package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.tls.e0;
import org.bouncycastle.crypto.tls.y1;

/* loaded from: classes8.dex */
public class g0 extends DTLSProtocol {

    /* renamed from: b, reason: collision with root package name */
    protected boolean f104713b;

    /* loaded from: classes8.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        TlsServer f104714a = null;

        /* renamed from: b, reason: collision with root package name */
        f3 f104715b = null;

        /* renamed from: c, reason: collision with root package name */
        TlsSession f104716c = null;

        /* renamed from: d, reason: collision with root package name */
        y1 f104717d = null;

        /* renamed from: e, reason: collision with root package name */
        y1.b f104718e = null;

        /* renamed from: f, reason: collision with root package name */
        int[] f104719f = null;

        /* renamed from: g, reason: collision with root package name */
        short[] f104720g = null;

        /* renamed from: h, reason: collision with root package name */
        Hashtable f104721h = null;

        /* renamed from: i, reason: collision with root package name */
        Hashtable f104722i = null;

        /* renamed from: j, reason: collision with root package name */
        boolean f104723j = false;

        /* renamed from: k, reason: collision with root package name */
        boolean f104724k = false;

        /* renamed from: l, reason: collision with root package name */
        boolean f104725l = false;

        /* renamed from: m, reason: collision with root package name */
        boolean f104726m = false;

        /* renamed from: n, reason: collision with root package name */
        TlsKeyExchange f104727n = null;

        /* renamed from: o, reason: collision with root package name */
        TlsCredentials f104728o = null;

        /* renamed from: p, reason: collision with root package name */
        k f104729p = null;

        /* renamed from: q, reason: collision with root package name */
        short f104730q = -1;

        /* renamed from: r, reason: collision with root package name */
        j f104731r = null;

        protected a() {
        }
    }

    public g0(SecureRandom secureRandom) {
        super(secureRandom);
        this.f104713b = true;
    }

    protected void a(a aVar, d0 d0Var, short s10) {
        d0Var.f(s10);
        i(aVar);
    }

    public h0 b(TlsServer tlsServer, DatagramTransport datagramTransport) throws IOException {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'server' cannot be null");
        }
        if (datagramTransport == null) {
            throw new IllegalArgumentException("'transport' cannot be null");
        }
        t1 t1Var = new t1();
        t1Var.f105134a = 0;
        a aVar = new a();
        aVar.f104714a = tlsServer;
        aVar.f104715b = new f3(this.f104493a, t1Var);
        t1Var.f105141h = TlsProtocol.createRandomBlock(tlsServer.N(), aVar.f104715b.i());
        tlsServer.E(aVar.f104715b);
        d0 d0Var = new d0(datagramTransport, aVar.f104715b, tlsServer, (short) 22);
        try {
            try {
                try {
                    return p(aVar, d0Var);
                } catch (IOException e10) {
                    a(aVar, d0Var, (short) 80);
                    throw e10;
                }
            } catch (RuntimeException e11) {
                a(aVar, d0Var, (short) 80);
                throw new TlsFatalAlert((short) 80, e11);
            } catch (TlsFatalAlert e12) {
                a(aVar, d0Var, e12.getAlertDescription());
                throw e12;
            }
        } finally {
            t1Var.a();
        }
    }

    protected boolean c(a aVar) {
        short s10 = aVar.f104730q;
        return s10 >= 0 && j3.W(s10);
    }

