package _;

import _.ah5;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Objects;
import java.util.Vector;
import org.bouncycastle.crypto.tls.TlsFatalAlert;

/* compiled from: _ */
/* loaded from: classes2.dex */
public class ch5 extends xg5 {
    private zg5 recordLayer;
    public boolean verifyRequests;

    /* compiled from: _ */
    /* loaded from: classes2.dex */
    public static class a {
        public cj5 a = null;
        public ej5 b = null;
        public int[] c = null;
        public short[] d = null;
        public Hashtable e = null;
        public Hashtable f = null;
        public boolean g = false;
        public boolean h = false;
        public boolean i = false;
        public ti5 j = null;
        public gi5 k = null;
        public qg5 l = null;
        public short m = -1;
        public pg5 n = null;
    }

    public ch5(SecureRandom secureRandom) {
        super(secureRandom);
        this.verifyRequests = true;
    }

    public dh5 accept(cj5 cj5Var, eh5 eh5Var) throws IOException {
        if (cj5Var == null) {
            throw new IllegalArgumentException("'server' cannot be null");
        }
        if (eh5Var == null) {
            throw new IllegalArgumentException("'transport' cannot be null");
        }
        qh5 qh5Var = new qh5();
        a aVar = new a();
        aVar.a = cj5Var;
        aVar.b = new ej5(this.secureRandom, qh5Var);
        qh5Var.g = yi5.b(cj5Var.shouldUseGMTUnixTime(), aVar.b.a);
        cj5Var.init(aVar.b);
        zg5 zg5Var = new zg5(eh5Var, aVar.b, cj5Var);
        this.recordLayer = zg5Var;
        try {
            return serverHandshake(aVar, zg5Var);
        } catch (RuntimeException e) {
            this.recordLayer.b((short) 80);
            throw new TlsFatalAlert((short) 80, e);
        } catch (TlsFatalAlert e2) {
            this.recordLayer.b(e2.a);
            throw e2;
        } catch (IOException e3) {
            this.recordLayer.b((short) 80);
            throw e3;
        }
    }

    public void cancel() throws Exception {
        zg5 zg5Var = this.recordLayer;
        if (zg5Var != null) {
            zg5Var.close();
        }
    }

    public boolean expectCertificateVerifyMessage(a aVar) {
        short s = aVar.m;
        if (s >= 0) {
            byte[] bArr = jj5.a;
            if (s == 1 || s == 2 || s == 64) {
                return true;
            }
        }
        return false;
    }

