package u.b.c.a1;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.tls.TlsFatalAlert;
import u.b.c.a1.e4;

/* loaded from: classes5.dex */
public class r4 extends e4 {
    public o4 a0;
    public q4 b0;
    public v3 c0;
    public h3 d0;
    public u e0;
    public short f0;
    public t3 g0;

    public r4(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.a0 = null;
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
        this.e0 = null;
        this.f0 = (short) -1;
        this.g0 = null;
    }

    public r4(SecureRandom secureRandom) {
        super(secureRandom);
        this.a0 = null;
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
        this.e0 = null;
        this.f0 = (short) -1;
        this.g0 = null;
    }

    public boolean Z() {
        short s2 = this.f0;
        return s2 >= 0 && x4.hasSigningCapability(s2);
    }

    public void a0(t tVar) throws IOException {
        if (this.e0 == null) {
            throw new IllegalStateException();
        }
        if (this.f35187q != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.f35187q = tVar;
        if (tVar.isEmpty()) {
            this.c0.skipClientCredentials();
        } else {
            this.f0 = x4.i(tVar, this.d0.getCertificate());
            this.c0.processClientCertificate(tVar);
        }
        this.a0.notifyClientCertificate(tVar);
    }

    public void accept(o4 o4Var) throws IOException {
        if (o4Var == null) {
            throw new IllegalArgumentException("'tlsServer' cannot be null");
        }
        if (this.a0 != null) {
            throw new IllegalStateException("'accept' can only be called once");
        }
        this.a0 = o4Var;
        i2 i2Var = new i2();
        this.f35186p = i2Var;
        i2Var.a = 0;
        this.b0 = new q4(this.f35175e, this.f35186p);
        this.f35186p.f35267h = e4.h(o4Var.shouldUseGMTUnixTime(), this.b0.getNonceRandomGenerator());
        this.a0.init(this.b0);
        this.f35174d.m(this.b0);
        this.f35174d.w(false);
        d();
    }

    public void b0(ByteArrayInputStream byteArrayInputStream) throws IOException {
        t parse = t.parse(byteArrayInputStream);
        e4.c(byteArrayInputStream);
        a0(parse);
    }

    public void c0(ByteArrayInputStream byteArrayInputStream) throws IOException {
        byte[] sessionHash;
        if (this.e0 == null) {
            throw new IllegalStateException();
        }
        e1 parse = e1.parse(m(), byteArrayInputStream);
        e4.c(byteArrayInputStream);
        try {
            q2 algorithm = parse.getAlgorithm();
            if (x4.isTLSv12(m())) {
                x4.verifySupportedSignatureAlgorithm(this.e0.getSupportedSignatureAlgorithms(), algorithm);
                sessionHash = this.g0.getFinalHash(algorithm.getHash());
            } else {
                sessionHash = this.f35186p.getSessionHash();
            }
            u.b.c.w0.b createKey = u.b.c.b1.i.createKey(this.f35187q.getCertificateAt(0).getSubjectPublicKeyInfo());
            u4 createTlsSigner = x4.createTlsSigner(this.f0);
            createTlsSigner.init(m());
            if (createTlsSigner.verifyRawSignature(algorithm, parse.getSignature(), createKey, sessionHash)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (TlsFatalAlert e2) {
            throw e2;
        } catch (Exception e3) {
            throw new TlsFatalAlert((short) 51, e3);
        }
    }

