package org.spongycastle.tls;

import java.io.ByteArrayInputStream;
import java.io.EOFException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.tls.TlsProtocol;
import org.spongycastle.tls.crypto.TlsCipher;
import org.spongycastle.tls.crypto.TlsNullNullCipher;
import org.spongycastle.tls.crypto.TlsStreamVerifier;
import org.spongycastle.tls.crypto.TlsVerifier;
import org.spongycastle.util.Arrays;

/* loaded from: classes2.dex */
public class TlsServerProtocol extends TlsProtocol {
    public TlsServer D;
    public TlsServerContextImpl E;
    public TlsKeyExchange F;
    public TlsCredentials G;
    public CertificateRequest H;
    public TlsHandshakeHash I;

    public TlsServerProtocol() {
        this.D = null;
        this.E = null;
        this.F = null;
        this.G = null;
        this.H = null;
        this.I = null;
    }

    public TlsServerProtocol(InputStream inputStream, OutputStream outputStream) {
        super(inputStream, outputStream);
        this.D = null;
        this.E = null;
        this.F = null;
        this.G = null;
        this.H = null;
        this.I = null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public final void L(TlsServer tlsServer) {
        if (this.D != null) {
            throw new IllegalStateException("'accept' can only be called once");
        }
        this.D = tlsServer;
        SecurityParameters securityParameters = new SecurityParameters();
        this.l = securityParameters;
        securityParameters.a = 0;
        TlsServerContextImpl tlsServerContextImpl = new TlsServerContextImpl(((AbstractTlsPeer) tlsServer).a, this.l);
        this.E = tlsServerContextImpl;
        this.l.i = TlsProtocol.f(false, tlsServerContextImpl);
        this.D.n(this.E);
        TlsServerContextImpl tlsServerContextImpl2 = this.E;
        RecordStream recordStream = this.d;
        recordStream.getClass();
        TlsNullNullCipher tlsNullNullCipher = new TlsNullNullCipher();
        recordStream.h = tlsNullNullCipher;
        recordStream.i = tlsNullNullCipher;
        recordStream.m = new DeferredHash(tlsServerContextImpl2);
        recordStream.r = 16384;
        recordStream.s = 17408;
        recordStream.t = 18432;
        recordStream.q = false;
        if (this.y) {
            while (this.s != 16) {
                if (this.e) {
                    throw new TlsFatalAlert((short) 80, null);
                }
                C();
            }
        }
    }

    public final void M(Certificate certificate) {
        if (this.H == null) {
            throw new IllegalStateException();
        }
        if (this.n != null) {
            throw new TlsFatalAlert((short) 10, null);
        }
        this.n = certificate;
        if (certificate.a()) {
            this.F.d();
        } else {
            this.F.k(certificate);
        }
        this.D.z(certificate);
    }

    @Override // org.spongycastle.tls.TlsProtocol
    public final void c() {
        super.c();
        this.F = null;
        this.G = null;
        this.H = null;
        this.I = null;
    }

    @Override // org.spongycastle.tls.TlsProtocol
    public final TlsContext k() {
        return this.E;
    }

    @Override // org.spongycastle.tls.TlsProtocol
    public final AbstractTlsContext l() {
        return this.E;
    }

    @Override // org.spongycastle.tls.TlsProtocol
    public final TlsPeer n() {
        return this.D;
    }

