package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;

/* loaded from: classes3.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServer U;
    protected TlsServerContextImpl V;
    protected TlsKeyExchange W;
    protected TlsCredentials X;
    protected CertificateRequest Y;
    protected short Z;

    /* renamed from: a0, reason: collision with root package name */
    protected TlsHandshakeHash f29205a0;

    public TlsServerProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.U = null;
        this.V = null;
        this.W = null;
        this.X = null;
        this.Y = null;
        this.Z = (short) -1;
        this.f29205a0 = null;
    }

    public void S(TlsServer tlsServer) throws IOException {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'tlsServer' cannot be null");
        }
        if (this.U != null) {
            throw new IllegalStateException("'accept' can only be called once");
        }
        this.U = tlsServer;
        SecurityParameters securityParameters = new SecurityParameters();
        this.f29179o = securityParameters;
        securityParameters.f29058a = 0;
        this.V = new TlsServerContextImpl(this.f29169e, this.f29179o);
        this.f29179o.f29065h = TlsProtocol.f(tlsServer.J(), this.V.i());
        this.U.n(this.V);
        this.f29168d.j(this.V);
        this.f29168d.t(false);
        e();
    }

    protected boolean T() {
        short s4 = this.Z;
        return s4 >= 0 && TlsUtils.R(s4);
    }

    protected void U(Certificate certificate) throws IOException {
        if (this.Y == null) {
            throw new IllegalStateException();
        }
        if (this.f29180p != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.f29180p = certificate;
        if (certificate.g()) {
            this.W.g();
        } else {
            this.Z = TlsUtils.G(certificate, this.X.e());
            this.W.d(certificate);
        }
        this.U.M(certificate);
    }

    protected void V(ByteArrayInputStream byteArrayInputStream) throws IOException {
        Certificate h4 = Certificate.h(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        U(h4);
    }

    protected void W(ByteArrayInputStream byteArrayInputStream) throws IOException {
        DigitallySigned d4 = DigitallySigned.d(l(), byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        boolean z4 = false;
        try {
            byte[] l4 = TlsUtils.a0(l()) ? this.f29205a0.l(d4.b().b()) : TlsProtocol.m(l(), this.f29205a0, null);
            AsymmetricKeyParameter b5 = PublicKeyFactory.b(this.f29180p.c(0).s());
            TlsSigner z5 = TlsUtils.z(this.Z);
            z5.a(l());
            z4 = z5.c(d4.b(), d4.c(), b5, l4);
        } catch (Exception unused) {
        }
        if (!z4) {
            throw new TlsFatalAlert((short) 51);
        }
    }

    protected void X(ByteArrayInputStream byteArrayInputStream) throws IOException {
        ProtocolVersion I0 = TlsUtils.I0(byteArrayInputStream);
        if (I0.h()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] r02 = TlsUtils.r0(32, byteArrayInputStream);
        if (TlsUtils.u0(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int w02 = TlsUtils.w0(byteArrayInputStream);
        if (w02 < 2 || (w02 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.f29181q = TlsUtils.y0(w02 / 2, byteArrayInputStream);
        short F0 = TlsUtils.F0(byteArrayInputStream);
        if (F0 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.f29182r = TlsUtils.H0(F0, byteArrayInputStream);
        this.f29183s = TlsProtocol.G(byteArrayInputStream);
        l().l(I0);
        this.U.G(I0);
        this.f29179o.f29064g = r02;
        this.U.t(this.f29181q);
        this.U.I(this.f29182r);
        if (Arrays.x(this.f29181q, 255)) {
            this.f29188x = true;
        }
        byte[] L = TlsUtils.L(this.f29183s, TlsProtocol.A);
        if (L != null) {
            this.f29188x = true;
            if (!Arrays.w(L, TlsProtocol.g(TlsUtils.f29214a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.U.r(this.f29188x);
        Hashtable hashtable = this.f29183s;
        if (hashtable != null) {
            this.U.o(hashtable);
        }
    }

    protected void Y(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.W.e(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        TlsProtocol.i(l(), this.W);
        this.f29168d.q(q().h(), q().s());
        this.f29205a0 = this.f29168d.l();
        if (this.f29190z) {
            return;
        }
        L();
    }

    protected void Z(CertificateRequest certificateRequest) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a0(CertificateStatus certificateStatus) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void b0(NewSessionTicket newSessionTicket) throws IOException {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void c() {
        super.c();
        this.W = null;
        this.X = null;
        this.Y = null;
        this.f29205a0 = null;
    }

    protected void c0() throws IOException {
        byte[] bArr = new byte[4];
        TlsUtils.k1((short) 14, bArr, 0);
        TlsUtils.a1(0, bArr, 1);
        Q(bArr, 0, 4);
    }

