package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.crypto.tls.SessionParameters;
import org.spongycastle.crypto.tls.g;
import org.spongycastle.util.Arrays;

/* loaded from: classes4.dex */
public class DTLSClientProtocol extends DTLSProtocol {

    /* loaded from: classes4.dex */
    public static class ClientHandshakeState {
        TlsClient a = null;
        m b = null;
        TlsSession c = null;
        SessionParameters d = null;
        SessionParameters.Builder e = null;
        int[] f = null;
        short[] g = null;
        Hashtable h = null;
        Hashtable i = null;
        byte[] j = null;
        boolean k = false;
        boolean l = false;
        boolean m = false;
        boolean n = false;
        TlsKeyExchange o = null;
        TlsAuthentication p = null;
        CertificateStatus q = null;
        CertificateRequest r = null;
        TlsCredentials s = null;

        protected ClientHandshakeState() {
        }
    }

    public DTLSClientProtocol(SecureRandom secureRandom) {
        super(secureRandom);
    }

    protected static byte[] patchClientHelloWithCookie(byte[] bArr, byte[] bArr2) throws IOException {
        int readUint8 = 35 + TlsUtils.readUint8(bArr, 34);
        int i = readUint8 + 1;
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, readUint8);
        TlsUtils.checkUint8(bArr2.length);
        TlsUtils.writeUint8(bArr2.length, bArr3, readUint8);
        System.arraycopy(bArr2, 0, bArr3, i, bArr2.length);
        System.arraycopy(bArr, i, bArr3, bArr2.length + i, bArr.length - i);
        return bArr3;
    }

    protected void abortClientHandshake(ClientHandshakeState clientHandshakeState, f fVar, short s) {
        fVar.a(s);
        invalidateSession(clientHandshakeState);
    }

