package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;

/* loaded from: classes2.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServerContextImpl A;
    protected TlsKeyExchange B;
    protected TlsCredentials C;
    protected CertificateRequest D;
    protected short E;
    protected TlsHandshakeHash F;
    protected TlsServer z;

    protected boolean N() {
        short s = this.E;
        return s >= 0 && TlsUtils.F(s);
    }

    protected void O(Certificate certificate) {
        if (this.D == null) {
            throw new IllegalStateException();
        }
        if (this.m != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.m = certificate;
        if (certificate.f()) {
            this.B.d();
        } else {
            this.E = TlsUtils.u(certificate, this.C.d());
            this.B.j(certificate);
        }
        this.z.D(certificate);
    }

    protected void P(ByteArrayInputStream byteArrayInputStream) {
        Certificate g = Certificate.g(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        O(g);
    }

    protected void Q(ByteArrayInputStream byteArrayInputStream) {
        DigitallySigned d = DigitallySigned.d(i(), byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        boolean z = false;
        try {
            byte[] g = TlsUtils.L(i()) ? this.F.g(d.b().b()) : TlsProtocol.j(i(), this.F, null);
            AsymmetricKeyParameter a = PublicKeyFactory.a(this.m.c(0).q());
            TlsSigner o = TlsUtils.o(this.E);
            o.a(i());
            z = o.c(d.b(), d.c(), a, g);
        } catch (Exception unused) {
        }
        if (!z) {
            throw new TlsFatalAlert((short) 51);
        }
    }

    protected void R(ByteArrayInputStream byteArrayInputStream) {
        ProtocolVersion i0 = TlsUtils.i0(byteArrayInputStream);
        if (i0.g()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] V = TlsUtils.V(32, byteArrayInputStream);
        if (TlsUtils.Y(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int a0 = TlsUtils.a0(byteArrayInputStream);
        if (a0 < 2 || (a0 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.n = TlsUtils.c0(a0 / 2, byteArrayInputStream);
        short f0 = TlsUtils.f0(byteArrayInputStream);
        if (f0 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.o = TlsUtils.h0(f0, byteArrayInputStream);
        this.p = TlsProtocol.B(byteArrayInputStream);
        i().g(i0);
        this.z.x(i0);
        this.l.g = V;
        this.z.e(this.n);
        this.z.z(this.o);
        if (Arrays.t(this.n, 255)) {
            this.u = true;
        }
        byte[] z = TlsUtils.z(this.p, TlsProtocol.x);
        if (z != null) {
            this.u = true;
            if (!Arrays.s(z, TlsProtocol.d(TlsUtils.a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.z.A(this.u);
        Hashtable hashtable = this.p;
        if (hashtable != null) {
            this.z.w(hashtable);
        }
    }

    protected void S(ByteArrayInputStream byteArrayInputStream) {
        this.B.k(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        TlsProtocol.f(i(), this.B);
        this.d.o(l().k(), l().B());
        this.F = this.d.j();
        if (this.w) {
            return;
        }
        G();
    }

    protected void T(CertificateRequest certificateRequest) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void U(CertificateStatus certificateStatus) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void V(NewSessionTicket newSessionTicket) {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void W() {
        byte[] bArr = new byte[4];
        TlsUtils.A0((short) 14, bArr, 0);
        TlsUtils.u0(0, bArr, 1);
        L(bArr, 0, 4);
    }

