package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.EOFException;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.Digest;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.Integers;

/* loaded from: classes.dex */
public abstract class TlsProtocol {
    protected static final Integer EXT_RenegotiationInfo = Integers.valueOf(65281);
    protected static final Integer EXT_SessionTicket = Integers.valueOf(35);
    protected boolean allowCertificateStatus;
    private volatile boolean appDataReady;
    protected Hashtable clientExtensions;
    private volatile boolean closed;
    protected short connection_state;
    protected boolean expectSessionTicket;
    private byte[] expected_verify_data;
    private volatile boolean failedWithError;
    protected int[] offeredCipherSuites;
    protected short[] offeredCompressionMethods;
    protected Certificate peerCertificate;
    protected boolean receivedChangeCipherSpec;
    protected boolean resumedSession;
    protected boolean secure_renegotiation;
    protected Hashtable serverExtensions;
    private volatile boolean splitApplicationDataRecords;
    protected TlsSession tlsSession;

    /* loaded from: classes.dex */
    class HandshakeMessage extends ByteArrayOutputStream {
        /* JADX INFO: Access modifiers changed from: package-private */
        public HandshakeMessage(TlsProtocol tlsProtocol, short s) throws IOException {
            this(s, 60);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HandshakeMessage(short s, int i) throws IOException {
            super(i + 4);
            TlsUtils.writeUint8(s, this);
            this.count += 3;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public final void writeToRecordStream() throws IOException {
            int i = this.count - 4;
            TlsUtils.checkUint24(i);
            TlsUtils.writeUint24$3a5385d2(i, this.buf);
            TlsProtocol.this.writeHandshakeMessage(this.buf, 0, this.count);
            this.buf = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void assertEmpty(ByteArrayInputStream byteArrayInputStream) throws IOException {
        if (byteArrayInputStream.available() > 0) {
            throw new TlsFatalAlert((short) 50);
        }
    }

    public static void close() throws IOException {
        handleClose(true);
    }

    private static byte[] createVerifyData(boolean z) {
        return z ? TlsUtils.calculateVerifyData$c33f360("server finished", getCurrentPRFHash$6f0dc569(RecordStream.getHandshakeHash(), TlsUtils.SSL_SERVER)) : TlsUtils.calculateVerifyData$c33f360("client finished", getCurrentPRFHash$6f0dc569(RecordStream.getHandshakeHash(), TlsUtils.SSL_CLIENT));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void establishMasterSecret$1720230(TlsKeyExchange tlsKeyExchange) throws IOException {
        byte[] generatePremasterSecret = tlsKeyExchange.generatePremasterSecret();
        SecurityParameters securityParameters = null;
        try {
            securityParameters.masterSecret = TlsUtils.calculateMasterSecret$5c81de6a(generatePremasterSecret);
        } finally {
            if (generatePremasterSecret != null) {
                Arrays.fill(generatePremasterSecret, (byte) 0);
            }
        }
    }

    private void failWithError$261ff279(short s, short s2) throws IOException {
        if (!this.closed) {
            this.closed = true;
            if (s == 2) {
                invalidateSession();
                this.failedWithError = true;
            }
            raiseAlert$261ff279(s, s2);
            RecordStream.safeClose();
            if (s != 2) {
                return;
            }
        }
        throw new IOException("Internal TLS error, this could be an attack");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void flush() throws IOException {
        OutputStream outputStream = null;
        outputStream.flush();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static byte[] getCurrentPRFHash$6f0dc569(TlsHandshakeHash tlsHandshakeHash, byte[] bArr) {
        Digest forkPRFHash = tlsHandshakeHash.forkPRFHash();
        if (bArr != null && TlsUtils.isSSL(null)) {
            forkPRFHash.update(bArr, 0, bArr.length);
        }
        byte[] bArr2 = new byte[forkPRFHash.getDigestSize()];
        forkPRFHash.doFinal(bArr2, 0);
        return bArr2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static int getPRFAlgorithm$1811f96a(int i) throws IOException {
        boolean isTLSv12 = TlsUtils.isTLSv12(null);
        switch (i) {
            case 59:
            case 60:
            case 61:
            case 62:
            case 63:
            case 64:
            case 103:
            case 104:
            case 105:
            case 106:
            case 107:
            case 156:
            case 158:
            case 160:
            case 162:
            case 164:
            case 168:
            case 170:
            case 172:
            case 186:
            case 187:
            case 188:
            case 189:
            case 190:
            case 191:
            case 192:
            case 193:
            case 194:
            case 195:
            case 196:
            case 197:
            case 49187:
            case 49189:
            case 49191:
            case 49193:
            case 49195:
            case 49197:
            case 49199:
            case 49201:
            case 49266:
            case 49268:
            case 49270:
            case 49272:
            case 49274:
            case 49276:
            case 49278:
            case 49280:
            case 49282:
            case 49284:
            case 49286:
            case 49288:
            case 49290:
            case 49292:
            case 49294:
            case 49296:
            case 49298:
            case 49308:
            case 49309:
            case 49310:
            case 49311:
            case 49312:
            case 49313:
            case 49314:
            case 49315:
            case 49316:
            case 49317:
            case 49318:
            case 49319:
            case 49320:
            case 49321:
            case 49322:
            case 49323:
            case 52243:
            case 52244:
            case 52245:
                if (isTLSv12) {
                    return 1;
                }
                throw new TlsFatalAlert((short) 47);
            case 157:
            case 159:
            case 161:
            case 163:
            case 165:
            case 169:
            case 171:
            case 173:
            case 49188:
            case 49190:
            case 49192:
            case 49194:
            case 49196:
            case 49198:
            case 49200:
            case 49202:
            case 49267:
            case 49269:
            case 49271:
            case 49273:
            case 49275:
            case 49277:
            case 49279:
            case 49281:
            case 49283:
            case 49285:
            case 49287:
            case 49289:
            case 49291:
            case 49293:
            case 49295:
            case 49297:
            case 49299:
                if (isTLSv12) {
                    return 2;
                }
                throw new TlsFatalAlert((short) 47);
            case 175:
            case 177:
            case 179:
            case 181:
            case 183:
            case 185:
            case 49208:
            case 49211:
            case 49301:
            case 49303:
            case 49305:
            case 49307:
                return isTLSv12 ? 2 : 0;
            default:
                return isTLSv12 ? 1 : 0;
        }
    }