    @Override // org.spongycastle.tls.TlsProtocol
    public final void o(short s) {
        super.o(s);
        if (s == 41) {
            throw new TlsFatalAlert((short) 10, null);
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x002c. Please report as an issue. */
    @Override // org.spongycastle.tls.TlsProtocol
    public final void s(short s, ByteArrayInputStream byteArrayInputStream) {
        boolean z;
        Certificate a;
        boolean z2;
        boolean z3;
        short s2;
        boolean z4;
        byte[] bArr;
        boolean b;
        RecordStream recordStream = this.d;
        boolean z5 = false;
        if (s == 1) {
            short s3 = this.s;
            if (s3 != 0) {
                if (s3 != 16) {
                    throw new TlsFatalAlert((short) 10, null);
                }
                y((short) 100, "Renegotiation not supported");
                return;
            }
            byte[] bArr2 = TlsUtils.a;
            int read = byteArrayInputStream.read();
            int read2 = byteArrayInputStream.read();
            if (read2 < 0) {
                throw new EOFException();
            }
            ProtocolVersion b2 = ProtocolVersion.b(read, read2);
            recordStream.p = b2;
            if (b2.e()) {
                throw new TlsFatalAlert((short) 47, null);
            }
            byte[] w = TlsUtils.w(byteArrayInputStream, 32);
            if (TlsUtils.w(byteArrayInputStream, TlsUtils.z(byteArrayInputStream)).length > 32) {
                throw new TlsFatalAlert((short) 47, null);
            }
            int x = TlsUtils.x(byteArrayInputStream);
            if (x < 2 || (x & 1) != 0) {
                throw new TlsFatalAlert((short) 50, null);
            }
            int i = x / 2;
            int[] iArr = new int[i];
            for (int i2 = 0; i2 < i; i2++) {
                iArr[i2] = TlsUtils.x(byteArrayInputStream);
            }
            this.o = iArr;
            int z6 = TlsUtils.z(byteArrayInputStream);
            if (z6 < 1) {
                throw new TlsFatalAlert((short) 47, null);
            }
            short[] sArr = new short[z6];
            for (int i3 = 0; i3 < z6; i3++) {
                sArr[i3] = TlsUtils.z(byteArrayInputStream);
            }
            this.p = sArr;
            Hashtable A = TlsProtocol.A(byteArrayInputStream);
            this.q = A;
            SecurityParameters securityParameters = this.l;
            byte[] j = TlsUtils.j(A, TlsExtensionsUtils.b);
            if (j == null) {
                z = false;
            } else {
                TlsExtensionsUtils.c(j);
                z = true;
            }
            securityParameters.o = z;
            this.E.d = b2;
            this.D.r(b2);
            this.D.c(Arrays.n(22016, this.o));
            this.l.h = w;
            this.D.h(this.o);
            this.D.u(this.p);
            if (Arrays.n(255, this.o)) {
                this.v = true;
            }
            Hashtable hashtable = this.q;
            Integer num = TlsProtocol.B;
            byte[] j2 = TlsUtils.j(hashtable, num);
            if (j2 != null) {
                this.v = true;
                byte[] bArr3 = TlsUtils.a;
                TlsUtils.e(0);
                System.arraycopy(bArr3, 0, r13, 1, 0);
                byte[] bArr4 = {(byte) 0};
                if (!Arrays.m(j2, bArr4)) {
                    throw new TlsFatalAlert((short) 40, null);
                }
            }
            this.D.x(this.v);
            Hashtable hashtable2 = this.q;
            if (hashtable2 != null) {
                byte[] j3 = TlsUtils.j(hashtable2, TlsExtensionsUtils.d);
                if (j3 != null) {
                    for (byte b3 : j3) {
                        if (b3 != 0) {
                            throw new TlsFatalAlert((short) 47, null);
                        }
                    }
                }
                this.D.j(this.q);
            }
            this.s = (short) 1;
            t();
            byte[] bArr5 = TlsUtils.a;
            this.j = new TlsSessionImpl(bArr5, null);
            this.k = null;
            TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
            ProtocolVersion a2 = this.D.a();
            if (!a2.f(this.E.d)) {
                throw new TlsFatalAlert((short) 80, null);
            }
            recordStream.o = a2;
            recordStream.p = a2;
            recordStream.q = true;
            this.E.e = a2;
            int i4 = a2.a;
            handshakeMessage.write(i4 >> 8);
            handshakeMessage.write(i4 & 255);
            handshakeMessage.write(this.l.i);
            TlsUtils.E(handshakeMessage, this.j.a());
            int s4 = this.D.s();
            if (Arrays.n(s4, this.o) && s4 != 0) {
