package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;

/* loaded from: classes4.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServer U;
    TlsServerContextImpl V;
    protected TlsKeyExchange W;
    protected TlsCredentials X;
    protected CertificateRequest Y;
    protected short Z;
    protected TlsHandshakeHash a0;

    public TlsServerProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.U = null;
        this.V = null;
        this.W = null;
        this.X = null;
        this.Y = null;
        this.Z = (short) -1;
        this.a0 = null;
    }

    protected void a(CertificateRequest certificateRequest) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(CertificateStatus certificateStatus) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(NewSessionTicket newSessionTicket) throws IOException {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    public void a(TlsServer tlsServer) throws IOException {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'tlsServer' cannot be null");
        }
        if (this.U != null) {
            throw new IllegalStateException("'accept' can only be called once");
        }
        this.U = tlsServer;
        this.f43496o = new SecurityParameters();
        SecurityParameters securityParameters = this.f43496o;
        securityParameters.f43351a = 0;
        this.V = new TlsServerContextImpl(this.f43486e, securityParameters);
        this.f43496o.f43358h = TlsProtocol.a(tlsServer.g(), this.V.f());
        this.U.a(this.V);
        this.f43485d.a(this.V);
        this.f43485d.a(false);
        e();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void a(short s) throws IOException {
        if (s != 41) {
            super.a(s);
        } else {
            if (!TlsUtils.a(g()) || this.Y == null) {
                return;
            }
            b(Certificate.f43026b);
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0027. Please report as an issue. */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected void a(short s, byte[] bArr) throws IOException {
        CertificateStatus t;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate certificate = null;
        if (s == 1) {
            short s2 = this.u;
            if (s2 != 0) {
                if (s2 != 16) {
                    throw new TlsFatalAlert((short) 10);
                }
                o();
                return;
            }
            g(byteArrayInputStream);
            this.u = (short) 1;
            u();
            this.u = (short) 2;
            this.f43485d.f();
            Vector n2 = this.U.n();
            if (n2 != null) {
                a(n2);
            }
            this.u = (short) 3;
            this.W = this.U.d();
            this.W.a(g());
            this.X = this.U.m();
            TlsCredentials tlsCredentials = this.X;
            if (tlsCredentials == null) {
                this.W.f();
            } else {
                this.W.b(tlsCredentials);
                certificate = this.X.a();
                a(certificate);
            }
            this.u = (short) 4;
            if (certificate == null || certificate.d()) {
                this.y = false;
            }
            if (this.y && (t = this.U.t()) != null) {
                a(t);
            }
            this.u = (short) 5;
            byte[] a2 = this.W.a();
            if (a2 != null) {
                b(a2);
            }
            this.u = (short) 6;
            if (this.X != null) {
                this.Y = this.U.s();
                CertificateRequest certificateRequest = this.Y;
                if (certificateRequest != null) {
                    this.W.a(certificateRequest);
                    a(this.Y);
                    TlsUtils.a(this.f43485d.c(), this.Y.c());
                }
            }
            this.u = (short) 7;
            t();
            this.u = (short) 8;
            this.f43485d.c().g();
            return;
        }
        if (s == 11) {
            short s3 = this.u;
            if (s3 == 8) {
                this.U.a((Vector) null);
            } else if (s3 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.Y == null) {
                throw new TlsFatalAlert((short) 10);
            }
            e(byteArrayInputStream);
            this.u = (short) 10;
            return;
        }
        if (s == 20) {
            short s4 = this.u;
            if (s4 != 11) {
                if (s4 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (s()) {
                throw new TlsFatalAlert((short) 10);
            }
            a(byteArrayInputStream);
            this.u = (short) 13;
            if (this.z) {
                a(this.U.l());
                q();
            }
            this.u = (short) 14;
            r();
            this.u = (short) 15;
            this.u = (short) 16;
            return;
        }
        if (s == 23) {
            if (this.u != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.U.a(TlsProtocol.d(byteArrayInputStream));
            this.u = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.u != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!s()) {
                throw new TlsFatalAlert((short) 10);
            }
            f(byteArrayInputStream);
            this.u = (short) 12;
            return;
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.u) {
            case 8:
                this.U.a((Vector) null);
            case 9:
                if (this.Y == null) {
                    this.W.b();
                } else {
                    if (TlsUtils.c(g())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.a(g())) {
                        b(Certificate.f43026b);
                    } else if (this.p == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                h(byteArrayInputStream);
                this.u = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    protected void b(Certificate certificate) throws IOException {
        if (this.Y == null) {
            throw new IllegalStateException();
        }
        if (this.p != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.p = certificate;
        if (certificate.d()) {
            this.W.b();
        } else {
            this.Z = TlsUtils.a(certificate, this.X.a());
            this.W.a(certificate);
        }
        this.U.a(certificate);
    }

    protected void b(byte[] bArr) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void c() {
        super.c();
        this.W = null;
        this.X = null;
        this.Y = null;
        this.a0 = null;
    }

    protected void e(ByteArrayInputStream byteArrayInputStream) throws IOException {
        Certificate a2 = Certificate.a(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        b(a2);
    }