    private static void handleClose(boolean z) throws IOException {
        TlsProtocol tlsProtocol = null;
        if (tlsProtocol.closed) {
            return;
        }
        if (z) {
            boolean z2 = tlsProtocol.appDataReady;
            tlsProtocol.raiseAlert$261ff279((short) 1, (short) 90);
        }
        tlsProtocol.failWithError$261ff279((short) 1, (short) 0);
    }

    private static void processChangeCipherSpec$1cf967a4(byte[] bArr, int i) throws IOException {
        TlsProtocol tlsProtocol = null;
        for (int i2 = 0; i2 < i; i2++) {
            if (TlsUtils.readUint8(bArr, i2) != 1) {
                throw new TlsFatalAlert((short) 50);
            }
            if (tlsProtocol.receivedChangeCipherSpec || ByteQueue.size() > 0 || ByteQueue.size() > 0) {
                throw new TlsFatalAlert((short) 10);
            }
            RecordStream.receivedReadCipherSpec();
            tlsProtocol.receivedChangeCipherSpec = true;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void processFinishedMessage(ByteArrayInputStream byteArrayInputStream) throws IOException {
        TlsProtocol tlsProtocol = null;
        byte[] readFully = TlsUtils.readFully(tlsProtocol.expected_verify_data.length, byteArrayInputStream);
        assertEmpty(byteArrayInputStream);
        if (!Arrays.constantTimeAreEqual(tlsProtocol.expected_verify_data, readFully)) {
            throw new TlsFatalAlert((short) 51);
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:7:0x0028. Please report as an issue. */
    /* JADX WARN: Multi-variable type inference failed */
    private static void processHandshake() throws IOException {
        boolean z;
        TlsProtocol tlsProtocol = null;
        TlsProtocol tlsProtocol2 = null;
        Object[] objArr = 0;
        TlsContext tlsContext = null;
        do {
            z = false;
            if (ByteQueue.size() >= 4) {
                byte[] bArr = new byte[4];
                ByteQueue.read(bArr, 0, 4, 0);
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
                short readUint8 = TlsUtils.readUint8(byteArrayInputStream);
                int readUint24 = TlsUtils.readUint24(byteArrayInputStream);
                if (ByteQueue.size() >= readUint24 + 4) {
                    byte[] removeData = ByteQueue.removeData(readUint24, 4);
                    switch (readUint8) {
                        case 0:
                            break;
                        case 20:
                            if (tlsProtocol.expected_verify_data == null) {
                                ((TlsProtocol) (objArr == true ? 1 : 0)).expected_verify_data = createVerifyData(!tlsContext.isServer());
                            }
                        default:
                            RecordStream.updateHandshakeData(bArr, 0, 4);
                            RecordStream.updateHandshakeData(removeData, 0, readUint24);
                            break;
                    }
                    tlsProtocol2.handleHandshakeMessage(readUint8, removeData);
                    z = true;
                }
            }
        } while (z);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void processRecord$e18f1f(short s, byte[] bArr, int i) throws IOException {
        TlsProtocol tlsProtocol = null;
        switch (s) {
            case 20:
                processChangeCipherSpec$1cf967a4(bArr, i);
                return;
            case 21:
                ByteQueue.addData$1cf967a4(bArr, i);
                while (ByteQueue.size() >= 2) {
                    byte[] removeData = ByteQueue.removeData(2, 0);
                    short s2 = removeData[0];
                    short s3 = removeData[1];
                    if (s2 == 2) {
                        tlsProtocol.invalidateSession();
                        tlsProtocol.failedWithError = true;
                        tlsProtocol.closed = true;
                        RecordStream.safeClose();
                        throw new IOException("Internal TLS error, this could be an attack");
                    }
                    if (s3 == 0) {
                        handleClose(false);
                    }
                    tlsProtocol.handleWarningMessage(s3);
                }
                return;
            case 22:
                ByteQueue.addData$1cf967a4(bArr, i);
                processHandshake();
                return;
            case 23:
                boolean z = tlsProtocol.appDataReady;
                throw new TlsFatalAlert((short) 10);
            case 24:
                boolean z2 = tlsProtocol.appDataReady;
                throw new TlsFatalAlert((short) 10);
            default:
                return;
        }
    }

