package org.spongycastle.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Vector;
import org.spongycastle.tls.crypto.TlsSRP6Client;
import org.spongycastle.tls.crypto.TlsSRP6Server;
import org.spongycastle.tls.crypto.TlsSRPConfig;
import org.spongycastle.tls.crypto.TlsSecret;
import org.spongycastle.tls.crypto.TlsVerifier;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.BigIntegers;
import org.spongycastle.util.io.TeeInputStream;

/* loaded from: classes2.dex */
public class TlsSRPKeyExchange extends AbstractTlsKeyExchange {
    public final TlsSRPConfigVerifier d;
    public final byte[] e;
    public final byte[] f;
    public TlsSRPConfig g;
    public TlsSRP6Client h;
    public TlsSRP6Server i;
    public BigInteger j;
    public final BigInteger k;
    public byte[] l;
    public TlsCredentialedSigner m;
    public TlsVerifier n;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public TlsSRPKeyExchange(int i, Vector vector) {
        super(i, vector);
        switch (i) {
            case 21:
            case 22:
            case 23:
                this.g = null;
                this.h = null;
                this.i = null;
                this.j = null;
                this.k = null;
                this.l = null;
                this.m = null;
                this.n = null;
                this.d = null;
                this.e = null;
                this.f = null;
                return;
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public TlsSRPKeyExchange(int i, Vector vector, byte[] bArr) {
        super(i, vector);
        switch (i) {
            case 21:
            case 22:
            case 23:
                this.g = null;
                this.h = null;
                this.i = null;
                this.j = null;
                this.k = null;
                this.l = null;
                this.m = null;
                this.n = null;
                this.e = bArr;
                throw null;
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
    }

    @Override // org.spongycastle.tls.AbstractTlsKeyExchange, org.spongycastle.tls.TlsKeyExchange
    public final byte[] a() {
        TlsSRP6Server g = this.c.f().g(this.g, this.k);
        this.i = g;
        BigInteger b = g.b();
        BigInteger[] a = this.g.a();
        BigInteger bigInteger = a[0];
        BigInteger bigInteger2 = a[1];
        ServerSRPParams serverSRPParams = new ServerSRPParams(bigInteger, bigInteger2, this.l, b);
        DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
        Integer num = TlsSRPUtils.a;
        TlsUtils.D(digestInputBuffer, BigIntegers.b(bigInteger));
        TlsUtils.D(digestInputBuffer, BigIntegers.b(bigInteger2));
        TlsUtils.E(digestInputBuffer, serverSRPParams.b);
        TlsUtils.D(digestInputBuffer, BigIntegers.b(serverSRPParams.a));
        TlsCredentialedSigner tlsCredentialedSigner = this.m;
        if (tlsCredentialedSigner != null) {
            TlsUtils.h(this.c, tlsCredentialedSigner, digestInputBuffer).a(digestInputBuffer);
        }
        return digestInputBuffer.toByteArray();
    }