    protected void f(ByteArrayInputStream byteArrayInputStream) throws IOException {
        DigitallySigned a2 = DigitallySigned.a(g(), byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        try {
            byte[] b2 = TlsUtils.c(g()) ? this.a0.b(a2.a().a()) : this.f43496o.l();
            AsymmetricKeyParameter a3 = PublicKeyFactory.a(this.p.a(0).n());
            TlsSigner c2 = TlsUtils.c(this.Z);
            c2.a(g());
            if (c2.a(a2.a(), a2.b(), a3, b2)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (Exception e2) {
            throw new TlsFatalAlert((short) 51, e2);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsContext g() {
        return this.V;
    }

    protected void g(ByteArrayInputStream byteArrayInputStream) throws IOException {
        ProtocolVersion i2 = TlsUtils.i(byteArrayInputStream);
        this.f43485d.b(i2);
        if (i2.e()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] b2 = TlsUtils.b(32, byteArrayInputStream);
        if (TlsUtils.c(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int d2 = TlsUtils.d(byteArrayInputStream);
        if (d2 < 2 || (d2 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.q = TlsUtils.c(d2 / 2, byteArrayInputStream);
        short h2 = TlsUtils.h(byteArrayInputStream);
        if (h2 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.r = TlsUtils.d(h2, byteArrayInputStream);
        this.s = TlsProtocol.c(byteArrayInputStream);
        this.f43496o.f43365o = TlsExtensionsUtils.j(this.s);
        h().a(i2);
        this.U.b(i2);
        this.U.b(Arrays.b(this.q, CipherSuite.j4));
        this.f43496o.f43357g = b2;
        this.U.a(this.q);
        this.U.a(this.r);
        if (Arrays.b(this.q, 255)) {
            this.x = true;
        }
        byte[] a2 = TlsUtils.a(this.s, TlsProtocol.A);
        if (a2 != null) {
            this.x = true;
            if (!Arrays.d(a2, TlsProtocol.a(TlsUtils.f43527a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.U.a(this.x);
        Hashtable hashtable = this.s;
        if (hashtable != null) {
            this.U.b(hashtable);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    AbstractTlsContext h() {
        return this.V;
    }

    protected void h(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.W.b(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        this.a0 = this.f43485d.g();
        this.f43496o.f43359i = TlsProtocol.a(g(), this.a0, (byte[]) null);
        TlsProtocol.a(g(), this.W);
        this.f43485d.a(k().c(), k().e());
        if (this.z) {
            return;
        }
        q();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsPeer k() {
        return this.U;
    }

    protected boolean s() {
        short s = this.Z;
        return s >= 0 && TlsUtils.e(s);
    }

    protected void t() throws IOException {
        byte[] bArr = new byte[4];
        TlsUtils.a((short) 14, bArr, 0);
        TlsUtils.b(0, bArr, 1);
        c(bArr, 0, bArr.length);
    }

    protected void u() throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion a2 = this.U.a();
        if (!a2.b(g().b())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f43485d.a(a2);
        this.f43485d.b(a2);
        this.f43485d.a(true);
        h().b(a2);
        TlsUtils.a(a2, handshakeMessage);
        handshakeMessage.write(this.f43496o.f43358h);
        TlsUtils.c(TlsUtils.f43527a, handshakeMessage);
        int u = this.U.u();
        if (!Arrays.b(this.q, u) || u == 0 || CipherSuite.a(u) || !TlsUtils.a(u, g().a())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f43496o.f43352b = u;
        short k2 = this.U.k();
        if (!Arrays.b(this.r, k2)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f43496o.f43353c = k2;
        TlsUtils.a(u, (OutputStream) handshakeMessage);
        TlsUtils.a(k2, (OutputStream) handshakeMessage);
        this.t = this.U.i();
        boolean z = false;
        if (this.x) {
            if (TlsUtils.a(this.t, TlsProtocol.A) == null) {
                this.t = TlsExtensionsUtils.d(this.t);
                this.t.put(TlsProtocol.A, TlsProtocol.a(TlsUtils.f43527a));
            }
        }
        if (this.f43496o.f43365o) {
            this.t = TlsExtensionsUtils.d(this.t);
            TlsExtensionsUtils.b(this.t);
        }
        Hashtable hashtable = this.t;
        if (hashtable != null) {
            this.f43496o.f43364n = TlsExtensionsUtils.i(hashtable);
            this.f43496o.f43362l = a(this.s, this.t, (short) 80);
            this.f43496o.f43363m = TlsExtensionsUtils.k(this.t);
            this.y = !this.v && TlsUtils.a(this.t, TlsExtensionsUtils.f43453f, (short) 80);
            if (!this.v && TlsUtils.a(this.t, TlsProtocol.B, (short) 80)) {
                z = true;
            }
            this.z = z;
            TlsProtocol.a(handshakeMessage, this.t);
        }
        this.f43496o.f43354d = TlsProtocol.a(g(), this.f43496o.b());
        this.f43496o.f43355e = 12;
        b();
        handshakeMessage.a();
    }
}