    protected void X() {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion a = this.z.a();
        if (!a.h(i().b())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.d.q(a);
        this.d.s(a);
        this.d.r(true);
        i().h(a);
        TlsUtils.F0(a, handshakeMessage);
        handshakeMessage.write(this.l.h);
        byte[] bArr = TlsUtils.a;
        TlsUtils.q0(bArr, handshakeMessage);
        int y = this.z.y();
        if (!Arrays.t(this.n, y) || y == 0 || y == 255 || !TlsUtils.M(y, a)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.l.b = y;
        short h = this.z.h();
        if (!Arrays.u(this.o, h)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.l.c = h;
        TlsUtils.r0(y, handshakeMessage);
        TlsUtils.z0(h, handshakeMessage);
        Hashtable f = this.z.f();
        this.q = f;
        boolean z = false;
        if (this.u) {
            Integer num = TlsProtocol.x;
            if (TlsUtils.z(f, num) == null) {
                Hashtable h2 = TlsExtensionsUtils.h(this.q);
                this.q = h2;
                h2.put(num, TlsProtocol.d(bArr));
            }
        }
        Hashtable hashtable = this.q;
        if (hashtable != null) {
            this.l.k = TlsExtensionsUtils.j(hashtable);
            this.l.i = w(this.p, this.q, (short) 80);
            this.l.j = TlsExtensionsUtils.k(this.q);
            this.v = !this.s && TlsUtils.E(this.q, TlsExtensionsUtils.e, (short) 80);
            if (!this.s && TlsUtils.E(this.q, TlsProtocol.y, (short) 80)) {
                z = true;
            }
            this.w = z;
            TlsProtocol.K(handshakeMessage, this.q);
        }
        short s = this.l.i;
        if (s >= 0) {
            this.d.p(1 << (s + 8));
        }
        this.l.d = TlsProtocol.k(i(), this.l.a());
        this.l.e = 12;
        handshakeMessage.a();
        this.d.i();
    }

    protected void Y(byte[] bArr) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected AbstractTlsContext i() {
        return this.A;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsPeer l() {
        return this.z;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:13:0x0027. Please report as an issue. */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected void o(short s, byte[] bArr) {
        CertificateStatus t;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate certificate = null;
        if (s == 1) {
            if (this.r != 0) {
                throw new TlsFatalAlert((short) 10);
            }
            R(byteArrayInputStream);
            this.r = (short) 1;
            X();
            this.r = (short) 2;
            Vector u = this.z.u();
            if (u != null) {
                I(u);
            }
            this.r = (short) 3;
            TlsKeyExchange c = this.z.c();
            this.B = c;
            c.a(i());
            TlsCredentials s2 = this.z.s();
            this.C = s2;
            if (s2 == null) {
                this.B.n();
            } else {
                this.B.i(s2);
                certificate = this.C.d();
                F(certificate);
            }
            this.r = (short) 4;
            if (certificate == null || certificate.f()) {
                this.v = false;
            }
            if (this.v && (t = this.z.t()) != null) {
                U(t);
            }
            this.r = (short) 5;
            byte[] c2 = this.B.c();
            if (c2 != null) {
                Y(c2);
            }
            this.r = (short) 6;
            if (this.C != null) {
                CertificateRequest q = this.z.q();
                this.D = q;
                if (q != null) {
                    this.B.g(q);
                    T(this.D);
                    TlsUtils.l0(this.d.f(), this.D.c());
                }
            }
            this.r = (short) 7;
            W();
            this.r = (short) 8;
            this.d.f().i();
            return;
        }
        if (s == 11) {
            short s3 = this.r;
            if (s3 == 8) {
                this.z.i(null);
            } else if (s3 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.D == null) {
                throw new TlsFatalAlert((short) 10);
            }
            P(byteArrayInputStream);
            this.r = (short) 10;
            return;
        }
        if (s == 20) {
            short s4 = this.r;
            if (s4 != 11) {
                if (s4 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (N()) {
                throw new TlsFatalAlert((short) 10);
            }
            u(byteArrayInputStream);
            this.r = (short) 13;
            if (this.w) {
                V(this.z.r());
                G();
            }
            this.r = (short) 14;
            H();
            this.r = (short) 16;
            return;
        }
        if (s == 23) {
            if (this.r != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.z.i(TlsProtocol.C(byteArrayInputStream));
            this.r = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.r != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!N()) {
                throw new TlsFatalAlert((short) 10);
            }
            Q(byteArrayInputStream);
            this.r = (short) 12;
            return;
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.r) {
            case 8:
                this.z.i(null);
            case 9:
                if (this.D == null) {
                    this.B.d();
                } else {
                    if (TlsUtils.L(i())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.I(i())) {
                        O(Certificate.b);
                    } else if (this.m == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                S(byteArrayInputStream);
                this.r = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void p(short s) {
        if (s != 41) {
            super.p(s);
        } else {
            if (!TlsUtils.I(i()) || this.D == null) {
                return;
            }
            O(Certificate.b);
        }
    }
}