    protected byte[] d(a aVar, k kVar) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        kVar.a(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    protected byte[] e(a aVar, l lVar) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        lVar.a(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    protected byte[] f(a aVar, i1 i1Var) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        i1Var.a(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    protected byte[] g(a aVar) throws IOException {
        t1 j10 = aVar.f104715b.j();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        n1 c10 = aVar.f104714a.c();
        if (!c10.i(aVar.f104715b.a())) {
            throw new TlsFatalAlert((short) 80);
        }
        aVar.f104715b.n(c10);
        j3.x1(aVar.f104715b.c(), byteArrayOutputStream);
        byteArrayOutputStream.write(j10.k());
        byte[] bArr = j3.f104804a;
        j3.a1(bArr, byteArrayOutputStream);
        int s10 = aVar.f104714a.s();
        if (!org.bouncycastle.util.a.B(aVar.f104719f, s10) || s10 == 0 || s.a(s10) || !j3.i0(s10, aVar.f104715b.c())) {
            throw new TlsFatalAlert((short) 80);
        }
        DTLSProtocol.validateSelectedCipherSuite(s10, (short) 80);
        j10.f105135b = s10;
        short g10 = aVar.f104714a.g();
        if (!org.bouncycastle.util.a.C(aVar.f104720g, g10)) {
            throw new TlsFatalAlert((short) 80);
        }
        j10.f105136c = g10;
        j3.b1(s10, byteArrayOutputStream);
        j3.r1(g10, byteArrayOutputStream);
        Hashtable f10 = aVar.f104714a.f();
        aVar.f104722i = f10;
        if (aVar.f104724k) {
            Integer num = TlsProtocol.E;
            if (j3.N(f10, num) == null) {
                Hashtable r10 = r2.r(aVar.f104722i);
                aVar.f104722i = r10;
                r10.put(num, TlsProtocol.createRenegotiationInfo(bArr));
            }
        }
        if (j10.f105148o) {
            Hashtable r11 = r2.r(aVar.f104722i);
            aVar.f104722i = r11;
            r2.b(r11);
        }
        Hashtable hashtable = aVar.f104722i;
        if (hashtable != null) {
            j10.f105147n = r2.x(hashtable);
            j10.f105145l = DTLSProtocol.evaluateMaxFragmentLengthExtension(aVar.f104723j, aVar.f104721h, aVar.f104722i, (short) 80);
            j10.f105146m = r2.z(aVar.f104722i);
            aVar.f104725l = !aVar.f104723j && j3.V(aVar.f104722i, r2.f104951g, (short) 80);
            aVar.f104726m = !aVar.f104723j && j3.V(aVar.f104722i, TlsProtocol.F, (short) 80);
            TlsProtocol.writeExtensions(byteArrayOutputStream, aVar.f104722i);
        }
        j10.f105137d = TlsProtocol.getPRFAlgorithm(aVar.f104715b, j10.b());
        j10.f105138e = 12;
        return byteArrayOutputStream.toByteArray();
    }

    public boolean h() {
        return this.f104713b;
    }

    protected void i(a aVar) {
        y1 y1Var = aVar.f104717d;
        if (y1Var != null) {
            y1Var.a();
            aVar.f104717d = null;
        }
        TlsSession tlsSession = aVar.f104716c;
        if (tlsSession != null) {
            tlsSession.invalidate();
            aVar.f104716c = null;
        }
    }

    protected void j(a aVar, j jVar) throws IOException {
        if (aVar.f104729p == null) {
            throw new IllegalStateException();
        }
        if (aVar.f104731r != null) {
            throw new TlsFatalAlert((short) 10);
        }
        aVar.f104731r = jVar;
        if (jVar.f()) {
            aVar.f104727n.f();
        } else {
            aVar.f104730q = j3.H(jVar, aVar.f104728o.getCertificate());
            aVar.f104727n.e(jVar);
        }
        aVar.f104714a.h(jVar);
    }

    protected void k(a aVar, byte[] bArr, TlsHandshakeHash tlsHandshakeHash) throws IOException {
        byte[] l10;
        if (aVar.f104729p == null) {
            throw new IllegalStateException();
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        f3 f3Var = aVar.f104715b;
        p0 d10 = p0.d(f3Var, byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        try {
            a2 b10 = d10.b();
            if (j3.h0(f3Var)) {
                j3.W0(aVar.f104729p.d(), b10);
                l10 = tlsHandshakeHash.g(b10.b());
            } else {
                l10 = f3Var.j().l();
            }
            org.bouncycastle.crypto.params.b b11 = org.bouncycastle.crypto.util.e.b(aVar.f104731r.c(0).r());
            TlsSigner A = j3.A(aVar.f104730q);
            A.a(f3Var);
            if (A.g(b10, d10.c(), b11, l10)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (TlsFatalAlert e10) {
            throw e10;
        } catch (Exception e11) {
            throw new TlsFatalAlert((short) 51, e11);
        }
    }

    protected void l(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        j g10 = j.g(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        j(aVar, g10);
    }

    protected void m(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        n1 P0 = j3.P0(byteArrayInputStream);
        if (!P0.h()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] y02 = j3.y0(32, byteArrayInputStream);
        if (j3.B0(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        j3.B0(byteArrayInputStream);
        int D0 = j3.D0(byteArrayInputStream);
        if (D0 < 2 || (D0 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        aVar.f104719f = j3.F0(D0 / 2, byteArrayInputStream);
        short M0 = j3.M0(byteArrayInputStream);
        if (M0 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        aVar.f104720g = j3.O0(M0, byteArrayInputStream);
        aVar.f104721h = TlsProtocol.readExtensions(byteArrayInputStream);
        f3 f3Var = aVar.f104715b;
        t1 j10 = f3Var.j();
        j10.f105148o = r2.y(aVar.f104721h);
        f3Var.l(P0);
        aVar.f104714a.l(P0);
        aVar.f104714a.d(org.bouncycastle.util.a.B(aVar.f104719f, s.Q3));
        j10.f105140g = y02;
        aVar.f104714a.G(aVar.f104719f);
        aVar.f104714a.M(aVar.f104720g);
        if (org.bouncycastle.util.a.B(aVar.f104719f, 255)) {
            aVar.f104724k = true;
        }
        byte[] N = j3.N(aVar.f104721h, TlsProtocol.E);
        if (N != null) {
            aVar.f104724k = true;
            if (!org.bouncycastle.util.a.A(N, TlsProtocol.createRenegotiationInfo(j3.f104804a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        aVar.f104714a.j(aVar.f104724k);
        Hashtable hashtable = aVar.f104721h;
        if (hashtable != null) {
            r2.u(hashtable);
            aVar.f104714a.C(aVar.f104721h);
        }
    }

