package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.util.Arrays;

/* loaded from: classes2.dex */
public class TlsProtocolHandler {
    private static final Integer r = new Integer(65281);
    private static final byte[] s = new byte[0];

    /* renamed from: a, reason: collision with root package name */
    private ByteQueue f7681a;
    private ByteQueue b;
    private ByteQueue c;
    private ByteQueue d;
    private RecordStream e;
    private boolean f;
    private boolean g;
    private boolean h;
    private Hashtable i;
    private SecurityParameters j;
    private TlsClient k;
    private int[] l;
    private short[] m;
    private TlsKeyExchange n;
    private TlsAuthentication o;
    private CertificateRequest p;
    private short q;

    private static boolean a(int[] iArr, int i) {
        for (int i2 : iArr) {
            if (i2 == i) {
                return true;
            }
        }
        return false;
    }

    private static boolean b(short[] sArr, short s2) {
        for (short s3 : sArr) {
            if (s3 == s2) {
                return true;
            }
        }
        return false;
    }

    private static byte[] e(byte[] bArr) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.n(bArr, byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    private void f(short s2, short s3) throws IOException {
        if (this.f) {
            throw new IOException("Internal TLS error, this could be an attack");
        }
        this.f = true;
        if (s2 == 2) {
            this.g = true;
        }
        q(s2, s3);
        this.e.b();
        if (s2 == 2) {
            throw new IOException("Internal TLS error, this could be an attack");
        }
    }

    private void h() throws IOException {
        while (this.c.e() >= 2) {
            byte[] bArr = new byte[2];
            this.c.c(bArr, 0, 2, 0);
            this.c.d(2);
            short s2 = bArr[0];
            short s3 = bArr[1];
            if (s2 == 2) {
                this.g = true;
                this.f = true;
                try {
                    this.e.b();
                } catch (Exception unused) {
                }
                throw new IOException("Internal TLS error, this could be an attack");
            }
            if (s3 == 0) {
                f((short) 1, (short) 0);
            }
        }
    }

    private void i() {
    }

    private void j() throws IOException {
        while (this.b.e() > 0) {
            byte[] bArr = new byte[1];
            this.b.c(bArr, 0, 1, 0);
            this.b.d(1);
            if (bArr[0] != 1) {
                f((short) 2, (short) 10);
            }
            if (this.q != 10) {
                f((short) 2, (short) 40);
            }
            this.e.i();
            this.q = (short) 11;
        }
    }

    private void l() throws IOException {
        boolean z;
        do {
            z = false;
            if (this.d.e() >= 4) {
                byte[] bArr = new byte[4];
                this.d.c(bArr, 0, 4, 0);
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
                short j = TlsUtils.j(byteArrayInputStream);
                int i = TlsUtils.i(byteArrayInputStream);
                int i2 = i + 4;
                if (this.d.e() >= i2) {
                    byte[] bArr2 = new byte[i];
                    this.d.c(bArr2, 0, i, 4);
                    this.d.d(i2);
                    if (j != 0 && j != 20) {
                        this.e.j(bArr, 0, 4);
                        this.e.j(bArr2, 0, i);
                    }
                    m(j, bArr2);
                    z = true;
                }
            }
        } while (z);
    }

