package fm.icelink;

import android.support.v4.view.MotionEventCompat;
import com.jutaike.protobuf.PubEnumProto;
import fm.ArrayExtensions;
import fm.BitAssistant;
import fm.ByteInputStream;
import fm.ByteOutputStream;
import fm.IntegerExtensions;
import fm.Log;
import fm.NetworkBuffer;
import fm.ParseAssistant;
import java.util.ArrayList;
import java.util.Iterator;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class DTLSClientProtocol extends DTLSProtocol {
    protected static byte[] parseHelloVerifyRequest(TLSContext tLSContext, byte[] bArr) {
        ByteInputStream byteInputStream = new ByteInputStream(bArr);
        if (!TLSNetworkBuffer.readVersion(byteInputStream).isEqualTo(tLSContext.getServerVersion())) {
            throw new TLSFatalAlert(47);
        }
        byte[] readStreamOpaque8 = NetworkBuffer.readStreamOpaque8(byteInputStream);
        TLSProtocol.assertEmpty(byteInputStream);
        return readStreamOpaque8;
    }

    protected static byte[] patchClientHelloWithCookie(byte[] bArr, byte[] bArr2) {
        int readData8 = NetworkBuffer.readData8(bArr, 34) + 35;
        int i = readData8 + 1;
        byte[] bArr3 = new byte[ArrayExtensions.getLength(bArr) + ArrayExtensions.getLength(bArr2)];
        BitAssistant.copy(bArr, 0, bArr3, 0, readData8);
        NetworkBuffer.writeData8(ArrayExtensions.getLength(bArr2), bArr3, readData8);
        BitAssistant.copy(bArr2, 0, bArr3, i, ArrayExtensions.getLength(bArr2));
        BitAssistant.copy(bArr, i, bArr3, ArrayExtensions.getLength(bArr2) + i, ArrayExtensions.getLength(bArr) - i);
        return bArr3;
    }

