package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Hashtable;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.bouncycastle.util.Arrays;

/* loaded from: classes2.dex */
public class TlsServerProtocol extends TlsProtocol {
    protected CertificateRequest J;
    protected short K;
    protected Certificate L;
    protected byte[] M;

    /* renamed from: a, reason: collision with root package name */
    protected TlsServer f6586a;

    /* renamed from: b, reason: collision with root package name */
    protected p f6587b;
    protected int[] c;
    protected short[] d;
    protected Hashtable e;
    protected int f;
    protected short g;
    protected Hashtable h;
    protected TlsKeyExchange i;
    protected TlsCredentials j;

    private TlsServerProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.f6586a = null;
        this.f6587b = null;
        this.i = null;
        this.j = null;
        this.J = null;
        this.K = (short) -1;
        this.L = null;
        this.M = null;
    }

    private void a(CertificateRequest certificateRequest) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.a((short) 13, (OutputStream) byteArrayOutputStream);
        TlsUtils.b(0, (OutputStream) byteArrayOutputStream);
        certificateRequest.a(byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        TlsUtils.b(byteArray.length - 4, byteArray, 1);
        b((short) 22, byteArray, 0, byteArray.length);
    }

    private void a(NewSessionTicket newSessionTicket) {
        if (newSessionTicket == null) {
            throw new TlsFatalAlert((short) 80);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.a((short) 4, (OutputStream) byteArrayOutputStream);
        TlsUtils.b(0, (OutputStream) byteArrayOutputStream);
        newSessionTicket.a(byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        TlsUtils.b(byteArray.length - 4, byteArray, 1);
        b((short) 22, byteArray, 0, byteArray.length);
    }

    private void a(TlsServer tlsServer) {
        if (tlsServer == null) {
            throw new IllegalArgumentException("'tlsServer' cannot be null");
        }
        if (this.f6586a != null) {
            throw new IllegalStateException("accept can only be called once");
        }
        this.f6586a = tlsServer;
        this.F = new SecurityParameters();
        this.F.f6556a = 0;
        this.F.g = a(this.E);
        this.f6587b = new p(this.E, this.F);
        this.f6586a.a(this.f6587b);
        this.D.a(this.f6587b);
        this.D.a(false);
        d();
    }

    private void b(Certificate certificate) {
        if (this.J == null) {
            throw new IllegalStateException();
        }
        if (this.L != null) {
            throw new TlsFatalAlert((short) 10);
        }
        this.L = certificate;
        if (!certificate.c()) {
            this.K = TlsUtils.a(certificate);
        }
        this.f6586a.h();
    }

    private void b(byte[] bArr) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.a((short) 12, (OutputStream) byteArrayOutputStream);
        TlsUtils.b(bArr.length, (OutputStream) byteArrayOutputStream);
        byteArrayOutputStream.write(bArr);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        b((short) 22, byteArray, 0, byteArray.length);
    }

    private void e(ByteArrayInputStream byteArrayInputStream) {
        Certificate a2 = Certificate.a(byteArrayInputStream);
        b(byteArrayInputStream);
        b(a2);
    }

    private void f(ByteArrayInputStream byteArrayInputStream) {
        byte[] f = TlsUtils.f(byteArrayInputStream);
        b(byteArrayInputStream);
        try {
            TlsSigner c = TlsUtils.c(this.K);
            c.a(this.f6587b);
            c.a(f, PublicKeyFactory.a(this.L.a(0).k()), this.M);
        } catch (Exception unused) {
            throw new TlsFatalAlert((short) 51);
        }
    }