    public byte[] generateCertificateRequest(a aVar, qg5 qg5Var) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        short[] sArr = qg5Var.a;
        if (sArr == null || sArr.length == 0) {
            byte[] bArr = jj5.a;
            byteArrayOutputStream.write(0);
        } else {
            jj5.W(sArr, byteArrayOutputStream);
        }
        Vector vector = qg5Var.b;
        if (vector != null) {
            jj5.l(vector, false, byteArrayOutputStream);
        }
        Vector vector2 = qg5Var.c;
        if (vector2 == null || vector2.isEmpty()) {
            byte[] bArr2 = jj5.a;
            byteArrayOutputStream.write(0);
            byteArrayOutputStream.write(0);
        } else {
            Vector vector3 = new Vector(qg5Var.c.size());
            int i = 0;
            for (int i2 = 0; i2 < qg5Var.c.size(); i2++) {
                byte[] h = ((hc5) qg5Var.c.elementAt(i2)).h("DER");
                vector3.addElement(h);
                i += h.length + 2;
            }
            jj5.e(i);
            byteArrayOutputStream.write(i >>> 8);
            byteArrayOutputStream.write(i);
            for (int i3 = 0; i3 < vector3.size(); i3++) {
                jj5.P((byte[]) vector3.elementAt(i3), byteArrayOutputStream);
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] generateCertificateStatus(a aVar, rg5 rg5Var) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        short s = rg5Var.a;
        byte[] bArr = jj5.a;
        byteArrayOutputStream.write(s);
        if (rg5Var.a != 1) {
            throw new TlsFatalAlert((short) 80, null);
        }
        jj5.Q(((tb5) rg5Var.b).h("DER"), byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] generateNewSessionTicket(a aVar, nh5 nh5Var) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        long j = nh5Var.a;
        byte[] bArr = jj5.a;
        byteArrayOutputStream.write((byte) (j >>> 24));
        byteArrayOutputStream.write((byte) (j >>> 16));
        byteArrayOutputStream.write((byte) (j >>> 8));
        byteArrayOutputStream.write((byte) j);
        jj5.P(nh5Var.b, byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] generateServerHello(a aVar) throws IOException {
        qh5 qh5Var = aVar.b.c;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        oh5 serverVersion = aVar.a.getServerVersion();
        if (!serverVersion.f(aVar.b.d)) {
            throw new TlsFatalAlert((short) 80, null);
        }
        aVar.b.e = serverVersion;
        byte[] bArr = jj5.a;
        byteArrayOutputStream.write(serverVersion.a >> 8);
        byteArrayOutputStream.write(serverVersion.a & 255);
        byteArrayOutputStream.write(qh5Var.g);
        byte[] bArr2 = jj5.a;
        jj5.g(bArr2.length);
        byteArrayOutputStream.write(bArr2.length);
        byteArrayOutputStream.write(bArr2);
        int selectedCipherSuite = aVar.a.getSelectedCipherSuite();
        if (fn5.E(aVar.c, selectedCipherSuite) && selectedCipherSuite != 0) {
            if (!(selectedCipherSuite == 255 || selectedCipherSuite == 22016) && jj5.z(selectedCipherSuite, aVar.b.e)) {
                xg5.validateSelectedCipherSuite(selectedCipherSuite, (short) 80);
                qh5Var.a = selectedCipherSuite;
                short selectedCompressionMethod = aVar.a.getSelectedCompressionMethod();
                if (!fn5.F(aVar.d, selectedCompressionMethod)) {
                    throw new TlsFatalAlert((short) 80, null);
                }
                qh5Var.b = selectedCompressionMethod;
                byteArrayOutputStream.write(selectedCipherSuite >>> 8);
                byteArrayOutputStream.write(selectedCipherSuite);
                byteArrayOutputStream.write(selectedCompressionMethod);
                Hashtable serverExtensions = aVar.a.getServerExtensions();
                aVar.f = serverExtensions;
                if (aVar.g) {
                    Integer num = yi5.a;
                    if (jj5.o(serverExtensions, num) == null) {
                        Hashtable a2 = ri5.a(aVar.f);
                        aVar.f = a2;
                        a2.put(num, yi5.c(bArr2));
                    }
                }
                if (qh5Var.l) {
                    Hashtable a3 = ri5.a(aVar.f);
                    aVar.f = a3;
                    a3.put(ri5.b, bArr2);
                }
                Hashtable hashtable = aVar.f;
                if (hashtable != null) {
                    qh5Var.k = ri5.c(hashtable);
                    qh5Var.i = xg5.evaluateMaxFragmentLengthExtension(false, aVar.e, aVar.f, (short) 80);
                    qh5Var.j = ri5.d(aVar.f);
                    aVar.h = jj5.t(aVar.f, ri5.e, (short) 80);
                    aVar.i = jj5.t(aVar.f, yi5.b, (short) 80);
                    yi5.i(byteArrayOutputStream, aVar.f);
                }
                qh5Var.c = yi5.f(aVar.b, qh5Var.a);
                qh5Var.d = 12;
                return byteArrayOutputStream.toByteArray();
            }
        }
        throw new TlsFatalAlert((short) 80, null);
    }

    public boolean getVerifyRequests() {
        return this.verifyRequests;
    }

    public void notifyClientCertificate(a aVar, pg5 pg5Var) throws IOException {
        short s;
        if (aVar.l == null) {
            throw new IllegalStateException();
        }
        if (aVar.n != null) {
            throw new TlsFatalAlert((short) 10, null);
        }
        aVar.n = pg5Var;
        if (pg5Var.a()) {
            Objects.requireNonNull((kg5) aVar.j);
        } else {
            aVar.k.d();
            byte[] bArr = jj5.a;
            if (pg5Var.a()) {
                s = -1;
            } else {
                lc5 lc5Var = pg5Var.a[0];
                try {
                    af5 h = h85.h(lc5Var.b.b);
                    if (h.a) {
                        throw new TlsFatalAlert((short) 80, null);
                    }
                    if (h instanceof vf5) {
                        jj5.M(lc5Var, 128);
                        s = 1;
                    } else if (h instanceof jf5) {
                        jj5.M(lc5Var, 128);
                        s = 2;
                    } else {
                        if (!(h instanceof of5)) {
                            throw new TlsFatalAlert((short) 43, null);
                        }
                        jj5.M(lc5Var, 128);
                        s = 64;
                    }
                } catch (Exception e) {
                    throw new TlsFatalAlert((short) 43, e);
                }
            }
            aVar.m = s;
            aVar.j.b(pg5Var);
        }
        aVar.a.notifyClientCertificate(pg5Var);
    }

