package org.bouncycastle.tls.crypto.impl.jcajce;

import android.support.v4.media.a;
import com.instabug.library.model.StepType;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.PSSParameterSpec;
import java.util.Hashtable;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.spec.DHParameterSpec;
import org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.tls.NamedGroup;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.SignatureScheme;
import org.bouncycastle.tls.TlsDHUtils;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.crypto.DHGroup;
import org.bouncycastle.tls.crypto.TlsCryptoParameters;
import org.bouncycastle.tls.crypto.TlsECConfig;
import org.bouncycastle.tls.crypto.TlsECDomain;
import org.bouncycastle.tls.crypto.TlsHMAC;
import org.bouncycastle.tls.crypto.TlsNonceGenerator;
import org.bouncycastle.tls.crypto.TlsSRP6Client;
import org.bouncycastle.tls.crypto.TlsSRPConfig;
import org.bouncycastle.tls.crypto.TlsStreamSigner;
import org.bouncycastle.tls.crypto.TlsStreamVerifier;
import org.bouncycastle.tls.crypto.impl.AbstractTlsCrypto;
import org.bouncycastle.tls.crypto.impl.TlsAEADCipher;
import org.bouncycastle.tls.crypto.impl.TlsBlockCipher;
import org.bouncycastle.tls.crypto.impl.TlsBlockCipherImpl;
import org.bouncycastle.tls.crypto.impl.jcajce.srp.SRP6Client;

/* loaded from: classes3.dex */
public class JcaTlsCrypto extends AbstractTlsCrypto {
    public final JcaJceHelper a;
    public final SecureRandom b;
    public final SecureRandom c;
    public final Hashtable d = new Hashtable();
    public final Hashtable e = new Hashtable();
    public final Hashtable f = new Hashtable();

    public JcaTlsCrypto(JcaJceHelper jcaJceHelper, SecureRandom secureRandom, SecureRandom secureRandom2) {
        this.a = jcaJceHelper;
        this.b = secureRandom;
        this.c = secureRandom2;
    }

    public static String p(int i) {
        switch (i) {
            case 1:
                return "MD5";
            case 2:
                return "SHA-1";
            case 3:
                return "SHA-224";
            case 4:
                return "SHA-256";
            case 5:
                return "SHA-384";
            case 6:
                return "SHA-512";
            case 7:
                return "SM3";
            default:
                throw new IllegalArgumentException(a.h("invalid CryptoHashAlgorithm: ", i));
        }
    }

    public static String q(int i) {
        switch (i) {
            case 1:
                return "HmacMD5";
            case 2:
                return "HmacSHA1";
            case 3:
                return "HmacSHA224";
            case 4:
                return "HmacSHA256";
            case 5:
                return "HmacSHA384";
            case 6:
                return "HmacSHA512";
            case 7:
                return "HmacSM3";
            default:
                throw new IllegalArgumentException(a.h("invalid CryptoHashAlgorithm: ", i));
        }
    }

    public final byte[] b(String str, PrivateKey privateKey, PublicKey publicKey) throws GeneralSecurityException {
        KeyAgreement c = this.a.c(str);
        c.init(privateKey);
        c.doPhase(publicKey, true);
        try {
            return c.generateSecret("TlsPremasterSecret").getEncoded();
        } catch (NoSuchAlgorithmException e) {
            if ("X25519".equals(str) || "X448".equals(str)) {
                return c.generateSecret();
            }
            throw e;
        }
    }

    public final JceAEADCipherImpl c(int i, String str, String str2, boolean z) throws GeneralSecurityException {
        return new JceAEADCipherImpl(this.a, str, str2, i, z);
    }

    public final TlsBlockCipherImpl d(TlsCryptoParameters tlsCryptoParameters, String str, int i, boolean z) throws GeneralSecurityException {
        String concat = str.concat("/CBC/NoPadding");
        boolean i2 = ProtocolVersion.e.i(tlsCryptoParameters.a().e());
        JcaJceHelper jcaJceHelper = this.a;
        return i2 ? new JceBlockCipherImpl(jcaJceHelper.b(concat), str, i, z) : new JceBlockCipherWithCBCImplicitIVImpl(jcaJceHelper.b(concat), str, z);
    }

    public final TlsAEADCipher e(TlsCryptoParameters tlsCryptoParameters, int i, int i2) throws IOException, GeneralSecurityException {
        return new TlsAEADCipher(tlsCryptoParameters, c(i, "AES/CCM/NoPadding", "AES", true), c(i, "AES/CCM/NoPadding", "AES", false), i, i2, 1);
    }

