package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.tls.h;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.bouncycastle.util.Arrays;

/* loaded from: classes2.dex */
public class DTLSServerProtocol extends DTLSProtocol {

    /* renamed from: b, reason: collision with root package name */
    protected boolean f8075b;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes2.dex */
    public static class ServerHandshakeState {

        /* renamed from: c, reason: collision with root package name */
        int[] f8078c;
        short[] d;
        Hashtable e;

        /* renamed from: a, reason: collision with root package name */
        TlsServer f8076a = null;

        /* renamed from: b, reason: collision with root package name */
        p f8077b = null;
        int f = -1;
        short g = -1;
        boolean h = false;
        boolean i = false;
        Hashtable j = null;
        TlsKeyExchange k = null;
        TlsCredentials l = null;
        CertificateRequest m = null;
        short n = -1;
        Certificate o = null;

        protected ServerHandshakeState() {
        }
    }

    public DTLSServerProtocol(SecureRandom secureRandom) {
        super(secureRandom);
        this.f8075b = true;
    }

    public DTLSTransport a(ServerHandshakeState serverHandshakeState, f fVar) {
        SecurityParameters e = serverHandshakeState.f8077b.e();
        h hVar = new h(serverHandshakeState.f8077b, fVar);
        h.a d = hVar.d();
        serverHandshakeState.f8077b.a(fVar.c());
        if (d.c() != 1) {
            throw new TlsFatalAlert((short) 10);
        }
        b(serverHandshakeState, d.a());
        hVar.a((short) 2, b(serverHandshakeState));
        e.f8140b = TlsProtocol.a(serverHandshakeState.f);
        e.f8141c = serverHandshakeState.g;
        e.d = 12;
        hVar.c();
        Vector l = serverHandshakeState.f8076a.l();
        if (l != null) {
            hVar.a((short) 23, DTLSProtocol.a(l));
        }
        serverHandshakeState.k = serverHandshakeState.f8076a.d();
        serverHandshakeState.k.a(serverHandshakeState.f8077b);
        serverHandshakeState.l = serverHandshakeState.f8076a.k();
        TlsCredentials tlsCredentials = serverHandshakeState.l;
        if (tlsCredentials == null) {
            serverHandshakeState.k.f();
        } else {
            serverHandshakeState.k.a(tlsCredentials);
            hVar.a((short) 11, DTLSProtocol.a(serverHandshakeState.l.a()));
        }
        byte[] a2 = serverHandshakeState.k.a();
        if (a2 != null) {
            hVar.a((short) 12, a2);
        }
        if (serverHandshakeState.l != null) {
            serverHandshakeState.m = serverHandshakeState.f8076a.q();
            CertificateRequest certificateRequest = serverHandshakeState.m;
            if (certificateRequest != null) {
                serverHandshakeState.k.a(certificateRequest);
                hVar.a((short) 13, a(serverHandshakeState, serverHandshakeState.m));
            }
        }
        hVar.a((short) 14, TlsUtils.f8178a);
        h.a d2 = hVar.d();
        if (d2.c() == 23) {
            d(serverHandshakeState, d2.a());
            d2 = hVar.d();
        } else {
            serverHandshakeState.f8076a.a((Vector) null);
        }
        if (serverHandshakeState.m == null) {
            serverHandshakeState.k.b();
        } else if (d2.c() == 11) {
            a(serverHandshakeState, d2.a());
            d2 = hVar.d();
        } else {
            if (ProtocolVersion.d.a(serverHandshakeState.f8077b.a().a())) {
                throw new TlsFatalAlert((short) 10);
            }
            a(serverHandshakeState, Certificate.f8047a);
        }
        if (d2.c() != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        c(serverHandshakeState, d2.a());
        fVar.a(serverHandshakeState.f8076a.e());
        if (a(serverHandshakeState)) {
            byte[] b2 = hVar.b();
            h.a d3 = hVar.d();
            if (d3.c() != 15) {
                throw new TlsFatalAlert((short) 10);
            }
            a(serverHandshakeState, d3.a(), b2);
        }
        byte[] b3 = hVar.b();
        h.a d4 = hVar.d();
        if (d4.c() != 20) {
            throw new TlsFatalAlert((short) 10);
        }
        a(d4.a(), TlsUtils.a(serverHandshakeState.f8077b, ExporterLabel.f8103a, b3));
        if (serverHandshakeState.i) {
            hVar.a((short) 4, a(serverHandshakeState, serverHandshakeState.f8076a.j()));
        }
        hVar.a((short) 20, TlsUtils.a(serverHandshakeState.f8077b, ExporterLabel.f8104b, hVar.b()));
        hVar.a();
        serverHandshakeState.f8076a.f();
        return new DTLSTransport(fVar);
    }