    public void processCertificateVerify(a aVar, byte[] bArr, si5 si5Var) throws IOException {
        byte[] bArr2;
        if (aVar.l == null) {
            throw new IllegalStateException();
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ej5 ej5Var = aVar.b;
        mh5 b = mh5.b(ej5Var, byteArrayInputStream);
        yi5.a(byteArrayInputStream);
        try {
            sh5 sh5Var = b.a;
            if (jj5.y(ej5Var)) {
                jj5.O(aVar.l.b, sh5Var);
                bArr2 = si5Var.h(sh5Var.a);
            } else {
                bArr2 = ej5Var.c.h;
            }
            af5 h = h85.h(aVar.n.a[0].b.b);
            ng5 k = jj5.k(aVar.m);
            k.a = ej5Var;
            if (k.d(sh5Var, b.b, h, bArr2)) {
            } else {
                throw new TlsFatalAlert((short) 51, null);
            }
        } catch (TlsFatalAlert e) {
            throw e;
        } catch (Exception e2) {
            throw new TlsFatalAlert((short) 51, e2);
        }
    }

    public void processClientCertificate(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        pg5 b = pg5.b(byteArrayInputStream);
        yi5.a(byteArrayInputStream);
        notifyClientCertificate(aVar, b);
    }

    public void processClientHello(a aVar, byte[] bArr) throws IOException {
        boolean z;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        oh5 K = jj5.K(byteArrayInputStream);
        if (!K.e()) {
            throw new TlsFatalAlert((short) 47, null);
        }
        byte[] D = jj5.D(32, byteArrayInputStream);
        if (jj5.D(jj5.J(byteArrayInputStream), byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47, null);
        }
        jj5.D(jj5.J(byteArrayInputStream), byteArrayInputStream);
        int E = jj5.E(byteArrayInputStream);
        if (E < 2 || (E & 1) != 0) {
            throw new TlsFatalAlert((short) 50, null);
        }
        aVar.c = jj5.G(E / 2, byteArrayInputStream);
        int J = jj5.J(byteArrayInputStream);
        if (J < 1) {
            throw new TlsFatalAlert((short) 47, null);
        }
        short[] sArr = new short[J];
        for (int i = 0; i < J; i++) {
            sArr[i] = jj5.J(byteArrayInputStream);
        }
        aVar.d = sArr;
        Hashtable g = yi5.g(byteArrayInputStream);
        aVar.e = g;
        ej5 ej5Var = aVar.b;
        qh5 qh5Var = ej5Var.c;
        byte[] o = jj5.o(g, ri5.b);
        if (o == null) {
            z = false;
        } else {
            ri5.e(o);
            z = true;
        }
        qh5Var.l = z;
        ej5Var.d = K;
        aVar.a.notifyClientVersion(K);
        aVar.a.notifyFallback(fn5.E(aVar.c, 22016));
        qh5Var.f = D;
        aVar.a.notifyOfferedCipherSuites(aVar.c);
        aVar.a.notifyOfferedCompressionMethods(aVar.d);
        if (fn5.E(aVar.c, 255)) {
            aVar.g = true;
        }
        byte[] o2 = jj5.o(aVar.e, yi5.a);
        if (o2 != null) {
            aVar.g = true;
            if (!fn5.D(o2, yi5.c(jj5.a))) {
                throw new TlsFatalAlert((short) 40, null);
            }
        }
        aVar.a.notifySecureRenegotiation(aVar.g);
        Hashtable hashtable = aVar.e;
        if (hashtable != null) {
            byte[] o3 = jj5.o(hashtable, ri5.d);
            if (o3 != null) {
                for (byte b : o3) {
                    if (b != 0) {
                        throw new TlsFatalAlert((short) 47, null);
                    }
                }
            }
            aVar.a.processClientExtensions(aVar.e);
        }
    }

    public void processClientKeyExchange(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        aVar.j.h(byteArrayInputStream);
        yi5.a(byteArrayInputStream);
    }

    public void processClientSupplementalData(a aVar, byte[] bArr) throws IOException {
        aVar.a.processClientSupplementalData(yi5.h(new ByteArrayInputStream(bArr)));
    }

