package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.tls.o2;
import org.bouncycastle.crypto.tls.q0;

/* loaded from: classes6.dex */
public class k0 extends n0 {
    private p0 recordLayer;

    /* loaded from: classes6.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        public b3 f80614a = null;

        /* renamed from: b, reason: collision with root package name */
        public d3 f80615b = null;

        /* renamed from: c, reason: collision with root package name */
        public s4 f80616c = null;

        /* renamed from: d, reason: collision with root package name */
        public o2 f80617d = null;

        /* renamed from: e, reason: collision with root package name */
        public o2.b f80618e = null;

        /* renamed from: f, reason: collision with root package name */
        public int[] f80619f = null;

        /* renamed from: g, reason: collision with root package name */
        public short[] f80620g = null;

        /* renamed from: h, reason: collision with root package name */
        public Hashtable f80621h = null;

        /* renamed from: i, reason: collision with root package name */
        public Hashtable f80622i = null;

        /* renamed from: j, reason: collision with root package name */
        public byte[] f80623j = null;

        /* renamed from: k, reason: collision with root package name */
        public boolean f80624k = false;

        /* renamed from: l, reason: collision with root package name */
        public boolean f80625l = false;

        /* renamed from: m, reason: collision with root package name */
        public boolean f80626m = false;

        /* renamed from: n, reason: collision with root package name */
        public boolean f80627n = false;

        /* renamed from: o, reason: collision with root package name */
        public v3 f80628o = null;

        /* renamed from: p, reason: collision with root package name */
        public x2 f80629p = null;

        /* renamed from: q, reason: collision with root package name */
        public v f80630q = null;

        /* renamed from: r, reason: collision with root package name */
        public u f80631r = null;

        /* renamed from: s, reason: collision with root package name */
        public h3 f80632s = null;
    }

    public k0(SecureRandom secureRandom) {
        super(secureRandom);
    }

    public static byte[] patchClientHelloWithCookie(byte[] bArr, byte[] bArr2) throws IOException {
        int N0 = x4.N0(bArr, 34) + 35;
        int i10 = N0 + 1;
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, N0);
        x4.q(bArr2.length);
        bArr3[N0] = (byte) bArr2.length;
        System.arraycopy(bArr2, 0, bArr3, i10, bArr2.length);
        System.arraycopy(bArr, i10, bArr3, bArr2.length + i10, bArr.length - i10);
        return bArr3;
    }

    public void cancel() throws Exception {
        p0 p0Var = this.recordLayer;
        if (p0Var != null) {
            p0Var.close();
        }
    }

