package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;

/* loaded from: classes.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServerContextImpl A;
    protected TlsKeyExchange B;
    protected TlsCredentials C;
    protected CertificateRequest D;
    protected short E;
    protected TlsHandshakeHash F;
    protected TlsServer z;

    protected boolean M() {
        short s = this.E;
        return s >= 0 && TlsUtils.C(s);
    }

    protected void N(Certificate certificate) {
        if (this.D == null) {
            throw new IllegalStateException();
        }
        if (this.m != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.m = certificate;
        if (certificate.f()) {
            this.B.f();
        } else {
            this.E = TlsUtils.t(certificate, this.C.a());
            this.B.h(certificate);
        }
        this.z.B(certificate);
    }

    protected void O(ByteArrayInputStream byteArrayInputStream) {
        Certificate g = Certificate.g(byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        N(g);
    }

    protected void P(ByteArrayInputStream byteArrayInputStream) {
        DigitallySigned d2 = DigitallySigned.d(h(), byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        try {
            byte[] i = TlsProtocol.i(h(), this.F, null);
            AsymmetricKeyParameter a = PublicKeyFactory.a(this.m.c(0).q());
            TlsSigner o = TlsUtils.o(this.E);
            o.a(h());
            o.c(d2.b(), d2.c(), a, i);
        } catch (Exception unused) {
            throw new TlsFatalAlert((short) 51);
        }
    }

    protected void Q(ByteArrayInputStream byteArrayInputStream) {
        ProtocolVersion d0 = TlsUtils.d0(byteArrayInputStream);
        if (d0.e()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] Q = TlsUtils.Q(32, byteArrayInputStream);
        if (TlsUtils.T(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int V = TlsUtils.V(byteArrayInputStream);
        if (V < 2 || (V & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.n = TlsUtils.X(V / 2, byteArrayInputStream);
        short a0 = TlsUtils.a0(byteArrayInputStream);
        if (a0 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.o = TlsUtils.c0(a0, byteArrayInputStream);
        this.p = TlsProtocol.A(byteArrayInputStream);
        h().a(d0);
        this.z.k(d0);
        this.l.f = Q;
        this.z.h(this.n);
        this.z.s(this.o);
        if (Arrays.s(this.n, 255)) {
            this.u = true;
        }
        byte[] x = TlsUtils.x(this.p, TlsProtocol.x);
        if (x != null) {
            this.u = true;
            if (!Arrays.r(x, TlsProtocol.c(TlsUtils.a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.z.z(this.u);
        Hashtable hashtable = this.p;
        if (hashtable != null) {
            this.z.j(hashtable);
        }
    }

    protected void R(ByteArrayInputStream byteArrayInputStream) {
        this.B.n(byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        TlsProtocol.e(h(), this.B);
        this.f835d.o(k().c(), k().w());
        this.F = this.f835d.j();
        if (this.w) {
            return;
        }
        F();
    }

    protected void S(CertificateRequest certificateRequest) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void T(CertificateStatus certificateStatus) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void U(NewSessionTicket newSessionTicket) {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void V() {
        byte[] bArr = new byte[4];
        TlsUtils.v0((short) 14, bArr, 0);
        TlsUtils.p0(0, bArr, 1);
        K(bArr, 0, 4);
    }