    public void d0(ByteArrayInputStream byteArrayInputStream) throws IOException {
        c2 readVersion = x4.readVersion(byteArrayInputStream);
        this.f35174d.x(readVersion);
        if (readVersion.isDTLS()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] readFully = x4.readFully(32, byteArrayInputStream);
        if (x4.readOpaque8(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int readUint16 = x4.readUint16(byteArrayInputStream);
        if (readUint16 < 2 || (readUint16 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.f35188r = x4.readUint16Array(readUint16 / 2, byteArrayInputStream);
        short readUint8 = x4.readUint8(byteArrayInputStream);
        if (readUint8 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.f35189s = x4.readUint8Array(readUint8, byteArrayInputStream);
        Hashtable J = e4.J(byteArrayInputStream);
        this.f35190t = J;
        this.f35186p.f35274o = s3.hasExtendedMasterSecretExtension(J);
        n().b(readVersion);
        this.a0.notifyClientVersion(readVersion);
        this.a0.notifyFallback(u.b.j.a.contains(this.f35188r, c0.Q3));
        this.f35186p.f35266g = readFully;
        this.a0.notifyOfferedCipherSuites(this.f35188r);
        this.a0.notifyOfferedCompressionMethods(this.f35189s);
        if (u.b.j.a.contains(this.f35188r, 255)) {
            this.f35195y = true;
        }
        byte[] extensionData = x4.getExtensionData(this.f35190t, e4.E);
        if (extensionData != null) {
            this.f35195y = true;
            if (!u.b.j.a.constantTimeAreEqual(extensionData, e4.i(x4.a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.a0.notifySecureRenegotiation(this.f35195y);
        Hashtable hashtable = this.f35190t;
        if (hashtable != null) {
            s3.getPaddingExtension(hashtable);
            this.a0.processClientExtensions(this.f35190t);
        }
    }

    public void e0(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.c0.processClientKeyExchange(byteArrayInputStream);
        e4.c(byteArrayInputStream);
        if (x4.isSSL(m())) {
            e4.k(m(), this.c0);
        }
        this.g0 = this.f35174d.o();
        this.f35186p.f35268i = e4.o(m(), this.g0, null);
        if (!x4.isSSL(m())) {
            e4.k(m(), this.c0);
        }
        this.f35174d.t(q().getCompression(), q().getCipher());
    }

    @Override // u.b.c.a1.e4
    public void f() {
        super.f();
        this.c0 = null;
        this.d0 = null;
        this.e0 = null;
        this.g0 = null;
    }

    public void f0(u uVar) throws IOException {
        e4.a aVar = new e4.a(this, (short) 13);
        uVar.encode(aVar);
        aVar.a();
    }

    public void g0(v vVar) throws IOException {
        e4.a aVar = new e4.a(this, (short) 22);
        vVar.encode(aVar);
        aVar.a();
    }

    public void h0(x1 x1Var) throws IOException {
        if (x1Var == null) {
            throw new TlsFatalAlert((short) 80);
        }
        e4.a aVar = new e4.a(this, (short) 4);
        x1Var.encode(aVar);
        aVar.a();
    }

    public void i0() throws IOException {
        byte[] bArr = new byte[4];
        x4.writeUint8((short) 14, bArr, 0);
        x4.writeUint24(0, bArr, 1);
        W(bArr, 0, 4);
    }

