package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Vector;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.tls.TlsProtocol;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.bouncycastle.util.Arrays;

/* loaded from: classes3.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServer a;
    TlsServerContextImpl b;
    protected TlsKeyExchange c;
    protected TlsCredentials d;
    protected CertificateRequest e;
    protected short f;
    protected TlsHandshakeHash g;

    public TlsServerProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.a = null;
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = null;
        this.f = (short) -1;
        this.g = null;
    }

    public TlsServerProtocol(SecureRandom secureRandom) {
        super(secureRandom);
        this.a = null;
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = null;
        this.f = (short) -1;
        this.g = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void a() {
        super.a();
        this.c = null;
        this.d = null;
        this.e = null;
        this.g = null;
    }

    protected void a(ByteArrayInputStream byteArrayInputStream) throws IOException {
        Certificate parse = Certificate.parse(byteArrayInputStream);
        d(byteArrayInputStream);
        b(parse);
    }

    protected void a(CertificateRequest certificateRequest) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.encode(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(CertificateStatus certificateStatus) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.encode(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(NewSessionTicket newSessionTicket) throws IOException {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.encode(handshakeMessage);
        handshakeMessage.a();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void a(short s) throws IOException {
        super.a(s);
        if (s != 41) {
            return;
        }
        if (TlsUtils.isSSL(b()) && this.e != null) {
            switch (this.N) {
                case 8:
                    this.a.processClientSupplementalData(null);
                    break;
            }
            b(Certificate.EMPTY_CHAIN);
            this.N = (short) 10;
            return;
        }
        throw new TlsFatalAlert((short) 10);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:14:0x001f. Please report as an issue. */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected void a(short s, ByteArrayInputStream byteArrayInputStream) throws IOException {
        CertificateStatus certificateStatus;
        short s2;
        Certificate certificate = null;
        if (s == 1) {
            short s3 = this.N;
            if (s3 != 0) {
                if (s3 != 16) {
                    throw new TlsFatalAlert((short) 10);
                }
                r();
                return;
            }
            g(byteArrayInputStream);
            this.N = (short) 1;
            e();
            this.N = (short) 2;
            this.D.g();
            Vector serverSupplementalData = this.a.getServerSupplementalData();
            if (serverSupplementalData != null) {
                b(serverSupplementalData);
            }
            this.N = (short) 3;
            this.c = this.a.getKeyExchange();
            this.c.init(b());
            this.d = this.a.getCredentials();
            TlsCredentials tlsCredentials = this.d;
            if (tlsCredentials == null) {
                this.c.skipServerCredentials();
            } else {
                this.c.processServerCredentials(tlsCredentials);
                certificate = this.d.getCertificate();
                a(certificate);
            }
            this.N = (short) 4;
            if (certificate == null || certificate.isEmpty()) {
                this.R = false;
            }
            if (this.R && (certificateStatus = this.a.getCertificateStatus()) != null) {
                a(certificateStatus);
            }
            this.N = (short) 5;
            byte[] generateServerKeyExchange = this.c.generateServerKeyExchange();
            if (generateServerKeyExchange != null) {
                c(generateServerKeyExchange);
            }
            this.N = (short) 6;
            if (this.d != null) {
                this.e = this.a.getCertificateRequest();
                if (this.e != null) {
                    if (TlsUtils.isTLSv12(b()) != (this.e.getSupportedSignatureAlgorithms() != null)) {
                        throw new TlsFatalAlert((short) 80);
                    }
                    this.c.validateCertificateRequest(this.e);
                    a(this.e);
                    TlsUtils.a(this.D.h(), this.e.getSupportedSignatureAlgorithms());
                }
            }
            this.N = (short) 7;
            f();
            this.N = (short) 8;
            this.D.h().sealHashAlgorithms();
            return;
        }
        if (s == 11) {
            switch (this.N) {
                case 8:
                    this.a.processClientSupplementalData(null);
                    break;
                case 9:
                    break;
                default:
                    throw new TlsFatalAlert((short) 10);
            }
            if (this.e == null) {
                throw new TlsFatalAlert((short) 10);
            }
            a(byteArrayInputStream);
            this.N = (short) 10;
            return;
        }
        if (s == 20) {
            switch (this.N) {
                case 11:
                    if (s()) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    break;
                case 12:
                    break;
                default:
                    throw new TlsFatalAlert((short) 10);
            }
            c(byteArrayInputStream);
            this.N = (short) 13;
            if (this.S) {
                a(this.a.getNewSessionTicket());
            }
            this.N = (short) 14;
            o();
            p();
            this.N = (short) 15;
            k();
            return;
        }
        if (s != 23) {
            switch (s) {
                case 15:
                    if (this.N != 11) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!s()) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    b(byteArrayInputStream);
                    s2 = 12;
                    break;
                case 16:
                    switch (this.N) {
                        case 8:
                            this.a.processClientSupplementalData(null);
                        case 9:
                            if (this.e == null) {
                                this.c.skipClientCredentials();
                            } else {
                                if (TlsUtils.isTLSv12(b())) {
                                    throw new TlsFatalAlert((short) 10);
                                }
                                if (!TlsUtils.isSSL(b())) {
                                    b(Certificate.EMPTY_CHAIN);
                                } else if (this.I == null) {
                                    throw new TlsFatalAlert((short) 10);
                                }
                            }
                        case 10:
                            h(byteArrayInputStream);
                            this.N = (short) 11;
                            return;
                        default:
                            throw new TlsFatalAlert((short) 10);
                    }
                default:
                    throw new TlsFatalAlert((short) 10);
            }
        } else {
            if (this.N != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.a.processClientSupplementalData(f(byteArrayInputStream));
            s2 = 9;
        }
        this.N = s2;
    }

