package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.OutputStream;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.tls.TlsProtocol;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.bouncycastle.util.Arrays;

/* loaded from: classes2.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected TlsServer B;
    TlsServerContextImpl C;
    protected TlsKeyExchange D;
    protected TlsCredentials E;
    protected CertificateRequest F;
    protected short G;
    protected TlsHandshakeHash H;

    protected void a(CertificateRequest certificateRequest) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 13);
        certificateRequest.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(CertificateStatus certificateStatus) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 22);
        certificateStatus.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void a(NewSessionTicket newSessionTicket) {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 4);
        newSessionTicket.a(handshakeMessage);
        handshakeMessage.a();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x0020, code lost:
    
        if (r3 == 9) goto L15;
     */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void a(short r3) {
        /*
            r2 = this;
            super.a(r3)
            r0 = 41
            if (r3 == r0) goto L8
            return
        L8:
            org.bouncycastle.crypto.tls.TlsContext r3 = r2.g()
            boolean r3 = org.bouncycastle.crypto.tls.TlsUtils.a(r3)
            r0 = 10
            if (r3 == 0) goto L31
            org.bouncycastle.crypto.tls.CertificateRequest r3 = r2.F
            if (r3 == 0) goto L31
            short r3 = r2.f17853s
            r1 = 8
            if (r3 == r1) goto L23
            r1 = 9
            if (r3 != r1) goto L31
            goto L29
        L23:
            org.bouncycastle.crypto.tls.TlsServer r3 = r2.B
            r1 = 0
            r3.a(r1)
        L29:
            org.bouncycastle.crypto.tls.Certificate r3 = org.bouncycastle.crypto.tls.Certificate.f17641b
            r2.b(r3)
            r2.f17853s = r0
            return
        L31:
            org.bouncycastle.crypto.tls.TlsFatalAlert r3 = new org.bouncycastle.crypto.tls.TlsFatalAlert
            r3.<init>(r0)
            throw r3
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.crypto.tls.TlsServerProtocol.a(short):void");
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:12:0x0022. Please report as an issue. */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected void a(short s10, ByteArrayInputStream byteArrayInputStream) {
        CertificateStatus n10;
        Certificate certificate = null;
        if (s10 == 1) {
            short s11 = this.f17853s;
            if (s11 != 0) {
                if (s11 != 16) {
                    throw new TlsFatalAlert((short) 10);
                }
                o();
                return;
            }
            g(byteArrayInputStream);
            this.f17853s = (short) 1;
            u();
            this.f17853s = (short) 2;
            this.f17838d.h();
            Vector o10 = this.B.o();
            if (o10 != null) {
                a(o10);
            }
            this.f17853s = (short) 3;
            TlsKeyExchange a10 = this.B.a();
            this.D = a10;
            a10.a(g());
            TlsCredentials l10 = this.B.l();
            this.E = l10;
            if (l10 == null) {
                this.D.d();
            } else {
                this.D.a(l10);
                certificate = this.E.b();
                a(certificate);
            }
            this.f17853s = (short) 4;
            if (certificate == null || certificate.a()) {
                this.f17857w = false;
            }
            if (this.f17857w && (n10 = this.B.n()) != null) {
                a(n10);
            }
            this.f17853s = (short) 5;
            byte[] a11 = this.D.a();
            if (a11 != null) {
                b(a11);
            }
            this.f17853s = (short) 6;
            if (this.E != null) {
                CertificateRequest i10 = this.B.i();
                this.F = i10;
                if (i10 != null) {
                    if (TlsUtils.c(g()) != (this.F.b() != null)) {
                        throw new TlsFatalAlert((short) 80);
                    }
                    this.D.a(this.F);
                    a(this.F);
                    TlsUtils.a(this.f17838d.d(), this.F.b());
                }
            }
            this.f17853s = (short) 7;
            t();
            this.f17853s = (short) 8;
            this.f17838d.d().i();
            return;
        }
        if (s10 == 11) {
            short s12 = this.f17853s;
            if (s12 == 8) {
                this.B.a((Vector) null);
            } else if (s12 != 9) {
                throw new TlsFatalAlert((short) 10);
            }
            if (this.F == null) {
                throw new TlsFatalAlert((short) 10);
            }
            e(byteArrayInputStream);
            this.f17853s = (short) 10;
            return;
        }
        if (s10 == 20) {
            short s13 = this.f17853s;
            if (s13 != 11) {
                if (s13 != 12) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (s()) {
                throw new TlsFatalAlert((short) 10);
            }
            b(byteArrayInputStream);
            this.f17853s = (short) 13;
            if (this.f17858x) {
                a(this.B.j());
            }
            this.f17853s = (short) 14;
            q();
            r();
            this.f17853s = (short) 15;
            e();
            return;
        }
        if (s10 == 23) {
            if (this.f17853s != 8) {
                throw new TlsFatalAlert((short) 10);
            }
            this.B.a(TlsProtocol.d(byteArrayInputStream));
            this.f17853s = (short) 9;
            return;
        }
        if (s10 == 15) {
            if (this.f17853s != 11) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!s()) {
                throw new TlsFatalAlert((short) 10);
            }
            f(byteArrayInputStream);
            this.f17853s = (short) 12;
            return;
        }
        if (s10 != 16) {
            throw new TlsFatalAlert((short) 10);
        }
        switch (this.f17853s) {
            case 8:
                this.B.a((Vector) null);
            case 9:
                if (this.F == null) {
                    this.D.e();
                } else {
                    if (TlsUtils.c(g())) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    if (!TlsUtils.a(g())) {
                        b(Certificate.f17641b);
                    } else if (this.f17848n == null) {
                        throw new TlsFatalAlert((short) 10);
                    }
                }
            case 10:
                h(byteArrayInputStream);
                this.f17853s = (short) 11;
                return;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    protected void b(Certificate certificate) {
        if (this.F == null) {
            throw new IllegalStateException();
        }
        if (this.f17848n != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.f17848n = certificate;
        if (certificate.a()) {
            this.D.e();
        } else {
            this.G = TlsUtils.a(certificate, this.E.b());
            this.D.a(certificate);
        }
        this.B.a(certificate);
    }

