package org.spongycastle.crypto.tls;

import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.DHParameters;
import org.spongycastle.crypto.params.DHPrivateKeyParameters;
import org.spongycastle.crypto.params.DHPublicKeyParameters;
import org.spongycastle.crypto.util.PublicKeyFactory;

/* loaded from: classes.dex */
public class TlsDHKeyExchange extends AbstractTlsKeyExchange {
    protected TlsSigner e;
    protected DHParameters f;
    protected AsymmetricKeyParameter g;
    protected TlsAgreementCredentials h;
    protected DHPrivateKeyParameters i;
    protected DHPublicKeyParameters j;

    /* JADX INFO: Access modifiers changed from: protected */
    public static DHParameters a(DHParameters dHParameters) {
        if (dHParameters.f9897b.bitLength() >= 1024) {
            return TlsDHUtils.a(dHParameters);
        }
        throw new TlsFatalAlert((short) 71);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(OutputStream outputStream) {
        if (this.h == null) {
            this.i = TlsDHUtils.a(this.f10110c.b(), this.f, outputStream);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(Certificate certificate) {
        if (this.f10108a == 11) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.b()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate a2 = certificate.a();
        try {
            AsymmetricKeyParameter a3 = PublicKeyFactory.a(a2.f9204b.i);
            this.g = a3;
            TlsSigner tlsSigner = this.e;
            if (tlsSigner == null) {
                try {
                    DHPublicKeyParameters a4 = TlsDHUtils.a((DHPublicKeyParameters) a3);
                    this.j = a4;
                    this.f = a(a4.f9895b);
                    TlsUtils.a(a2, 8);
                } catch (ClassCastException e) {
                    throw new TlsFatalAlert((short) 46, e);
                }
            } else {
                if (!tlsSigner.a(a3)) {
                    throw new TlsFatalAlert((short) 46);
                }
                TlsUtils.a(a2, 128);
            }
            super.a(certificate);
        } catch (RuntimeException e2) {
            throw new TlsFatalAlert((short) 43, e2);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(CertificateRequest certificateRequest) {
        if (this.f10108a == 11) {
            throw new TlsFatalAlert((short) 40);
        }
        for (short s : certificateRequest.a()) {
            if (s != 1 && s != 2 && s != 3 && s != 4 && s != 64) {
                throw new TlsFatalAlert((short) 47);
            }
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(TlsContext tlsContext) {
        super.a(tlsContext);
        TlsSigner tlsSigner = this.e;
        if (tlsSigner != null) {
            tlsSigner.a(tlsContext);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange
    public final boolean a() {
        int i = this.f10108a;
        return i == 3 || i == 5 || i == 11;
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void b(InputStream inputStream) {
        if (!a()) {
            throw new TlsFatalAlert((short) 10);
        }
        DHPublicKeyParameters a2 = TlsDHUtils.a(ServerDHParams.a(inputStream).a());
        this.j = a2;
        this.f = a(a2.f9895b);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void b(TlsCredentials tlsCredentials) {
        if (this.f10108a == 11) {
            throw new TlsFatalAlert((short) 80);
        }
        if (tlsCredentials instanceof TlsAgreementCredentials) {
            this.h = (TlsAgreementCredentials) tlsCredentials;
        } else if (!(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] b() {
        if (!a()) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        this.i = TlsDHUtils.b(this.f10110c.b(), this.f, byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final void c(InputStream inputStream) {
        if (this.j != null) {
            return;
        }
        this.j = TlsDHUtils.a(new DHPublicKeyParameters(TlsDHUtils.a(inputStream), this.f));
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final void d() {
        if (this.f10108a == 11) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void e() {
        if (this.f10108a != 11) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final byte[] f() {
        TlsAgreementCredentials tlsAgreementCredentials = this.h;
        if (tlsAgreementCredentials != null) {
            return tlsAgreementCredentials.a(this.j);
        }
        DHPrivateKeyParameters dHPrivateKeyParameters = this.i;
        if (dHPrivateKeyParameters != null) {
            return TlsDHUtils.a(this.j, dHPrivateKeyParameters);
        }
        throw new TlsFatalAlert((short) 80);
    }
}