    protected DTLSTransport clientHandshake(ClientHandshakeState clientHandshakeState, f fVar) throws IOException {
        g.a aVar;
        Certificate certificate;
        SecurityParameters securityParameters = clientHandshakeState.b.getSecurityParameters();
        g gVar = new g(clientHandshakeState.b, fVar);
        byte[] generateClientHello = generateClientHello(clientHandshakeState, clientHandshakeState.a);
        fVar.b(ProtocolVersion.DTLSv10);
        gVar.a((short) 1, generateClientHello);
        g.a d = gVar.d();
        while (d.b() == 3) {
            if (!fVar.b().isEqualOrEarlierVersionOf(clientHandshakeState.b.getClientVersion())) {
                throw new TlsFatalAlert((short) 47);
            }
            fVar.a((ProtocolVersion) null);
            byte[] patchClientHelloWithCookie = patchClientHelloWithCookie(generateClientHello, processHelloVerifyRequest(clientHandshakeState, d.c()));
            gVar.f();
            gVar.a((short) 1, patchClientHelloWithCookie);
            d = gVar.d();
        }
        if (d.b() != 2) {
            throw new TlsFatalAlert((short) 10);
        }
        ProtocolVersion b = fVar.b();
        reportServerVersion(clientHandshakeState, b);
        fVar.b(b);
        processServerHello(clientHandshakeState, d.c());
        gVar.a();
        applyMaxFragmentLengthExtension(fVar, securityParameters.l);
        if (clientHandshakeState.k) {
            securityParameters.f = Arrays.clone(clientHandshakeState.d.getMasterSecret());
            fVar.a(clientHandshakeState.a.getCipher());
            processFinished(gVar.a((short) 20), TlsUtils.a(clientHandshakeState.b, ExporterLabel.server_finished, TlsProtocol.getCurrentPRFHash(clientHandshakeState.b, gVar.b(), null)));
            gVar.a((short) 20, TlsUtils.a(clientHandshakeState.b, ExporterLabel.client_finished, TlsProtocol.getCurrentPRFHash(clientHandshakeState.b, gVar.b(), null)));
            gVar.e();
            clientHandshakeState.b.a(clientHandshakeState.c);
            clientHandshakeState.a.notifyHandshakeComplete();
            return new DTLSTransport(fVar);
        }
        invalidateSession(clientHandshakeState);
        if (clientHandshakeState.j.length > 0) {
            clientHandshakeState.c = new q(clientHandshakeState.j, null);
        }
        g.a d2 = gVar.d();
        if (d2.b() == 23) {
            processServerSupplementalData(clientHandshakeState, d2.c());
            d2 = gVar.d();
        } else {
            clientHandshakeState.a.processServerSupplementalData(null);
        }
        clientHandshakeState.o = clientHandshakeState.a.getKeyExchange();
        clientHandshakeState.o.init(clientHandshakeState.b);
        if (d2.b() == 11) {
            certificate = processServerCertificate(clientHandshakeState, d2.c());
            aVar = gVar.d();
        } else {
            clientHandshakeState.o.skipServerCredentials();
            aVar = d2;
            certificate = null;
        }
        if (certificate == null || certificate.isEmpty()) {
            clientHandshakeState.m = false;
        }
        if (aVar.b() == 22) {
            processCertificateStatus(clientHandshakeState, aVar.c());
            aVar = gVar.d();
        }
        if (aVar.b() == 12) {
            processServerKeyExchange(clientHandshakeState, aVar.c());
            aVar = gVar.d();
        } else {
            clientHandshakeState.o.skipServerKeyExchange();
        }
        if (aVar.b() == 13) {
            processCertificateRequest(clientHandshakeState, aVar.c());
            TlsUtils.a(gVar.b(), clientHandshakeState.r.getSupportedSignatureAlgorithms());
            aVar = gVar.d();
        }
        if (aVar.b() != 14) {
            throw new TlsFatalAlert((short) 10);
        }
        if (aVar.c().length != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        gVar.b().sealHashAlgorithms();
        Vector clientSupplementalData = clientHandshakeState.a.getClientSupplementalData();
        if (clientSupplementalData != null) {
            gVar.a((short) 23, generateSupplementalData(clientSupplementalData));
        }
        if (clientHandshakeState.r != null) {
            clientHandshakeState.s = clientHandshakeState.p.getClientCredentials(clientHandshakeState.r);
            Certificate certificate2 = clientHandshakeState.s != null ? clientHandshakeState.s.getCertificate() : null;
            if (certificate2 == null) {
                certificate2 = Certificate.EMPTY_CHAIN;
            }
            gVar.a((short) 11, generateCertificate(certificate2));
        }
        if (clientHandshakeState.s != null) {
            clientHandshakeState.o.processClientCredentials(clientHandshakeState.s);
        } else {
            clientHandshakeState.o.skipClientCredentials();
        }
        gVar.a((short) 16, generateClientKeyExchange(clientHandshakeState));
        TlsHandshakeHash c = gVar.c();
        securityParameters.i = TlsProtocol.getCurrentPRFHash(clientHandshakeState.b, c, null);
        TlsProtocol.establishMasterSecret(clientHandshakeState.b, clientHandshakeState.o);
        fVar.a(clientHandshakeState.a.getCipher());
        if (clientHandshakeState.s != null && (clientHandshakeState.s instanceof TlsSignerCredentials)) {
            TlsSignerCredentials tlsSignerCredentials = (TlsSignerCredentials) clientHandshakeState.s;
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.getSignatureAndHashAlgorithm(clientHandshakeState.b, tlsSignerCredentials);
            gVar.a((short) 15, generateCertificateVerify(clientHandshakeState, new DigitallySigned(signatureAndHashAlgorithm, tlsSignerCredentials.generateCertificateSignature(signatureAndHashAlgorithm == null ? securityParameters.getSessionHash() : c.getFinalHash(signatureAndHashAlgorithm.getHash())))));
        }
        gVar.a((short) 20, TlsUtils.a(clientHandshakeState.b, ExporterLabel.client_finished, TlsProtocol.getCurrentPRFHash(clientHandshakeState.b, gVar.b(), null)));
        if (clientHandshakeState.n) {
            g.a d3 = gVar.d();
            if (d3.b() != 4) {
                throw new TlsFatalAlert((short) 10);
            }
            processNewSessionTicket(clientHandshakeState, d3.c());
        }
        processFinished(gVar.a((short) 20), TlsUtils.a(clientHandshakeState.b, ExporterLabel.server_finished, TlsProtocol.getCurrentPRFHash(clientHandshakeState.b, gVar.b(), null)));
        gVar.e();
        if (clientHandshakeState.c != null) {
            clientHandshakeState.d = new SessionParameters.Builder().setCipherSuite(securityParameters.getCipherSuite()).setCompressionAlgorithm(securityParameters.getCompressionAlgorithm()).setMasterSecret(securityParameters.getMasterSecret()).setPeerCertificate(certificate).setPSKIdentity(securityParameters.getPSKIdentity()).setSRPIdentity(securityParameters.getSRPIdentity()).setServerExtensions(clientHandshakeState.i).build();
            clientHandshakeState.c = TlsUtils.importSession(clientHandshakeState.c.getSessionID(), clientHandshakeState.d);
            clientHandshakeState.b.a(clientHandshakeState.c);
        }
        clientHandshakeState.a.notifyHandshakeComplete();
        return new DTLSTransport(fVar);
    }