    protected void b(byte[] bArr) {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage((short) 12, bArr.length);
        handshakeMessage.write(bArr);
        handshakeMessage.a();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void c() {
        super.c();
        this.D = null;
        this.E = null;
        this.F = null;
        this.H = null;
    }

    protected void e(ByteArrayInputStream byteArrayInputStream) {
        Certificate a10 = Certificate.a(byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        b(a10);
    }

    protected void f(ByteArrayInputStream byteArrayInputStream) {
        byte[] j10;
        if (this.F == null) {
            throw new IllegalStateException();
        }
        DigitallySigned a10 = DigitallySigned.a(g(), byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        try {
            SignatureAndHashAlgorithm a11 = a10.a();
            if (TlsUtils.c(g())) {
                TlsUtils.a(this.F.b(), a11);
                j10 = this.H.b(a11.a());
            } else {
                j10 = this.f17847m.j();
            }
            AsymmetricKeyParameter a12 = PublicKeyFactory.a(this.f17848n.a(0).m());
            TlsSigner c10 = TlsUtils.c(this.G);
            c10.a(g());
            if (c10.a(a11, a10.b(), a12, j10)) {
            } else {
                throw new TlsFatalAlert((short) 51);
            }
        } catch (TlsFatalAlert e10) {
            throw e10;
        } catch (Exception e11) {
            throw new TlsFatalAlert((short) 51, e11);
        }
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsContext g() {
        return this.C;
    }

    protected void g(ByteArrayInputStream byteArrayInputStream) {
        ProtocolVersion h10 = TlsUtils.h(byteArrayInputStream);
        this.f17838d.b(h10);
        if (h10.d()) {
            throw new TlsFatalAlert((short) 47);
        }
        byte[] b10 = TlsUtils.b(32, byteArrayInputStream);
        if (TlsUtils.c(byteArrayInputStream).length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        int d10 = TlsUtils.d(byteArrayInputStream);
        if (d10 < 2 || (d10 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.f17849o = TlsUtils.c(d10 / 2, byteArrayInputStream);
        short g10 = TlsUtils.g(byteArrayInputStream);
        if (g10 < 1) {
            throw new TlsFatalAlert((short) 47);
        }
        this.f17850p = TlsUtils.d(g10, byteArrayInputStream);
        Hashtable c10 = TlsProtocol.c(byteArrayInputStream);
        this.f17851q = c10;
        this.f17847m.f17736n = TlsExtensionsUtils.h(c10);
        h().a(h10);
        this.B.a(h10);
        this.B.a(Arrays.a(this.f17849o, 22016));
        this.f17847m.f17728f = b10;
        this.B.a(this.f17849o);
        this.B.a(this.f17850p);
        if (Arrays.a(this.f17849o, 255)) {
            this.f17856v = true;
        }
        byte[] a10 = TlsUtils.a(this.f17851q, TlsProtocol.f17834z);
        if (a10 != null) {
            this.f17856v = true;
            if (!Arrays.d(a10, TlsProtocol.a(TlsUtils.f17889a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.B.b(this.f17856v);
        Hashtable hashtable = this.f17851q;
        if (hashtable != null) {
            TlsExtensionsUtils.f(hashtable);
            this.B.b(this.f17851q);
        }
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    AbstractTlsContext h() {
        return this.C;
    }

