package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.tls.TlsProtocol;
import org.bouncycastle.util.Arrays;

/* loaded from: classes3.dex */
public class TlsClientProtocol extends TlsProtocol {
    public CertificateRequest a;

    /* renamed from: a, reason: collision with other field name */
    public CertificateStatus f6378a;

    /* renamed from: a, reason: collision with other field name */
    public TlsAuthentication f6379a;

    /* renamed from: a, reason: collision with other field name */
    public TlsClient f6380a;

    /* renamed from: a, reason: collision with other field name */
    public TlsClientContextImpl f6381a;

    /* renamed from: a, reason: collision with other field name */
    public TlsKeyExchange f6382a;
    public byte[] b;

    public TlsClientProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.f6380a = null;
        this.f6381a = null;
        this.b = null;
        this.f6382a = null;
        this.f6379a = null;
        this.f6378a = null;
        this.a = null;
    }

    public void P(TlsClient tlsClient) throws IOException {
        SessionParameters c;
        if (tlsClient == null) {
            throw new IllegalArgumentException("'tlsClient' cannot be null");
        }
        if (this.f6380a != null) {
            throw new IllegalStateException("'connect' can only be called once");
        }
        this.f6380a = tlsClient;
        SecurityParameters securityParameters = new SecurityParameters();
        ((TlsProtocol) this).f6429a = securityParameters;
        securityParameters.a = 1;
        this.f6381a = new TlsClientContextImpl(((TlsProtocol) this).f6424a, ((TlsProtocol) this).f6429a);
        ((TlsProtocol) this).f6429a.f6351b = TlsProtocol.f(tlsClient.s(), this.f6381a.getNonceRandomGenerator());
        this.f6380a.a(this.f6381a);
        ((TlsProtocol) this).f6428a.f(this.f6381a);
        TlsSession sessionToResume = tlsClient.getSessionToResume();
        if (sessionToResume != null && (c = sessionToResume.c()) != null) {
            ((TlsProtocol) this).f6433a = sessionToResume;
            ((TlsProtocol) this).f6430a = c;
        }
        U();
        this.r = (short) 1;
        e();
    }

    public void Q(Vector vector) throws IOException {
        this.f6380a.f(vector);
        this.r = (short) 3;
        TlsKeyExchange keyExchange = this.f6380a.getKeyExchange();
        this.f6382a = keyExchange;
        keyExchange.a(getContext());
    }

    public void R(ByteArrayInputStream byteArrayInputStream) throws IOException {
        NewSessionTicket b = NewSessionTicket.b(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        this.f6380a.k(b);
    }