                if (!(s4 == 255 || s4 == 22016) && TlsUtils.t(s4, this.E.e)) {
                    this.l.b = s4;
                    short q = this.D.q();
                    if (!Arrays.o(q, this.p)) {
                        throw new TlsFatalAlert((short) 80, null);
                    }
                    this.l.c = q;
                    handshakeMessage.write(s4 >>> 8);
                    handshakeMessage.write(s4);
                    handshakeMessage.write(q);
                    Hashtable l = this.D.l();
                    this.r = l;
                    if (this.v) {
                        if (TlsUtils.j(l, num) == null) {
                            Hashtable hashtable3 = this.r;
                            if (hashtable3 == null) {
                                hashtable3 = new Hashtable();
                            }
                            this.r = hashtable3;
                            TlsUtils.e(0);
                            System.arraycopy(bArr5, 0, r8, 1, 0);
                            byte[] bArr6 = {(byte) 0};
                            hashtable3.put(num, bArr6);
                        }
                    }
                    if (this.l.o) {
                        Hashtable hashtable4 = this.r;
                        if (hashtable4 == null) {
                            hashtable4 = new Hashtable();
                        }
                        this.r = hashtable4;
                        hashtable4.put(TlsExtensionsUtils.b, bArr5);
                    }
                    Hashtable hashtable5 = this.r;
                    if (hashtable5 != null) {
                        SecurityParameters securityParameters2 = this.l;
                        byte[] j4 = TlsUtils.j(hashtable5, TlsExtensionsUtils.a);
                        if (j4 == null) {
                            z2 = false;
                        } else {
                            TlsExtensionsUtils.c(j4);
                            z2 = true;
                        }
                        securityParameters2.n = z2;
                        this.l.d = x(this.q, this.r, (short) 80);
                        SecurityParameters securityParameters3 = this.l;
                        byte[] j5 = TlsUtils.j(this.r, TlsExtensionsUtils.h);
                        if (j5 == null) {
                            z3 = false;
                        } else {
                            TlsExtensionsUtils.c(j5);
                            z3 = true;
                        }
                        securityParameters3.p = z3;
                        if (this.t) {
                            s2 = 80;
                        } else {
                            s2 = 80;
                            if (TlsUtils.q(this.r, TlsExtensionsUtils.f, (short) 80)) {
                                z4 = true;
                                this.w = z4;
                                this.x = this.t && TlsUtils.q(this.r, TlsProtocol.C, s2);
                                TlsProtocol.I(handshakeMessage, this.r);
                            }
                        }
                        z4 = false;
                        this.w = z4;
                        this.x = this.t && TlsUtils.q(this.r, TlsProtocol.C, s2);
                        TlsProtocol.I(handshakeMessage, this.r);
                    }
                    SecurityParameters securityParameters4 = this.l;
                    securityParameters4.e = TlsProtocol.m(this.E, securityParameters4.b);
                    this.l.f = 12;
                    a();
                    handshakeMessage.a();
                    this.s = (short) 2;
                    recordStream.m = recordStream.m.b();
                    this.D.O();
                    this.s = (short) 3;
                    TlsKeyExchange b4 = this.D.b();
                    this.F = b4;
                    b4.h(this.E);
                    TlsCredentials M = this.D.M();
                    if (M != null && (M instanceof TlsCredentialedAgreement ? 1 : 0) + 0 + (M instanceof TlsCredentialedDecryptor ? 1 : 0) + (M instanceof TlsCredentialedSigner ? 1 : 0) != 1) {
                        throw new TlsFatalAlert((short) 80, null);
                    }
                    this.G = M;
                    if (M == null) {
                        this.F.n();
                        a = null;
                    } else {
                        this.F.m(M);
                        a = this.G.a();
                        E(a);
                    }
                    this.s = (short) 4;
                    if (a == null || a.a()) {
                        this.w = false;
                    }
                    if (this.w) {
                        this.D.N();
                    }
