsSignerCredentials) tlsCredentials3;
            SignatureAndHashAlgorithm ac = TlsUtils.ac(clientHandshakeState.f18896h, tlsSignerCredentials);
            dTLSReliableHandshake.t((short) 15, i(clientHandshakeState, new DigitallySigned(ac, tlsSignerCredentials.h(ac == null ? n.ab() : v.o(ac.d())))));
        }
        TlsClientContextImpl tlsClientContextImpl3 = clientHandshakeState.f18896h;
        dTLSReliableHandshake.t((short) 20, TlsUtils.bt(tlsClientContextImpl3, ExporterLabel.f18984a, TlsProtocol.bw(tlsClientContextImpl3, dTLSReliableHandshake.r(), null)));
        if (clientHandshakeState.s) {
            DTLSReliableHandshake.Message q3 = dTLSReliableHandshake.q();
            if (q3.e() != 4) {
                throw new TlsFatalAlert((short) 10);
            }
            m(clientHandshakeState, q3.f());
        }
        TlsClientContextImpl tlsClientContextImpl4 = clientHandshakeState.f18896h;
        w(dTLSReliableHandshake.u((short) 20), TlsUtils.bt(tlsClientContextImpl4, ExporterLabel.f18985b, TlsProtocol.bw(tlsClientContextImpl4, dTLSReliableHandshake.r(), null)));
        dTLSReliableHandshake.s();
        if (clientHandshakeState.k != null) {
            clientHandshakeState.f18893e = new SessionParameters.Builder().h(n.p()).k(n.q()).l(n.u()).j(certificate).n(n.w()).p(n.z()).i(clientHandshakeState.p).m();
            clientHandshakeState.k = TlsUtils.ad(clientHandshakeState.k.d(), clientHandshakeState.f18893e);
            clientHandshakeState.f18896h.r(clientHandshakeState.k);
        }
        clientHandshakeState.f18895g.ac();
        return new DTLSTransport(dTLSRecordLayer);
    }

    public DTLSTransport d(TlsClient tlsClient, DatagramTransport datagramTransport) {
        SessionParameters a2;
        if (tlsClient == null) {
            throw new IllegalArgumentException("'client' cannot be null");
        }
        if (datagramTransport == null) {
            throw new IllegalArgumentException("'transport' cannot be null");
        }
        SecurityParameters securityParameters = new SecurityParameters();
        securityParameters.f19098a = 1;
        ClientHandshakeState clientHandshakeState = new ClientHandshakeState();
        clientHandshakeState.f18895g = tlsClient;
        clientHandshakeState.f18896h = new TlsClientContextImpl(this.q, securityParameters);
        securityParameters.f19105h = TlsProtocol.bx(tlsClient.ag(), clientHandshakeState.f18896h.l());
        tlsClient.r(clientHandshakeState.f18896h);
        DTLSRecordLayer dTLSRecordLayer = new DTLSRecordLayer(datagramTransport, clientHandshakeState.f18896h, tlsClient, (short) 22);
        TlsSession l = clientHandshakeState.f18895g.l();
        if (l != null && l.c() && (a2 = l.a()) != null) {
            clientHandshakeState.k = l;
            clientHandshakeState.f18893e = a2;
        }
        try {
            return c(clientHandshakeState, dTLSRecordLayer);
        } catch (TlsFatalAlert e2) {
            dTLSRecordLayer.ae(e2.d());
            throw e2;
        } catch (IOException e3) {
            dTLSRecordLayer.ae((short) 80);
            throw e3;
        } catch (RuntimeException e4) {
            dTLSRecordLayer.ae((short) 80);
            throw new TlsFatalAlert((short) 80, e4);
        }
    }

    public void e(ClientHandshakeState clientHandshakeState) {
        SessionParameters sessionParameters = clientHandshakeState.f18893e;
        if (sessionParameters != null) {
            sessionParameters.m();
            clientHandshakeState.f18893e = null;
        }
        TlsSession tlsSession = clientHandshakeState.k;
        if (tlsSession != null) {
            tlsSession.b();
            clientHandshakeState.k = null;
        }
    }

