package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.util.Arrays;

/* loaded from: classes2.dex */
public class TlsClientProtocol extends TlsProtocol {
    protected TlsClient X;
    m Y;
    protected byte[] Z;
    protected TlsKeyExchange a0;
    protected TlsAuthentication b0;
    protected CertificateStatus c0;
    protected CertificateRequest d0;

    public TlsClientProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.X = null;
        this.Y = null;
        this.Z = null;
        this.a0 = null;
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
    }

    public TlsClientProtocol(SecureRandom secureRandom) {
        super(secureRandom);
        this.X = null;
        this.Y = null;
        this.Z = null;
        this.a0 = null;
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
    }

    protected void a(DigitallySigned digitallySigned) {
        TlsProtocol.a aVar = new TlsProtocol.a(this, (short) 15);
        digitallySigned.a(aVar);
        aVar.a();
    }

    public void a(TlsClient tlsClient) {
        SessionParameters c;
        if (tlsClient == null) {
            throw new IllegalArgumentException("'tlsClient' cannot be null");
        }
        if (this.X != null) {
            throw new IllegalStateException("'connect' can only be called once");
        }
        this.X = tlsClient;
        SecurityParameters securityParameters = new SecurityParameters();
        this.o = securityParameters;
        securityParameters.a = 1;
        this.Y = new m(this.e, this.o);
        this.o.g = TlsProtocol.a(tlsClient.u(), this.Y.f());
        this.X.a(this.Y);
        this.d.a(this.Y);
        TlsSession j = tlsClient.j();
        if (j != null && j.b() && (c = j.c()) != null) {
            this.m = j;
            this.n = c;
        }
        v();
        this.u = (short) 1;
        c();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:26:0x0054. Please report as an issue. */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected void a(short s, byte[] bArr) {
        TlsCredentials a;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        if (this.v) {
            if (s != 20 || this.u != 2) {
                throw new TlsFatalAlert((short) 10);
            }
            a(byteArrayInputStream);
            this.u = (short) 15;
            u();
            this.u = (short) 13;
            this.u = (short) 16;
            f();
            return;
        }
        if (s == 0) {
            TlsProtocol.b(byteArrayInputStream);
            if (this.u == 16) {
                r();
                return;
            }
            return;
        }
        if (s == 2) {
            if (this.u != 1) {
                throw new TlsFatalAlert((short) 10);
            }
            f(byteArrayInputStream);
            this.u = (short) 2;
            this.d.f();
            b();
            if (this.v) {
                this.o.f = Arrays.a(this.n.e());
                this.d.a(n().i(), n().w());
                t();
                return;
            } else {
                p();
                byte[] bArr2 = this.Z;
                if (bArr2.length > 0) {
                    this.m = new q(bArr2, null);
                    return;
                }
                return;
            }
        }
        if (s == 4) {
            if (this.u != 13) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!this.z) {
                throw new TlsFatalAlert((short) 10);
            }
            p();
            e(byteArrayInputStream);
            this.u = (short) 14;
            return;
        }
        if (s == 20) {
            short s2 = this.u;
            if (s2 != 13) {
                if (s2 != 14) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (this.z) {
                throw new TlsFatalAlert((short) 10);
            }
            a(byteArrayInputStream);
            this.u = (short) 15;
            this.u = (short) 16;
            f();
            return;
        }
        if (s == 22) {
            if (this.u != 4) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!this.y) {
                throw new TlsFatalAlert((short) 10);
            }
            this.c0 = CertificateStatus.a(byteArrayInputStream);
            TlsProtocol.b(byteArrayInputStream);
            this.u = (short) 5;
            return;
        }
        if (s == 23) {
            if (this.u != 2) {
                throw new TlsFatalAlert((short) 10);
            }
            b(TlsProtocol.d(byteArrayInputStream));
            return;
        }
        switch (s) {
            case 11:
                short s3 = this.u;
                if (s3 == 2) {
                    b((Vector) null);
                } else if (s3 != 3) {
