package org.spongycastle.crypto.tls;

import b.j;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Vector;
import org.spongycastle.crypto.CryptoException;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.Signer;
import org.spongycastle.crypto.agreement.srp.SRP6Client;
import org.spongycastle.crypto.agreement.srp.SRP6Server;
import org.spongycastle.crypto.agreement.srp.SRP6Util;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.SRP6GroupParameters;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.BigIntegers;
import org.spongycastle.util.io.TeeInputStream;

/* loaded from: classes.dex */
public class TlsSRPKeyExchange extends AbstractTlsKeyExchange {

    /* renamed from: d, reason: collision with root package name */
    public TlsSigner f9100d;

    /* renamed from: e, reason: collision with root package name */
    public TlsSRPGroupVerifier f9101e;

    /* renamed from: f, reason: collision with root package name */
    public byte[] f9102f;

    /* renamed from: g, reason: collision with root package name */
    public byte[] f9103g;

    /* renamed from: h, reason: collision with root package name */
    public AsymmetricKeyParameter f9104h;

    /* renamed from: i, reason: collision with root package name */
    public SRP6GroupParameters f9105i;

    /* renamed from: j, reason: collision with root package name */
    public SRP6Client f9106j;

    /* renamed from: k, reason: collision with root package name */
    public SRP6Server f9107k;

    /* renamed from: l, reason: collision with root package name */
    public BigInteger f9108l;

    /* renamed from: m, reason: collision with root package name */
    public BigInteger f9109m;

    /* renamed from: n, reason: collision with root package name */
    public byte[] f9110n;

    /* renamed from: o, reason: collision with root package name */
    public TlsSignerCredentials f9111o;

    public TlsSRPKeyExchange(int i5, Vector vector, TlsSRPGroupVerifier tlsSRPGroupVerifier, byte[] bArr, byte[] bArr2) {
        super(i5, vector);
        this.f9104h = null;
        this.f9105i = null;
        this.f9106j = null;
        this.f9107k = null;
        this.f9108l = null;
        this.f9109m = null;
        this.f9110n = null;
        this.f9111o = null;
        this.f9100d = q(i5);
        this.f9101e = tlsSRPGroupVerifier;
        this.f9102f = bArr;
        this.f9103g = bArr2;
        this.f9106j = new SRP6Client();
    }

    public TlsSRPKeyExchange(int i5, Vector vector, byte[] bArr, TlsSRPLoginParameters tlsSRPLoginParameters) {
        super(i5, vector);
        this.f9104h = null;
        this.f9105i = null;
        this.f9106j = null;
        this.f9107k = null;
        this.f9108l = null;
        this.f9109m = null;
        this.f9110n = null;
        this.f9111o = null;
        this.f9100d = q(i5);
        this.f9102f = bArr;
        this.f9107k = new SRP6Server();
        this.f9105i = tlsSRPLoginParameters.a();
        this.f9109m = tlsSRPLoginParameters.c();
        this.f9110n = tlsSRPLoginParameters.b();
    }