    public void f(ClientHandshakeState clientHandshakeState, ProtocolVersion protocolVersion) {
        TlsClientContextImpl tlsClientContextImpl = clientHandshakeState.f18896h;
        ProtocolVersion t = tlsClientContextImpl.t();
        if (t == null) {
            tlsClientContextImpl.u(protocolVersion);
            clientHandshakeState.f18895g.y(protocolVersion);
        } else if (!t.n(protocolVersion)) {
            throw new TlsFatalAlert((short) 47);
        }
    }

    public void g(ClientHandshakeState clientHandshakeState, byte[] bArr) {
        if (clientHandshakeState.f18894f == null) {
            throw new TlsFatalAlert((short) 40);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.f18890b = CertificateRequest.d(clientHandshakeState.f18896h, byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
        clientHandshakeState.f18898j.aa(clientHandshakeState.f18890b);
    }

    public byte[] h(ClientHandshakeState clientHandshakeState) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        clientHandshakeState.f18898j.z(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] i(ClientHandshakeState clientHandshakeState, DigitallySigned digitallySigned) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        digitallySigned.e(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] j(ClientHandshakeState clientHandshakeState, TlsClient tlsClient) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ProtocolVersion i2 = tlsClient.i();
        if (!i2.m()) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsClientContextImpl tlsClientContextImpl = clientHandshakeState.f18896h;
        tlsClientContextImpl.q(i2);
        TlsUtils.au(i2, byteArrayOutputStream);
        byteArrayOutputStream.write(tlsClientContextImpl.n().s());
        byte[] bArr = TlsUtils.f19223b;
        TlsSession tlsSession = clientHandshakeState.k;
        if (tlsSession != null && ((bArr = tlsSession.d()) == null || bArr.length > 32)) {
            bArr = TlsUtils.f19223b;
        }
        TlsUtils.dq(bArr, byteArrayOutputStream);
        TlsUtils.dq(TlsUtils.f19223b, byteArrayOutputStream);
        boolean z = tlsClient.z();
        clientHandshakeState.n = tlsClient.aj();
        clientHandshakeState.f18889a = tlsClient.w();
        boolean z2 = TlsUtils.bq(clientHandshakeState.f18889a, TlsProtocol.t) == null;
        boolean z3 = !Arrays.u(clientHandshakeState.n, 255);
        if (z2 && z3) {
            clientHandshakeState.n = Arrays.ak(clientHandshakeState.n, 255);
        }
        if (z && !Arrays.u(clientHandshakeState.n, CipherSuite.jj)) {
            clientHandshakeState.n = Arrays.ak(clientHandshakeState.n, CipherSuite.jj);
        }
        TlsUtils.cu(clientHandshakeState.n, byteArrayOutputStream);
        clientHandshakeState.o = new short[]{0};
        TlsUtils.cw(clientHandshakeState.o, byteArrayOutputStream);
        Hashtable hashtable = clientHandshakeState.f18889a;
        if (hashtable != null) {
            TlsProtocol.bt(byteArrayOutputStream, hashtable);
        }
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] k(ClientHandshakeState clientHandshakeState, byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ProtocolVersion aa = TlsUtils.aa(byteArrayInputStream);
        byte[] dv = TlsUtils.dv(byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
        if (!aa.q(clientHandshakeState.f18896h.m())) {
            throw new TlsFatalAlert((short) 47);
        }
        if (ProtocolVersion.f19078f.q(aa) || dv.length <= 32) {
            return dv;
        }
        throw new TlsFatalAlert((short) 47);
    }

    public void l(ClientHandshakeState clientHandshakeState, byte[] bArr) {
        if (!clientHandshakeState.r) {
            throw new TlsFatalAlert((short) 10);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.f18891c = CertificateStatus.c(byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
    }

    public void m(ClientHandshakeState clientHandshakeState, byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        NewSessionTicket c2 = NewSessionTicket.c(byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
        clientHandshakeState.f18895g.q(c2);
    }