                    throw new TlsFatalAlert((short) 10);
                }
                this.p = Certificate.a(byteArrayInputStream);
                TlsProtocol.b(byteArrayInputStream);
                Certificate certificate = this.p;
                if (certificate == null || certificate.d()) {
                    this.y = false;
                }
                this.a0.b(this.p);
                TlsAuthentication l = this.X.l();
                this.b0 = l;
                l.a(this.p);
                this.u = (short) 4;
                return;
            case 12:
                short s4 = this.u;
                if (s4 == 2) {
                    b((Vector) null);
                } else if (s4 != 3) {
                    if (s4 != 4 && s4 != 5) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    this.a0.a(byteArrayInputStream);
                    TlsProtocol.b(byteArrayInputStream);
                    this.u = (short) 6;
                    return;
                }
                this.a0.f();
                this.b0 = null;
                this.a0.a(byteArrayInputStream);
                TlsProtocol.b(byteArrayInputStream);
                this.u = (short) 6;
                return;
            case 13:
                short s5 = this.u;
                if (s5 == 4 || s5 == 5) {
                    this.a0.d();
                } else if (s5 != 6) {
                    throw new TlsFatalAlert((short) 10);
                }
                if (this.b0 == null) {
                    throw new TlsFatalAlert((short) 40);
                }
                this.d0 = CertificateRequest.a(j(), byteArrayInputStream);
                TlsProtocol.b(byteArrayInputStream);
                this.a0.a(this.d0);
                TlsUtils.a(this.d.c(), this.d0.c());
                this.u = (short) 7;
                return;
            case 14:
                switch (this.u) {
                    case 2:
                        b((Vector) null);
                    case 3:
                        this.a0.f();
                        this.b0 = null;
                    case 4:
                    case 5:
                        this.a0.d();
                    case 6:
                    case 7:
                        TlsProtocol.b(byteArrayInputStream);
                        this.u = (short) 8;
                        this.d.c().g();
                        Vector f = this.X.f();
                        if (f != null) {
                            a(f);
                        }
                        this.u = (short) 9;
                        CertificateRequest certificateRequest = this.d0;
                        if (certificateRequest == null) {
                            this.a0.b();
                            a = null;
                        } else {
                            a = this.b0.a(certificateRequest);
                            if (a == null) {
                                this.a0.b();
                                a(Certificate.b);
                            } else {
                                this.a0.a(a);
                                a(a.a());
                            }
                        }
                        this.u = (short) 10;
                        w();
                        this.u = (short) 11;
                        TlsHandshakeHash g = this.d.g();
                        this.o.i = TlsProtocol.a(j(), g, (byte[]) null);
                        TlsProtocol.a(j(), this.a0);
                        this.d.a(n().i(), n().w());
                        if (a != null && (a instanceof TlsSignerCredentials)) {
                            TlsSignerCredentials tlsSignerCredentials = (TlsSignerCredentials) a;
                            SignatureAndHashAlgorithm a2 = TlsUtils.a(j(), tlsSignerCredentials);
                            a(new DigitallySigned(a2, tlsSignerCredentials.b(a2 == null ? this.o.l() : g.b(a2.a()))));
                            this.u = (short) 12;
                        }
                        t();
                        u();
                        this.u = (short) 13;
                        return;
                    default:
                        throw new TlsFatalAlert((short) 40);
                }
                break;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    protected void b(Vector vector) {
        this.X.b(vector);
        this.u = (short) 3;
        TlsKeyExchange c = this.X.c();
        this.a0 = c;
        c.a(j());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.spongycastle.crypto.tls.TlsProtocol
    public void d() {
        super.d();
        this.Z = null;
        this.a0 = null;
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
    }