    public static TlsSigner q(int i5) {
        switch (i5) {
            case 21:
                return null;
            case 22:
                return new TlsDSSSigner();
            case j.f1846v3 /* 23 */:
                return new TlsRSASigner();
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void a(TlsContext tlsContext) {
        super.a(tlsContext);
        TlsSigner tlsSigner = this.f9100d;
        if (tlsSigner != null) {
            tlsSigner.a(tlsContext);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void b(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] c() throws IOException {
        this.f9107k.e(this.f9105i, this.f9109m, TlsUtils.o((short) 2), this.f8809c.c());
        ServerSRPParams serverSRPParams = new ServerSRPParams(this.f9105i.b(), this.f9105i.a(), this.f9110n, this.f9107k.c());
        DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
        serverSRPParams.a(digestInputBuffer);
        TlsSignerCredentials tlsSignerCredentials = this.f9111o;
        if (tlsSignerCredentials != null) {
            SignatureAndHashAlgorithm I = TlsUtils.I(this.f8809c, tlsSignerCredentials);
            Digest n5 = TlsUtils.n(I);
            SecurityParameters e5 = this.f8809c.e();
            byte[] bArr = e5.f8953g;
            n5.update(bArr, 0, bArr.length);
            byte[] bArr2 = e5.f8954h;
            n5.update(bArr2, 0, bArr2.length);
            digestInputBuffer.c(n5);
            byte[] bArr3 = new byte[n5.f()];
            n5.c(bArr3, 0);
            new DigitallySigned(I, this.f9111o.e(bArr3)).a(digestInputBuffer);
        }
        return digestInputBuffer.toByteArray();
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void e(OutputStream outputStream) throws IOException {
        TlsSRPUtils.e(this.f9106j.c(this.f9110n, this.f9102f, this.f9103g), outputStream);
        this.f8809c.e().f8957k = Arrays.g(this.f9102f);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void f(InputStream inputStream) throws IOException {
        SignerInputBuffer signerInputBuffer;
        InputStream inputStream2;
        SecurityParameters e5 = this.f8809c.e();
        if (this.f9100d != null) {
            signerInputBuffer = new SignerInputBuffer();
            inputStream2 = new TeeInputStream(inputStream, signerInputBuffer);
        } else {
            signerInputBuffer = null;
            inputStream2 = inputStream;
        }
        ServerSRPParams f5 = ServerSRPParams.f(inputStream2);
        if (signerInputBuffer != null) {
            DigitallySigned o5 = o(inputStream);
            Signer r5 = r(this.f9100d, o5.b(), e5);
            signerInputBuffer.c(r5);
            if (!r5.b(o5.c())) {
                throw new TlsFatalAlert((short) 51);
            }
        }
        SRP6GroupParameters sRP6GroupParameters = new SRP6GroupParameters(f5.d(), f5.c());
        this.f9105i = sRP6GroupParameters;
        if (!this.f9101e.a(sRP6GroupParameters)) {
            throw new TlsFatalAlert((short) 71);
        }
        this.f9110n = f5.e();
        try {
            this.f9108l = SRP6Util.g(this.f9105i.b(), f5.b());
            this.f9106j.e(this.f9105i, TlsUtils.o((short) 2), this.f8809c.c());
        } catch (CryptoException e6) {
            throw new TlsFatalAlert((short) 47, e6);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void g(CertificateRequest certificateRequest) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] h() throws IOException {
        try {
            SRP6Server sRP6Server = this.f9107k;
            return BigIntegers.b(sRP6Server != null ? sRP6Server.b(this.f9108l) : this.f9106j.b(this.f9108l));
        } catch (CryptoException e5) {
            throw new TlsFatalAlert((short) 47, e5);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void i(Certificate certificate) throws IOException {
        if (this.f9100d == null) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.c()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate b5 = certificate.b(0);
        try {
            AsymmetricKeyParameter a5 = PublicKeyFactory.a(b5.p());
            this.f9104h = a5;
            if (!this.f9100d.d(a5)) {
                throw new TlsFatalAlert((short) 46);
            }
            TlsUtils.u0(b5, 128);
            super.i(certificate);
        } catch (RuntimeException e5) {
            throw new TlsFatalAlert((short) 43, e5);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void k(TlsCredentials tlsCredentials) throws IOException {
        if (this.f8807a == 21 || !(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        i(tlsCredentials.c());
        this.f9111o = (TlsSignerCredentials) tlsCredentials;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void m() throws IOException {
        if (this.f9100d != null) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void n(InputStream inputStream) throws IOException {
        try {
            this.f9108l = SRP6Util.g(this.f9105i.b(), TlsSRPUtils.d(inputStream));
            this.f8809c.e().f8957k = Arrays.g(this.f9102f);
        } catch (CryptoException e5) {
            throw new TlsFatalAlert((short) 47, e5);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange
    public boolean p() {
        return true;
    }

    public Signer r(TlsSigner tlsSigner, SignatureAndHashAlgorithm signatureAndHashAlgorithm, SecurityParameters securityParameters) {
        Signer b5 = tlsSigner.b(signatureAndHashAlgorithm, this.f9104h);
        byte[] bArr = securityParameters.f8953g;
        b5.update(bArr, 0, bArr.length);
        byte[] bArr2 = securityParameters.f8954h;
        b5.update(bArr2, 0, bArr2.length);
        return b5;
    }
}