    public void n(ClientHandshakeState clientHandshakeState, byte[] bArr) {
        TlsSession tlsSession;
        SecurityParameters n = clientHandshakeState.f18896h.n();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        f(clientHandshakeState, TlsUtils.aa(byteArrayInputStream));
        n.k = TlsUtils.dd(32, byteArrayInputStream);
        clientHandshakeState.m = TlsUtils.dv(byteArrayInputStream);
        byte[] bArr2 = clientHandshakeState.m;
        if (bArr2.length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        clientHandshakeState.f18895g.t(bArr2);
        byte[] bArr3 = clientHandshakeState.m;
        boolean z = false;
        clientHandshakeState.l = bArr3.length > 0 && (tlsSession = clientHandshakeState.k) != null && Arrays.s(bArr3, tlsSession.d());
        int j2 = TlsUtils.j(byteArrayInputStream);
        if (!Arrays.u(clientHandshakeState.n, j2) || j2 == 0 || CipherSuite.jk(j2) || !TlsUtils.bi(j2, clientHandshakeState.f18896h.t())) {
            throw new TlsFatalAlert((short) 47);
        }
        DTLSProtocol.s(j2, (short) 47);
        clientHandshakeState.f18895g.m(j2);
        short ag = TlsUtils.ag(byteArrayInputStream);
        if (!Arrays.y(clientHandshakeState.o, ag)) {
            throw new TlsFatalAlert((short) 47);
        }
        clientHandshakeState.f18895g.s(ag);
        clientHandshakeState.p = TlsProtocol.br(byteArrayInputStream);
        Hashtable hashtable = clientHandshakeState.p;
        if (hashtable != null) {
            Enumeration keys = hashtable.keys();
            while (keys.hasMoreElements()) {
                Integer num = (Integer) keys.nextElement();
                if (!num.equals(TlsProtocol.t)) {
                    if (TlsUtils.bq(clientHandshakeState.f18889a, num) == null) {
                        throw new TlsFatalAlert(AlertDescription.y);
                    }
                    boolean z2 = clientHandshakeState.l;
                }
            }
        }
        byte[] bq = TlsUtils.bq(clientHandshakeState.p, TlsProtocol.t);
        if (bq != null) {
            clientHandshakeState.q = true;
            if (!Arrays.ay(bq, TlsProtocol.by(TlsUtils.f19223b))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        clientHandshakeState.f18895g.af(clientHandshakeState.q);
        Hashtable hashtable2 = clientHandshakeState.f18889a;
        Hashtable hashtable3 = clientHandshakeState.p;
        if (clientHandshakeState.l) {
            if (j2 != clientHandshakeState.f18893e.h() || ag != clientHandshakeState.f18893e.l()) {
                throw new TlsFatalAlert((short) 47);
            }
            hashtable2 = null;
            hashtable3 = clientHandshakeState.f18893e.i();
        }
        n.f19102e = j2;
        n.f19099b = ag;
        if (hashtable3 != null) {
            boolean v = TlsExtensionsUtils.v(hashtable3);
            if (v && !TlsUtils.cy(n.p())) {
                throw new TlsFatalAlert((short) 47);
            }
            n.f19104g = v;
            n.f19107j = TlsExtensionsUtils.ad(hashtable3);
            n.f19103f = DTLSProtocol.r(clientHandshakeState.l, hashtable2, hashtable3, (short) 47);
            n.f19100c = TlsExtensionsUtils.ah(hashtable3);
            clientHandshakeState.r = !clientHandshakeState.l && TlsUtils.bk(hashtable3, TlsExtensionsUtils.f19183f, (short) 47);
            if (!clientHandshakeState.l && TlsUtils.bk(hashtable3, TlsProtocol.v, (short) 47)) {
                z = true;
            }
            clientHandshakeState.s = z;
        }
        if (hashtable2 != null) {
            clientHandshakeState.f18895g.n(hashtable3);
        }
        n.f19106i = TlsProtocol.bq(clientHandshakeState.f18896h, n.p());
        n.l = 12;
    }

    public void o(ClientHandshakeState clientHandshakeState, byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.f18898j.e(byteArrayInputStream);
        TlsProtocol.bz(byteArrayInputStream);
    }

    public void p(ClientHandshakeState clientHandshakeState, byte[] bArr) {
        clientHandshakeState.f18895g.p(TlsProtocol.bs(new ByteArrayInputStream(bArr)));
    }
}