    public t0 clientHandshake(a aVar, p0 p0Var) throws IOException {
        q0.b bVar;
        t tVar;
        i2 g10 = aVar.f80615b.g();
        q0 q0Var = new q0(aVar.f80615b, p0Var);
        byte[] generateClientHello = generateClientHello(aVar, aVar.f80614a);
        p0Var.n(c2.f80405g);
        q0Var.r((short) 1, generateClientHello);
        while (true) {
            q0.b m10 = q0Var.m();
            if (m10.c() != 3) {
                if (m10.c() != 2) {
                    throw new TlsFatalAlert((short) 10, null);
                }
                c2 e10 = p0Var.e();
                reportServerVersion(aVar, e10);
                p0Var.n(e10);
                processServerHello(aVar, m10.a());
                q0Var.j();
                n0.applyMaxFragmentLengthExtension(p0Var, g10.f80587l);
                if (aVar.f80624k) {
                    g10.f80581f = org.bouncycastle.util.a.k(aVar.f80617d.f80775c);
                    p0Var.g(aVar.f80614a.getCipher());
                    d3 d3Var = aVar.f80615b;
                    processFinished(q0Var.n((short) 20), x4.i(d3Var, j1.f80599b, e4.s(d3Var, q0Var.f80831b, null)));
                    d3 d3Var2 = aVar.f80615b;
                    q0Var.r((short) 20, x4.i(d3Var2, j1.f80598a, e4.s(d3Var2, q0Var.f80831b, null)));
                    q0Var.h();
                    aVar.f80615b.k(aVar.f80616c);
                    aVar.f80614a.notifyHandshakeComplete();
                    return new t0(p0Var);
                }
                invalidateSession(aVar);
                byte[] bArr = aVar.f80623j;
                if (bArr.length > 0) {
                    aVar.f80616c = new t4(bArr, null);
                }
                q0.b m11 = q0Var.m();
                if (m11.c() == 23) {
                    processServerSupplementalData(aVar, m11.a());
                    m11 = q0Var.m();
                } else {
                    aVar.f80614a.processServerSupplementalData(null);
                }
                v3 keyExchange = aVar.f80614a.getKeyExchange();
                aVar.f80628o = keyExchange;
                keyExchange.b(aVar.f80615b);
                if (m11.c() == 11) {
                    tVar = processServerCertificate(aVar, m11.a());
                    bVar = q0Var.m();
                } else {
                    aVar.f80628o.o();
                    bVar = m11;
                    tVar = null;
                }
                if (tVar == null || tVar.f()) {
                    aVar.f80626m = false;
                }
                if (bVar.c() == 22) {
                    processCertificateStatus(aVar, bVar.a());
                    bVar = q0Var.m();
                }
                if (bVar.c() == 12) {
                    processServerKeyExchange(aVar, bVar.a());
                    bVar = q0Var.m();
                } else {
                    aVar.f80628o.k();
                }
                if (bVar.c() == 13) {
                    processCertificateRequest(aVar, bVar.a());
                    x4.T0(q0Var.f80831b, aVar.f80631r.d());
                    bVar = q0Var.m();
                }
                if (bVar.c() != 14) {
                    throw new TlsFatalAlert((short) 10, null);
                }
                if (bVar.a().length != 0) {
                    throw new TlsFatalAlert((short) 50, null);
                }
                q0Var.f80831b.q();
                Vector clientSupplementalData = aVar.f80614a.getClientSupplementalData();
                if (clientSupplementalData != null) {
                    q0Var.r((short) 23, n0.generateSupplementalData(clientSupplementalData));
                }
                u uVar = aVar.f80631r;
                if (uVar != null) {
                    h3 clientCredentials = aVar.f80629p.getClientCredentials(uVar);
                    aVar.f80632s = clientCredentials;
                    t e11 = clientCredentials != null ? clientCredentials.e() : null;
                    if (e11 == null) {
                        e11 = t.f80915b;
                    }
                    q0Var.r((short) 11, n0.generateCertificate(e11));
                }
                h3 h3Var = aVar.f80632s;
                if (h3Var != null) {
                    aVar.f80628o.m(h3Var);
                } else {
                    aVar.f80628o.g();
                }
                q0Var.r((short) 16, generateClientKeyExchange(aVar));
                t3 l10 = q0Var.l();
                g10.f80584i = e4.s(aVar.f80615b, l10, null);
                e4.l(aVar.f80615b, aVar.f80628o);
                p0Var.g(aVar.f80614a.getCipher());
                h3 h3Var2 = aVar.f80632s;
                if (h3Var2 != null && (h3Var2 instanceof v4)) {
                    v4 v4Var = (v4) h3Var2;
                    q2 U = x4.U(aVar.f80615b, v4Var);
                    q0Var.r((short) 15, generateCertificateVerify(aVar, new e1(U, v4Var.d(U == null ? g10.l() : l10.n(U.b())))));
                }
                d3 d3Var3 = aVar.f80615b;
                q0Var.r((short) 20, x4.i(d3Var3, j1.f80598a, e4.s(d3Var3, q0Var.f80831b, null)));
                if (aVar.f80627n) {
                    q0.b m12 = q0Var.m();
                    if (m12.c() != 4) {
                        throw new TlsFatalAlert((short) 10, null);
                    }
                    processNewSessionTicket(aVar, m12.a());
                }
                d3 d3Var4 = aVar.f80615b;
                processFinished(q0Var.n((short) 20), x4.i(d3Var4, j1.f80599b, e4.s(d3Var4, q0Var.f80831b, null)));
                q0Var.h();
                if (aVar.f80616c != null) {
                    o2.b bVar2 = new o2.b();
                    bVar2.f80780a = g10.b();
                    bVar2.f80781b = g10.d();
                    bVar2.f80782c = g10.f();
                    bVar2.f80783d = tVar;
                    bVar2.f80784e = g10.g();
                    bVar2.f80785f = g10.j();
                    aVar.f80617d = bVar2.i(aVar.f80622i).a();
                    t4 t4Var = new t4(aVar.f80616c.a(), aVar.f80617d);
                    aVar.f80616c = t4Var;
                    aVar.f80615b.k(t4Var);
                }
                aVar.f80614a.notifyHandshakeComplete();
                return new t0(p0Var);
            }
            if (!p0Var.e().i(aVar.f80615b.getClientVersion())) {
                throw new TlsFatalAlert((short) 47, null);
            }
            p0Var.m(null);
            byte[] patchClientHelloWithCookie = patchClientHelloWithCookie(generateClientHello, processHelloVerifyRequest(aVar, m10.a()));
            q0Var.q();
            q0Var.r((short) 1, patchClientHelloWithCookie);
        }
    }