    public void S(ByteArrayInputStream byteArrayInputStream) throws IOException {
        TlsSession tlsSession;
        ProtocolVersion H0 = TlsUtils.H0(byteArrayInputStream);
        if (H0.d()) {
            throw new TlsFatalAlert((short) 47);
        }
        if (!H0.a(((TlsProtocol) this).f6428a.getReadVersion())) {
            throw new TlsFatalAlert((short) 47);
        }
        if (!H0.e(getContext().getClientVersion())) {
            throw new TlsFatalAlert((short) 47);
        }
        ((TlsProtocol) this).f6428a.setWriteVersion(H0);
        getContextAdmin().setServerVersion(H0);
        this.f6380a.e(H0);
        ((TlsProtocol) this).f6429a.f6353c = TlsUtils.q0(32, byteArrayInputStream);
        byte[] t0 = TlsUtils.t0(byteArrayInputStream);
        this.b = t0;
        if (t0.length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        this.f6380a.m(t0);
        byte[] bArr = this.b;
        boolean z = false;
        this.f6444e = bArr.length > 0 && (tlsSession = ((TlsProtocol) this).f6433a) != null && Arrays.d(bArr, tlsSession.getSessionID());
        int v0 = TlsUtils.v0(byteArrayInputStream);
        if (!Arrays.x(((TlsProtocol) this).f6436a, v0) || v0 == 0 || CipherSuite.a(v0) || !TlsUtils.a0(v0, H0)) {
            throw new TlsFatalAlert((short) 47);
        }
        this.f6380a.q(v0);
        short E0 = TlsUtils.E0(byteArrayInputStream);
        if (!Arrays.y(((TlsProtocol) this).f6437a, E0)) {
            throw new TlsFatalAlert((short) 47);
        }
        this.f6380a.u(E0);
        Hashtable D = TlsProtocol.D(byteArrayInputStream);
        ((TlsProtocol) this).f6438b = D;
        if (TlsExtensionsUtils.v(D) != ((TlsProtocol) this).f6429a.f6352c) {
            throw new TlsFatalAlert((short) 40);
        }
        Hashtable hashtable = ((TlsProtocol) this).f6438b;
        if (hashtable != null) {
            Enumeration keys = hashtable.keys();
            while (keys.hasMoreElements()) {
                Integer num = (Integer) keys.nextElement();
                if (!num.equals(TlsProtocol.a)) {
                    if (TlsUtils.J(((TlsProtocol) this).f6425a, num) == null) {
                        throw new TlsFatalAlert(AlertDescription.y);
                    }
                    num.equals(TlsExtensionsUtils.b);
                }
            }
        }
        byte[] J = TlsUtils.J(((TlsProtocol) this).f6438b, TlsProtocol.a);
        if (J != null) {
            this.f6446g = true;
            if (!Arrays.w(J, TlsProtocol.g(TlsUtils.f6473a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.f6380a.i(this.f6446g);
        Hashtable hashtable2 = ((TlsProtocol) this).f6425a;
        Hashtable hashtable3 = ((TlsProtocol) this).f6438b;
        if (this.f6444e) {
            if (v0 != ((TlsProtocol) this).f6430a.getCipherSuite() || E0 != ((TlsProtocol) this).f6430a.getCompressionAlgorithm()) {
                throw new TlsFatalAlert((short) 47);
            }
            hashtable2 = null;
            hashtable3 = ((TlsProtocol) this).f6430a.c();
            ((TlsProtocol) this).f6429a.f6352c = TlsExtensionsUtils.v(hashtable3);
        }
        SecurityParameters securityParameters = ((TlsProtocol) this).f6429a;
        securityParameters.b = v0;
        securityParameters.f6346a = E0;
        if (hashtable3 != null) {
            boolean u = TlsExtensionsUtils.u(hashtable3);
            if (u && !TlsUtils.U(v0)) {
                throw new TlsFatalAlert((short) 47);
            }
            SecurityParameters securityParameters2 = ((TlsProtocol) this).f6429a;
            securityParameters2.f6350b = u;
            securityParameters2.f6349b = y(hashtable2, hashtable3, (short) 47);
            ((TlsProtocol) this).f6429a.f6347a = TlsExtensionsUtils.w(hashtable3);
            this.f6447h = !this.f6444e && TlsUtils.P(hashtable3, TlsExtensionsUtils.f, (short) 47);
            if (!this.f6444e && TlsUtils.P(hashtable3, TlsProtocol.b, (short) 47)) {
                z = true;
            }
            this.f6448i = z;
        }
        if (hashtable2 != null) {
            this.f6380a.n(hashtable3);
        }
    }

    public void T(DigitallySigned digitallySigned) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 15);
        digitallySigned.a(handshakeMessage);
        handshakeMessage.a();
    }

    public void U() throws IOException {
        byte[] bArr;
        SessionParameters sessionParameters;
        ((TlsProtocol) this).f6428a.setWriteVersion(this.f6380a.getClientHelloRecordLayerVersion());
        ProtocolVersion clientVersion = this.f6380a.getClientVersion();
        if (clientVersion.d()) {
            throw new TlsFatalAlert((short) 80);
        }
        getContextAdmin().setClientVersion(clientVersion);
        byte[] bArr2 = TlsUtils.f6473a;
        TlsSession tlsSession = ((TlsProtocol) this).f6433a;
        if (tlsSession == null || (bArr = tlsSession.getSessionID()) == null || bArr.length > 32) {
            bArr = bArr2;
        }
        boolean p = this.f6380a.p();
        ((TlsProtocol) this).f6436a = this.f6380a.getCipherSuites();
        ((TlsProtocol) this).f6437a = this.f6380a.getCompressionMethods();
        if (bArr.length <= 0 || (sessionParameters = ((TlsProtocol) this).f6430a) == null || (Arrays.x(((TlsProtocol) this).f6436a, sessionParameters.getCipherSuite()) && Arrays.y(((TlsProtocol) this).f6437a, ((TlsProtocol) this).f6430a.getCompressionAlgorithm()))) {
            bArr2 = bArr;
        }
        Hashtable clientExtensions = this.f6380a.getClientExtensions();
        ((TlsProtocol) this).f6425a = clientExtensions;
        ((TlsProtocol) this).f6429a.f6352c = TlsExtensionsUtils.v(clientExtensions);
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 1);
        TlsUtils.o1(clientVersion, handshakeMessage);
        handshakeMessage.write(((TlsProtocol) this).f6429a.getClientRandom());
        TlsUtils.R0(bArr2, handshakeMessage);
        boolean z = TlsUtils.J(((TlsProtocol) this).f6425a, TlsProtocol.a) == null;
        boolean z2 = !Arrays.x(((TlsProtocol) this).f6436a, 255);
        if (z && z2) {
            ((TlsProtocol) this).f6436a = Arrays.b(((TlsProtocol) this).f6436a, 255);
        }
        if (p && !Arrays.x(((TlsProtocol) this).f6436a, CipherSuite.j4)) {
            ((TlsProtocol) this).f6436a = Arrays.b(((TlsProtocol) this).f6436a, CipherSuite.j4);
        }
        TlsUtils.W0(((TlsProtocol) this).f6436a, handshakeMessage);
        TlsUtils.m1(((TlsProtocol) this).f6437a, handshakeMessage);
        Hashtable hashtable = ((TlsProtocol) this).f6425a;
        if (hashtable != null) {
            TlsProtocol.M(handshakeMessage, hashtable);
        }
        handshakeMessage.a();
    }