    public DTLSTransport a(TlsServer tlsServer, DatagramTransport datagramTransport) {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'server' cannot be null");
        }
        if (datagramTransport == null) {
            throw new IllegalArgumentException("'transport' cannot be null");
        }
        SecurityParameters securityParameters = new SecurityParameters();
        securityParameters.f8139a = 0;
        securityParameters.g = TlsProtocol.a(this.f8074a);
        ServerHandshakeState serverHandshakeState = new ServerHandshakeState();
        serverHandshakeState.f8076a = tlsServer;
        serverHandshakeState.f8077b = new p(this.f8074a, securityParameters);
        tlsServer.a(serverHandshakeState.f8077b);
        f fVar = new f(datagramTransport, serverHandshakeState.f8077b, tlsServer, (short) 22);
        try {
            return a(serverHandshakeState, fVar);
        } catch (RuntimeException unused) {
            fVar.a((short) 80);
            throw new TlsFatalAlert((short) 80);
        } catch (TlsFatalAlert e) {
            fVar.a(e.a());
            throw e;
        } catch (IOException e2) {
            fVar.a((short) 80);
            throw e2;
        }
    }

    protected void a(ServerHandshakeState serverHandshakeState, Certificate certificate) {
        if (serverHandshakeState.m == null) {
            throw new IllegalStateException();
        }
        if (serverHandshakeState.o != null) {
            throw new TlsFatalAlert((short) 10);
        }
        serverHandshakeState.o = certificate;
        if (certificate.d()) {
            serverHandshakeState.k.b();
        } else {
            serverHandshakeState.n = TlsUtils.a(certificate, serverHandshakeState.l.a());
            serverHandshakeState.k.a(certificate);
        }
        serverHandshakeState.f8076a.a(certificate);
    }

    protected void a(ServerHandshakeState serverHandshakeState, byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate a2 = Certificate.a(byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        a(serverHandshakeState, a2);
    }

    protected void a(ServerHandshakeState serverHandshakeState, byte[] bArr, byte[] bArr2) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        byte[] a2 = TlsUtils.a((InputStream) byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        try {
            TlsSigner a3 = TlsUtils.a(serverHandshakeState.n);
            a3.a(serverHandshakeState.f8077b);
            a3.a(a2, PublicKeyFactory.a(serverHandshakeState.o.a(0).n()), bArr2);
        } catch (Exception unused) {
            throw new TlsFatalAlert((short) 51);
        }
    }

    public void a(boolean z) {
        this.f8075b = z;
    }

    public boolean a() {
        return this.f8075b;
    }

    protected boolean a(ServerHandshakeState serverHandshakeState) {
        short s = serverHandshakeState.n;
        return s >= 0 && TlsUtils.b(s);
    }

