package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;

/* loaded from: classes.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServer A;
    TlsServerContextImpl B;
    protected TlsKeyExchange C;
    protected TlsCredentials D;
    protected CertificateRequest E;
    protected short F;
    protected TlsHandshakeHash G;

    protected boolean T() {
        short s = this.F;
        return s >= 0 && TlsUtils.K(s);
    }

    protected void U(Certificate certificate) throws IOException {
        if (this.E == null) {
            throw new IllegalStateException();
        }
        if (this.m != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.m = certificate;
        if (certificate.c()) {
            this.C.d();
        } else {
            this.F = TlsUtils.w(certificate, this.D.c());
            this.C.l(certificate);
        }
        this.A.D(certificate);
    }

    protected void V(ByteArrayInputStream byteArrayInputStream) throws IOException {
        Certificate d2 = Certificate.d(byteArrayInputStream);
        TlsProtocol.c(byteArrayInputStream);
        U(d2);
    }

    protected void W(ByteArrayInputStream byteArrayInputStream) throws IOException {
        byte[] j2;
        if (this.E == null) {
            throw new IllegalStateException();
        }
        DigitallySigned d2 = DigitallySigned.d(m(), byteArrayInputStream);
        TlsProtocol.c(byteArrayInputStream);
        try {
            SignatureAndHashAlgorithm b = d2.b();
            if (TlsUtils.S(m())) {
                TlsUtils.w0(this.E.c(), b);
                j2 = this.G.j(b.b());
            } else {
                j2 = this.l.j();
            }
            AsymmetricKeyParameter a = PublicKeyFactory.a(this.m.b(0).x());
            TlsSigner q = TlsUtils.q(this.F);
            q.a(m());
            if (q.c(b, d2.c(), a, j2)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (TlsFatalAlert e2) {
            throw e2;
        } catch (Exception e3) {
            throw new TlsFatalAlert((short) 51, e3);
        }
    }

    protected void X(ByteArrayInputStream byteArrayInputStream) throws IOException {
        ProtocolVersion q0 = TlsUtils.q0(byteArrayInputStream);
        this.f3558d.t(q0);
        if (q0.g()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] c0 = TlsUtils.c0(32, byteArrayInputStream);
        if (TlsUtils.f0(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int h0 = TlsUtils.h0(byteArrayInputStream);
        if (h0 < 2 || (h0 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.n = TlsUtils.j0(h0 / 2, byteArrayInputStream);
        short n0 = TlsUtils.n0(byteArrayInputStream);
        if (n0 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.o = TlsUtils.p0(n0, byteArrayInputStream);
        Hashtable G = TlsProtocol.G(byteArrayInputStream);
        this.p = G;
        this.l.n = TlsExtensionsUtils.m(G);
        n().a(q0);
        this.A.h(q0);
        this.A.c(Arrays.t(this.n, 22016));
        this.l.f3501f = c0;
        this.A.e(this.n);
        this.A.n(this.o);
        if (Arrays.t(this.n, 255)) {
            this.u = true;
        }
        byte[] B = TlsUtils.B(this.p, TlsProtocol.y);
        if (B != null) {
            this.u = true;
            if (!Arrays.s(B, TlsProtocol.h(TlsUtils.a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.A.q(this.u);
        Hashtable hashtable = this.p;
        if (hashtable != null) {
            this.A.g(hashtable);
        }
    }

    protected void Y(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.C.n(byteArrayInputStream);
        TlsProtocol.c(byteArrayInputStream);
        this.G = this.f3558d.k();
        this.l.f3503h = TlsProtocol.o(m(), this.G, null);
        TlsProtocol.j(m(), this.C);
        this.f3558d.p(q().r(), q().A());
        if (this.w) {
            return;
        }
        M();
    }

    protected void Z(CertificateRequest certificateRequest) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a0(CertificateStatus certificateStatus) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void b0(NewSessionTicket newSessionTicket) throws IOException {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void c0() throws IOException {
        byte[] bArr = new byte[4];
        TlsUtils.J0((short) 14, bArr, 0);
        TlsUtils.D0(0, bArr, 1);
        R(bArr, 0, 4);
    }