    protected DTLSTransport clientHandshake(DTLSClientHandshakeState dTLSClientHandshakeState, DTLSRecordLayer dTLSRecordLayer) {
        TLSSecurityParameters securityParameters = dTLSClientHandshakeState.getClientContext().getSecurityParameters();
        DTLSReliableHandshake dTLSReliableHandshake = new DTLSReliableHandshake(dTLSClientHandshakeState.getClientContext(), dTLSRecordLayer);
        byte[] generateClientHello = generateClientHello(dTLSClientHandshakeState, dTLSClientHandshakeState.getClient());
        Log.debug("Sending DTLS client hello...");
        dTLSReliableHandshake.sendMessage(1, generateClientHello);
        Log.debug("Receiving DTLS server message (expecting server hello or hello verify request)...");
        DTLSReliableHandshakeMessage receiveMessage = dTLSReliableHandshake.receiveMessage();
        TLSProtocolVersion discoveredPeerVersion = dTLSRecordLayer.getDiscoveredPeerVersion();
        if (!discoveredPeerVersion.isEqualOrEarlierVersionOf(dTLSClientHandshakeState.getClientContext().getClientVersion())) {
            throw new TLSFatalAlert(47);
        }
        dTLSClientHandshakeState.getClientContext().setServerVersion(discoveredPeerVersion);
        dTLSClientHandshakeState.getClient().notifyServerVersionReceived(discoveredPeerVersion);
        while (receiveMessage.getMessageType() == 3) {
            Log.debug("Received DTLS hello verify request.");
            byte[] patchClientHelloWithCookie = patchClientHelloWithCookie(generateClientHello, parseHelloVerifyRequest(dTLSClientHandshakeState.getClientContext(), receiveMessage.getBody()));
            dTLSReliableHandshake.resetHandshakeMessagesDigest();
            Log.debug("Sending DTLS client hello (with cookie)...");
            dTLSReliableHandshake.sendMessage(1, patchClientHelloWithCookie);
            Log.debug("Receiving DTLS server message (expecting server hello)...");
            receiveMessage = dTLSReliableHandshake.receiveMessage();
        }
        if (receiveMessage.getMessageType() != 2) {
            throw new TLSFatalAlert(10);
        }
        Log.debug("Received DTLS server hello.");
        processServerHello(dTLSClientHandshakeState, receiveMessage.getBody());
        Log.debug("Receiving DTLS server message (expecting supplemental data, certificate, server key exchange, certificate request, or server hello done)...");
        DTLSReliableHandshakeMessage receiveMessage2 = dTLSReliableHandshake.receiveMessage();
        securityParameters.setPrfAlgorithm(TLSProtocol.getPrfAlgorithm(dTLSClientHandshakeState.getSelectedCipherSuite()));
        securityParameters.setCompressionAlgorithm(dTLSClientHandshakeState.getSelectedCompressionMethod());
        securityParameters.setVerifyDataLength(12);
        dTLSReliableHandshake.notifyHelloComplete();
        if (receiveMessage2.getMessageType() == 23) {
            Log.debug("Received DTLS supplemental data.");
            processServerSupplementalData(dTLSClientHandshakeState, receiveMessage2.getBody());
            Log.debug("Receiving DTLS server message (expecting certificate, server key exchange, certificate request, or server hello done)...");
            receiveMessage2 = dTLSReliableHandshake.receiveMessage();
        } else {
            dTLSClientHandshakeState.getClient().processServerSupplementalData(null);
        }
        dTLSClientHandshakeState.setKeyExchange(dTLSClientHandshakeState.getClient().getKeyExchange());
        if (receiveMessage2.getMessageType() == 11) {
            Log.debug("Received DTLS certificate.");
            processServerCertificate(dTLSClientHandshakeState, receiveMessage2.getBody());
            Log.debug("Receiving DTLS server message (expecting server key exchange, certificate request, or server hello done)...");
            receiveMessage2 = dTLSReliableHandshake.receiveMessage();
        } else {
            dTLSClientHandshakeState.getKeyExchange().skipServerCredentials();
        }
        if (receiveMessage2.getMessageType() == 12) {
            Log.debug("Received DTLS server key exchange.");
            processServerKeyExchange(dTLSClientHandshakeState, receiveMessage2.getBody());
            Log.debug("Receiving DTLS server message (expecting certificate request, or server hello done)...");
            receiveMessage2 = dTLSReliableHandshake.receiveMessage();
        } else {
            dTLSClientHandshakeState.getKeyExchange().skipServerKeyExchange();
        }
        if (receiveMessage2.getMessageType() == 13) {
            Log.debug("Received DTLS certificate request.");
            processCertificateRequest(dTLSClientHandshakeState, receiveMessage2.getBody());
            Log.debug("Receiving DTLS server message (expecting server hello done)...");
            receiveMessage2 = dTLSReliableHandshake.receiveMessage();
        }
        if (receiveMessage2.getMessageType() != 14) {
            throw new TLSFatalAlert(10);
        }
        Log.debug("Received DTLS server hello done.");
        if (ArrayExtensions.getLength(receiveMessage2.getBody()) != 0) {
            throw new TLSFatalAlert(50);
        }
        ArrayList clientSupplementalData = dTLSClientHandshakeState.getClient().getClientSupplementalData();
        if (clientSupplementalData != null) {
            byte[] generateSupplementalData = DTLSProtocol.generateSupplementalData(clientSupplementalData);
            Log.debug("Sending DTLS supplemental data...");
            dTLSReliableHandshake.sendMessage(23, generateSupplementalData);
        }
        if (dTLSClientHandshakeState.getCertificateRequest() != null) {
            dTLSClientHandshakeState.setClientCredentials(dTLSClientHandshakeState.getAuthentication().getClientCredentials(dTLSClientHandshakeState.getCertificateRequest()));
            TLSCertificate certificate = dTLSClientHandshakeState.getClientCredentials() != null ? dTLSClientHandshakeState.getClientCredentials().getCertificate() : null;
            if (certificate == null) {
                certificate = TLSCertificate.getEmptyChain();
            }
            byte[] generateCertificate = DTLSProtocol.generateCertificate(certificate);
            Log.debug("Sending DTLS certificate...");
            dTLSReliableHandshake.sendMessage(11, generateCertificate);
        }
        if (dTLSClientHandshakeState.getClientCredentials() != null) {
            dTLSClientHandshakeState.getKeyExchange().processClientCredentials(dTLSClientHandshakeState.getClientCredentials());
        } else {
            dTLSClientHandshakeState.getKeyExchange().skipClientCredentials();
        }
        byte[] generateClientKeyExchange = generateClientKeyExchange(dTLSClientHandshakeState);
        Log.debug("Sending DTLS client key exchange...");
        dTLSReliableHandshake.sendMessage(16, generateClientKeyExchange);
        TLSProtocol.establishMasterSecret(dTLSClientHandshakeState.getClientContext(), dTLSClientHandshakeState.getKeyExchange());
        if (dTLSClientHandshakeState.getClientCredentials() instanceof TLSSignerCredentials) {
            byte[] generateCertificateVerify = generateCertificateVerify(dTLSClientHandshakeState, ((TLSSignerCredentials) dTLSClientHandshakeState.getClientCredentials()).generateCertificateSignature(dTLSReliableHandshake.getCurrentHash()));
            Log.debug("Sending DTLS certificate verify...");
            dTLSReliableHandshake.sendMessage(15, generateCertificateVerify);
        }
        dTLSRecordLayer.initPendingEpoch(dTLSClientHandshakeState.getClient().getCipher());
        byte[] calculateVerifyData = dTLSClientHandshakeState.getClientContext().calculateVerifyData("client finished", dTLSReliableHandshake.getCurrentHash());
        Log.debug("Sending DTLS finished...");
        dTLSReliableHandshake.sendMessage(20, calculateVerifyData);
        if (dTLSClientHandshakeState.getExpectSessionTicket()) {
            Log.debug("Receiving DTLS server message (expecting session ticket)...");
            DTLSReliableHandshakeMessage receiveMessage3 = dTLSReliableHandshake.receiveMessage();
            if (receiveMessage3.getMessageType() != 4) {
                throw new TLSFatalAlert(10);
            }
            Log.debug("Received DTLS session ticket.");
            processNewSessionTicket(dTLSClientHandshakeState, receiveMessage3.getBody());
        }
        byte[] calculateVerifyData2 = dTLSClientHandshakeState.getClientContext().calculateVerifyData("server finished", dTLSReliableHandshake.getCurrentHash());
        Log.debug("Receiving DTLS server message (expecting finished)...");
        DTLSReliableHandshakeMessage receiveMessage4 = dTLSReliableHandshake.receiveMessage();
        if (receiveMessage4.getMessageType() != 20) {
            throw new TLSFatalAlert(10);
        }
        Log.debug("Received DTLS finished.");
        super.processFinished(receiveMessage4.getBody(), calculateVerifyData2);
        dTLSReliableHandshake.finish();
        dTLSClientHandshakeState.getClient().notifyHandshakeCompleted();
        return new DTLSTransport(dTLSRecordLayer);
    }