    public dh5 serverHandshake(a aVar, zg5 zg5Var) throws IOException {
        pg5 d;
        rg5 certificateStatus;
        ej5 ej5Var = aVar.b;
        qh5 qh5Var = ej5Var.c;
        ah5 ah5Var = new ah5(ej5Var, zg5Var);
        ah5.b d2 = ah5Var.d();
        if (d2.b != 1) {
            throw new TlsFatalAlert((short) 10, null);
        }
        processClientHello(aVar, d2.c);
        byte[] generateServerHello = generateServerHello(aVar);
        xg5.applyMaxFragmentLengthExtension(zg5Var, qh5Var.i);
        oh5 oh5Var = aVar.b.e;
        zg5Var.f = oh5Var;
        zg5Var.g = oh5Var;
        ah5Var.h((short) 2, generateServerHello);
        ah5Var.b = ah5Var.b.f();
        Vector serverSupplementalData = aVar.a.getServerSupplementalData();
        if (serverSupplementalData != null) {
            ah5Var.h((short) 23, xg5.generateSupplementalData(serverSupplementalData));
        }
        ti5 keyExchange = aVar.a.getKeyExchange();
        aVar.j = keyExchange;
        keyExchange.d(aVar.b);
        gi5 credentials = aVar.a.getCredentials();
        aVar.k = credentials;
        if (credentials == null) {
            aVar.j.l();
            d = null;
        } else {
            aVar.j.f(credentials);
            d = aVar.k.d();
            ah5Var.h((short) 11, xg5.generateCertificate(d));
        }
        if (d == null || d.a()) {
            aVar.h = false;
        }
        if (aVar.h && (certificateStatus = aVar.a.getCertificateStatus()) != null) {
            ah5Var.h((short) 22, generateCertificateStatus(aVar, certificateStatus));
        }
        byte[] a2 = aVar.j.a();
        if (a2 != null) {
            ah5Var.h((short) 12, a2);
        }
        if (aVar.k != null) {
            qg5 certificateRequest = aVar.a.getCertificateRequest();
            aVar.l = certificateRequest;
            if (certificateRequest != null) {
                boolean y = jj5.y(aVar.b);
                qg5 qg5Var = aVar.l;
                if (y != (qg5Var.b != null)) {
                    throw new TlsFatalAlert((short) 80, null);
                }
                aVar.j.j(qg5Var);
                ah5Var.h((short) 13, generateCertificateRequest(aVar, aVar.l));
                jj5.L(ah5Var.b, aVar.l.b);
            }
        }
        ah5Var.h((short) 14, jj5.a);
        ah5Var.b.j();
        ah5.b d3 = ah5Var.d();
        if (d3.b == 23) {
            processClientSupplementalData(aVar, d3.c);
            d3 = ah5Var.d();
        } else {
            aVar.a.processClientSupplementalData(null);
        }
        if (aVar.l == null) {
            Objects.requireNonNull((kg5) aVar.j);
        } else if (d3.b == 11) {
            processClientCertificate(aVar, d3.c);
            d3 = ah5Var.d();
        } else {
            if (jj5.y(aVar.b)) {
                throw new TlsFatalAlert((short) 10, null);
            }
            notifyClientCertificate(aVar, pg5.b);
        }
        if (d3.b != 16) {
            throw new TlsFatalAlert((short) 10, null);
        }
        processClientKeyExchange(aVar, d3.c);
        si5 si5Var = ah5Var.b;
        ah5Var.b = si5Var.k();
        qh5Var.h = yi5.e(aVar.b, si5Var, null);
        yi5.d(aVar.b, aVar.j);
        zg5Var.c(aVar.a.getCipher());
        if (expectCertificateVerifyMessage(aVar)) {
            processCertificateVerify(aVar, ah5Var.e((short) 15), si5Var);
        }
        ej5 ej5Var2 = aVar.b;
        processFinished(ah5Var.e((short) 20), jj5.d(ej5Var2, "client finished", yi5.e(ej5Var2, ah5Var.b, null)));
        if (aVar.i) {
            ah5Var.h((short) 4, generateNewSessionTicket(aVar, aVar.a.getNewSessionTicket()));
        }
        ej5 ej5Var3 = aVar.b;
        ah5Var.h((short) 20, jj5.d(ej5Var3, "server finished", yi5.e(ej5Var3, ah5Var.b, null)));
        ah5Var.c();
        aVar.a.notifyHandshakeComplete();
        return new dh5(zg5Var);
    }

    public void setVerifyRequests(boolean z) {
        this.verifyRequests = z;
    }
}