    public DTLSTransport connect(TlsClient tlsClient, DatagramTransport datagramTransport) throws IOException {
        SessionParameters exportSessionParameters;
        if (tlsClient == null) {
            throw new IllegalArgumentException("'client' cannot be null");
        }
        if (datagramTransport == null) {
            throw new IllegalArgumentException("'transport' cannot be null");
        }
        SecurityParameters securityParameters = new SecurityParameters();
        securityParameters.a = 1;
        ClientHandshakeState clientHandshakeState = new ClientHandshakeState();
        clientHandshakeState.a = tlsClient;
        clientHandshakeState.b = new m(this.secureRandom, securityParameters);
        securityParameters.g = TlsProtocol.createRandomBlock(tlsClient.shouldUseGMTUnixTime(), clientHandshakeState.b.getNonceRandomGenerator());
        tlsClient.init(clientHandshakeState.b);
        f fVar = new f(datagramTransport, clientHandshakeState.b, tlsClient, (short) 22);
        TlsSession sessionToResume = clientHandshakeState.a.getSessionToResume();
        if (sessionToResume != null && sessionToResume.isResumable() && (exportSessionParameters = sessionToResume.exportSessionParameters()) != null) {
            clientHandshakeState.c = sessionToResume;
            clientHandshakeState.d = exportSessionParameters;
        }
        try {
            try {
                return clientHandshake(clientHandshakeState, fVar);
            } catch (TlsFatalAlert e) {
                abortClientHandshake(clientHandshakeState, fVar, e.getAlertDescription());
                throw e;
            } catch (IOException e2) {
                abortClientHandshake(clientHandshakeState, fVar, (short) 80);
                throw e2;
            } catch (RuntimeException e3) {
                abortClientHandshake(clientHandshakeState, fVar, (short) 80);
                throw new TlsFatalAlert((short) 80, e3);
            }
        } finally {
            securityParameters.a();
        }
    }

