package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;

/* loaded from: classes3.dex */
public class TlsServerProtocol extends TlsProtocol {
    public TlsServer U;
    public TlsServerContextImpl V;
    public TlsKeyExchange W;
    public TlsCredentials X;
    public CertificateRequest Y;
    public short Z;
    public TlsHandshakeHash a0;

    public TlsServerProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.U = null;
        this.V = null;
        this.W = null;
        this.X = null;
        this.Y = null;
        this.Z = (short) -1;
        this.a0 = null;
    }

    public void S(TlsServer tlsServer) throws IOException {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'tlsServer' cannot be null");
        }
        if (this.U != null) {
            throw new IllegalStateException("'accept' can only be called once");
        }
        this.U = tlsServer;
        SecurityParameters securityParameters = new SecurityParameters();
        this.o = securityParameters;
        securityParameters.f14223a = 0;
        this.V = new TlsServerContextImpl(this.e, this.o);
        this.o.h = TlsProtocol.f(tlsServer.J(), this.V.h());
        this.U.A(this.V);
        this.d.j(this.V);
        this.d.t(false);
        e();
    }

    public boolean T() {
        short s = this.Z;
        return s >= 0 && TlsUtils.R(s);
    }

    public void U(Certificate certificate) throws IOException {
        if (this.Y == null) {
            throw new IllegalStateException();
        }
        if (this.p != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.p = certificate;
        if (certificate.g()) {
            this.W.d();
        } else {
            this.Z = TlsUtils.G(certificate, this.X.getCertificate());
            this.W.k(certificate);
        }
        this.U.N(certificate);
    }

    public void V(ByteArrayInputStream byteArrayInputStream) throws IOException {
        Certificate h = Certificate.h(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        U(h);
    }

    public void W(ByteArrayInputStream byteArrayInputStream) throws IOException {
        DigitallySigned d = DigitallySigned.d(l(), byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        boolean z = false;
        try {
            byte[] i = TlsUtils.a0(l()) ? this.a0.i(d.b().b()) : TlsProtocol.m(l(), this.a0, null);
            AsymmetricKeyParameter b2 = PublicKeyFactory.b(this.p.c(0).t());
            TlsSigner z2 = TlsUtils.z(this.Z);
            z2.a(l());
            z = z2.d(d.b(), d.c(), b2, i);
        } catch (Exception unused) {
        }
        if (!z) {
            throw new TlsFatalAlert((short) 51);
        }
    }

    public void X(ByteArrayInputStream byteArrayInputStream) throws IOException {
        ProtocolVersion I0 = TlsUtils.I0(byteArrayInputStream);
        if (I0.h()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] r0 = TlsUtils.r0(32, byteArrayInputStream);
        if (TlsUtils.u0(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int w0 = TlsUtils.w0(byteArrayInputStream);
        if (w0 < 2 || (w0 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.q = TlsUtils.y0(w0 / 2, byteArrayInputStream);
        short F0 = TlsUtils.F0(byteArrayInputStream);
        if (F0 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.r = TlsUtils.H0(F0, byteArrayInputStream);
        this.s = TlsProtocol.G(byteArrayInputStream);
        l().l(I0);
        this.U.D(I0);
        this.o.g = r0;
        this.U.e(this.q);
        this.U.H(this.r);
        if (Arrays.x(this.q, 255)) {
            this.x = true;
        }
        byte[] L = TlsUtils.L(this.s, TlsProtocol.A);
        if (L != null) {
            this.x = true;
            if (!Arrays.w(L, TlsProtocol.g(TlsUtils.f14269a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.U.I(this.x);
        Hashtable hashtable = this.s;
        if (hashtable != null) {
            this.U.C(hashtable);
        }
    }

    public void Y(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.W.l(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        TlsProtocol.i(l(), this.W);
        this.d.q(q().l(), q().L());
        this.a0 = this.d.l();
        if (this.z) {
            return;
        }
        L();
    }

    public void Z(CertificateRequest certificateRequest) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    public void a0(CertificateStatus certificateStatus) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    public void b0(NewSessionTicket newSessionTicket) throws IOException {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void c() {
        super.c();
        this.W = null;
        this.X = null;
        this.Y = null;
        this.a0 = null;
    }

    public void c0() throws IOException {
        byte[] bArr = new byte[4];
        TlsUtils.k1((short) 14, bArr, 0);
        TlsUtils.a1(0, bArr, 1);
        Q(bArr, 0, 4);
    }