    private void raiseAlert$261ff279(short s, short s2) throws IOException {
        safeWriteRecord((short) 21, new byte[]{(byte) s, (byte) s2}, 0, 2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void raiseWarning$3295e87e$136bb8() throws IOException {
        TlsProtocol tlsProtocol = null;
        tlsProtocol.raiseAlert$261ff279((short) 1, (short) 100);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static int readApplicationData(byte[] bArr, int i, int i2) throws IOException {
        TlsProtocol tlsProtocol = null;
        if (i2 <= 0) {
            return 0;
        }
        while (ByteQueue.size() == 0) {
            if (tlsProtocol.closed) {
                if (tlsProtocol.failedWithError) {
                    throw new IOException("Internal TLS error, this could be an attack");
                }
                return -1;
            }
            try {
                if (!RecordStream.readRecord()) {
                    throw new EOFException();
                }
            } catch (TlsFatalAlert e) {
                if (!tlsProtocol.closed) {
                    tlsProtocol.failWithError$261ff279((short) 2, e.getAlertDescription());
                }
                throw e;
            } catch (IOException e2) {
                if (!tlsProtocol.closed) {
                    tlsProtocol.failWithError$261ff279((short) 2, (short) 80);
                }
                throw e2;
            } catch (RuntimeException e3) {
                if (!tlsProtocol.closed) {
                    tlsProtocol.failWithError$261ff279((short) 2, (short) 80);
                }
                throw e3;
            }
        }
        int min = Math.min(i2, ByteQueue.size());
        ByteQueue.removeData(bArr, i, min, 0);
        return min;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Hashtable readExtensions(ByteArrayInputStream byteArrayInputStream) throws IOException {
        if (byteArrayInputStream.available() <= 0) {
            return null;
        }
        byte[] readOpaque16 = TlsUtils.readOpaque16(byteArrayInputStream);
        assertEmpty(byteArrayInputStream);
        ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(readOpaque16);
        Hashtable hashtable = new Hashtable();
        while (byteArrayInputStream2.available() > 0) {
            if (hashtable.put(Integers.valueOf(TlsUtils.readUint16(byteArrayInputStream2)), TlsUtils.readOpaque16(byteArrayInputStream2)) != null) {
                throw new TlsFatalAlert((short) 47);
            }
        }
        return hashtable;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Vector readSupplementalDataMessage(ByteArrayInputStream byteArrayInputStream) throws IOException {
        byte[] readOpaque24 = TlsUtils.readOpaque24(byteArrayInputStream);
        assertEmpty(byteArrayInputStream);
        ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(readOpaque24);
        Vector vector = new Vector();
        while (byteArrayInputStream2.available() > 0) {
            vector.addElement(new SupplementalDataEntry(TlsUtils.readUint16(byteArrayInputStream2), TlsUtils.readOpaque16(byteArrayInputStream2)));
        }
        return vector;
    }