    protected byte[] generateCertificateVerify(ClientHandshakeState clientHandshakeState, DigitallySigned digitallySigned) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        digitallySigned.encode(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    protected byte[] generateClientHello(ClientHandshakeState clientHandshakeState, TlsClient tlsClient) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ProtocolVersion clientVersion = tlsClient.getClientVersion();
        if (!clientVersion.isDTLS()) {
            throw new TlsFatalAlert((short) 80);
        }
        m mVar = clientHandshakeState.b;
        mVar.a(clientVersion);
        TlsUtils.writeVersion(clientVersion, byteArrayOutputStream);
        byteArrayOutputStream.write(mVar.getSecurityParameters().getClientRandom());
        byte[] bArr = TlsUtils.EMPTY_BYTES;
        if (clientHandshakeState.c != null && ((bArr = clientHandshakeState.c.getSessionID()) == null || bArr.length > 32)) {
            bArr = TlsUtils.EMPTY_BYTES;
        }
        TlsUtils.writeOpaque8(bArr, byteArrayOutputStream);
        TlsUtils.writeOpaque8(TlsUtils.EMPTY_BYTES, byteArrayOutputStream);
        boolean isFallback = tlsClient.isFallback();
        clientHandshakeState.f = tlsClient.getCipherSuites();
        clientHandshakeState.h = tlsClient.getClientExtensions();
        boolean z = TlsUtils.getExtensionData(clientHandshakeState.h, TlsProtocol.EXT_RenegotiationInfo) == null;
        boolean z2 = !Arrays.contains(clientHandshakeState.f, 255);
        if (z && z2) {
            clientHandshakeState.f = Arrays.append(clientHandshakeState.f, 255);
        }
        if (isFallback && !Arrays.contains(clientHandshakeState.f, CipherSuite.TLS_FALLBACK_SCSV)) {
            clientHandshakeState.f = Arrays.append(clientHandshakeState.f, CipherSuite.TLS_FALLBACK_SCSV);
        }
        TlsUtils.writeUint16ArrayWithUint16Length(clientHandshakeState.f, byteArrayOutputStream);
        clientHandshakeState.g = new short[]{0};
        TlsUtils.writeUint8ArrayWithUint8Length(clientHandshakeState.g, byteArrayOutputStream);
        if (clientHandshakeState.h != null) {
            TlsProtocol.writeExtensions(byteArrayOutputStream, clientHandshakeState.h);
        }
        return byteArrayOutputStream.toByteArray();
    }

    protected byte[] generateClientKeyExchange(ClientHandshakeState clientHandshakeState) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        clientHandshakeState.o.generateClientKeyExchange(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    protected void invalidateSession(ClientHandshakeState clientHandshakeState) {
        if (clientHandshakeState.d != null) {
            clientHandshakeState.d.clear();
            clientHandshakeState.d = null;
        }
        if (clientHandshakeState.c != null) {
            clientHandshakeState.c.invalidate();
            clientHandshakeState.c = null;
        }
    }

    protected void processCertificateRequest(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        if (clientHandshakeState.p == null) {
            throw new TlsFatalAlert((short) 40);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.r = CertificateRequest.parse(clientHandshakeState.b, byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        clientHandshakeState.o.validateCertificateRequest(clientHandshakeState.r);
    }

    protected void processCertificateStatus(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        if (!clientHandshakeState.m) {
            throw new TlsFatalAlert((short) 10);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.q = CertificateStatus.parse(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
    }

    protected byte[] processHelloVerifyRequest(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ProtocolVersion readVersion = TlsUtils.readVersion(byteArrayInputStream);
        byte[] readOpaque8 = TlsUtils.readOpaque8(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        if (!readVersion.isEqualOrEarlierVersionOf(clientHandshakeState.b.getClientVersion())) {
            throw new TlsFatalAlert((short) 47);
        }
        if (ProtocolVersion.DTLSv12.isEqualOrEarlierVersionOf(readVersion) || readOpaque8.length <= 32) {
            return readOpaque8;
        }
        throw new TlsFatalAlert((short) 47);
    }

    protected void processNewSessionTicket(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        NewSessionTicket parse = NewSessionTicket.parse(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        clientHandshakeState.a.notifyNewSessionTicket(parse);
    }