    protected void d0() throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion b5 = this.U.b();
        if (!b5.i(l().c())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f29168d.s(b5);
        this.f29168d.u(b5);
        this.f29168d.t(true);
        l().n(b5);
        TlsUtils.p1(b5, handshakeMessage);
        handshakeMessage.write(this.f29179o.f29065h);
        byte[] bArr = TlsUtils.f29214a;
        TlsUtils.S0(bArr, handshakeMessage);
        int H = this.U.H();
        if (!Arrays.x(this.f29181q, H) || H == 0 || H == 255 || !TlsUtils.b0(H, b5)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f29179o.f29059b = H;
        short g4 = this.U.g();
        if (!Arrays.y(this.f29182r, g4)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f29179o.f29060c = g4;
        TlsUtils.T0(H, handshakeMessage);
        TlsUtils.j1(g4, handshakeMessage);
        Hashtable e4 = this.U.e();
        this.f29184t = e4;
        boolean z4 = false;
        if (this.f29188x) {
            Integer num = TlsProtocol.A;
            if (TlsUtils.L(e4, num) == null) {
                Hashtable n4 = TlsExtensionsUtils.n(this.f29184t);
                this.f29184t = n4;
                n4.put(num, TlsProtocol.g(bArr));
            }
        }
        Hashtable hashtable = this.f29184t;
        if (hashtable != null) {
            this.f29179o.f29068k = TlsExtensionsUtils.s(hashtable);
            this.f29179o.f29066i = B(this.f29183s, this.f29184t, (short) 80);
            this.f29179o.f29067j = TlsExtensionsUtils.t(this.f29184t);
            this.f29189y = !this.f29186v && TlsUtils.Q(this.f29184t, TlsExtensionsUtils.f29137e, (short) 80);
            if (!this.f29186v && TlsUtils.Q(this.f29184t, TlsProtocol.B, (short) 80)) {
                z4 = true;
            }
            this.f29190z = z4;
            TlsProtocol.P(handshakeMessage, this.f29184t);
        }
        short s4 = this.f29179o.f29066i;
        if (s4 >= 0) {
            this.f29168d.r(1 << (s4 + 8));
        }
        this.f29179o.f29061d = TlsProtocol.p(l(), this.f29179o.c());
        this.f29179o.f29062e = 12;
        handshakeMessage.a();
        this.f29168d.k();
    }

    protected void e0(byte[] bArr) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected AbstractTlsContext l() {
        return this.V;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsPeer q() {
        return this.U;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:13:0x0027. Please report as an issue. */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected void t(short s4, byte[] bArr) throws IOException {
        CertificateStatus E;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate certificate = null;
        if (s4 == 1) {
            if (this.f29185u != 0) {
                throw new TlsFatalAlert((short) 10);
            }
            X(byteArrayInputStream);
            this.f29185u = (short) 1;
            d0();
            this.f29185u = (short) 2;
            Vector m4 = this.U.m();
            if (m4 != null) {
                N(m4);
            }
            this.f29185u = (short) 3;
            TlsKeyExchange a5 = this.U.a();
            this.W = a5;
            a5.a(l());
            TlsCredentials l4 = this.U.l();
            this.X = l4;
            if (l4 == null) {
                this.W.o();
            } else {
                this.W.l(l4);
                certificate = this.X.e();
                K(certificate);
            }
            this.f29185u = (short) 4;
            if (certificate == null || certificate.g()) {
                this.f29189y = false;
            }
            if (this.f29189y && (E = this.U.E()) != null) {
                a0(E);
            }
            this.f29185u = (short) 5;
            byte[] b5 = this.W.b();
            if (b5 != null) {
                e0(b5);
            }
            this.f29185u = (short) 6;
            if (this.X != null) {
                CertificateRequest D = this.U.D();
                this.Y = D;
                if (D != null) {
                    this.W.i(D);
                    Z(this.Y);
                    TlsUtils.M0(this.f29168d.g(), this.Y.d());
                }
            }
            this.f29185u = (short) 7;
            c0();
            this.f29185u = (short) 8;
            this.f29168d.g().n();
            return;
        }
        if (s4 == 11) {
            short s5 = this.f29185u;
            if (s5 == 8) {
                this.U.u(null);
            } else if (s5 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.Y == null) {
                throw new TlsFatalAlert((short) 10);
            }
            V(byteArrayInputStream);
            this.f29185u = (short) 10;
            return;
        }
        if (s4 == 20) {
            short s6 = this.f29185u;
            if (s6 != 11) {
                if (s6 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (T()) {
                throw new TlsFatalAlert((short) 10);
            }
            z(byteArrayInputStream);
            this.f29185u = (short) 13;
            if (this.f29190z) {
                b0(this.U.k());
                L();
            }
            this.f29185u = (short) 14;
            M();
            this.f29185u = (short) 16;
            return;
        }
        if (s4 == 23) {
            if (this.f29185u != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.U.u(TlsProtocol.H(byteArrayInputStream));
            this.f29185u = (short) 9;
            return;
        }
        if (s4 == 15) {
            if (this.f29185u != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!T()) {
                throw new TlsFatalAlert((short) 10);
            }
            W(byteArrayInputStream);
            this.f29185u = (short) 12;
            return;
        }
        if (s4 != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.f29185u) {
            case 8:
                this.U.u(null);
            case 9:
                if (this.Y == null) {
                    this.W.g();
                } else {
                    if (TlsUtils.a0(l())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.W(l())) {
                        U(Certificate.f28565b);
                    } else if (this.f29180p == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                Y(byteArrayInputStream);
                this.f29185u = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void u(short s4) throws IOException {
        if (s4 != 41) {
            super.u(s4);
        } else {
            if (!TlsUtils.W(l()) || this.Y == null) {
                return;
            }
            U(Certificate.f28565b);
        }
    }
}