    public void accept(TlsServer tlsServer) throws IOException {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'tlsServer' cannot be null");
        }
        if (this.a != null) {
            throw new IllegalStateException("'accept' can only be called once");
        }
        this.a = tlsServer;
        this.H = new SecurityParameters();
        this.H.a = 0;
        this.b = new TlsServerContextImpl(this.E, this.H);
        this.H.h = a(tlsServer.shouldUseGMTUnixTime(), this.b.getNonceRandomGenerator());
        this.a.init(this.b);
        this.D.a(this.b);
        this.D.a(false);
        j();
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsContext b() {
        return this.b;
    }

    protected void b(ByteArrayInputStream byteArrayInputStream) throws IOException {
        byte[] sessionHash;
        if (this.e == null) {
            throw new IllegalStateException();
        }
        DigitallySigned parse = DigitallySigned.parse(b(), byteArrayInputStream);
        d(byteArrayInputStream);
        try {
            SignatureAndHashAlgorithm algorithm = parse.getAlgorithm();
            if (TlsUtils.isTLSv12(b())) {
                TlsUtils.verifySupportedSignatureAlgorithm(this.e.getSupportedSignatureAlgorithms(), algorithm);
                sessionHash = this.g.getFinalHash(algorithm.getHash());
            } else {
                sessionHash = this.H.getSessionHash();
            }
            AsymmetricKeyParameter createKey = PublicKeyFactory.createKey(this.I.getCertificateAt(0).getSubjectPublicKeyInfo());
            TlsSigner createTlsSigner = TlsUtils.createTlsSigner(this.f);
            createTlsSigner.init(b());
            if (createTlsSigner.verifyRawSignature(algorithm, parse.getSignature(), createKey, sessionHash)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (TlsFatalAlert e) {
            throw e;
        } catch (Exception e2) {
            throw new TlsFatalAlert((short) 51, e2);
        }
    }

    protected void b(Certificate certificate) throws IOException {
        if (this.e == null) {
            throw new IllegalStateException();
        }
        if (this.I != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.I = certificate;
        if (certificate.isEmpty()) {
            this.c.skipClientCredentials();
        } else {
            this.f = TlsUtils.a(certificate, this.d.getCertificate());
            this.c.processClientCertificate(certificate);
        }
        this.a.notifyClientCertificate(certificate);
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    AbstractTlsContext c() {
        return this.b;
    }

    protected void c(byte[] bArr) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsPeer d() {
        return this.a;
    }