    public DTLSTransport connect(DTLSClient dTLSClient, DTLSDatagramTransport dTLSDatagramTransport) {
        if (dTLSClient == null) {
            throw new Exception("Client cannot be null.");
        }
        if (dTLSDatagramTransport == null) {
            throw new Exception("Transport cannot be null.");
        }
        DTLSClientHandshakeState dTLSClientHandshakeState = new DTLSClientHandshakeState();
        dTLSClientHandshakeState.setClient(dTLSClient);
        dTLSClientHandshakeState.setClientContext(dTLSClient.getContext());
        DTLSRecordLayer dTLSRecordLayer = new DTLSRecordLayer(dTLSDatagramTransport, dTLSClientHandshakeState.getClientContext(), dTLSClient, 22);
        try {
            return clientHandshake(dTLSClientHandshakeState, dTLSRecordLayer);
        } catch (TLSFatalAlert e) {
            dTLSRecordLayer.fail(e.getAlertDescription());
            throw e;
        } catch (Exception e2) {
            dTLSRecordLayer.fail(80);
            throw e2;
        }
    }

    protected byte[] generateCertificateVerify(DTLSClientHandshakeState dTLSClientHandshakeState, byte[] bArr) {
        ByteOutputStream byteOutputStream = new ByteOutputStream();
        NetworkBuffer.writeStreamOpaque16(bArr, byteOutputStream);
        return byteOutputStream.toArray();
    }