    protected void W() {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion b = this.z.b();
        if (!b.f(h().f())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f835d.q(b);
        this.f835d.s(b);
        this.f835d.r(true);
        h().g(b);
        TlsUtils.A0(b, handshakeMessage);
        handshakeMessage.write(this.l.g);
        TlsUtils.l0(TlsUtils.a, handshakeMessage);
        int q = this.z.q();
        if (!Arrays.s(this.n, q) || q == 0 || q == 255) {
            throw new TlsFatalAlert((short) 80);
        }
        this.l.a = q;
        short p = this.z.p();
        if (!Arrays.t(this.o, p)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.l.b = p;
        TlsUtils.m0(q, handshakeMessage);
        TlsUtils.u0(p, handshakeMessage);
        Hashtable m = this.z.m();
        this.q = m;
        boolean z = false;
        if (this.u) {
            Integer num = TlsProtocol.x;
            if (TlsUtils.x(m, num) == null) {
                Hashtable f = TlsExtensionsUtils.f(this.q);
                this.q = f;
                f.put(num, TlsProtocol.c(TlsUtils.a));
            }
        }
        Hashtable hashtable = this.q;
        if (hashtable != null) {
            this.l.h = v(this.p, hashtable, (short) 80);
            this.l.i = TlsExtensionsUtils.h(this.q);
            this.v = !this.s && TlsUtils.B(this.q, TlsExtensionsUtils.b, (short) 80);
            if (!this.s && TlsUtils.B(this.q, TlsProtocol.y, (short) 80)) {
                z = true;
            }
            this.w = z;
            TlsProtocol.J(handshakeMessage, this.q);
        }
        short s = this.l.h;
        if (s >= 0) {
            this.f835d.p(1 << (s + 8));
        }
        this.l.f818c = TlsProtocol.j(h(), this.l.a());
        this.l.f819d = 12;
        handshakeMessage.a();
        this.f835d.i();
    }

    protected void X(byte[] bArr) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected AbstractTlsContext h() {
        return this.A;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsPeer k() {
        return this.z;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0027. Please report as an issue. */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected void n(short s, byte[] bArr) {
        CertificateStatus C;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate certificate = null;
        if (s == 1) {
            if (this.r != 0) {
                throw new TlsFatalAlert((short) 10);
            }
            Q(byteArrayInputStream);
            this.r = (short) 1;
            W();
            this.r = (short) 2;
            Vector D = this.z.D();
            if (D != null) {
                H(D);
            }
            this.r = (short) 3;
            TlsKeyExchange a = this.z.a();
            this.B = a;
            a.a(h());
            TlsCredentials A = this.z.A();
            this.C = A;
            if (A == null) {
                this.B.l();
            } else {
                this.B.e(A);
                certificate = this.C.a();
                E(certificate);
            }
            this.r = (short) 4;
            if (certificate == null || certificate.f()) {
                this.v = false;
            }
            if (this.v && (C = this.z.C()) != null) {
                T(C);
            }
            this.r = (short) 5;
            byte[] c2 = this.B.c();
            if (c2 != null) {
                X(c2);
            }
            this.r = (short) 6;
            if (this.C != null) {
                CertificateRequest u = this.z.u();
                this.D = u;
                if (u != null) {
                    this.B.j(u);
                    S(this.D);
                    TlsUtils.g0(this.f835d.f(), this.D.c());
                }
            }
            this.r = (short) 7;
            V();
            this.r = (short) 8;
            this.f835d.f().n();
            return;
        }
        if (s == 11) {
            short s2 = this.r;
            if (s2 == 8) {
                this.z.t(null);
            } else if (s2 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.D == null) {
                throw new TlsFatalAlert((short) 10);
            }
            O(byteArrayInputStream);
            this.r = (short) 10;
            return;
        }
        if (s == 20) {
            short s3 = this.r;
            if (s3 != 11) {
                if (s3 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (M()) {
                throw new TlsFatalAlert((short) 10);
            }
            t(byteArrayInputStream);
            this.r = (short) 13;
            if (this.w) {
                U(this.z.v());
                F();
            }
            this.r = (short) 14;
            G();
            this.r = (short) 15;
            this.r = (short) 16;
            return;
        }
        if (s == 23) {
            if (this.r != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.z.t(TlsProtocol.B(byteArrayInputStream));
            this.r = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.r != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!M()) {
                throw new TlsFatalAlert((short) 10);
            }
            P(byteArrayInputStream);
            this.r = (short) 12;
            return;
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.r) {
            case 8:
                this.z.t(null);
            case 9:
                if (this.D == null) {
                    this.B.f();
                } else {
                    if (TlsUtils.H(h())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.E(h())) {
                        N(Certificate.b);
                    } else if (this.m == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                R(byteArrayInputStream);
                this.r = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void o(short s) {
        if (s != 41) {
            super.o(s);
        } else {
            if (!TlsUtils.E(h()) || this.D == null) {
                return;
            }
            N(Certificate.b);
        }
    }
}