    protected void d0() throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion b = this.A.b();
        if (!b.h(m().g())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f3558d.r(b);
        this.f3558d.t(b);
        this.f3558d.s(true);
        n().i(b);
        TlsUtils.O0(b, handshakeMessage);
        handshakeMessage.write(this.l.f3502g);
        TlsUtils.z0(TlsUtils.a, handshakeMessage);
        int m = this.A.m();
        if (!Arrays.t(this.n, m) || m == 0 || CipherSuite.a(m) || !TlsUtils.T(m, m().b())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.l.a = m;
        short l = this.A.l();
        if (!Arrays.u(this.o, l)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.l.b = l;
        TlsUtils.A0(m, handshakeMessage);
        TlsUtils.I0(l, handshakeMessage);
        Hashtable j2 = this.A.j();
        this.q = j2;
        if (this.u) {
            if (TlsUtils.B(j2, TlsProtocol.y) == null) {
                Hashtable j3 = TlsExtensionsUtils.j(this.q);
                this.q = j3;
                j3.put(TlsProtocol.y, TlsProtocol.h(TlsUtils.a));
            }
        }
        if (this.l.n) {
            Hashtable j4 = TlsExtensionsUtils.j(this.q);
            this.q = j4;
            TlsExtensionsUtils.b(j4);
        }
        Hashtable hashtable = this.q;
        if (hashtable != null) {
            this.l.m = TlsExtensionsUtils.l(hashtable);
            this.l.k = B(this.p, this.q, (short) 80);
            this.l.l = TlsExtensionsUtils.n(this.q);
            this.v = !this.s && TlsUtils.J(this.q, TlsExtensionsUtils.f3545d, (short) 80);
            this.w = !this.s && TlsUtils.J(this.q, TlsProtocol.z, (short) 80);
            TlsProtocol.Q(handshakeMessage, this.q);
        }
        this.l.f3498c = TlsProtocol.p(m(), this.l.b());
        this.l.f3499d = 12;
        b();
        handshakeMessage.a();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void e() {
        super.e();
        this.C = null;
        this.D = null;
        this.E = null;
        this.G = null;
    }

    protected void e0(byte[] bArr) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsContext m() {
        return this.B;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    AbstractTlsContext n() {
        return this.B;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsPeer q() {
        return this.A;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0027. Please report as an issue. */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected void t(short s, byte[] bArr) throws IOException {
        CertificateStatus E;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate certificate = null;
        if (s == 1) {
            short s2 = this.r;
            if (s2 != 0) {
                if (s2 != 16) {
                    throw new TlsFatalAlert((short) 10);
                }
                I();
                return;
            }
            X(byteArrayInputStream);
            this.r = (short) 1;
            d0();
            this.r = (short) 2;
            this.f3558d.j();
            Vector F = this.A.F();
            if (F != null) {
                O(F);
            }
            this.r = (short) 3;
            TlsKeyExchange a = this.A.a();
            this.C = a;
            a.a(m());
            TlsCredentials C = this.A.C();
            this.D = C;
            if (C == null) {
                this.C.m();
            } else {
                this.C.k(C);
                certificate = this.D.c();
                L(certificate);
            }
            this.r = (short) 4;
            if (certificate == null || certificate.c()) {
                this.v = false;
            }
            if (this.v && (E = this.A.E()) != null) {
                a0(E);
            }
            this.r = (short) 5;
            byte[] c2 = this.C.c();
            if (c2 != null) {
                e0(c2);
            }
            this.r = (short) 6;
            if (this.D != null) {
                CertificateRequest y = this.A.y();
                this.E = y;
                if (y != null) {
                    if (TlsUtils.S(m()) != (this.E.c() != null)) {
                        throw new TlsFatalAlert((short) 80);
                    }
                    this.C.g(this.E);
                    Z(this.E);
                    TlsUtils.t0(this.f3558d.g(), this.E.c());
                }
            }
            this.r = (short) 7;
            c0();
            this.r = (short) 8;
            this.f3558d.g().m();
            return;
        }
        if (s == 11) {
            short s3 = this.r;
            if (s3 == 8) {
                this.A.o(null);
            } else if (s3 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.E == null) {
                throw new TlsFatalAlert((short) 10);
            }
            V(byteArrayInputStream);
            this.r = (short) 10;
            return;
        }
        if (s == 20) {
            short s4 = this.r;
            if (s4 != 11) {
                if (s4 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (T()) {
                throw new TlsFatalAlert((short) 10);
            }
            z(byteArrayInputStream);
            this.r = (short) 13;
            if (this.w) {
                b0(this.A.z());
                M();
            }
            this.r = (short) 14;
            N();
            this.r = (short) 15;
            this.r = (short) 16;
            g();
            return;
        }
        if (s == 23) {
            if (this.r != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.A.o(TlsProtocol.H(byteArrayInputStream));
            this.r = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.r != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!T()) {
                throw new TlsFatalAlert((short) 10);
            }
            W(byteArrayInputStream);
            this.r = (short) 12;
            return;
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.r) {
            case 8:
                this.A.o(null);
            case 9:
                if (this.E == null) {
                    this.C.d();
                } else {
                    if (TlsUtils.S(m())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.N(m())) {
                        U(Certificate.b);
                    } else if (this.m == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                Y(byteArrayInputStream);
                this.r = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void u(short s) throws IOException {
        if (s != 41) {
            super.u(s);
        } else {
            if (!TlsUtils.N(m()) || this.E == null) {
                return;
            }
            U(Certificate.b);
        }
    }
}