    public void V() throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 16);
        this.f6382a.h(handshakeMessage);
        handshakeMessage.a();
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void c() {
        super.c();
        this.b = null;
        this.f6382a = null;
        this.f6379a = null;
        this.f6378a = null;
        this.a = null;
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public TlsContext getContext() {
        return this.f6381a;
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public AbstractTlsContext getContextAdmin() {
        return this.f6381a;
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public TlsPeer getPeer() {
        return this.f6380a;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:27:0x0055. Please report as an issue. */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void p(short s, byte[] bArr) throws IOException {
        TlsCredentials b;
        Certificate certificate;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        if (this.f6444e) {
            if (s != 20 || this.r != 2) {
                throw new TlsFatalAlert((short) 10);
            }
            w(byteArrayInputStream);
            this.r = (short) 15;
            J();
            this.r = (short) 13;
            this.r = (short) 16;
            return;
        }
        if (s == 0) {
            TlsProtocol.b(byteArrayInputStream);
            if (this.r == 16) {
                if (TlsUtils.V(getContext())) {
                    throw new TlsFatalAlert((short) 40);
                }
                B((short) 100, "Renegotiation not supported");
                return;
            }
            return;
        }
        if (s == 2) {
            if (this.r != 1) {
                throw new TlsFatalAlert((short) 10);
            }
            S(byteArrayInputStream);
            this.r = (short) 2;
            short s2 = ((TlsProtocol) this).f6429a.f6349b;
            if (s2 >= 0) {
                ((TlsProtocol) this).f6428a.setPlaintextLimit(1 << (s2 + 8));
            }
            ((TlsProtocol) this).f6429a.c = TlsProtocol.m(getContext(), ((TlsProtocol) this).f6429a.getCipherSuite());
            ((TlsProtocol) this).f6429a.d = 12;
            ((TlsProtocol) this).f6428a.g();
            if (this.f6444e) {
                ((TlsProtocol) this).f6429a.f6348a = Arrays.j(((TlsProtocol) this).f6430a.getMasterSecret());
                ((TlsProtocol) this).f6428a.setPendingConnectionState(getPeer().getCompression(), getPeer().getCipher());
                I();
                return;
            } else {
                r();
                byte[] bArr2 = this.b;
                if (bArr2.length > 0) {
                    ((TlsProtocol) this).f6433a = new TlsSessionImpl(bArr2, null);
                    return;
                }
                return;
            }
        }
        if (s == 4) {
            if (this.r != 13) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!this.f6448i) {
                throw new TlsFatalAlert((short) 10);
            }
            r();
            R(byteArrayInputStream);
            this.r = (short) 14;
            return;
        }
        if (s == 20) {
            short s3 = this.r;
            if (s3 != 13) {
                if (s3 != 14) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (this.f6448i) {
                throw new TlsFatalAlert((short) 10);
            }
            w(byteArrayInputStream);
            this.r = (short) 15;
            this.r = (short) 16;
            return;
        }
        if (s == 22) {
            if (this.r != 4) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!this.f6447h) {
                throw new TlsFatalAlert((short) 10);
            }
            this.f6378a = CertificateStatus.c(byteArrayInputStream);
            TlsProtocol.b(byteArrayInputStream);
            this.r = (short) 5;
            return;
        }
        if (s == 23) {
            if (this.r != 2) {
                throw new TlsFatalAlert((short) 10);
            }
            Q(TlsProtocol.E(byteArrayInputStream));
            return;
        }
        switch (s) {
            case 11:
                short s4 = this.r;
                if (s4 == 2) {
                    Q(null);
                } else if (s4 != 3) {
                    throw new TlsFatalAlert((short) 10);
                }
                ((TlsProtocol) this).f6427a = Certificate.e(byteArrayInputStream);
                TlsProtocol.b(byteArrayInputStream);
                Certificate certificate2 = ((TlsProtocol) this).f6427a;
                if (certificate2 == null || certificate2.d()) {
                    this.f6447h = false;