    public t0 connect(b3 b3Var, u0 u0Var) throws IOException {
        o2 c10;
        if (b3Var == null) {
            throw new IllegalArgumentException("'client' cannot be null");
        }
        if (u0Var == null) {
            throw new IllegalArgumentException("'transport' cannot be null");
        }
        i2 i2Var = new i2();
        i2Var.f80576a = 1;
        a aVar = new a();
        aVar.f80614a = b3Var;
        aVar.f80615b = new d3(this.secureRandom, i2Var);
        i2Var.f80582g = e4.i(b3Var.shouldUseGMTUnixTime(), aVar.f80615b.f());
        b3Var.init(aVar.f80615b);
        this.recordLayer = new p0(u0Var, aVar.f80615b, b3Var, (short) 22);
        s4 sessionToResume = aVar.f80614a.getSessionToResume();
        if (sessionToResume != null && sessionToResume.b() && (c10 = sessionToResume.c()) != null) {
            aVar.f80616c = sessionToResume;
            aVar.f80617d = c10;
        }
        try {
            return clientHandshake(aVar, this.recordLayer);
        } catch (TlsFatalAlert e10) {
            this.recordLayer.b(e10.a());
            throw e10;
        } catch (IOException e11) {
            this.recordLayer.b((short) 80);
            throw e11;
        } catch (RuntimeException e12) {
            this.recordLayer.b((short) 80);
            throw new TlsFatalAlert((short) 80, e12);
        }
    }