                    this.s = (short) 5;
                    byte[] a3 = this.F.a();
                    if (a3 != null) {
                        TlsProtocol.HandshakeMessage handshakeMessage2 = new TlsProtocol.HandshakeMessage((short) 12, a3.length);
                        handshakeMessage2.write(a3);
                        handshakeMessage2.a();
                    }
                    this.s = (short) 6;
                    if (this.G != null) {
                        CertificateRequest I = this.D.I();
                        this.H = I;
                        if (I != null) {
                            boolean s5 = TlsUtils.s(this.E);
                            CertificateRequest certificateRequest = this.H;
                            if (s5 != (certificateRequest.b != null)) {
                                throw new TlsFatalAlert((short) 80, null);
                            }
                            this.F.j(certificateRequest);
                            CertificateRequest certificateRequest2 = this.H;
                            TlsProtocol.HandshakeMessage handshakeMessage3 = new TlsProtocol.HandshakeMessage(this, (short) 13);
                            short[] sArr2 = certificateRequest2.a;
                            if (sArr2 == null || sArr2.length == 0) {
                                handshakeMessage3.write(0);
                            } else {
                                TlsUtils.e(sArr2.length);
                                handshakeMessage3.write(sArr2.length);
                                for (short s6 : sArr2) {
                                    handshakeMessage3.write(s6);
                                }
                            }
                            Vector vector = certificateRequest2.b;
                            if (vector != null) {
                                TlsUtils.g(vector, handshakeMessage3);
                            }
                            Vector vector2 = certificateRequest2.c;
                            if (vector2 == null || vector2.isEmpty()) {
                                handshakeMessage3.write(0);
                                handshakeMessage3.write(0);
                            } else {
                                Vector vector3 = new Vector(vector2.size());
                                int i5 = 0;
                                for (int i6 = 0; i6 < vector2.size(); i6++) {
                                    byte[] m = ((X500Name) vector2.elementAt(i6)).m("DER");
                                    vector3.addElement(m);
                                    i5 += m.length + 2;
                                }
                                TlsUtils.c(i5);
                                handshakeMessage3.write(i5 >>> 8);
                                handshakeMessage3.write(i5);
                                for (int i7 = 0; i7 < vector3.size(); i7++) {
                                    TlsUtils.D(handshakeMessage3, (byte[]) vector3.elementAt(i7));
                                }
                            }
                            handshakeMessage3.a();
                            TlsUtils.A(recordStream.m, this.H.b);
                        }
                    }
                    this.s = (short) 7;
                    J(4, new byte[]{(byte) 14, (byte) 0, (byte) 0, (byte) 0});
                    this.s = (short) 8;
                    TlsServerContextImpl tlsServerContextImpl = this.E;
                    TlsHandshakeHash tlsHandshakeHash = recordStream.m;
                    if (!tlsServerContextImpl.a.m()) {
                        tlsHandshakeHash.h();
                    }
                    tlsHandshakeHash.j();
                    return;
                }
            }
            throw new TlsFatalAlert((short) 80, null);
        }
        if (s == 11) {
            short s7 = this.s;
            if (s7 == 8) {
                this.D.v(null);
            } else if (s7 != 9) {
                throw new TlsFatalAlert((short) 10, null);
            }
            if (this.H == null) {
                throw new TlsFatalAlert((short) 10, null);
            }
            Certificate b5 = Certificate.b(this.E, byteArrayInputStream);
            TlsProtocol.b(byteArrayInputStream);
            M(b5);
            this.s = (short) 10;
            return;
        }
        if (s == 20) {
            short s8 = this.s;
            if (s8 == 11) {
                Certificate certificate = this.n;
                if (certificate != null && !certificate.a() && this.F.o()) {
                    z5 = true;
                }
                if (z5) {
                    throw new TlsFatalAlert((short) 10, null);
                }
            } else if (s8 != 12) {