    private void safeWriteRecord(short s, byte[] bArr, int i, int i2) throws IOException {
        try {
            RecordStream.writeRecord(s, bArr, i, i2);
        } catch (TlsFatalAlert e) {
            if (!this.closed) {
                failWithError$261ff279((short) 2, e.getAlertDescription());
            }
            throw e;
        } catch (IOException e2) {
            if (!this.closed) {
                failWithError$261ff279((short) 2, (short) 80);
            }
            throw e2;
        } catch (RuntimeException e3) {
            if (!this.closed) {
                failWithError$261ff279((short) 2, (short) 80);
            }
            throw e3;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void sendCertificateMessage(Certificate certificate) throws IOException {
        TlsContext tlsContext = null;
        TlsProtocol tlsProtocol = null;
        TlsContext tlsContext2 = null;
        if (certificate == null) {
            certificate = Certificate.EMPTY_CHAIN;
        }
        if (certificate.getLength() == 0 && !tlsContext.isServer()) {
            ProtocolVersion serverVersion = tlsContext2.getServerVersion();
            if (serverVersion.isSSL()) {
                new StringBuilder().append(serverVersion.toString()).append(" client didn't provide credentials");
                tlsProtocol.raiseAlert$261ff279((short) 1, (short) 41);
                return;
            }
        }
        HandshakeMessage handshakeMessage = new HandshakeMessage(null, (short) 11);
        certificate.encode(handshakeMessage);
        handshakeMessage.writeToRecordStream();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void sendChangeCipherSpecMessage() throws IOException {
        TlsProtocol tlsProtocol = null;
        tlsProtocol.safeWriteRecord((short) 20, new byte[]{1}, 0, 1);
        RecordStream.sentWriteCipherSpec();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void sendFinishedMessage() throws IOException {
        TlsContext tlsContext = null;
        byte[] createVerifyData = createVerifyData(tlsContext.isServer());
        HandshakeMessage handshakeMessage = new HandshakeMessage((short) 20, createVerifyData.length);
        handshakeMessage.write(createVerifyData);
        handshakeMessage.writeToRecordStream();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void sendSupplementalDataMessage(Vector vector) throws IOException {
        HandshakeMessage handshakeMessage = new HandshakeMessage(null, (short) 23);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= vector.size()) {
                TlsUtils.writeOpaque24(byteArrayOutputStream.toByteArray(), handshakeMessage);
                handshakeMessage.writeToRecordStream();
                return;
            }
            SupplementalDataEntry supplementalDataEntry = (SupplementalDataEntry) vector.elementAt(i2);
            int dataType = supplementalDataEntry.getDataType();
            TlsUtils.checkUint16(dataType);
            TlsUtils.writeUint16(dataType, byteArrayOutputStream);
            TlsUtils.writeOpaque16(supplementalDataEntry.getData(), byteArrayOutputStream);
            i = i2 + 1;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void writeData(byte[] bArr, int i, int i2) throws IOException {
        TlsProtocol tlsProtocol = null;
        if (tlsProtocol.closed) {
            if (!tlsProtocol.failedWithError) {
                throw new IOException("Sorry, connection has been closed, you cannot write more data");
            }
            throw new IOException("Internal TLS error, this could be an attack");
        }
        while (i2 > 0) {
            boolean z = tlsProtocol.splitApplicationDataRecords;
            if (i2 > 0) {
                int min = Math.min(i2, RecordStream.getPlaintextLimit());
                tlsProtocol.safeWriteRecord((short) 23, bArr, i, min);
                i += min;
                i2 -= min;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void writeExtensions(OutputStream outputStream, Hashtable hashtable) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Enumeration keys = hashtable.keys();
        while (keys.hasMoreElements()) {
            Integer num = (Integer) keys.nextElement();
            int intValue = num.intValue();
            byte[] bArr = (byte[]) hashtable.get(num);
            TlsUtils.checkUint16(intValue);
            TlsUtils.writeUint16(intValue, byteArrayOutputStream);
            TlsUtils.writeOpaque16(bArr, byteArrayOutputStream);
        }
        TlsUtils.writeOpaque16(byteArrayOutputStream.toByteArray(), outputStream);
    }

    protected abstract void handleHandshakeMessage(short s, byte[] bArr) throws IOException;

    /* JADX INFO: Access modifiers changed from: protected */
    public void handleWarningMessage(short s) throws IOException {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void invalidateSession() {
        if (this.tlsSession != null) {
            this.tlsSession.invalidate();
            this.tlsSession = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final short processMaxFragmentLengthExtension(Hashtable hashtable, Hashtable hashtable2, short s) throws IOException {
        short maxFragmentLengthExtension = TlsExtensionsUtils.getMaxFragmentLengthExtension(hashtable2);
        if (maxFragmentLengthExtension >= 0) {
            TlsProtocol tlsProtocol = null;
            if (!tlsProtocol.resumedSession && maxFragmentLengthExtension != TlsExtensionsUtils.getMaxFragmentLengthExtension(hashtable)) {
                throw new TlsFatalAlert(s);
            }
        }
        return maxFragmentLengthExtension;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void writeHandshakeMessage(byte[] bArr, int i, int i2) throws IOException {
        while (i2 > 0) {
            int min = Math.min(i2, RecordStream.getPlaintextLimit());
            safeWriteRecord((short) 22, bArr, i, min);
            i += min;
            i2 -= min;
        }
    }
}