    private void m(short s2, byte[] bArr) throws IOException {
        Certificate c;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        if (s2 == 0) {
            if (this.q == 12) {
                q((short) 1, (short) 100);
                return;
            }
            return;
        }
        if (s2 == 2) {
            if (this.q != 1) {
                f((short) 2, (short) 10);
                return;
            }
            TlsUtils.b(byteArrayInputStream, this);
            byte[] bArr2 = new byte[32];
            this.j.b = bArr2;
            TlsUtils.e(bArr2, byteArrayInputStream);
            byte[] g = TlsUtils.g(byteArrayInputStream);
            if (g.length > 32) {
                f((short) 2, (short) 47);
            }
            this.k.c(g);
            int h = TlsUtils.h(byteArrayInputStream);
            if (!a(this.l, h) || h == 255) {
                f((short) 2, (short) 47);
            }
            this.k.g(h);
            short j = TlsUtils.j(byteArrayInputStream);
            if (!b(this.m, j)) {
                f((short) 2, (short) 47);
            }
            this.k.a(j);
            Hashtable hashtable = new Hashtable();
            if (byteArrayInputStream.available() > 0) {
                ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(TlsUtils.f(byteArrayInputStream));
                while (byteArrayInputStream2.available() > 0) {
                    Integer num = new Integer(TlsUtils.h(byteArrayInputStream2));
                    byte[] f = TlsUtils.f(byteArrayInputStream2);
                    if (!num.equals(r) && this.i.get(num) == null) {
                        f((short) 2, (short) 110);
                    }
                    if (hashtable.containsKey(num)) {
                        f((short) 2, (short) 47);
                    }
                    hashtable.put(num, f);
                }
            }
            c(byteArrayInputStream);
            Integer num2 = r;
            boolean containsKey = hashtable.containsKey(num2);
            if (containsKey && !Arrays.d((byte[]) hashtable.get(num2), e(s))) {
                f((short) 2, (short) 40);
            }
            this.k.h(containsKey);
            if (this.i != null) {
                this.k.d(hashtable);
            }
            this.n = this.k.f();
            this.q = (short) 2;
            return;
        }
        if (s2 == 20) {
            if (this.q != 11) {
                f((short) 2, (short) 10);
                return;
            }
            byte[] bArr3 = new byte[12];
            TlsUtils.e(bArr3, byteArrayInputStream);
            c(byteArrayInputStream);
            if (!Arrays.d(TlsUtils.a(this.j.c, "server finished", this.e.g(), 12), bArr3)) {
                f((short) 2, (short) 40);
            }
            this.q = (short) 12;
            this.h = true;
            return;
        }
        TlsCredentials tlsCredentials = null;
        switch (s2) {
            case 11:
                if (this.q != 2) {
                    f((short) 2, (short) 10);
                } else {
                    Certificate c2 = Certificate.c(byteArrayInputStream);
                    c(byteArrayInputStream);
                    this.n.i(c2);
                    TlsAuthentication e = this.k.e();
                    this.o = e;
                    e.b(c2);
                }
                this.q = (short) 3;
                return;
            case 12:
                short s3 = this.q;
                if (s3 == 2) {
                    this.n.f();
                    this.o = null;
                } else if (s3 != 3) {
                    f((short) 2, (short) 10);
                    this.q = (short) 4;
                    return;
                }
                this.n.d(byteArrayInputStream);
                c(byteArrayInputStream);
                this.q = (short) 4;
                return;
            case 13:
                short s4 = this.q;
                if (s4 == 3) {
                    this.n.g();
                } else if (s4 != 4) {
                    f((short) 2, (short) 10);
                    this.q = (short) 5;
                    return;
                }
                if (this.o == null) {
                    f((short) 2, (short) 40);
                }
                int j2 = TlsUtils.j(byteArrayInputStream);
                short[] sArr = new short[j2];
                for (int i = 0; i < j2; i++) {
                    sArr[i] = TlsUtils.j(byteArrayInputStream);
                }
                byte[] f2 = TlsUtils.f(byteArrayInputStream);
                c(byteArrayInputStream);
                Vector vector = new Vector();
                ByteArrayInputStream byteArrayInputStream3 = new ByteArrayInputStream(f2);
                while (byteArrayInputStream3.available() > 0) {
                    vector.addElement(X500Name.i(ASN1Object.k(TlsUtils.f(byteArrayInputStream3))));
                }
                CertificateRequest certificateRequest = new CertificateRequest(sArr, vector);
                this.p = certificateRequest;
                this.n.e(certificateRequest);
                this.q = (short) 5;
                return;
            case 14:
                short s5 = this.q;
                if (s5 == 3) {
                    this.n.g();
                } else if (s5 != 4 && s5 != 5) {
                    f((short) 2, (short) 40);
                    return;
                }
                c(byteArrayInputStream);
                this.q = (short) 6;
                CertificateRequest certificateRequest2 = this.p;
                if (certificateRequest2 == null) {
                    this.n.b();
                } else {
                    tlsCredentials = this.o.a(certificateRequest2);
                    if (tlsCredentials == null) {
                        this.n.b();
                        c = Certificate.b;
                    } else {
                        this.n.a(tlsCredentials);
                        c = tlsCredentials.c();
                    }
                    s(c);
                }
                t();
                this.q = (short) 7;
                if (tlsCredentials != null && (tlsCredentials instanceof TlsSignerCredentials)) {
                    r(((TlsSignerCredentials) tlsCredentials).b(this.e.g()));
                    this.q = (short) 8;
                }
                this.e.k((short) 20, new byte[]{1}, 0, 1);
                this.q = (short) 9;
                byte[] h2 = this.n.h();
                SecurityParameters securityParameters = this.j;
                securityParameters.c = TlsUtils.a(h2, "master secret", TlsUtils.c(securityParameters.f7672a, securityParameters.b), 48);
                Arrays.e(h2, (byte) 0);
                this.e.a(this.k.b(), this.k.i());
                byte[] a2 = TlsUtils.a(this.j.c, "client finished", this.e.g(), 12);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                TlsUtils.s((short) 20, byteArrayOutputStream);
                TlsUtils.m(a2, byteArrayOutputStream);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                this.e.k((short) 22, byteArray, 0, byteArray.length);
                this.q = (short) 10;
                return;
            default:
                f((short) 2, (short) 10);
                return;
        }
    }