    protected byte[] a(ServerHandshakeState serverHandshakeState, CertificateRequest certificateRequest) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        certificateRequest.a(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    protected byte[] a(ServerHandshakeState serverHandshakeState, NewSessionTicket newSessionTicket) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        newSessionTicket.a(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    protected void b(ServerHandshakeState serverHandshakeState, byte[] bArr) {
        byte[] bArr2;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ProtocolVersion i = TlsUtils.i(byteArrayInputStream);
        if (!i.e()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] a2 = TlsUtils.a(32, byteArrayInputStream);
        if (TlsUtils.c(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        TlsUtils.c(byteArrayInputStream);
        int d = TlsUtils.d(byteArrayInputStream);
        if (d < 2 || (d & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        serverHandshakeState.f8078c = TlsUtils.b(d / 2, byteArrayInputStream);
        short h = TlsUtils.h(byteArrayInputStream);
        if (h < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        serverHandshakeState.d = TlsUtils.c(h, byteArrayInputStream);
        serverHandshakeState.e = TlsProtocol.c(byteArrayInputStream);
        serverHandshakeState.f8077b.a(i);
        serverHandshakeState.f8076a.b(i);
        serverHandshakeState.f8077b.e().f = a2;
        serverHandshakeState.f8076a.a(serverHandshakeState.f8078c);
        serverHandshakeState.f8076a.a(serverHandshakeState.d);
        if (TlsProtocol.a(serverHandshakeState.f8078c, 255)) {
            serverHandshakeState.h = true;
        }
        Hashtable hashtable = serverHandshakeState.e;
        if (hashtable != null && (bArr2 = (byte[]) hashtable.get(TlsProtocol.f8169a)) != null) {
            serverHandshakeState.h = true;
            if (!Arrays.c(bArr2, TlsProtocol.a(TlsUtils.f8178a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        serverHandshakeState.f8076a.a(serverHandshakeState.h);
        Hashtable hashtable2 = serverHandshakeState.e;
        if (hashtable2 != null) {
            serverHandshakeState.f8076a.b(hashtable2);
        }
    }

    protected byte[] b(ServerHandshakeState serverHandshakeState) {
        int i;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ProtocolVersion a2 = serverHandshakeState.f8076a.a();
        if (!a2.a(serverHandshakeState.f8077b.b())) {
            throw new TlsFatalAlert((short) 80);
        }
        serverHandshakeState.f8077b.b(a2);
        TlsUtils.a(serverHandshakeState.f8077b.a(), byteArrayOutputStream);
        byteArrayOutputStream.write(serverHandshakeState.f8077b.e().g);
        TlsUtils.c(TlsUtils.f8178a, byteArrayOutputStream);
        serverHandshakeState.f = serverHandshakeState.f8076a.r();
        if (!TlsProtocol.a(serverHandshakeState.f8078c, serverHandshakeState.f) || (i = serverHandshakeState.f) == 0 || i == 255) {
            throw new TlsFatalAlert((short) 80);
        }
        DTLSProtocol.a(i, (short) 80);
        serverHandshakeState.g = serverHandshakeState.f8076a.i();
        if (!TlsProtocol.a(serverHandshakeState.d, serverHandshakeState.g)) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsUtils.a(serverHandshakeState.f, (OutputStream) byteArrayOutputStream);
        TlsUtils.a(serverHandshakeState.g, (OutputStream) byteArrayOutputStream);
        serverHandshakeState.j = serverHandshakeState.f8076a.g();
        if (serverHandshakeState.h) {
            Hashtable hashtable = serverHandshakeState.j;
            if (hashtable == null || !hashtable.containsKey(TlsProtocol.f8169a)) {
                if (serverHandshakeState.j == null) {
                    serverHandshakeState.j = new Hashtable();
                }
                serverHandshakeState.j.put(TlsProtocol.f8169a, TlsProtocol.a(TlsUtils.f8178a));
            }
        }
        Hashtable hashtable2 = serverHandshakeState.j;
        if (hashtable2 != null) {
            serverHandshakeState.i = hashtable2.containsKey(TlsProtocol.f8170b);
            TlsProtocol.a(byteArrayOutputStream, serverHandshakeState.j);
        }
        return byteArrayOutputStream.toByteArray();
    }

    protected void c(ServerHandshakeState serverHandshakeState, byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        serverHandshakeState.k.b(byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        TlsProtocol.a(serverHandshakeState.f8077b, serverHandshakeState.k);
    }

    protected void d(ServerHandshakeState serverHandshakeState, byte[] bArr) {
        serverHandshakeState.f8076a.a(TlsProtocol.d(new ByteArrayInputStream(bArr)));
    }
}