    public void d0() throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion a2 = this.U.a();
        if (!a2.i(l().b())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.d.s(a2);
        this.d.u(a2);
        this.d.t(true);
        l().n(a2);
        TlsUtils.p1(a2, handshakeMessage);
        handshakeMessage.write(this.o.h);
        TlsUtils.S0(TlsUtils.f14269a, handshakeMessage);
        int F = this.U.F();
        if (!Arrays.x(this.q, F) || F == 0 || F == 255 || !TlsUtils.b0(F, a2)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.o.f14224b = F;
        short h = this.U.h();
        if (!Arrays.y(this.r, h)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.o.c = h;
        TlsUtils.T0(F, handshakeMessage);
        TlsUtils.j1(h, handshakeMessage);
        Hashtable f = this.U.f();
        this.t = f;
        boolean z = false;
        if (this.x) {
            if (TlsUtils.L(f, TlsProtocol.A) == null) {
                Hashtable n = TlsExtensionsUtils.n(this.t);
                this.t = n;
                n.put(TlsProtocol.A, TlsProtocol.g(TlsUtils.f14269a));
            }
        }
        Hashtable hashtable = this.t;
        if (hashtable != null) {
            this.o.k = TlsExtensionsUtils.s(hashtable);
            this.o.i = B(this.s, this.t, (short) 80);
            this.o.j = TlsExtensionsUtils.t(this.t);
            this.y = !this.v && TlsUtils.Q(this.t, TlsExtensionsUtils.e, (short) 80);
            if (!this.v && TlsUtils.Q(this.t, TlsProtocol.B, (short) 80)) {
                z = true;
            }
            this.z = z;
            TlsProtocol.P(handshakeMessage, this.t);
        }
        short s = this.o.i;
        if (s >= 0) {
            this.d.r(1 << (s + 8));
        }
        this.o.d = TlsProtocol.p(l(), this.o.c());
        this.o.e = 12;
        handshakeMessage.a();
        this.d.k();
    }

    public void e0(byte[] bArr) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public AbstractTlsContext l() {
        return this.V;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public TlsPeer q() {
        return this.U;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0027. Please report as an issue. */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void t(short s, byte[] bArr) throws IOException {
        CertificateStatus y;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate certificate = null;
        if (s == 1) {
            if (this.u != 0) {
                throw new TlsFatalAlert((short) 10);
            }
            X(byteArrayInputStream);
            this.u = (short) 1;
            d0();
            this.u = (short) 2;
            Vector z = this.U.z();
            if (z != null) {
                N(z);
            }
            this.u = (short) 3;
            TlsKeyExchange c = this.U.c();
            this.W = c;
            c.a(l());
            TlsCredentials x = this.U.x();
            this.X = x;
            if (x == null) {
                this.W.o();
            } else {
                this.W.j(x);
                certificate = this.X.getCertificate();
                K(certificate);
            }
            this.u = (short) 4;
            if (certificate == null || certificate.g()) {
                this.y = false;
            }
            if (this.y && (y = this.U.y()) != null) {
                a0(y);
            }
            this.u = (short) 5;
            byte[] c2 = this.W.c();
            if (c2 != null) {
                e0(c2);
            }
            this.u = (short) 6;
            if (this.X != null) {
                CertificateRequest v = this.U.v();
                this.Y = v;
                if (v != null) {
                    this.W.g(v);
                    Z(this.Y);
                    TlsUtils.M0(this.d.g(), this.Y.d());
                }
            }
            this.u = (short) 7;
            c0();
            this.u = (short) 8;
            this.d.g().k();
            return;
        }
        if (s == 11) {
            short s2 = this.u;
            if (s2 == 8) {
                this.U.i(null);
            } else if (s2 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.Y == null) {
                throw new TlsFatalAlert((short) 10);
            }
            V(byteArrayInputStream);
            this.u = (short) 10;
            return;
        }
        if (s == 20) {
            short s3 = this.u;
            if (s3 != 11) {
                if (s3 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (T()) {
                throw new TlsFatalAlert((short) 10);
            }
            z(byteArrayInputStream);
            this.u = (short) 13;
            if (this.z) {
                b0(this.U.w());
                L();
            }
            this.u = (short) 14;
            M();
            this.u = (short) 15;
            this.u = (short) 16;
            return;
        }
        if (s == 23) {
            if (this.u != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.U.i(TlsProtocol.H(byteArrayInputStream));
            this.u = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.u != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!T()) {
                throw new TlsFatalAlert((short) 10);
            }
            W(byteArrayInputStream);
            this.u = (short) 12;
            return;
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.u) {
            case 8:
                this.U.i(null);
            case 9:
                if (this.Y == null) {
                    this.W.d();
                } else {
                    if (TlsUtils.a0(l())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.W(l())) {
                        U(Certificate.f14111b);
                    } else if (this.p == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                Y(byteArrayInputStream);
                this.u = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void u(short s) throws IOException {
        if (s != 41) {
            super.u(s);
        } else {
            if (!TlsUtils.W(l()) || this.Y == null) {
                return;
            }
            U(Certificate.f14111b);
        }
    }
}