    public byte[] generateCertificateVerify(a aVar, e1 e1Var) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        e1Var.a(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] generateClientHello(a aVar, b3 b3Var) throws IOException {
        byte[] bArr;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        c2 clientVersion = b3Var.getClientVersion();
        if (!clientVersion.h()) {
            throw new TlsFatalAlert((short) 80, null);
        }
        d3 d3Var = aVar.f80615b;
        d3Var.j(clientVersion);
        x4.x1(clientVersion, byteArrayOutputStream);
        byteArrayOutputStream.write(d3Var.g().c());
        byte[] bArr2 = x4.f81003a;
        s4 s4Var = aVar.f80616c;
        if (s4Var == null || (bArr = s4Var.a()) == null || bArr.length > 32) {
            bArr = bArr2;
        }
        x4.a1(bArr, byteArrayOutputStream);
        x4.a1(bArr2, byteArrayOutputStream);
        boolean isFallback = b3Var.isFallback();
        aVar.f80619f = b3Var.getCipherSuites();
        Hashtable clientExtensions = b3Var.getClientExtensions();
        aVar.f80621h = clientExtensions;
        boolean z10 = x4.N(clientExtensions, e4.E) == null;
        boolean z11 = !org.bouncycastle.util.a.A(aVar.f80619f, 255);
        if (z10 && z11) {
            aVar.f80619f = org.bouncycastle.util.a.b(aVar.f80619f, 255);
        }
        if (isFallback && !org.bouncycastle.util.a.A(aVar.f80619f, c0.Q3)) {
            aVar.f80619f = org.bouncycastle.util.a.b(aVar.f80619f, c0.Q3);
        }
        x4.f1(aVar.f80619f, byteArrayOutputStream);
        short[] sArr = {0};
        aVar.f80620g = sArr;
        x4.v1(sArr, byteArrayOutputStream);
        Hashtable hashtable = aVar.f80621h;
        if (hashtable != null) {
            e4.c0(byteArrayOutputStream, hashtable);
        }
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] generateClientKeyExchange(a aVar) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        aVar.f80628o.h(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public void invalidateSession(a aVar) {
        o2 o2Var = aVar.f80617d;
        if (o2Var != null) {
            o2Var.a();
            aVar.f80617d = null;
        }
        s4 s4Var = aVar.f80616c;
        if (s4Var != null) {
            s4Var.invalidate();
            aVar.f80616c = null;
        }
    }

    public void processCertificateRequest(a aVar, byte[] bArr) throws IOException {
        if (aVar.f80629p == null) {
            throw new TlsFatalAlert((short) 40, null);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        aVar.f80631r = u.e(aVar.f80615b, byteArrayInputStream);
        e4.c(byteArrayInputStream);
        aVar.f80628o.e(aVar.f80631r);
    }

    public void processCertificateStatus(a aVar, byte[] bArr) throws IOException {
        if (!aVar.f80626m) {
            throw new TlsFatalAlert((short) 10, null);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        aVar.f80630q = v.f(byteArrayInputStream);
        e4.c(byteArrayInputStream);
    }

    public byte[] processHelloVerifyRequest(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        c2 P0 = x4.P0(byteArrayInputStream);
        byte[] B0 = x4.B0(byteArrayInputStream);
        e4.c(byteArrayInputStream);
        if (!P0.i(aVar.f80615b.getClientVersion())) {
            throw new TlsFatalAlert((short) 47, null);
        }
        if (c2.f80406h.i(P0) || B0.length <= 32) {
            return B0;
        }
        throw new TlsFatalAlert((short) 47, null);
    }

    public void processNewSessionTicket(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        x1 d10 = x1.d(byteArrayInputStream);
        e4.c(byteArrayInputStream);
        aVar.f80614a.notifyNewSessionTicket(d10);
    }

    public t processServerCertificate(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        t g10 = t.g(byteArrayInputStream);
        e4.c(byteArrayInputStream);
        aVar.f80628o.l(g10);
        x2 authentication = aVar.f80614a.getAuthentication();
        aVar.f80629p = authentication;
        authentication.notifyServerCertificate(g10);
        return g10;
    }