    protected byte[] generateClientHello(DTLSClientHandshakeState dTLSClientHandshakeState, DTLSClient dTLSClient) {
        ByteOutputStream byteOutputStream = new ByteOutputStream();
        TLSProtocolVersion clientVersion = dTLSClient.getClientVersion();
        if (!clientVersion.isDtls()) {
            throw new TLSFatalAlert(80);
        }
        dTLSClientHandshakeState.getClientContext().setClientVersion(clientVersion);
        TLSNetworkBuffer.writeVersion(clientVersion, byteOutputStream);
        byteOutputStream.writeBuffer(dTLSClientHandshakeState.getClientContext().getSecurityParameters().getClientRandom());
        NetworkBuffer.writeStreamOpaque8(new byte[0], byteOutputStream);
        NetworkBuffer.writeStreamOpaque8(new byte[0], byteOutputStream);
        dTLSClientHandshakeState.setOfferedCipherSuites(dTLSClient.getCipherSuites());
        dTLSClientHandshakeState.setClientExtensions(dTLSClient.getClientExtensions());
        boolean z = dTLSClientHandshakeState.getClientExtensions() == null || dTLSClientHandshakeState.getClientExtensions().get(IntegerExtensions.toString(65281)) == null;
        int length = ArrayExtensions.getLength(dTLSClientHandshakeState.getOfferedCipherSuites());
        if (z) {
            length++;
        }
        NetworkBuffer.writeStream16(length * 2, byteOutputStream);
        for (int i = 0; i < ArrayExtensions.getLength(dTLSClientHandshakeState.getOfferedCipherSuites()); i++) {
            NetworkBuffer.writeStream16(dTLSClientHandshakeState.getOfferedCipherSuites()[i], byteOutputStream);
        }
        if (z) {
            NetworkBuffer.writeStream16(MotionEventCompat.ACTION_MASK, byteOutputStream);
        }
        dTLSClientHandshakeState.setOfferedCompressionMethods(new int[1]);
        NetworkBuffer.writeStream8(ArrayExtensions.getLength(dTLSClientHandshakeState.getOfferedCompressionMethods()), byteOutputStream);
        for (int i2 = 0; i2 < ArrayExtensions.getLength(dTLSClientHandshakeState.getOfferedCompressionMethods()); i2++) {
            NetworkBuffer.writeStream8(dTLSClientHandshakeState.getOfferedCompressionMethods()[i2], byteOutputStream);
        }
        if (dTLSClientHandshakeState.getClientExtensions() != null) {
            TLSProtocol.writeExtensions(byteOutputStream, dTLSClientHandshakeState.getClientExtensions());
        }
        return byteOutputStream.toArray();
    }

    protected byte[] generateClientKeyExchange(DTLSClientHandshakeState dTLSClientHandshakeState) {
        ByteOutputStream byteOutputStream = new ByteOutputStream();
        dTLSClientHandshakeState.getKeyExchange().generateClientKeyExchange(byteOutputStream);
        return byteOutputStream.toArray();
    }

    protected void processCertificateRequest(DTLSClientHandshakeState dTLSClientHandshakeState, byte[] bArr) {
        if (dTLSClientHandshakeState.getAuthentication() == null) {
            throw new TLSFatalAlert(40);
        }
        ByteInputStream byteInputStream = new ByteInputStream(bArr);
        dTLSClientHandshakeState.setCertificateRequest(TLSCertificateRequest.readFrom(byteInputStream));
        TLSProtocol.assertEmpty(byteInputStream);
        dTLSClientHandshakeState.getKeyExchange().validateCertificateRequest(dTLSClientHandshakeState.getCertificateRequest());
    }

    protected void processNewSessionTicket(DTLSClientHandshakeState dTLSClientHandshakeState, byte[] bArr) {
        ByteInputStream byteInputStream = new ByteInputStream(bArr);
        TLSNewSessionTicket readFrom = TLSNewSessionTicket.readFrom(byteInputStream);
        TLSProtocol.assertEmpty(byteInputStream);
        dTLSClientHandshakeState.getClient().notifyNewSessionTicketReceived(readFrom);
    }

    protected void processServerCertificate(DTLSClientHandshakeState dTLSClientHandshakeState, byte[] bArr) {
        ByteInputStream byteInputStream = new ByteInputStream(bArr);
        TLSCertificate readFrom = TLSCertificate.readFrom(byteInputStream);
        TLSProtocol.assertEmpty(byteInputStream);
        dTLSClientHandshakeState.getKeyExchange().processServerCertificate(readFrom);
        dTLSClientHandshakeState.setAuthentication(dTLSClientHandshakeState.getClient().getAuthentication());
        dTLSClientHandshakeState.getAuthentication().notifyServerCertificateReceived(readFrom);
    }