    public void j0() throws IOException {
        e4.a aVar = new e4.a(this, (short) 2);
        c2 serverVersion = this.a0.getServerVersion();
        if (!serverVersion.isEqualOrEarlierVersionOf(m().getClientVersion())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f35174d.v(serverVersion);
        this.f35174d.x(serverVersion);
        this.f35174d.w(true);
        n().d(serverVersion);
        x4.writeVersion(serverVersion, aVar);
        aVar.write(this.f35186p.f35267h);
        x4.writeOpaque8(x4.a, aVar);
        int selectedCipherSuite = this.a0.getSelectedCipherSuite();
        if (!u.b.j.a.contains(this.f35188r, selectedCipherSuite) || selectedCipherSuite == 0 || c0.isSCSV(selectedCipherSuite) || !x4.isValidCipherSuiteForVersion(selectedCipherSuite, m().getServerVersion())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f35186p.b = selectedCipherSuite;
        short selectedCompressionMethod = this.a0.getSelectedCompressionMethod();
        if (!u.b.j.a.contains(this.f35189s, selectedCompressionMethod)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f35186p.f35262c = selectedCompressionMethod;
        x4.writeUint16(selectedCipherSuite, aVar);
        x4.writeUint8(selectedCompressionMethod, (OutputStream) aVar);
        Hashtable serverExtensions = this.a0.getServerExtensions();
        this.f35191u = serverExtensions;
        if (this.f35195y) {
            if (x4.getExtensionData(serverExtensions, e4.E) == null) {
                Hashtable ensureExtensionsInitialised = s3.ensureExtensionsInitialised(this.f35191u);
                this.f35191u = ensureExtensionsInitialised;
                ensureExtensionsInitialised.put(e4.E, e4.i(x4.a));
            }
        }
        if (this.f35186p.f35274o) {
            Hashtable ensureExtensionsInitialised2 = s3.ensureExtensionsInitialised(this.f35191u);
            this.f35191u = ensureExtensionsInitialised2;
            s3.addExtendedMasterSecretExtension(ensureExtensionsInitialised2);
        }
        Hashtable hashtable = this.f35191u;
        if (hashtable != null) {
            this.f35186p.f35273n = s3.hasEncryptThenMACExtension(hashtable);
            this.f35186p.f35271l = E(this.f35190t, this.f35191u, (short) 80);
            this.f35186p.f35272m = s3.hasTruncatedHMacExtension(this.f35191u);
            this.z = !this.f35193w && x4.hasExpectedEmptyExtensionData(this.f35191u, s3.f35512g, (short) 80);
            this.A = !this.f35193w && x4.hasExpectedEmptyExtensionData(this.f35191u, e4.F, (short) 80);
            e4.V(aVar, this.f35191u);
        }
        this.f35186p.f35263d = e4.p(m(), this.f35186p.getCipherSuite());
        this.f35186p.f35264e = 12;
        b();
        aVar.a();
    }

    public void k0(byte[] bArr) throws IOException {
        e4.a aVar = new e4.a((short) 12, bArr.length);
        aVar.write(bArr);
        aVar.a();
    }

    @Override // u.b.c.a1.e4
    public g3 m() {
        return this.b0;
    }

    @Override // u.b.c.a1.e4
    public d n() {
        return this.b0;
    }

    @Override // u.b.c.a1.e4
    public d4 q() {
        return this.a0;
    }

    /* JADX WARN: Code restructure failed: missing block: B:12:0x0020, code lost:
    