                }
                this.f6382a.c(((TlsProtocol) this).f6427a);
                TlsAuthentication authentication = this.f6380a.getAuthentication();
                this.f6379a = authentication;
                authentication.a(((TlsProtocol) this).f6427a);
                this.r = (short) 4;
                return;
            case 12:
                short s5 = this.r;
                if (s5 == 2) {
                    Q(null);
                } else if (s5 != 3) {
                    if (s5 != 4 && s5 != 5) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    this.f6382a.b(byteArrayInputStream);
                    TlsProtocol.b(byteArrayInputStream);
                    this.r = (short) 6;
                    return;
                }
                this.f6382a.e();
                this.f6379a = null;
                this.f6382a.b(byteArrayInputStream);
                TlsProtocol.b(byteArrayInputStream);
                this.r = (short) 6;
                return;
            case 13:
                short s6 = this.r;
                if (s6 == 4 || s6 == 5) {
                    this.f6382a.o();
                } else if (s6 != 6) {
                    throw new TlsFatalAlert((short) 10);
                }
                if (this.f6379a == null) {
                    throw new TlsFatalAlert((short) 40);
                }
                this.a = CertificateRequest.b(getContext(), byteArrayInputStream);
                TlsProtocol.b(byteArrayInputStream);
                this.f6382a.n(this.a);
                TlsUtils.L0(((TlsProtocol) this).f6428a.getHandshakeHash(), this.a.getSupportedSignatureAlgorithms());
                this.r = (short) 7;
                return;
            case 14:
                switch (this.r) {
                    case 2:
                        Q(null);
                    case 3:
                        this.f6382a.e();
                        this.f6379a = null;
                    case 4:
                    case 5:
                        this.f6382a.o();
                    case 6:
                    case 7:
                        TlsProtocol.b(byteArrayInputStream);
                        this.r = (short) 8;
                        ((TlsProtocol) this).f6428a.getHandshakeHash().m();
                        Vector clientSupplementalData = this.f6380a.getClientSupplementalData();
                        if (clientSupplementalData != null) {
                            K(clientSupplementalData);
                        }
                        this.r = (short) 9;
                        CertificateRequest certificateRequest = this.a;
                        if (certificateRequest == null) {
                            this.f6382a.f();
                            b = null;
                        } else {
                            b = this.f6379a.b(certificateRequest);
                            TlsKeyExchange tlsKeyExchange = this.f6382a;
                            if (b == null) {
                                tlsKeyExchange.f();
                                certificate = Certificate.a;
                            } else {
                                tlsKeyExchange.g(b);
                                certificate = b.getCertificate();
                            }
                            H(certificate);
                        }
                        this.r = (short) 10;
                        V();
                        this.r = (short) 11;
                        TlsHandshakeHash h = ((TlsProtocol) this).f6428a.h();
                        ((TlsProtocol) this).f6429a.f6354d = TlsProtocol.l(getContext(), h, null);
                        TlsProtocol.i(getContext(), this.f6382a);
                        ((TlsProtocol) this).f6428a.setPendingConnectionState(getPeer().getCompression(), getPeer().getCipher());
                        if (b != null && (b instanceof TlsSignerCredentials)) {
                            TlsSignerCredentials tlsSignerCredentials = (TlsSignerCredentials) b;
                            SignatureAndHashAlgorithm O = TlsUtils.O(getContext(), tlsSignerCredentials);
                            T(new DigitallySigned(O, tlsSignerCredentials.a(O == null ? ((TlsProtocol) this).f6429a.getSessionHash() : h.h(O.getHash()))));
                            this.r = (short) 12;
                        }
                        I();
                        J();
                        this.r = (short) 13;
                        return;
                    default:
                        throw new TlsFatalAlert((short) 40);
                }
                break;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }
}