    protected void processServerHello(DTLSClientHandshakeState dTLSClientHandshakeState, byte[] bArr) {
        TLSSecurityParameters securityParameters = dTLSClientHandshakeState.getClientContext().getSecurityParameters();
        ByteInputStream byteInputStream = new ByteInputStream(bArr);
        if (!TLSNetworkBuffer.readVersion(byteInputStream).isEqualTo(dTLSClientHandshakeState.getClientContext().getServerVersion())) {
            throw new TLSFatalAlert(47);
        }
        securityParameters.setServerRandom(NetworkBuffer.readStream(32, byteInputStream));
        byte[] readStreamOpaque8 = NetworkBuffer.readStreamOpaque8(byteInputStream);
        if (ArrayExtensions.getLength(readStreamOpaque8) > 32) {
            throw new TLSFatalAlert(47);
        }
        dTLSClientHandshakeState.getClient().notifySessionIdReceived(readStreamOpaque8);
        dTLSClientHandshakeState.setSelectedCipherSuite(NetworkBuffer.readStream16(byteInputStream));
        if (!TLSProtocol.arrayContains(dTLSClientHandshakeState.getOfferedCipherSuites(), dTLSClientHandshakeState.getSelectedCipherSuite()) || dTLSClientHandshakeState.getSelectedCipherSuite() == 0 || dTLSClientHandshakeState.getSelectedCipherSuite() == 255) {
            throw new TLSFatalAlert(47);
        }
        DTLSProtocol.validateSelectedCipherSuite(dTLSClientHandshakeState.getSelectedCipherSuite(), 47);
        dTLSClientHandshakeState.getClient().notifyCipherSuiteReceived(dTLSClientHandshakeState.getSelectedCipherSuite());
        dTLSClientHandshakeState.setSelectedCompressionMethod(NetworkBuffer.readStream8(byteInputStream));
        if (!TLSProtocol.arrayContains(dTLSClientHandshakeState.getOfferedCompressionMethods(), dTLSClientHandshakeState.getSelectedCompressionMethod())) {
            throw new TLSFatalAlert(47);
        }
        dTLSClientHandshakeState.getClient().notifyCompressionMethodReceived(dTLSClientHandshakeState.getSelectedCompressionMethod());
        TLSDictionary readExtensions = TLSProtocol.readExtensions(byteInputStream);
        if (readExtensions != null) {
            Iterator it = readExtensions.getKeys().iterator();
            while (it.hasNext()) {
                int parseIntegerValue = ParseAssistant.parseIntegerValue((String) it.next());
                if (parseIntegerValue != 65281 && (dTLSClientHandshakeState.getClientExtensions() == null || dTLSClientHandshakeState.getClientExtensions().get(IntegerExtensions.toString(Integer.valueOf(parseIntegerValue))) == null)) {
                    throw new TLSFatalAlert(PubEnumProto.StatusCode.CALL_OK_VIDEO_AUDIO_VALUE);
                }
            }
            byte[] bArr2 = (byte[]) readExtensions.get(IntegerExtensions.toString(65281));
            if (bArr2 != null) {
                dTLSClientHandshakeState.setSecureRenegotiation(true);
                if (!BitAssistant.sequencesAreEqualConstantTime(bArr2, TLSProtocol.createRenegotiationInfo(new byte[0]))) {
                    throw new TLSFatalAlert(40);
                }
            }
            dTLSClientHandshakeState.setExpectSessionTicket(readExtensions.containsKey(IntegerExtensions.toString(35)));
        }
        dTLSClientHandshakeState.getClient().notifySecureRenegotiationReceived(dTLSClientHandshakeState.getSecureRenegotiation());
        if (dTLSClientHandshakeState.getClientExtensions() != null) {
            dTLSClientHandshakeState.getClient().processServerExtensions(readExtensions);
        }
    }

    protected void processServerKeyExchange(DTLSClientHandshakeState dTLSClientHandshakeState, byte[] bArr) {
        ByteInputStream byteInputStream = new ByteInputStream(bArr);
        dTLSClientHandshakeState.getKeyExchange().processServerKeyExchange(byteInputStream);
        TLSProtocol.assertEmpty(byteInputStream);
    }

    protected void processServerSupplementalData(DTLSClientHandshakeState dTLSClientHandshakeState, byte[] bArr) {
        dTLSClientHandshakeState.getClient().processServerSupplementalData(TLSProtocol.readSupplementalDataMessage(new ByteInputStream(bArr)));
    }
}
