package org.spongycastle.crypto.tls;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import org.spongycastle.asn1.x509.X509CertificateStructure;
import org.spongycastle.crypto.CryptoException;
import org.spongycastle.crypto.Signer;
import org.spongycastle.crypto.agreement.srp.SRP6Client;
import org.spongycastle.crypto.agreement.srp.SRP6Util;
import org.spongycastle.crypto.digests.SHA1Digest;
import org.spongycastle.crypto.io.SignerInputStream;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.BigIntegers;

/* loaded from: classes2.dex */
class TlsSRPKeyExchange implements TlsKeyExchange {

    /* renamed from: a, reason: collision with root package name */
    protected TlsClientContext f7298a;
    protected TlsSigner b;
    protected byte[] c;
    protected byte[] d;
    protected AsymmetricKeyParameter e = null;
    protected byte[] f = null;
    protected BigInteger g = null;
    protected SRP6Client h = new SRP6Client();

    /* JADX INFO: Access modifiers changed from: package-private */
    public TlsSRPKeyExchange(TlsClientContext tlsClientContext, int i, byte[] bArr, byte[] bArr2) {
        switch (i) {
            case 21:
                this.b = null;
                break;
            case 22:
                this.b = new TlsDSSSigner();
                break;
            case 23:
                this.b = new TlsRSASigner();
                break;
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
        this.f7298a = tlsClientContext;
        this.c = bArr;
        this.d = bArr2;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void a(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void b() throws IOException {
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void c(OutputStream outputStream) throws IOException {
        byte[] a2 = BigIntegers.a(this.h.c(this.f, this.c, this.d));
        TlsUtils.q(a2.length + 2, outputStream);
        TlsUtils.l(a2, outputStream);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void d(InputStream inputStream) throws IOException {
        Signer signer;
        InputStream inputStream2;
        SecurityParameters b = this.f7298a.b();
        TlsSigner tlsSigner = this.b;
        if (tlsSigner != null) {
            signer = j(tlsSigner, b);
            inputStream2 = new SignerInputStream(inputStream, signer);
        } else {
            signer = null;
            inputStream2 = inputStream;
        }
        byte[] f = TlsUtils.f(inputStream2);
        byte[] f2 = TlsUtils.f(inputStream2);
        byte[] g = TlsUtils.g(inputStream2);
        byte[] f3 = TlsUtils.f(inputStream2);
        if (signer != null && !signer.b(TlsUtils.f(inputStream))) {
            throw new TlsFatalAlert((short) 42);
        }
        BigInteger bigInteger = new BigInteger(1, f);
        BigInteger bigInteger2 = new BigInteger(1, f2);
        this.f = g;
        try {
            this.g = SRP6Util.g(bigInteger, new BigInteger(1, f3));
            this.h.d(bigInteger, bigInteger2, new SHA1Digest(), this.f7298a.a());
        } catch (CryptoException unused) {
            throw new TlsFatalAlert((short) 47);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void e(CertificateRequest certificateRequest) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void f() throws IOException {
        if (this.b != null) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void g() throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] h() throws IOException {
        try {
            return BigIntegers.a(this.h.b(this.g));
        } catch (CryptoException unused) {
            throw new TlsFatalAlert((short) 47);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void i(Certificate certificate) throws IOException {
        if (this.b == null) {
            throw new TlsFatalAlert((short) 10);
        }
        X509CertificateStructure x509CertificateStructure = certificate.f7276a[0];
        try {
            AsymmetricKeyParameter a2 = PublicKeyFactory.a(x509CertificateStructure.r());
            this.e = a2;
            if (!this.b.b(a2)) {
                throw new TlsFatalAlert((short) 46);
            }
            TlsUtils.k(x509CertificateStructure, 128);
        } catch (RuntimeException unused) {
            throw new TlsFatalAlert((short) 43);
        }
    }

    protected Signer j(TlsSigner tlsSigner, SecurityParameters securityParameters) {
        Signer a2 = tlsSigner.a(this.e);
        byte[] bArr = securityParameters.f7286a;
        a2.update(bArr, 0, bArr.length);
        byte[] bArr2 = securityParameters.b;
        a2.update(bArr2, 0, bArr2.length);
        return a2;
    }
}