    public void processServerHello(a aVar, byte[] bArr) throws IOException {
        s4 s4Var;
        i2 g10 = aVar.f80615b.g();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        reportServerVersion(aVar, x4.P0(byteArrayInputStream));
        g10.f80583h = x4.y0(32, byteArrayInputStream);
        byte[] B0 = x4.B0(byteArrayInputStream);
        aVar.f80623j = B0;
        if (B0.length > 32) {
            throw new TlsFatalAlert((short) 47, null);
        }
        aVar.f80614a.notifySessionID(B0);
        byte[] bArr2 = aVar.f80623j;
        boolean z10 = false;
        aVar.f80624k = bArr2.length > 0 && (s4Var = aVar.f80616c) != null && org.bouncycastle.util.a.d(bArr2, s4Var.a());
        int D0 = x4.D0(byteArrayInputStream);
        if (!org.bouncycastle.util.a.A(aVar.f80619f, D0) || D0 == 0 || c0.a(D0) || !x4.i0(D0, aVar.f80615b.getServerVersion())) {
            throw new TlsFatalAlert((short) 47, null);
        }
        n0.validateSelectedCipherSuite(D0, (short) 47);
        aVar.f80614a.notifySelectedCipherSuite(D0);
        short M0 = x4.M0(byteArrayInputStream);
        if (!org.bouncycastle.util.a.B(aVar.f80620g, M0)) {
            throw new TlsFatalAlert((short) 47, null);
        }
        aVar.f80614a.notifySelectedCompressionMethod(M0);
        Hashtable P = e4.P(byteArrayInputStream);
        aVar.f80622i = P;
        if (P != null) {
            Enumeration keys = P.keys();
            while (keys.hasMoreElements()) {
                Integer num = (Integer) keys.nextElement();
                if (!num.equals(e4.E) && x4.N(aVar.f80621h, num) == null) {
                    throw new TlsFatalAlert(l.f80709y, null);
                }
            }
        }
        byte[] N = x4.N(aVar.f80622i, e4.E);
        if (N != null) {
            aVar.f80625l = true;
            if (!org.bouncycastle.util.a.z(N, x4.B(x4.f81003a))) {
                throw new TlsFatalAlert((short) 40, null);
            }
        }
        aVar.f80614a.notifySecureRenegotiation(aVar.f80625l);
        Hashtable hashtable = aVar.f80621h;
        Hashtable hashtable2 = aVar.f80622i;
        if (aVar.f80624k) {
            o2 o2Var = aVar.f80617d;
            if (D0 != o2Var.f80773a || M0 != o2Var.f80774b) {
                throw new TlsFatalAlert((short) 47, null);
            }
            hashtable2 = o2Var.j();
            hashtable = null;
        }
        g10.f80577b = D0;
        g10.f80578c = M0;
        if (hashtable2 != null) {
            boolean x10 = s3.x(hashtable2);
            if (x10 && !x4.a0(g10.b())) {
                throw new TlsFatalAlert((short) 47, null);
            }
            g10.f80589n = x10;
            g10.f80590o = s3.y(hashtable2);
            g10.f80587l = n0.evaluateMaxFragmentLengthExtension(aVar.f80624k, hashtable, hashtable2, (short) 47);
            g10.f80588m = s3.z(hashtable2);
            aVar.f80626m = !aVar.f80624k && x4.V(hashtable2, s3.f80913g, (short) 47);
            if (!aVar.f80624k && x4.V(hashtable2, e4.F, (short) 47)) {
                z10 = true;
            }
            aVar.f80627n = z10;
        }
        if (hashtable != null) {
            aVar.f80614a.processServerExtensions(hashtable2);
        }
        g10.f80579d = e4.v(aVar.f80615b, g10.b());
        g10.f80580e = 12;
    }

    public void processServerKeyExchange(a aVar, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        aVar.f80628o.c(byteArrayInputStream);
        e4.c(byteArrayInputStream);
    }

    public void processServerSupplementalData(a aVar, byte[] bArr) throws IOException {
        aVar.f80614a.processServerSupplementalData(e4.S(new ByteArrayInputStream(bArr)));
    }

    public void reportServerVersion(a aVar, c2 c2Var) throws IOException {
        d3 d3Var = aVar.f80615b;
        c2 serverVersion = d3Var.getServerVersion();
        if (serverVersion == null) {
            d3Var.l(c2Var);
            aVar.f80614a.notifyServerVersion(c2Var);
        } else if (!serverVersion.a(c2Var)) {
            throw new TlsFatalAlert((short) 47, null);
        }
    }
}
