package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.tls.TlsProtocol;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.bouncycastle.util.Arrays;

/* loaded from: classes4.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServer a0;
    TlsServerContextImpl b0;
    protected TlsKeyExchange c0;
    protected TlsCredentials d0;
    protected CertificateRequest e0;
    protected short f0;
    protected TlsHandshakeHash g0;

    public TlsServerProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.a0 = null;
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
        this.e0 = null;
        this.f0 = (short) -1;
        this.g0 = null;
    }

    public TlsServerProtocol(SecureRandom secureRandom) {
        super(secureRandom);
        this.a0 = null;
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
        this.e0 = null;
        this.f0 = (short) -1;
        this.g0 = null;
    }

    protected void a(CertificateRequest certificateRequest) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(CertificateStatus certificateStatus) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(NewSessionTicket newSessionTicket) throws IOException {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    public void a(TlsServer tlsServer) throws IOException {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'tlsServer' cannot be null");
        }
        if (this.a0 != null) {
            throw new IllegalStateException("'accept' can only be called once");
        }
        this.a0 = tlsServer;
        this.p = new SecurityParameters();
        SecurityParameters securityParameters = this.p;
        securityParameters.f7520a = 0;
        this.b0 = new TlsServerContextImpl(this.e, securityParameters);
        this.p.h = TlsProtocol.a(tlsServer.g(), this.b0.f());
        this.a0.a(this.b0);
        this.d.a(this.b0);
        this.d.a(false);
        c();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x0020, code lost:
    
