package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.OutputStream;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.tls.TlsProtocol;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.bouncycastle.util.Arrays;

/* loaded from: classes.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServer A;
    TlsServerContextImpl B;
    protected TlsKeyExchange C;
    protected TlsCredentials D;
    protected CertificateRequest E;
    protected short F;
    protected TlsHandshakeHash G;

    protected void a(CertificateRequest certificateRequest) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(CertificateStatus certificateStatus) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(NewSessionTicket newSessionTicket) {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void a(short s) {
        if (s != 41) {
            super.a(s);
        } else {
            if (!TlsUtils.a(g()) || this.E == null) {
                return;
            }
            b(Certificate.f5335b);
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0027. Please report as an issue. */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected void a(short s, byte[] bArr) {
        CertificateStatus n;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate certificate = null;
        if (s == 1) {
            short s2 = this.r;
            if (s2 != 0) {
                if (s2 != 16) {
                    throw new TlsFatalAlert((short) 10);
                }
                l();
                return;
            }
            g(byteArrayInputStream);
            this.r = (short) 1;
            r();
            this.r = (short) 2;
            this.f5434d.f();
            Vector o = this.A.o();
            if (o != null) {
                a(o);
            }
            this.r = (short) 3;
            TlsKeyExchange a2 = this.A.a();
            this.C = a2;
            a2.a(g());
            TlsCredentials m = this.A.m();
            this.D = m;
            if (m == null) {
                this.C.e();
            } else {
                this.C.b(m);
                certificate = this.D.a();
                a(certificate);
            }
            this.r = (short) 4;
            if (certificate == null || certificate.a()) {
                this.v = false;
            }
            if (this.v && (n = this.A.n()) != null) {
                a(n);
            }
            this.r = (short) 5;
            byte[] a3 = this.C.a();
            if (a3 != null) {
                b(a3);
            }
            this.r = (short) 6;
            if (this.D != null) {
                CertificateRequest j = this.A.j();
                this.E = j;
                if (j != null) {
                    if (TlsUtils.c(g()) != (this.E.b() != null)) {
                        throw new TlsFatalAlert((short) 80);
                    }
                    this.C.a(this.E);
                    a(this.E);
                    TlsUtils.a(this.f5434d.c(), this.E.b());
                }
            }
            this.r = (short) 7;
            q();
            this.r = (short) 8;
            this.f5434d.c().i();
            return;
        }
        if (s == 11) {
            short s3 = this.r;
            if (s3 == 8) {
                this.A.a((Vector) null);
            } else if (s3 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.E == null) {
                throw new TlsFatalAlert((short) 10);
            }
            e(byteArrayInputStream);
            this.r = (short) 10;
            return;
        }
        if (s == 20) {
            short s4 = this.r;
            if (s4 != 11) {
                if (s4 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (p()) {
                throw new TlsFatalAlert((short) 10);
            }
            a(byteArrayInputStream);
            this.r = (short) 13;
            if (this.w) {
                a(this.A.k());
                n();
            }
            this.r = (short) 14;
            o();
            this.r = (short) 15;
            this.r = (short) 16;
            e();
            return;
        }
        if (s == 23) {
            if (this.r != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.A.a(TlsProtocol.d(byteArrayInputStream));
            this.r = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.r != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!p()) {
                throw new TlsFatalAlert((short) 10);
            }
            f(byteArrayInputStream);
            this.r = (short) 12;
            return;
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.r) {
            case 8:
                this.A.a((Vector) null);
            case 9:
                if (this.E == null) {
                    this.C.b();
                } else {
                    if (TlsUtils.c(g())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.a(g())) {
                        b(Certificate.f5335b);
                    } else if (this.m == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                h(byteArrayInputStream);
                this.r = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    protected void b(Certificate certificate) {
        if (this.E == null) {
            throw new IllegalStateException();
        }
        if (this.m != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.m = certificate;
        if (certificate.a()) {
            this.C.b();
        } else {
            this.F = TlsUtils.a(certificate, this.D.a());
            this.C.a(certificate);
        }
        this.A.a(certificate);
    }

    protected void b(byte[] bArr) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void c() {
        super.c();
        this.C = null;
        this.D = null;
        this.E = null;
        this.G = null;
    }

    protected void e(ByteArrayInputStream byteArrayInputStream) {
        Certificate a2 = Certificate.a(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        b(a2);
    }