    public final TlsBlockCipher f(TlsCryptoParameters tlsCryptoParameters, String str, int i, int i2) throws GeneralSecurityException, IOException {
        return new TlsBlockCipher(tlsCryptoParameters, d(tlsCryptoParameters, str, i, true), d(tlsCryptoParameters, str, i, false), k(tlsCryptoParameters, i2), k(tlsCryptoParameters, i2), i);
    }

    public final TlsECDomain g(TlsECConfig tlsECConfig) {
        int i = tlsECConfig.a;
        return i != 29 ? i != 30 ? new JceTlsECDomain(this, tlsECConfig) : new JceX448Domain(this) : new JceX25519Domain(this);
    }

    public final JceTlsHMAC h(int i) {
        String q = q(i);
        try {
            return new JceTlsHMAC(this.a.h(q), q);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("cannot create HMAC: ".concat(q), e);
        }
    }

    public final JcaTlsHash i(int i) {
        try {
            return j(p(i));
        } catch (GeneralSecurityException e) {
            throw new IllegalArgumentException("unable to create message digest:" + e.getMessage(), e);
        }
    }

    public final JcaTlsHash j(String str) throws GeneralSecurityException {
        return new JcaTlsHash(this.a.g(str));
    }

    public final TlsHMAC k(TlsCryptoParameters tlsCryptoParameters, int i) throws GeneralSecurityException, IOException {
        int i2 = 6;
        if (tlsCryptoParameters.a().l()) {
            if (i == 1) {
                return new JcaSSL3HMAC(j(p(1)), 16, 64);
            }
            if (i == 2) {
                return new JcaSSL3HMAC(j(p(2)), 20, 64);
            }
            if (i == 3) {
                return new JcaSSL3HMAC(j(p(4)), 32, 64);
            }
            if (i == 4) {
                return new JcaSSL3HMAC(j(p(5)), 48, 128);
            }
            if (i == 5) {
                return new JcaSSL3HMAC(j(p(6)), 64, 128);
            }
            throw new TlsFatalAlert((short) 80, null, null);
        }
        if (i == 1) {
            i2 = 1;
        } else if (i == 2) {
            i2 = 2;
        } else if (i == 3) {
            i2 = 4;
        } else if (i == 4) {
            i2 = 5;
        } else if (i != 5) {
            StringBuilder sb = new StringBuilder("specified MACAlgorithm not an HMAC: ");
            StringBuilder sb2 = new StringBuilder();
            sb2.append(i != 0 ? i != 1 ? i != 2 ? i != 3 ? i != 4 ? i != 5 ? StepType.UNKNOWN : "hmac_sha512" : "hmac_sha384" : "hmac_sha256" : "hmac_sha1" : "hmac_md5" : "null");
            sb2.append("(");
            sb2.append(i);
            sb2.append(")");
            sb.append(sb2.toString());
            throw new IllegalArgumentException(sb.toString());
        }
        return h(i2);
    }

    public final TlsNonceGenerator l(byte[] bArr) {
        return new JcaNonceGenerator(this.c, bArr);
    }

    public final TlsSRP6Client m(TlsSRPConfig tlsSRPConfig) {
        final SRP6Client sRP6Client = new SRP6Client();
        BigInteger[] bigIntegerArr = (BigInteger[]) tlsSRPConfig.a.clone();
        BigInteger bigInteger = bigIntegerArr[0];
        BigInteger bigInteger2 = bigIntegerArr[1];
        JcaTlsHash i = i(2);
        sRP6Client.a = bigInteger;
        sRP6Client.b = bigInteger2;
        sRP6Client.e = i;
        return new TlsSRP6Client() { // from class: org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto.1
            @Override // org.bouncycastle.tls.crypto.TlsSRP6Client
            public final BigInteger a(BigInteger bigInteger3) throws TlsFatalAlert {
                try {
                    return SRP6Client.this.a(bigInteger3);
                } catch (IllegalArgumentException e) {
                    throw new TlsFatalAlert((short) 47, null, e);
                }
            }
        };
    }

    public final TlsStreamSigner n(String str, PSSParameterSpec pSSParameterSpec, PrivateKey privateKey, boolean z) throws IOException {
        try {
            Signature d = this.a.d(str);
            if (pSSParameterSpec != null) {
                d.setParameter(pSSParameterSpec);
            }
            d.initSign(privateKey, z ? this.b : null);
            return new JcaTlsStreamSigner(d);
        } catch (GeneralSecurityException e) {
            throw new TlsFatalAlert((short) 80, null, e);
        }
    }

    public final TlsStreamVerifier o(String str, PSSParameterSpec pSSParameterSpec, byte[] bArr, PublicKey publicKey) throws IOException {
        try {
            Signature d = this.a.d(str);
            if (pSSParameterSpec != null) {
                d.setParameter(pSSParameterSpec);
            }
            d.initVerify(publicKey);
            return new JcaTlsStreamVerifier(d, bArr);
        } catch (GeneralSecurityException e) {
            throw new TlsFatalAlert((short) 80, null, e);
        }
    }