        if (r3 == 9) goto L15;
     */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void a(short r3) throws java.io.IOException {
        /*
            r2 = this;
            super.a(r3)
            r0 = 41
            if (r3 == r0) goto L8
            return
        L8:
            org.bouncycastle.crypto.tls.TlsContext r3 = r2.k()
            boolean r3 = org.bouncycastle.crypto.tls.TlsUtils.a(r3)
            r0 = 10
            if (r3 == 0) goto L31
            org.bouncycastle.crypto.tls.CertificateRequest r3 = r2.e0
            if (r3 == 0) goto L31
            short r3 = r2.v
            r1 = 8
            if (r3 == r1) goto L23
            r1 = 9
            if (r3 != r1) goto L31
            goto L29
        L23:
            org.bouncycastle.crypto.tls.TlsServer r3 = r2.a0
            r1 = 0
            r3.a(r1)
        L29:
            org.bouncycastle.crypto.tls.Certificate r3 = org.bouncycastle.crypto.tls.Certificate.b
            r2.b(r3)
            r2.v = r0
            return
        L31:
            org.bouncycastle.crypto.tls.TlsFatalAlert r3 = new org.bouncycastle.crypto.tls.TlsFatalAlert
            r3.<init>(r0)
            throw r3
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.crypto.tls.TlsServerProtocol.a(short):void");
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0022. Please report as an issue. */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected void a(short s, ByteArrayInputStream byteArrayInputStream) throws IOException {
        CertificateStatus u;
        Certificate certificate = null;
        if (s == 1) {
            short s2 = this.v;
            if (s2 != 0) {
                if (s2 != 16) {
                    throw new TlsFatalAlert((short) 10);
                }
                t();
                return;
            }
            g(byteArrayInputStream);
            this.v = (short) 1;
            z();
            this.v = (short) 2;
            this.d.g();
            Vector n = this.a0.n();
            if (n != null) {
                a(n);
            }
            this.v = (short) 3;
            this.c0 = this.a0.d();
            this.c0.a(k());
            this.d0 = this.a0.m();
            TlsCredentials tlsCredentials = this.d0;
            if (tlsCredentials == null) {
                this.c0.f();
            } else {
                this.c0.a(tlsCredentials);
                certificate = this.d0.a();
                a(certificate);
            }
            this.v = (short) 4;
            if (certificate == null || certificate.d()) {
                this.z = false;
            }
            if (this.z && (u = this.a0.u()) != null) {
                a(u);
            }
            this.v = (short) 5;
            byte[] a2 = this.c0.a();
            if (a2 != null) {
                d(a2);
            }
            this.v = (short) 6;
            if (this.d0 != null) {
                this.e0 = this.a0.t();
                if (this.e0 != null) {
                    if (TlsUtils.c(k()) != (this.e0.c() != null)) {
                        throw new TlsFatalAlert((short) 80);
                    }
                    this.c0.a(this.e0);
                    a(this.e0);
                    TlsUtils.a(this.d.c(), this.e0.c());
                }
            }
            this.v = (short) 7;
            y();
            this.v = (short) 8;
            this.d.c().g();
            return;
        }
        if (s == 11) {
            short s3 = this.v;
            if (s3 == 8) {
                this.a0.a((Vector) null);
            } else if (s3 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.e0 == null) {
                throw new TlsFatalAlert((short) 10);
            }
            e(byteArrayInputStream);
            this.v = (short) 10;
            return;
        }
        if (s == 20) {
            short s4 = this.v;
            if (s4 != 11) {
                if (s4 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (x()) {
                throw new TlsFatalAlert((short) 10);
            }
            a(byteArrayInputStream);
            this.v = (short) 13;
            if (this.A) {
                a(this.a0.l());
            }
            this.v = (short) 14;
            v();
            w();
            this.v = (short) 15;
            g();
            return;
        }
        if (s == 23) {
            if (this.v != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.a0.a(TlsProtocol.d(byteArrayInputStream));
            this.v = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.v != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!x()) {
                throw new TlsFatalAlert((short) 10);
            }
            f(byteArrayInputStream);
            this.v = (short) 12;
            return;
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.v) {
            case 8:
                this.a0.a((Vector) null);
            case 9:
                if (this.e0 == null) {
                    this.c0.b();
                } else {
                    if (TlsUtils.c(k())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.a(k())) {
                        b(Certificate.b);
                    } else if (this.q == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                h(byteArrayInputStream);
                this.v = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    protected void b(Certificate certificate) throws IOException {
        if (this.e0 == null) {
            throw new IllegalStateException();
        }
        if (this.q != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.q = certificate;
        if (certificate.d()) {
            this.c0.b();
        } else {
            this.f0 = TlsUtils.a(certificate, this.d0.a());
            this.c0.a(certificate);
        }
        this.a0.a(certificate);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void d() {
        super.d();
        this.c0 = null;
        this.d0 = null;
        this.e0 = null;
        this.g0 = null;
    }

    protected void d(byte[] bArr) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    protected void e(ByteArrayInputStream byteArrayInputStream) throws IOException {
        Certificate a2 = Certificate.a(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        b(a2);
    }

    protected void f(ByteArrayInputStream byteArrayInputStream) throws IOException {
        byte[] l;
        if (this.e0 == null) {
            throw new IllegalStateException();
        }
        DigitallySigned a2 = DigitallySigned.a(k(), byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        try {
            SignatureAndHashAlgorithm a3 = a2.a();
            if (TlsUtils.c(k())) {
                TlsUtils.a(this.e0.c(), a3);
                l = this.g0.b(a3.a());
            } else {
                l = this.p.l();
            }
            AsymmetricKeyParameter a4 = PublicKeyFactory.a(this.q.a(0).n());
            TlsSigner c = TlsUtils.c(this.f0);
            c.a(k());
            if (c.a(a3, a2.b(), a4, l)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (TlsFatalAlert e) {
            throw e;
        } catch (Exception e2) {
            throw new TlsFatalAlert((short) 51, e2);
        }
    }