    protected void h(ByteArrayInputStream byteArrayInputStream) {
        this.D.b(byteArrayInputStream);
        TlsProtocol.a(byteArrayInputStream);
        if (TlsUtils.a(g())) {
            TlsProtocol.a(g(), this.D);
        }
        this.H = this.f17838d.i();
        this.f17847m.f17730h = TlsProtocol.a(g(), this.H, (byte[]) null);
        if (!TlsUtils.a(g())) {
            TlsProtocol.a(g(), this.D);
        }
        this.f17838d.a(i().c(), i().k());
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsPeer i() {
        return this.B;
    }

    protected boolean s() {
        short s10 = this.G;
        return s10 >= 0 && TlsUtils.e(s10);
    }

    protected void t() {
        byte[] bArr = new byte[4];
        TlsUtils.a((short) 14, bArr, 0);
        TlsUtils.b(0, bArr, 1);
        d(bArr, 0, 4);
    }

    protected void u() {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 2);
        ProtocolVersion b10 = this.B.b();
        if (!b10.b(g().g())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f17838d.a(b10);
        this.f17838d.b(b10);
        this.f17838d.a(true);
        h().b(b10);
        TlsUtils.a(b10, handshakeMessage);
        handshakeMessage.write(this.f17847m.f17729g);
        byte[] bArr = TlsUtils.f17889a;
        TlsUtils.c(bArr, handshakeMessage);
        int g10 = this.B.g();
        if (!Arrays.a(this.f17849o, g10) || g10 == 0 || CipherSuite.a(g10) || !TlsUtils.a(g10, g().b())) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f17847m.f17723a = g10;
        short e10 = this.B.e();
        if (!Arrays.b(this.f17850p, e10)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.f17847m.f17724b = e10;
        TlsUtils.a(g10, (OutputStream) handshakeMessage);
        TlsUtils.a(e10, (OutputStream) handshakeMessage);
        Hashtable m10 = this.B.m();
        this.f17852r = m10;
        if (this.f17856v) {
            Integer num = TlsProtocol.f17834z;
            if (TlsUtils.a(m10, num) == null) {
                Hashtable d10 = TlsExtensionsUtils.d(this.f17852r);
                this.f17852r = d10;
                d10.put(num, TlsProtocol.a(bArr));
            }
        }
        if (this.f17847m.f17736n) {
            Hashtable d11 = TlsExtensionsUtils.d(this.f17852r);
            this.f17852r = d11;
            TlsExtensionsUtils.b(d11);
        }
        Hashtable hashtable = this.f17852r;
        if (hashtable != null) {
            this.f17847m.f17735m = TlsExtensionsUtils.g(hashtable);
            this.f17847m.f17733k = a(this.f17851q, this.f17852r, (short) 80);
            this.f17847m.f17734l = TlsExtensionsUtils.i(this.f17852r);
            this.f17857w = !this.f17854t && TlsUtils.a(this.f17852r, TlsExtensionsUtils.f17803e, (short) 80);
            this.f17858x = !this.f17854t && TlsUtils.a(this.f17852r, TlsProtocol.A, (short) 80);
            TlsProtocol.a(handshakeMessage, this.f17852r);
        }
        this.f17847m.f17725c = TlsProtocol.a(g(), this.f17847m.b());
        this.f17847m.f17726d = 12;
        b();
        handshakeMessage.a();
    }
}