    @Override // org.spongycastle.tls.AbstractTlsKeyExchange, org.spongycastle.tls.TlsKeyExchange
    public final void b(ByteArrayInputStream byteArrayInputStream) {
        InputStream inputStream;
        DigestInputBuffer digestInputBuffer;
        if (this.a != 21) {
            digestInputBuffer = new DigestInputBuffer();
            inputStream = new TeeInputStream(byteArrayInputStream, digestInputBuffer);
        } else {
            inputStream = byteArrayInputStream;
            digestInputBuffer = null;
        }
        BigInteger a = TlsSRPUtils.a(inputStream);
        BigInteger a2 = TlsSRPUtils.a(inputStream);
        ServerSRPParams serverSRPParams = new ServerSRPParams(a, a2, TlsUtils.w(inputStream, TlsUtils.z(inputStream)), TlsSRPUtils.a(inputStream));
        if (digestInputBuffer != null) {
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.s(this.c) ? new SignatureAndHashAlgorithm(TlsUtils.z(byteArrayInputStream), TlsUtils.z(byteArrayInputStream)) : null;
            DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, TlsUtils.w(byteArrayInputStream, TlsUtils.x(byteArrayInputStream)));
            if (signatureAndHashAlgorithm != null) {
                TlsUtils.C(this.b, signatureAndHashAlgorithm);
            }
            TlsUtils.B(this.c, this.n, digestInputBuffer, digitallySigned);
        }
        TlsSRPConfig tlsSRPConfig = new TlsSRPConfig();
        this.g = tlsSRPConfig;
        tlsSRPConfig.a = (BigInteger[]) new BigInteger[]{a, a2}.clone();
        if (!this.d.a(this.g)) {
            throw new TlsFatalAlert((short) 71, null);
        }
        this.l = serverSRPParams.b;
        BigInteger mod = serverSRPParams.a.mod(a);
        if (mod.equals(BigInteger.ZERO)) {
            throw new TlsFatalAlert((short) 47, null);
        }
        this.j = mod;
        this.h = this.c.f().l(this.g);
    }

    @Override // org.spongycastle.tls.TlsKeyExchange
    public final TlsSecret c() {
        TlsSRP6Server tlsSRP6Server = this.i;
        return this.c.f().o(BigIntegers.b(tlsSRP6Server != null ? tlsSRP6Server.a(this.j) : this.h.a(this.j)));
    }

    @Override // org.spongycastle.tls.TlsKeyExchange
    public final void e(OutputStream outputStream) {
        TlsSRP6Client tlsSRP6Client = this.h;
        byte[] bArr = this.l;
        byte[] bArr2 = this.e;
        BigInteger b = tlsSRP6Client.b(bArr, bArr2, this.f);
        Integer num = TlsSRPUtils.a;
        TlsUtils.D((ByteArrayOutputStream) outputStream, BigIntegers.b(b));
        this.c.c().l = Arrays.d(bArr2);
    }

    @Override // org.spongycastle.tls.AbstractTlsKeyExchange, org.spongycastle.tls.TlsKeyExchange
    public final void f(Certificate certificate) {
        int i = this.a;
        if (i == 21) {
            throw new TlsFatalAlert((short) 80, null);
        }
        if (certificate.a()) {
            throw new TlsFatalAlert((short) 42, null);
        }
        this.n = certificate.a[0].a(TlsUtils.o(i));
    }

    @Override // org.spongycastle.tls.TlsKeyExchange
    public final void g(TlsCredentials tlsCredentials) {
        throw new TlsFatalAlert((short) 80, null);
    }

    @Override // org.spongycastle.tls.TlsKeyExchange
    public final void j(CertificateRequest certificateRequest) {
        throw new TlsFatalAlert((short) 10, null);
    }

    @Override // org.spongycastle.tls.AbstractTlsKeyExchange, org.spongycastle.tls.TlsKeyExchange
    public final void l(ByteArrayInputStream byteArrayInputStream) {
        BigInteger mod = TlsSRPUtils.a(byteArrayInputStream).mod(this.g.a()[0]);
        if (mod.equals(BigInteger.ZERO)) {
            throw new TlsFatalAlert((short) 47, null);
        }
        this.j = mod;
        this.c.c().l = Arrays.d(this.e);
    }

    @Override // org.spongycastle.tls.AbstractTlsKeyExchange, org.spongycastle.tls.TlsKeyExchange
    public final void m(TlsCredentials tlsCredentials) {
        if (this.a == 21) {
            throw new TlsFatalAlert((short) 80, null);
        }
        if (!(tlsCredentials instanceof TlsCredentialedSigner)) {
            throw new TlsFatalAlert((short) 80, null);
        }
        this.m = (TlsCredentialedSigner) tlsCredentials;
    }

    @Override // org.spongycastle.tls.TlsKeyExchange
    public final void n() {
        if (this.a != 21) {
            throw new TlsFatalAlert((short) 80, null);
        }
    }
}