    protected void g(ByteArrayInputStream byteArrayInputStream) throws IOException {
        ProtocolVersion i = TlsUtils.i(byteArrayInputStream);
        this.d.b(i);
        if (i.e()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] b = TlsUtils.b(32, byteArrayInputStream);
        if (TlsUtils.c(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int d = TlsUtils.d(byteArrayInputStream);
        if (d < 2 || (d & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.r = TlsUtils.c(d / 2, byteArrayInputStream);
        short h = TlsUtils.h(byteArrayInputStream);
        if (h < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.s = TlsUtils.d(h, byteArrayInputStream);
        this.t = TlsProtocol.c(byteArrayInputStream);
        this.p.o = TlsExtensionsUtils.k(this.t);
        l().a(i);
        this.a0.b(i);
        this.a0.b(Arrays.b(this.r, CipherSuite.Q3));
        this.p.g = b;
        this.a0.a(this.r);
        this.a0.a(this.s);
        if (Arrays.b(this.r, 255)) {
            this.y = true;
        }
        byte[] a2 = TlsUtils.a(this.t, TlsProtocol.E);
        if (a2 != null) {
            this.y = true;
            if (!Arrays.e(a2, TlsProtocol.c(TlsUtils.f7548a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.a0.a(this.y);
        Hashtable hashtable = this.t;
        if (hashtable != null) {
            TlsExtensionsUtils.g(hashtable);
            this.a0.b(this.t);
        }
    }

    protected void h(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.c0.b(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        if (TlsUtils.a(k())) {
            TlsProtocol.a(k(), this.c0);
        }
        this.g0 = this.d.h();
        this.p.i = TlsProtocol.a(k(), this.g0, (byte[]) null);
        if (!TlsUtils.a(k())) {
            TlsProtocol.a(k(), this.c0);
        }
        this.d.a(o().c(), o().e());
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsContext k() {
        return this.b0;
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    AbstractTlsContext l() {
        return this.b0;
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsPeer o() {
        return this.a0;
    }

    protected boolean x() {
        short s = this.f0;
        return s >= 0 && TlsUtils.e(s);
    }

    protected void y() throws IOException {
        byte[] bArr = new byte[4];
        TlsUtils.a((short) 14, bArr, 0);
        TlsUtils.b(0, bArr, 1);
        f(bArr, 0, bArr.length);
    }

    protected void z() throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion a2 = this.a0.a();
        if (!a2.b(k().b())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.d.a(a2);
        this.d.b(a2);
        this.d.a(true);
        l().b(a2);
        TlsUtils.a(a2, handshakeMessage);
        handshakeMessage.write(this.p.h);
        TlsUtils.c(TlsUtils.f7548a, handshakeMessage);
        int v = this.a0.v();
        if (!Arrays.b(this.r, v) || v == 0 || CipherSuite.a(v) || !TlsUtils.a(v, k().a())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.p.b = v;
        short k = this.a0.k();
        if (!Arrays.b(this.s, k)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.p.c = k;
        TlsUtils.a(v, (OutputStream) handshakeMessage);
        TlsUtils.a(k, (OutputStream) handshakeMessage);
        this.u = this.a0.i();
        boolean z = false;
        if (this.y) {
            if (TlsUtils.a(this.u, TlsProtocol.E) == null) {
                this.u = TlsExtensionsUtils.d(this.u);
                this.u.put(TlsProtocol.E, TlsProtocol.c(TlsUtils.f7548a));
            }
        }
        if (this.p.o) {
            this.u = TlsExtensionsUtils.d(this.u);
            TlsExtensionsUtils.b(this.u);
        }
        Hashtable hashtable = this.u;
        if (hashtable != null) {
            this.p.n = TlsExtensionsUtils.j(hashtable);
            this.p.l = a(this.t, this.u, (short) 80);
            this.p.m = TlsExtensionsUtils.l(this.u);
            this.z = !this.w && TlsUtils.a(this.u, TlsExtensionsUtils.g, (short) 80);
            if (!this.w && TlsUtils.a(this.u, TlsProtocol.F, (short) 80)) {
                z = true;
            }
            this.A = z;
            TlsProtocol.a(handshakeMessage, this.u);
        }
        this.p.d = TlsProtocol.a(k(), this.p.b());
        this.p.e = 12;
        b();
        handshakeMessage.a();
    }
}