    public final AlgorithmParameters r(int i) throws GeneralSecurityException {
        if (!(i >= 29 && i <= 30)) {
            boolean j = NamedGroup.j(i);
            JcaJceHelper jcaJceHelper = this.a;
            if (j) {
                ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec(NamedGroup.c(i));
                try {
                    AlgorithmParameters i2 = jcaJceHelper.i("EC");
                    i2.init(eCGenParameterSpec);
                    if (((ECParameterSpec) i2.getParameterSpec(ECParameterSpec.class)) != null) {
                        return i2;
                    }
                    return null;
                } catch (AssertionError | Exception unused) {
                    return null;
                }
            }
            if (NamedGroup.i(i)) {
                DHGroup b = TlsDHUtils.b(i);
                DHDomainParameterSpec dHDomainParameterSpec = new DHDomainParameterSpec(b.b, b.a, b.c);
                try {
                    AlgorithmParameters i3 = jcaJceHelper.i("DiffieHellman");
                    i3.init(dHDomainParameterSpec);
                    if (((DHParameterSpec) i3.getParameterSpec(DHParameterSpec.class)) != null) {
                        return i3;
                    }
                    return null;
                } catch (AssertionError | Exception unused2) {
                    return null;
                }
            }
        } else if (i == 29 || i == 30) {
            return null;
        }
        throw new IllegalArgumentException("NamedGroup not supported: " + NamedGroup.g(i));
    }

    public final AlgorithmParameters s(int i) throws GeneralSecurityException {
        int b;
        if (!SignatureScheme.d(i) || (b = SignatureScheme.b(i)) < 0) {
            return null;
        }
        String p = p(b);
        String r = a.r(new StringBuilder(), RSAUtil.a(p), "WITHRSAANDMGF1");
        PSSParameterSpec b2 = RSAUtil.b(b, p);
        Signature d = this.a.d(r);
        d.setParameter(b2);
        return d.getParameters();
    }

    public final boolean t() {
        return ((Security.getProvider("SunMSCAPI") != null) || v((short) 7) || v((short) 8)) ? false : true;
    }

    /* JADX WARN: Code restructure failed: missing block: B:61:0x0084, code lost:
    