    private void g(ByteArrayInputStream byteArrayInputStream) {
        byte[] bArr;
        ProtocolVersion h = TlsUtils.h(byteArrayInputStream);
        if (h.c()) {
            a((short) 2, (short) 47);
        }
        byte[] a2 = TlsUtils.a(32, byteArrayInputStream);
        if (TlsUtils.e(byteArrayInputStream).length > 32) {
            a((short) 2, (short) 47);
        }
        int b2 = TlsUtils.b(byteArrayInputStream);
        if (b2 < 2 || (b2 & 1) != 0) {
            a((short) 2, (short) 50);
        }
        this.c = TlsUtils.c(b2 / 2, byteArrayInputStream);
        short a3 = TlsUtils.a((InputStream) byteArrayInputStream);
        if (a3 <= 0) {
            a((short) 2, (short) 47);
        }
        this.d = TlsUtils.b(a3, byteArrayInputStream);
        this.e = c(byteArrayInputStream);
        this.f6587b.a(h);
        this.f6586a.a(h);
        this.F.f = a2;
        this.f6586a.a(this.c);
        this.f6586a.a(this.d);
        if (a(this.c, 255)) {
            this.H = true;
        }
        if (this.e != null && (bArr = (byte[]) this.e.get(k)) != null) {
            this.H = true;
            if (!Arrays.b(bArr, a(TlsUtils.f6590a))) {
                a((short) 2, (short) 40);
            }
        }
        this.f6586a.a(this.H);
        if (this.e != null) {
            this.f6586a.a(this.e);
        }
    }

    private void h(ByteArrayInputStream byteArrayInputStream) {
        this.i.b(byteArrayInputStream);
        b(byteArrayInputStream);
        a(this.f6587b, this.i);
        this.D.a(this.f6586a.i(), this.f6586a.p());
        if (k()) {
            this.M = this.D.a((byte[]) null);
        }
    }

    private void i() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.a((short) 2, (OutputStream) byteArrayOutputStream);
        TlsUtils.b(0, (OutputStream) byteArrayOutputStream);
        ProtocolVersion b2 = this.f6586a.b();
        if (!b2.a(this.f6587b.c())) {
            a((short) 2, (short) 80);
        }
        this.D.a(b2);
        this.D.b(b2);
        this.D.a(true);
        this.f6587b.b(b2);
        TlsUtils.a(b2, byteArrayOutputStream);
        byteArrayOutputStream.write(this.F.g);
        TlsUtils.a(TlsUtils.f6590a, (OutputStream) byteArrayOutputStream);
        this.f = this.f6586a.c();
        if (!a(this.c, this.f) || this.f == 0 || this.f == 255) {
            a((short) 2, (short) 80);
        }
        this.g = this.f6586a.d();
        if (!a(this.d, this.g)) {
            a((short) 2, (short) 80);
        }
        TlsUtils.a(this.f, (OutputStream) byteArrayOutputStream);
        TlsUtils.a(this.g, (OutputStream) byteArrayOutputStream);
        this.h = this.f6586a.e();
        if (this.H) {
            if (this.h == null || !this.h.containsKey(k)) {
                if (this.h == null) {
                    this.h = new Hashtable();
                }
                this.h.put(k, a(TlsUtils.f6590a));
            }
        }
        if (this.h != null) {
            this.I = this.h.containsKey(l);
            a(byteArrayOutputStream, this.h);
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        TlsUtils.b(byteArray.length - 4, byteArray, 1);
        b((short) 22, byteArray, 0, byteArray.length);
    }

    private void j() {
        byte[] bArr = new byte[4];
        TlsUtils.a((short) 14, bArr, 0);
        TlsUtils.b(0, bArr, 1);
        b((short) 22, bArr, 0, 4);
    }

    private boolean k() {
        return this.K >= 0 && TlsUtils.b(this.K);
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected final a a() {
        return this.f6587b;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public final void a(short s) {
        if (s != 41) {
            super.a(s);
        } else {
            if (!this.f6587b.d().d() || this.J == null) {
                return;
            }
            b(Certificate.f6490a);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:26:0x0060, code lost:
    
        if (r16.L == null) goto L22;
     */
    /* JADX WARN: Failed to find 'out' block for switch in B:14:0x0032. Please report as an issue. */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected final void a(short r17, byte[] r18) {
        /*
            Method dump skipped, instructions count: 962
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.crypto.tls.TlsServerProtocol.a(short, byte[]):void");
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected final TlsPeer b() {
        return this.f6586a;
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected final void c() {
        switch (this.G) {
            case 10:
                if (this.M != null) {
                    a((short) 2, (short) 10);
                    break;
                }
                break;
            case 11:
                break;
            default:
                a((short) 2, (short) 40);
                return;
        }
        this.G = (short) 12;
    }
}