        if (r3 == 9) goto L15;
     */
    @Override // u.b.c.a1.e4
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void s(short r3) throws java.io.IOException {
        /*
            r2 = this;
            super.s(r3)
            r0 = 41
            if (r3 == r0) goto L8
            return
        L8:
            u.b.c.a1.g3 r3 = r2.m()
            boolean r3 = u.b.c.a1.x4.isSSL(r3)
            r0 = 10
            if (r3 == 0) goto L31
            u.b.c.a1.u r3 = r2.e0
            if (r3 == 0) goto L31
            short r3 = r2.f35192v
            r1 = 8
            if (r3 == r1) goto L23
            r1 = 9
            if (r3 != r1) goto L31
            goto L29
        L23:
            u.b.c.a1.o4 r3 = r2.a0
            r1 = 0
            r3.processClientSupplementalData(r1)
        L29:
            u.b.c.a1.t r3 = u.b.c.a1.t.b
            r2.a0(r3)
            r2.f35192v = r0
            return
        L31:
            org.bouncycastle.crypto.tls.TlsFatalAlert r3 = new org.bouncycastle.crypto.tls.TlsFatalAlert
            r3.<init>(r0)
            throw r3
        */
        throw new UnsupportedOperationException("Method not decompiled: u.b.c.a1.r4.s(short):void");
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0022. Please report as an issue. */
    @Override // u.b.c.a1.e4
    public void x(short s2, ByteArrayInputStream byteArrayInputStream) throws IOException {
        v certificateStatus;
        t tVar = null;
        if (s2 == 1) {
            short s3 = this.f35192v;
            if (s3 != 0) {
                if (s3 != 16) {
                    throw new TlsFatalAlert((short) 10);
                }
                L();
                return;
            }
            d0(byteArrayInputStream);
            this.f35192v = (short) 1;
            j0();
            this.f35192v = (short) 2;
            this.f35174d.n();
            Vector serverSupplementalData = this.a0.getServerSupplementalData();
            if (serverSupplementalData != null) {
                S(serverSupplementalData);
            }
            this.f35192v = (short) 3;
            v3 keyExchange = this.a0.getKeyExchange();
            this.c0 = keyExchange;
            keyExchange.init(m());
            h3 credentials = this.a0.getCredentials();
            this.d0 = credentials;
            if (credentials == null) {
                this.c0.skipServerCredentials();
            } else {
                this.c0.processServerCredentials(credentials);
                tVar = this.d0.getCertificate();
                P(tVar);
            }
            this.f35192v = (short) 4;
            if (tVar == null || tVar.isEmpty()) {
                this.z = false;
            }
            if (this.z && (certificateStatus = this.a0.getCertificateStatus()) != null) {
                g0(certificateStatus);
            }
            this.f35192v = (short) 5;
            byte[] generateServerKeyExchange = this.c0.generateServerKeyExchange();
            if (generateServerKeyExchange != null) {
                k0(generateServerKeyExchange);
            }
            this.f35192v = (short) 6;
            if (this.d0 != null) {
                u certificateRequest = this.a0.getCertificateRequest();
                this.e0 = certificateRequest;
                if (certificateRequest != null) {
                    if (x4.isTLSv12(m()) != (this.e0.getSupportedSignatureAlgorithms() != null)) {
                        throw new TlsFatalAlert((short) 80);
                    }
                    this.c0.validateCertificateRequest(this.e0);
                    f0(this.e0);
                    x4.k(this.f35174d.i(), this.e0.getSupportedSignatureAlgorithms());
                }
            }
            this.f35192v = (short) 7;
            i0();
            this.f35192v = (short) 8;
            this.f35174d.i().sealHashAlgorithms();
            return;
        }
        if (s2 == 11) {
            short s4 = this.f35192v;
            if (s4 == 8) {
                this.a0.processClientSupplementalData(null);
            } else if (s4 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.e0 == null) {
                throw new TlsFatalAlert((short) 10);
            }
            b0(byteArrayInputStream);
            this.f35192v = (short) 10;
            return;
        }
        if (s2 == 20) {
            short s5 = this.f35192v;
            if (s5 != 11) {
                if (s5 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (Z()) {
                throw new TlsFatalAlert((short) 10);
            }
            C(byteArrayInputStream);
            this.f35192v = (short) 13;
            if (this.A) {
                h0(this.a0.getNewSessionTicket());
            }
            this.f35192v = (short) 14;
            Q();
            R();
            this.f35192v = (short) 15;
            g();
            return;
        }
        if (s2 == 23) {
            if (this.f35192v != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.a0.processClientSupplementalData(e4.K(byteArrayInputStream));
            this.f35192v = (short) 9;
            return;
        }
        if (s2 == 15) {
            if (this.f35192v != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!Z()) {
                throw new TlsFatalAlert((short) 10);
            }
            c0(byteArrayInputStream);
            this.f35192v = (short) 12;
            return;
        }
        if (s2 != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.f35192v) {
            case 8:
                this.a0.processClientSupplementalData(null);
            case 9:
                if (this.e0 == null) {
                    this.c0.skipClientCredentials();
                } else {
                    if (x4.isTLSv12(m())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!x4.isSSL(m())) {
                        a0(t.b);
                    } else if (this.f35187q == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                e0(byteArrayInputStream);
                this.f35192v = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }
}