        if (r6 == null) goto L44;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r8v9, types: [javax.crypto.spec.DHParameterSpec] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final boolean u(int r8) {
        /*
            r7 = this;
            java.lang.Integer r0 = java.lang.Integer.valueOf(r8)
            java.util.Hashtable r1 = r7.e
            monitor-enter(r1)
            java.util.Hashtable r2 = r7.e     // Catch: java.lang.Throwable -> Lb0
            java.lang.Object r2 = r2.get(r0)     // Catch: java.lang.Throwable -> Lb0
            java.lang.Boolean r2 = (java.lang.Boolean) r2     // Catch: java.lang.Throwable -> Lb0
            if (r2 == 0) goto L17
            boolean r8 = r2.booleanValue()     // Catch: java.lang.Throwable -> Lb0
            monitor-exit(r1)     // Catch: java.lang.Throwable -> Lb0
            return r8
        L17:
            monitor-exit(r1)     // Catch: java.lang.Throwable -> Lb0
            r1 = 1
            r2 = 30
            r3 = 29
            r4 = 0
            if (r8 < r3) goto L24
            if (r8 > r2) goto L24
            r5 = r1
            goto L25
        L24:
            r5 = r4
        L25:
            r6 = 0
            if (r5 == 0) goto L3a
            org.bouncycastle.jcajce.util.JcaJceHelper r1 = r7.a
            if (r8 == r3) goto L32
            if (r8 == r2) goto L2f
            goto L8f
        L2f:
            java.lang.String r8 = "X448"
            goto L34
        L32:
            java.lang.String r8 = "X25519"
        L34:
            r1.c(r8)     // Catch: java.security.GeneralSecurityException -> L8d
            java.lang.Boolean r6 = java.lang.Boolean.TRUE     // Catch: java.security.GeneralSecurityException -> L8d
            goto L8f
        L3a:
            boolean r2 = org.bouncycastle.tls.NamedGroup.j(r8)     // Catch: java.security.GeneralSecurityException -> L8d
            if (r2 == 0) goto L57
            java.lang.String r8 = org.bouncycastle.tls.NamedGroup.c(r8)     // Catch: java.security.GeneralSecurityException -> L8d
            if (r8 == 0) goto L87
            java.security.spec.ECGenParameterSpec r2 = new java.security.spec.ECGenParameterSpec     // Catch: java.security.GeneralSecurityException -> L8d
            r2.<init>(r8)     // Catch: java.security.GeneralSecurityException -> L8d
            java.security.spec.ECParameterSpec r8 = org.bouncycastle.tls.crypto.impl.jcajce.ECUtil.a(r7, r2)     // Catch: java.security.GeneralSecurityException -> L8d
            if (r8 == 0) goto L53
            r8 = r1
            goto L54
        L53:
            r8 = r4
        L54:
            if (r8 == 0) goto L87
            goto L88
        L57:
            boolean r2 = org.bouncycastle.tls.NamedGroup.i(r8)     // Catch: java.security.GeneralSecurityException -> L8d
            if (r2 == 0) goto L8f
            org.bouncycastle.tls.crypto.DHGroup r8 = org.bouncycastle.tls.TlsDHUtils.b(r8)     // Catch: java.security.GeneralSecurityException -> L8d
            if (r8 == 0) goto L87
            org.bouncycastle.jcajce.spec.DHDomainParameterSpec r2 = new org.bouncycastle.jcajce.spec.DHDomainParameterSpec     // Catch: java.security.GeneralSecurityException -> L8d
            java.math.BigInteger r3 = r8.b     // Catch: java.security.GeneralSecurityException -> L8d
            java.math.BigInteger r5 = r8.a     // Catch: java.security.GeneralSecurityException -> L8d
            int r8 = r8.c     // Catch: java.security.GeneralSecurityException -> L8d
            r2.<init>(r3, r5, r8)     // Catch: java.security.GeneralSecurityException -> L8d
            org.bouncycastle.jcajce.util.JcaJceHelper r8 = r7.a     // Catch: java.lang.Throwable -> L84
            java.lang.String r3 = "DiffieHellman"
            java.security.AlgorithmParameters r8 = r8.i(r3)     // Catch: java.lang.Throwable -> L84
            r8.init(r2)     // Catch: java.lang.Throwable -> L84
            java.lang.Class<javax.crypto.spec.DHParameterSpec> r2 = javax.crypto.spec.DHParameterSpec.class
            java.security.spec.AlgorithmParameterSpec r8 = r8.getParameterSpec(r2)     // Catch: java.lang.Throwable -> L84
            javax.crypto.spec.DHParameterSpec r8 = (javax.crypto.spec.DHParameterSpec) r8     // Catch: java.lang.Throwable -> L84
            if (r8 == 0) goto L84
            r6 = r8
        L84:
            if (r6 == 0) goto L87
            goto L88
        L87:
            r1 = r4
        L88:
            java.lang.Boolean r6 = java.lang.Boolean.valueOf(r1)     // Catch: java.security.GeneralSecurityException -> L8d
            goto L8f
        L8d:
            java.lang.Boolean r6 = java.lang.Boolean.FALSE
        L8f:
            if (r6 != 0) goto L92
            return r4
        L92:
            java.util.Hashtable r8 = r7.e
            monitor-enter(r8)
            java.util.Hashtable r1 = r7.e     // Catch: java.lang.Throwable -> Lad
            java.lang.Object r1 = r1.put(r0, r6)     // Catch: java.lang.Throwable -> Lad
            java.lang.Boolean r1 = (java.lang.Boolean) r1     // Catch: java.lang.Throwable -> Lad
            if (r1 == 0) goto La7
            if (r6 == r1) goto La7
            java.util.Hashtable r2 = r7.e     // Catch: java.lang.Throwable -> Lad
            r2.put(r0, r1)     // Catch: java.lang.Throwable -> Lad
            r6 = r1
        La7:
            monitor-exit(r8)     // Catch: java.lang.Throwable -> Lad
            boolean r8 = r6.booleanValue()
            return r8
        Lad:
            r0 = move-exception
            monitor-exit(r8)     // Catch: java.lang.Throwable -> Lad
            throw r0
        Lb0:
            r8 = move-exception
            monitor-exit(r1)     // Catch: java.lang.Throwable -> Lb0
            throw r8
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto.u(int):boolean");
    }

    public final boolean v(short s) {
        switch (s) {
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 8:
            case 9:
            case 10:
            case 11:
                return true;
            default:
                switch (s) {
                    case 26:
                    case 27:
                    case 28:
                        return true;
                    default:
                        return false;
                }
        }
    }

    public final boolean w(int i) {
        if (i == 1800) {
            return false;
        }
        short s = (short) (i & 255);
        int b = SignatureScheme.b(i);
        if (b == 1) {
            return 1 == s && v(s);
        }
        if (b != 3) {
            return v(s);
        }
        return !(Security.getProvider("SunMSCAPI") != null) && v(s);
    }

    public final boolean x(int i, String str) {
        try {
            this.a.b(str);
        } catch (GeneralSecurityException unused) {
        }
        return Cipher.getMaxAllowedKeyLength(str) >= i;
    }
}