    protected void e(ByteArrayInputStream byteArrayInputStream) {
        NewSessionTicket a = NewSessionTicket.a(byteArrayInputStream);
        TlsProtocol.b(byteArrayInputStream);
        this.X.a(a);
    }

    protected void f(ByteArrayInputStream byteArrayInputStream) {
        TlsSession tlsSession;
        ProtocolVersion i = TlsUtils.i(byteArrayInputStream);
        if (i.e()) {
            throw new TlsFatalAlert((short) 47);
        }
        if (!i.a(this.d.e())) {
            throw new TlsFatalAlert((short) 47);
        }
        if (!i.b(j().b())) {
            throw new TlsFatalAlert((short) 47);
        }
        this.d.b(i);
        k().b(i);
        this.X.a(i);
        this.o.h = TlsUtils.b(32, byteArrayInputStream);
        byte[] c = TlsUtils.c(byteArrayInputStream);
        this.Z = c;
        if (c.length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        this.X.a(c);
        byte[] bArr = this.Z;
        boolean z = false;
        this.v = bArr.length > 0 && (tlsSession = this.m) != null && Arrays.a(bArr, tlsSession.a());
        int d = TlsUtils.d(byteArrayInputStream);
        if (!Arrays.b(this.q, d) || d == 0 || CipherSuite.a(d) || !TlsUtils.a(d, j().a())) {
            throw new TlsFatalAlert((short) 47);
        }
        this.X.a(d);
        short h = TlsUtils.h(byteArrayInputStream);
        if (!Arrays.b(this.r, h)) {
            throw new TlsFatalAlert((short) 47);
        }
        this.X.a(h);
        Hashtable c2 = TlsProtocol.c(byteArrayInputStream);
        this.t = c2;
        if (c2 != null) {
            Enumeration keys = c2.keys();
            while (keys.hasMoreElements()) {
                Integer num = (Integer) keys.nextElement();
                if (!num.equals(TlsProtocol.D) && TlsUtils.a(this.s, num) == null) {
                    throw new TlsFatalAlert(AlertDescription.y);
                }
            }
        }
        byte[] a = TlsUtils.a(this.t, TlsProtocol.D);
        if (a != null) {
            this.x = true;
            if (!Arrays.d(a, TlsProtocol.b(TlsUtils.a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.X.b(this.x);
        Hashtable hashtable = this.s;
        Hashtable hashtable2 = this.t;
        if (this.v) {
            if (d != this.n.c() || h != this.n.d()) {
                throw new TlsFatalAlert((short) 47);
            }
            hashtable = null;
            hashtable2 = this.n.j();
        }
        SecurityParameters securityParameters = this.o;
        securityParameters.b = d;
        securityParameters.c = h;
        if (hashtable2 != null) {
            boolean i2 = TlsExtensionsUtils.i(hashtable2);
            if (i2 && !TlsUtils.l(d)) {
                throw new TlsFatalAlert((short) 47);
            }
            SecurityParameters securityParameters2 = this.o;
            securityParameters2.n = i2;
            securityParameters2.o = TlsExtensionsUtils.j(hashtable2);
            this.o.l = a(hashtable, hashtable2, (short) 47);
            this.o.m = TlsExtensionsUtils.k(hashtable2);
            this.y = !this.v && TlsUtils.a(hashtable2, TlsExtensionsUtils.f, (short) 47);
            if (!this.v && TlsUtils.a(hashtable2, TlsProtocol.E, (short) 47)) {
                z = true;
            }
            this.z = z;
        }
        if (hashtable != null) {
            this.X.a(hashtable2);
        }
        this.o.d = TlsProtocol.a(j(), this.o.b());
        this.o.e = 12;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsContext j() {
        return this.Y;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    a k() {
        return this.Y;
    }

    @Override // org.spongycastle.crypto.tls.TlsProtocol
    protected TlsPeer n() {
        return this.X;
    }

    protected void v() {
        SessionParameters sessionParameters;
        this.d.b(this.X.r());
        ProtocolVersion b = this.X.b();
        if (b.e()) {
            throw new TlsFatalAlert((short) 80);
        }
        k().a(b);
        byte[] bArr = TlsUtils.a;
        TlsSession tlsSession = this.m;
        if (tlsSession != null && ((bArr = tlsSession.a()) == null || bArr.length > 32)) {
            bArr = TlsUtils.a;
        }
        boolean d = this.X.d();
        this.q = this.X.t();
        this.r = this.X.h();
        if (bArr.length > 0 && (sessionParameters = this.n) != null && (!Arrays.b(this.q, sessionParameters.c()) || !Arrays.b(this.r, this.n.d()))) {
            bArr = TlsUtils.a;
        }
        this.s = this.X.v();
        TlsProtocol.a aVar = new TlsProtocol.a(this, (short) 1);
        TlsUtils.a(b, aVar);
        aVar.write(this.o.c());
        TlsUtils.c(bArr, aVar);
        boolean z = TlsUtils.a(this.s, TlsProtocol.D) == null;
        boolean z2 = !Arrays.b(this.q, 255);
        if (z && z2) {
            this.q = Arrays.a(this.q, 255);
        }
        if (d && !Arrays.b(this.q, CipherSuite.j4)) {
            this.q = Arrays.a(this.q, CipherSuite.j4);
        }
        TlsUtils.b(this.q, aVar);
        TlsUtils.b(this.r, (OutputStream) aVar);
        Hashtable hashtable = this.s;
        if (hashtable != null) {
            TlsProtocol.a(aVar, hashtable);
        }
        aVar.a();
    }

    protected void w() {
        TlsProtocol.a aVar = new TlsProtocol.a(this, (short) 16);
        this.a0.a(aVar);
        aVar.a();
    }
}