    protected void n(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        aVar.f104727n.c(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
    }

    protected void o(a aVar, byte[] bArr) throws IOException {
        aVar.f104714a.I(TlsProtocol.readSupplementalDataMessage(new ByteArrayInputStream(bArr)));
    }

    protected h0 p(a aVar, d0 d0Var) throws IOException {
        j certificate;
        l q10;
        t1 j10 = aVar.f104715b.j();
        e0 e0Var = new e0(aVar.f104715b, d0Var);
        e0.b m10 = e0Var.m();
        if (m10.c() != 1) {
            throw new TlsFatalAlert((short) 10);
        }
        m(aVar, m10.a());
        byte[] g10 = g(aVar);
        DTLSProtocol.applyMaxFragmentLengthExtension(d0Var, j10.f105145l);
        n1 c10 = aVar.f104715b.c();
        d0Var.q(c10);
        d0Var.r(c10);
        e0Var.r((short) 2, g10);
        e0Var.j();
        Vector i10 = aVar.f104714a.i();
        if (i10 != null) {
            e0Var.r((short) 23, DTLSProtocol.generateSupplementalData(i10));
        }
        TlsKeyExchange b10 = aVar.f104714a.b();
        aVar.f104727n = b10;
        b10.a(aVar.f104715b);
        TlsCredentials B = aVar.f104714a.B();
        aVar.f104728o = B;
        if (B == null) {
            aVar.f104727n.k();
            certificate = null;
        } else {
            aVar.f104727n.m(B);
            certificate = aVar.f104728o.getCertificate();
            e0Var.r((short) 11, DTLSProtocol.generateCertificate(certificate));
        }
        if (certificate == null || certificate.f()) {
            aVar.f104725l = false;
        }
        if (aVar.f104725l && (q10 = aVar.f104714a.q()) != null) {
            e0Var.r((short) 22, e(aVar, q10));
        }
        byte[] b11 = aVar.f104727n.b();
        if (b11 != null) {
            e0Var.r((short) 12, b11);
        }
        if (aVar.f104728o != null) {
            k p10 = aVar.f104714a.p();
            aVar.f104729p = p10;
            if (p10 != null) {
                if (j3.h0(aVar.f104715b) != (aVar.f104729p.d() != null)) {
                    throw new TlsFatalAlert((short) 80);
                }
                aVar.f104727n.d(aVar.f104729p);
                e0Var.r((short) 13, d(aVar, aVar.f104729p));
                j3.T0(e0Var.i(), aVar.f104729p.d());
            }
        }
        e0Var.r((short) 14, j3.f104804a);
        e0Var.i().o();
        e0.b m11 = e0Var.m();
        if (m11.c() == 23) {
            o(aVar, m11.a());
            m11 = e0Var.m();
        } else {
            aVar.f104714a.I(null);
        }
        if (aVar.f104729p == null) {
            aVar.f104727n.f();
        } else if (m11.c() == 11) {
            l(aVar, m11.a());
            m11 = e0Var.m();
        } else {
            if (j3.h0(aVar.f104715b)) {
                throw new TlsFatalAlert((short) 10);
            }
            j(aVar, j.f104799b);
        }
        if (m11.c() != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        n(aVar, m11.a());
        TlsHandshakeHash l10 = e0Var.l();
        j10.f105142i = TlsProtocol.getCurrentPRFHash(aVar.f104715b, l10, null);
        TlsProtocol.establishMasterSecret(aVar.f104715b, aVar.f104727n);
        d0Var.k(aVar.f104714a.F());
        if (c(aVar)) {
            k(aVar, e0Var.n((short) 15), l10);
        }
        f3 f3Var = aVar.f104715b;
        processFinished(e0Var.n((short) 20), j3.i(f3Var, u0.f105158a, TlsProtocol.getCurrentPRFHash(f3Var, e0Var.i(), null)));
        if (aVar.f104726m) {
            e0Var.r((short) 4, f(aVar, aVar.f104714a.A()));
        }
        f3 f3Var2 = aVar.f104715b;
        e0Var.r((short) 20, j3.i(f3Var2, u0.f105159b, TlsProtocol.getCurrentPRFHash(f3Var2, e0Var.i(), null)));
        e0Var.h();
        aVar.f104714a.L();
        return new h0(d0Var);
    }

    public void q(boolean z10) {
        this.f104713b = z10;
    }
}
