package org.spongycastle.crypto.tls;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.DHParameters;
import org.spongycastle.crypto.params.DHPrivateKeyParameters;
import org.spongycastle.crypto.params.DHPublicKeyParameters;
import org.spongycastle.crypto.params.RSAKeyParameters;
import org.spongycastle.crypto.util.PublicKeyFactory;

/* loaded from: classes3.dex */
public class TlsPSKKeyExchange extends AbstractTlsKeyExchange {

    /* renamed from: d, reason: collision with root package name */
    protected TlsPSKIdentity f29153d;

    /* renamed from: e, reason: collision with root package name */
    protected DHParameters f29154e;

    /* renamed from: f, reason: collision with root package name */
    protected int[] f29155f;

    /* renamed from: g, reason: collision with root package name */
    protected short[] f29156g;

    /* renamed from: h, reason: collision with root package name */
    protected short[] f29157h;

    /* renamed from: i, reason: collision with root package name */
    protected byte[] f29158i;

    /* renamed from: j, reason: collision with root package name */
    protected DHPrivateKeyParameters f29159j;

    /* renamed from: k, reason: collision with root package name */
    protected DHPublicKeyParameters f29160k;

    /* renamed from: l, reason: collision with root package name */
    protected AsymmetricKeyParameter f29161l;

    /* renamed from: m, reason: collision with root package name */
    protected RSAKeyParameters f29162m;

    /* renamed from: n, reason: collision with root package name */
    protected TlsEncryptionCredentials f29163n;

    /* renamed from: o, reason: collision with root package name */
    protected byte[] f29164o;

    public TlsPSKKeyExchange(int i4, Vector vector, TlsPSKIdentity tlsPSKIdentity, DHParameters dHParameters, int[] iArr, short[] sArr, short[] sArr2) {
        super(i4, vector);
        this.f29158i = null;
        this.f29159j = null;
        this.f29160k = null;
        this.f29161l = null;
        this.f29162m = null;
        this.f29163n = null;
        if (i4 != 24) {
            switch (i4) {
                case 13:
                case 14:
                case 15:
                    break;
                default:
                    throw new IllegalArgumentException("unsupported key exchange algorithm");
            }
        }
        this.f29153d = tlsPSKIdentity;
        this.f29154e = dHParameters;
        this.f29155f = iArr;
        this.f29156g = sArr;
        this.f29157h = sArr2;
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] b() throws IOException {
        this.f29158i = null;
        if (!j()) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = this.f29158i;
        if (bArr == null) {
            TlsUtils.Q0(TlsUtils.f29214a, byteArrayOutputStream);
        } else {
            TlsUtils.Q0(bArr, byteArrayOutputStream);
        }
        if (this.f28501a == 14) {
            if (this.f29154e == null) {
                throw new TlsFatalAlert((short) 80);
            }
            this.f29159j = TlsDHUtils.e(this.f28503c.h(), this.f29154e, byteArrayOutputStream);
        }
        return byteArrayOutputStream.toByteArray();
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void c(InputStream inputStream) throws IOException {
        this.f29158i = TlsUtils.s0(inputStream);
        if (this.f28501a == 14) {
            this.f29160k = TlsDHUtils.g(ServerDHParams.c(inputStream).b());
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void f(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void h(OutputStream outputStream) throws IOException {
        byte[] bArr = this.f29158i;
        if (bArr == null) {
            this.f29153d.b();
        } else {
            this.f29153d.c(bArr);
        }
        TlsUtils.Q0(this.f29153d.a(), outputStream);
        int i4 = this.f28501a;
        if (i4 == 14) {
            this.f29159j = TlsDHUtils.d(this.f28503c.h(), this.f29160k.b(), outputStream);
        } else {
            if (i4 == 24) {
                throw new TlsFatalAlert((short) 80);
            }
            if (i4 == 15) {
                this.f29164o = TlsRSAUtils.a(this.f28503c, this.f29162m, outputStream);
            }
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void i(CertificateRequest certificateRequest) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public boolean j() {
        int i4 = this.f28501a;
        return i4 == 14 || i4 == 24;
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void l(TlsCredentials tlsCredentials) throws IOException {
        if (!(tlsCredentials instanceof TlsEncryptionCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        n(tlsCredentials.e());
        this.f29163n = (TlsEncryptionCredentials) tlsCredentials;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] m() throws IOException {
        byte[] d4 = this.f29153d.d();
        byte[] p4 = p(d4.length);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(p4.length + 4 + d4.length);
        TlsUtils.Q0(p4, byteArrayOutputStream);
        TlsUtils.Q0(d4, byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void n(Certificate certificate) throws IOException {
        if (this.f28501a != 15) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.g()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate c5 = certificate.c(0);
        try {
            AsymmetricKeyParameter b5 = PublicKeyFactory.b(c5.s());
            this.f29161l = b5;
            if (b5.a()) {
                throw new TlsFatalAlert((short) 80);
            }
            this.f29162m = q((RSAKeyParameters) this.f29161l);
            TlsUtils.N0(c5, 32);
            super.n(certificate);
        } catch (RuntimeException unused) {
            throw new TlsFatalAlert((short) 43);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void o() throws IOException {
        if (this.f28501a == 15) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    protected byte[] p(int i4) throws IOException {
        int i5 = this.f28501a;
        if (i5 != 14) {
            if (i5 != 24) {
                return i5 == 15 ? this.f29164o : new byte[i4];
            }
            throw new TlsFatalAlert((short) 80);
        }
        DHPrivateKeyParameters dHPrivateKeyParameters = this.f29159j;
        if (dHPrivateKeyParameters != null) {
            return TlsDHUtils.b(this.f29160k, dHPrivateKeyParameters);
        }
        throw new TlsFatalAlert((short) 80);
    }

    protected RSAKeyParameters q(RSAKeyParameters rSAKeyParameters) throws IOException {
        if (rSAKeyParameters.b().isProbablePrime(2)) {
            return rSAKeyParameters;
        }
        throw new TlsFatalAlert((short) 47);
    }
}