    protected void f(ByteArrayInputStream byteArrayInputStream) {
        byte[] j;
        if (this.E == null) {
            throw new IllegalStateException();
        }
        DigitallySigned a2 = DigitallySigned.a(g(), byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        try {
            SignatureAndHashAlgorithm a3 = a2.a();
            if (TlsUtils.c(g())) {
                TlsUtils.a(this.E.b(), a3);
                j = this.G.b(a3.a());
            } else {
                j = this.l.j();
            }
            AsymmetricKeyParameter a4 = PublicKeyFactory.a(this.m.a(0).n());
            TlsSigner c2 = TlsUtils.c(this.F);
            c2.a(g());
            if (c2.a(a3, a2.b(), a4, j)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (TlsFatalAlert e) {
            throw e;
        } catch (Exception e2) {
            throw new TlsFatalAlert((short) 51, e2);
        }
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsContext g() {
        return this.B;
    }

    protected void g(ByteArrayInputStream byteArrayInputStream) {
        ProtocolVersion h = TlsUtils.h(byteArrayInputStream);
        this.f5434d.b(h);
        if (h.d()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] b2 = TlsUtils.b(32, byteArrayInputStream);
        if (TlsUtils.c(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int d2 = TlsUtils.d(byteArrayInputStream);
        if (d2 < 2 || (d2 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.n = TlsUtils.c(d2 / 2, byteArrayInputStream);
        short g = TlsUtils.g(byteArrayInputStream);
        if (g < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.o = TlsUtils.d(g, byteArrayInputStream);
        Hashtable c2 = TlsProtocol.c(byteArrayInputStream);
        this.p = c2;
        this.l.n = TlsExtensionsUtils.g(c2);
        h().a(h);
        this.A.b(h);
        this.A.a(Arrays.a(this.n, 22016));
        this.l.f = b2;
        this.A.a(this.n);
        this.A.a(this.o);
        if (Arrays.a(this.n, 255)) {
            this.u = true;
        }
        byte[] a2 = TlsUtils.a(this.p, TlsProtocol.y);
        if (a2 != null) {
            this.u = true;
            if (!Arrays.d(a2, TlsProtocol.a(TlsUtils.f5447a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.A.b(this.u);
        Hashtable hashtable = this.p;
        if (hashtable != null) {
            this.A.a(hashtable);
        }
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    AbstractTlsContext h() {
        return this.B;
    }

    protected void h(ByteArrayInputStream byteArrayInputStream) {
        this.C.b(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        this.G = this.f5434d.g();
        this.l.h = TlsProtocol.a(g(), this.G, (byte[]) null);
        TlsProtocol.a(g(), this.C);
        this.f5434d.a(i().g(), i().l());
        if (this.w) {
            return;
        }
        n();
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsPeer i() {
        return this.A;
    }

    protected boolean p() {
        short s = this.F;
        return s >= 0 && TlsUtils.e(s);
    }

    protected void q() {
        byte[] bArr = new byte[4];
        TlsUtils.a((short) 14, bArr, 0);
        TlsUtils.b(0, bArr, 1);
        c(bArr, 0, 4);
    }

    protected void r() {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion b2 = this.A.b();
        if (!b2.b(g().g())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f5434d.a(b2);
        this.f5434d.b(b2);
        this.f5434d.a(true);
        h().b(b2);
        TlsUtils.a(b2, handshakeMessage);
        handshakeMessage.write(this.l.g);
        TlsUtils.c(TlsUtils.f5447a, handshakeMessage);
        int f = this.A.f();
        if (!Arrays.a(this.n, f) || f == 0 || CipherSuite.a(f) || !TlsUtils.a(f, g().b())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.l.f5381a = f;
        short e = this.A.e();
        if (!Arrays.b(this.o, e)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.l.f5382b = e;
        TlsUtils.a(f, (OutputStream) handshakeMessage);
        TlsUtils.a(e, (OutputStream) handshakeMessage);
        Hashtable c2 = this.A.c();
        this.q = c2;
        if (this.u) {
            if (TlsUtils.a(c2, TlsProtocol.y) == null) {
                Hashtable d2 = TlsExtensionsUtils.d(this.q);
                this.q = d2;
                d2.put(TlsProtocol.y, TlsProtocol.a(TlsUtils.f5447a));
            }
        }
        if (this.l.n) {
            Hashtable d3 = TlsExtensionsUtils.d(this.q);
            this.q = d3;
            TlsExtensionsUtils.b(d3);
        }
        Hashtable hashtable = this.q;
        if (hashtable != null) {
            this.l.m = TlsExtensionsUtils.f(hashtable);
            this.l.k = a(this.p, this.q, (short) 80);
            this.l.l = TlsExtensionsUtils.h(this.q);
            this.v = !this.s && TlsUtils.a(this.q, TlsExtensionsUtils.f5423d, (short) 80);
            this.w = !this.s && TlsUtils.a(this.q, TlsProtocol.z, (short) 80);
            TlsProtocol.a(handshakeMessage, this.q);
        }
        this.l.f5383c = TlsProtocol.a(g(), this.l.b());
        this.l.f5384d = 12;
        b();
        handshakeMessage.a();
    }
}