    protected void e() throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion serverVersion = this.a.getServerVersion();
        if (!serverVersion.isEqualOrEarlierVersionOf(b().getClientVersion())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.D.a(serverVersion);
        this.D.b(serverVersion);
        this.D.a(true);
        c().b(serverVersion);
        TlsUtils.writeVersion(serverVersion, handshakeMessage);
        handshakeMessage.write(this.H.h);
        TlsUtils.writeOpaque8(TlsUtils.EMPTY_BYTES, handshakeMessage);
        int selectedCipherSuite = this.a.getSelectedCipherSuite();
        if (!Arrays.contains(this.J, selectedCipherSuite) || selectedCipherSuite == 0 || CipherSuite.isSCSV(selectedCipherSuite) || !TlsUtils.isValidCipherSuiteForVersion(selectedCipherSuite, b().getServerVersion())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.H.b = selectedCipherSuite;
        short selectedCompressionMethod = this.a.getSelectedCompressionMethod();
        if (!Arrays.contains(this.K, selectedCompressionMethod)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.H.c = selectedCompressionMethod;
        TlsUtils.writeUint16(selectedCipherSuite, handshakeMessage);
        TlsUtils.writeUint8(selectedCompressionMethod, (OutputStream) handshakeMessage);
        this.M = TlsExtensionsUtils.ensureExtensionsInitialised(this.a.getServerExtensions());
        boolean z = false;
        if (this.Q) {
            if (TlsUtils.getExtensionData(this.M, h) == null) {
                this.M.put(h, b(TlsUtils.EMPTY_BYTES));
            }
        }
        if (TlsUtils.isSSL(this.b)) {
            this.H.o = false;
        } else if (this.H.isExtendedMasterSecret()) {
            TlsExtensionsUtils.addExtendedMasterSecretExtension(this.M);
        }
        if (!this.M.isEmpty()) {
            this.H.n = TlsExtensionsUtils.hasEncryptThenMACExtension(this.M);
            this.H.l = a(this.L, this.M, (short) 80);
            this.H.m = TlsExtensionsUtils.hasTruncatedHMacExtension(this.M);
            this.R = !this.O && TlsUtils.hasExpectedEmptyExtensionData(this.M, TlsExtensionsUtils.EXT_status_request, (short) 80);
            if (!this.O && TlsUtils.hasExpectedEmptyExtensionData(this.M, TlsProtocol.i, (short) 80)) {
                z = true;
            }
            this.S = z;
            a(handshakeMessage, this.M);
        }
        this.H.d = a(b(), this.H.getCipherSuite());
        this.H.e = 12;
        i();
        handshakeMessage.a();
    }

    protected void f() throws IOException {
        byte[] bArr = new byte[4];
        TlsUtils.writeUint8((short) 14, bArr, 0);
        TlsUtils.writeUint24(0, bArr, 1);
        c(bArr, 0, bArr.length);
    }

    protected void g(ByteArrayInputStream byteArrayInputStream) throws IOException {
        ProtocolVersion readVersion = TlsUtils.readVersion(byteArrayInputStream);
        this.D.b(readVersion);
        if (readVersion.isDTLS()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] readFully = TlsUtils.readFully(32, byteArrayInputStream);
        if (TlsUtils.readOpaque8(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int readUint16 = TlsUtils.readUint16(byteArrayInputStream);
        if (readUint16 < 2 || (readUint16 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.J = TlsUtils.readUint16Array(readUint16 / 2, byteArrayInputStream);
        short readUint8 = TlsUtils.readUint8(byteArrayInputStream);
        if (readUint8 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.K = TlsUtils.readUint8Array(readUint8, byteArrayInputStream);
        this.L = e(byteArrayInputStream);
        this.H.o = TlsExtensionsUtils.hasExtendedMasterSecretExtension(this.L);
        if (!this.H.isExtendedMasterSecret() && this.a.requiresExtendedMasterSecret()) {
            throw new TlsFatalAlert((short) 40);
        }
        c().a(readVersion);
        this.a.notifyClientVersion(readVersion);
        this.a.notifyFallback(Arrays.contains(this.J, CipherSuite.TLS_FALLBACK_SCSV));
        this.H.g = readFully;
        this.a.notifyOfferedCipherSuites(this.J);
        this.a.notifyOfferedCompressionMethods(this.K);
        if (Arrays.contains(this.J, 255)) {
            this.Q = true;
        }
        byte[] extensionData = TlsUtils.getExtensionData(this.L, h);
        if (extensionData != null) {
            this.Q = true;
            if (!Arrays.constantTimeAreEqual(extensionData, b(TlsUtils.EMPTY_BYTES))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.a.notifySecureRenegotiation(this.Q);
        if (this.L != null) {
            TlsExtensionsUtils.getPaddingExtension(this.L);
            this.a.processClientExtensions(this.L);
        }
    }

    protected void h(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.c.processClientKeyExchange(byteArrayInputStream);
        d(byteArrayInputStream);
        if (TlsUtils.isSSL(b())) {
            a(b(), this.c);
        }
        this.g = this.D.j();
        this.H.i = a(b(), this.g, (byte[]) null);
        if (!TlsUtils.isSSL(b())) {
            a(b(), this.c);
        }
        this.D.a(d().getCompression(), d().getCipher());
    }

    protected boolean s() {
        short s = this.f;
        return s >= 0 && TlsUtils.hasSigningCapability(s);
    }
}