    private void o() throws IOException {
        try {
            this.e.h();
        } catch (TlsFatalAlert e) {
            if (!this.f) {
                f((short) 2, e.a());
            }
            throw e;
        } catch (IOException e2) {
            if (!this.f) {
                f((short) 2, (short) 80);
            }
            throw e2;
        } catch (RuntimeException e3) {
            if (!this.f) {
                f((short) 2, (short) 80);
            }
            throw e3;
        }
    }

    private void p(short s2, byte[] bArr, int i, int i2) throws IOException {
        try {
            this.e.k(s2, bArr, i, i2);
        } catch (TlsFatalAlert e) {
            if (!this.f) {
                f((short) 2, e.a());
            }
            throw e;
        } catch (IOException e2) {
            if (!this.f) {
                f((short) 2, (short) 80);
            }
            throw e2;
        } catch (RuntimeException e3) {
            if (!this.f) {
                f((short) 2, (short) 80);
            }
            throw e3;
        }
    }

    private void q(short s2, short s3) throws IOException {
        this.e.k((short) 21, new byte[]{(byte) s2, (byte) s3}, 0, 2);
    }

    private void r(byte[] bArr) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.s((short) 15, byteArrayOutputStream);
        TlsUtils.q(bArr.length + 2, byteArrayOutputStream);
        TlsUtils.l(bArr, byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        this.e.k((short) 22, byteArray, 0, byteArray.length);
    }

    private void s(Certificate certificate) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.s((short) 11, byteArrayOutputStream);
        certificate.a(byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        this.e.k((short) 22, byteArray, 0, byteArray.length);
    }

    private void t() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.s((short) 16, byteArrayOutputStream);
        this.n.c(byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        this.e.k((short) 22, byteArray, 0, byteArray.length);
    }

    protected void c(ByteArrayInputStream byteArrayInputStream) throws IOException {
        if (byteArrayInputStream.available() > 0) {
            throw new TlsFatalAlert((short) 50);
        }
    }

    public void d() throws IOException {
        if (this.f) {
            return;
        }
        f((short) 1, (short) 0);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void g() throws IOException {
        this.e.e();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void k(short s2, byte[] bArr, int i, int i2) throws IOException {
        switch (s2) {
            case 20:
                this.b.a(bArr, i, i2);
                j();
                return;
            case 21:
                this.c.a(bArr, i, i2);
                h();
                return;
            case 22:
                this.d.a(bArr, i, i2);
                l();
                return;
            case 23:
                if (!this.h) {
                    f((short) 2, (short) 10);
                }
                this.f7681a.a(bArr, i, i2);
                i();
                return;
            default:
                return;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int n(byte[] bArr, int i, int i2) throws IOException {
        while (this.f7681a.e() == 0) {
            if (this.f) {
                if (this.g) {
                    throw new IOException("Internal TLS error, this could be an attack");
                }
                return -1;
            }
            o();
        }
        int min = Math.min(i2, this.f7681a.e());
        this.f7681a.c(bArr, i, min, 0);
        this.f7681a.d(min);
        return min;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void u(byte[] bArr, int i, int i2) throws IOException {
        if (this.f) {
            if (!this.g) {
                throw new IOException("Sorry, connection has been closed, you cannot write more data");
            }
            throw new IOException("Internal TLS error, this could be an attack");
        }
        p((short) 23, s, 0, 0);
        do {
            int min = Math.min(i2, 16384);
            p((short) 23, bArr, i, min);
            i += min;
            i2 -= min;
        } while (i2 > 0);
    }
}
