package org.spongycastle.crypto.tls;

import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.DHParameters;
import org.spongycastle.crypto.params.DHPrivateKeyParameters;
import org.spongycastle.crypto.params.DHPublicKeyParameters;
import org.spongycastle.crypto.params.ECPrivateKeyParameters;
import org.spongycastle.crypto.params.ECPublicKeyParameters;
import org.spongycastle.crypto.params.RSAKeyParameters;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.io.Streams;

/* loaded from: classes.dex */
public class TlsPSKKeyExchange extends AbstractTlsKeyExchange {
    protected int[] bCY;
    protected short[] bCZ;
    protected short[] bDa;
    protected byte[] bDv;
    protected TlsPSKIdentity bEt;
    protected TlsPSKIdentityManager bEu;
    protected DHParameters bFQ;
    protected AsymmetricKeyParameter bFR;
    protected DHPrivateKeyParameters bFT;
    protected DHPublicKeyParameters bFU;
    protected ECPrivateKeyParameters bGe;
    protected ECPublicKeyParameters bGf;
    protected byte[] bGs;
    protected RSAKeyParameters bGt;
    protected TlsEncryptionCredentials bGu;
    protected byte[] bGv;

    public TlsPSKKeyExchange(int i, Vector vector, TlsPSKIdentity tlsPSKIdentity, TlsPSKIdentityManager tlsPSKIdentityManager, DHParameters dHParameters, int[] iArr, short[] sArr, short[] sArr2) {
        super(i, vector);
        this.bGs = null;
        this.bDv = null;
        this.bFT = null;
        this.bFU = null;
        this.bGe = null;
        this.bGf = null;
        this.bFR = null;
        this.bGt = null;
        this.bGu = null;
        switch (i) {
            case 13:
            case 14:
            case 15:
            case 24:
                this.bEt = tlsPSKIdentity;
                this.bEu = tlsPSKIdentityManager;
                this.bFQ = dHParameters;
                this.bCY = iArr;
                this.bCZ = sArr;
                this.bDa = sArr2;
                return;
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange
    public boolean Cj() {
        switch (this.bDj) {
            case 14:
            case 24:
                return true;
            default:
                return false;
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] Ck() {
        this.bGs = this.bEu.DZ();
        if (this.bGs == null && !Cj()) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (this.bGs == null) {
            TlsUtils.b(TlsUtils.aEX, (OutputStream) byteArrayOutputStream);
        } else {
            TlsUtils.b(this.bGs, (OutputStream) byteArrayOutputStream);
        }
        if (this.bDj == 14) {
            if (this.bFQ == null) {
                throw new TlsFatalAlert((short) 80);
            }
            this.bFT = TlsDHUtils.b(this.bDk.Cf(), this.bFQ, byteArrayOutputStream);
        } else if (this.bDj == 24) {
            this.bGe = TlsECCUtils.a(this.bDk.Cf(), this.bCY, this.bCZ, byteArrayOutputStream);
        }
        return byteArrayOutputStream.toByteArray();
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void DP() {
        if (this.bDj == 15) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] DQ() {
        byte[] gF = gF(this.bDv.length);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(gF.length + 4 + this.bDv.length);
        TlsUtils.b(gF, (OutputStream) byteArrayOutputStream);
        TlsUtils.b(this.bDv, (OutputStream) byteArrayOutputStream);
        Arrays.fill(this.bDv, (byte) 0);
        this.bDv = null;
        return byteArrayOutputStream.toByteArray();
    }

    protected RSAKeyParameters a(RSAKeyParameters rSAKeyParameters) {
        if (rSAKeyParameters.getExponent().isProbablePrime(2)) {
            return rSAKeyParameters;
        }
        throw new TlsFatalAlert((short) 47);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void a(Certificate certificate) {
        if (this.bDj != 15) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.isEmpty()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate gp = certificate.gp(0);
        try {
            this.bFR = PublicKeyFactory.c(gp.xs());
            if (this.bFR.isPrivate()) {
                throw new TlsFatalAlert((short) 80);
            }
            this.bGt = a((RSAKeyParameters) this.bFR);
            TlsUtils.a(gp, 32);
            super.a(certificate);
        } catch (RuntimeException e) {
            throw new TlsFatalAlert((short) 43, e);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void a(TlsCredentials tlsCredentials) {
        if (!(tlsCredentials instanceof TlsEncryptionCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        a(tlsCredentials.CL());
        this.bGu = (TlsEncryptionCredentials) tlsCredentials;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void b(CertificateRequest certificateRequest) {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void b(TlsCredentials tlsCredentials) {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void f(OutputStream outputStream) {
        if (this.bGs == null) {
            this.bEt.CC();
        } else {
            this.bEt.ar(this.bGs);
        }
        byte[] CD = this.bEt.CD();
        if (CD == null) {
            throw new TlsFatalAlert((short) 80);
        }
        this.bDv = this.bEt.CE();
        if (this.bDv == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsUtils.b(CD, outputStream);
        this.bDk.Cg().bFl = Arrays.bn(CD);
        if (this.bDj == 14) {
            this.bFT = TlsDHUtils.a(this.bDk.Cf(), this.bFQ, outputStream);
        } else if (this.bDj == 24) {
            this.bGe = TlsECCUtils.a(this.bDk.Cf(), this.bDa, this.bGf.Bb(), outputStream);
        } else if (this.bDj == 15) {
            this.bGv = TlsRSAUtils.a(this.bDk, this.bGt, outputStream);
        }
    }

    protected byte[] gF(int i) {
        if (this.bDj == 14) {
            if (this.bFT != null) {
                return TlsDHUtils.a(this.bFU, this.bFT);
            }
            throw new TlsFatalAlert((short) 80);
        }
        if (this.bDj != 24) {
            return this.bDj == 15 ? this.bGv : new byte[i];
        }
        if (this.bGe != null) {
            return TlsECCUtils.a(this.bGf, this.bGe);
        }
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void h(InputStream inputStream) {
        this.bGs = TlsUtils.x(inputStream);
        if (this.bDj == 14) {
            this.bFU = TlsDHUtils.a(ServerDHParams.m(inputStream).DD());
            this.bFQ = this.bFU.AV();
        } else if (this.bDj == 24) {
            this.bGf = TlsECCUtils.a(TlsECCUtils.a(this.bCZ, TlsECCUtils.a(this.bCY, this.bCZ, inputStream), TlsUtils.w(inputStream)));
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void i(InputStream inputStream) {
        byte[] x = TlsUtils.x(inputStream);
        this.bDv = this.bEu.aG(x);
        if (this.bDv == null) {
            throw new TlsFatalAlert((short) 115);
        }
        this.bDk.Cg().bFl = x;
        if (this.bDj == 14) {
            this.bFU = TlsDHUtils.a(new DHPublicKeyParameters(TlsDHUtils.p(inputStream), this.bFQ));
            return;
        }
        if (this.bDj == 24) {
            this.bGf = TlsECCUtils.a(TlsECCUtils.a(this.bDa, this.bGe.Bb(), TlsUtils.w(inputStream)));
        } else if (this.bDj == 15) {
            this.bGv = this.bGu.as(TlsUtils.c(this.bDk) ? Streams.K(inputStream) : TlsUtils.x(inputStream));
        }
    }
}