                throw new TlsFatalAlert((short) 10, null);
            }
            v(byteArrayInputStream);
            this.s = (short) 13;
            if (this.x) {
                NewSessionTicket K = this.D.K();
                if (K == null) {
                    throw new TlsFatalAlert((short) 80, null);
                }
                TlsProtocol.HandshakeMessage handshakeMessage4 = new TlsProtocol.HandshakeMessage(this, (short) 4);
                byte[] bArr7 = TlsUtils.a;
                long j6 = K.a;
                handshakeMessage4.write((byte) (j6 >>> 24));
                handshakeMessage4.write((byte) (j6 >>> 16));
                handshakeMessage4.write((byte) (j6 >>> 8));
                handshakeMessage4.write((byte) j6);
                TlsUtils.D(handshakeMessage4, K.b);
                handshakeMessage4.a();
                F();
            }
            this.s = (short) 14;
            G();
            this.s = (short) 15;
            e();
            return;
        }
        if (s == 23) {
            if (this.s != 8) {
                throw new TlsFatalAlert((short) 10, null);
            }
            this.D.v(TlsProtocol.B(byteArrayInputStream));
            this.s = (short) 9;
            return;
        }
        if (s == 15) {
            if (this.s != 11) {
                throw new TlsFatalAlert((short) 10, null);
            }
            Certificate certificate2 = this.n;
            if (!((certificate2 == null || certificate2.a() || !this.F.o()) ? false : true)) {
                throw new TlsFatalAlert((short) 10, null);
            }
            if (this.H == null) {
                throw new IllegalStateException();
            }
            TlsServerContextImpl tlsServerContextImpl2 = this.E;
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.s(tlsServerContextImpl2) ? new SignatureAndHashAlgorithm(TlsUtils.z(byteArrayInputStream), TlsUtils.z(byteArrayInputStream)) : null;
            DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, TlsUtils.w(byteArrayInputStream, TlsUtils.x(byteArrayInputStream)));
            TlsProtocol.b(byteArrayInputStream);
            CertificateRequest certificateRequest3 = this.H;
            Certificate certificate3 = this.n;
            TlsHandshakeHash tlsHandshakeHash2 = this.I;
            short b6 = certificate3.a[0].b();
            try {
                TlsVerifier a4 = certificate3.a[0].a(b6 != 1 ? b6 != 2 ? b6 != 64 ? (short) -1 : (short) 3 : (short) 2 : (short) 1);
                TlsStreamVerifier a5 = a4.a(digitallySigned);
                if (a5 != null) {
                    tlsHandshakeHash2.f(a5.a());
                    b = a5.b();
                } else {
                    if (TlsUtils.s(tlsServerContextImpl2)) {
                        TlsUtils.C(certificateRequest3.b, signatureAndHashAlgorithm);
                        bArr = tlsHandshakeHash2.g(signatureAndHashAlgorithm.a);
                    } else {
                        bArr = tlsServerContextImpl2.c.j;
                    }
                    b = a4.b(digitallySigned, bArr);
                }
                if (!b) {
                    throw new TlsFatalAlert((short) 51, null);
                }
                this.s = (short) 12;
                return;
            } catch (TlsFatalAlert e) {
                throw e;
            } catch (Exception e2) {
                throw new TlsFatalAlert((short) 51, e2);
            }
        }
        if (s != 16) {
            throw new TlsFatalAlert((short) 10, null);
        }
        switch (this.s) {
            case 8:
                this.D.v(null);
            case 9:
                if (this.H == null) {
                    this.F.d();
                } else {
                    if (TlsUtils.s(this.E)) {
                        throw new TlsFatalAlert((short) 10, null);
                    }
                    M(Certificate.b);
                }
            case 10:
                this.F.l(byteArrayInputStream);
                TlsProtocol.b(byteArrayInputStream);
                TlsHandshakeHash tlsHandshakeHash3 = recordStream.m;
                recordStream.m = tlsHandshakeHash3.a();
                this.I = tlsHandshakeHash3;
                SecurityParameters securityParameters5 = this.l;
                byte[] bArr8 = TlsUtils.a;
                securityParameters5.j = tlsHandshakeHash3.i().d();
                TlsProtocol.h(this.E, this.F);
                TlsNullCompression y = this.D.y();
                TlsCipher L = this.D.L();
                recordStream.d = y;
                recordStream.g = L;
                if (!this.x) {
                    F();
                }
                this.s = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10, null);
        }
    }
}