    protected Certificate processServerCertificate(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate parse = Certificate.parse(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        clientHandshakeState.o.processServerCertificate(parse);
        clientHandshakeState.p = clientHandshakeState.a.getAuthentication();
        clientHandshakeState.p.notifyServerCertificate(parse);
        return parse;
    }

    protected void processServerHello(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        SecurityParameters securityParameters = clientHandshakeState.b.getSecurityParameters();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        reportServerVersion(clientHandshakeState, TlsUtils.readVersion(byteArrayInputStream));
        securityParameters.h = TlsUtils.readFully(32, byteArrayInputStream);
        clientHandshakeState.j = TlsUtils.readOpaque8(byteArrayInputStream);
        if (clientHandshakeState.j.length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        clientHandshakeState.a.notifySessionID(clientHandshakeState.j);
        boolean z = false;
        clientHandshakeState.k = clientHandshakeState.j.length > 0 && clientHandshakeState.c != null && Arrays.areEqual(clientHandshakeState.j, clientHandshakeState.c.getSessionID());
        int readUint16 = TlsUtils.readUint16(byteArrayInputStream);
        if (!Arrays.contains(clientHandshakeState.f, readUint16) || readUint16 == 0 || CipherSuite.isSCSV(readUint16) || !TlsUtils.isValidCipherSuiteForVersion(readUint16, clientHandshakeState.b.getServerVersion())) {
            throw new TlsFatalAlert((short) 47);
        }
        validateSelectedCipherSuite(readUint16, (short) 47);
        clientHandshakeState.a.notifySelectedCipherSuite(readUint16);
        short readUint8 = TlsUtils.readUint8(byteArrayInputStream);
        if (!Arrays.contains(clientHandshakeState.g, readUint8)) {
            throw new TlsFatalAlert((short) 47);
        }
        clientHandshakeState.a.notifySelectedCompressionMethod(readUint8);
        clientHandshakeState.i = TlsProtocol.readExtensions(byteArrayInputStream);
        if (clientHandshakeState.i != null) {
            Enumeration keys = clientHandshakeState.i.keys();
            while (keys.hasMoreElements()) {
                Integer num = (Integer) keys.nextElement();
                if (!num.equals(TlsProtocol.EXT_RenegotiationInfo)) {
                    if (TlsUtils.getExtensionData(clientHandshakeState.h, num) == null) {
                        throw new TlsFatalAlert(AlertDescription.unsupported_extension);
                    }
                    boolean z2 = clientHandshakeState.k;
                }
            }
        }
        byte[] extensionData = TlsUtils.getExtensionData(clientHandshakeState.i, TlsProtocol.EXT_RenegotiationInfo);
        if (extensionData != null) {
            clientHandshakeState.l = true;
            if (!Arrays.constantTimeAreEqual(extensionData, TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        clientHandshakeState.a.notifySecureRenegotiation(clientHandshakeState.l);
        Hashtable hashtable = clientHandshakeState.h;
        Hashtable hashtable2 = clientHandshakeState.i;
        if (clientHandshakeState.k) {
            if (readUint16 != clientHandshakeState.d.getCipherSuite() || readUint8 != clientHandshakeState.d.getCompressionAlgorithm()) {
                throw new TlsFatalAlert((short) 47);
            }
            hashtable = null;
            hashtable2 = clientHandshakeState.d.readServerExtensions();
        }
        securityParameters.b = readUint16;
        securityParameters.c = readUint8;
        if (hashtable2 != null) {
            boolean hasEncryptThenMACExtension = TlsExtensionsUtils.hasEncryptThenMACExtension(hashtable2);
            if (hasEncryptThenMACExtension && !TlsUtils.isBlockCipherSuite(securityParameters.getCipherSuite())) {
                throw new TlsFatalAlert((short) 47);
            }
            securityParameters.n = hasEncryptThenMACExtension;
            securityParameters.o = TlsExtensionsUtils.hasExtendedMasterSecretExtension(hashtable2);
            securityParameters.l = evaluateMaxFragmentLengthExtension(clientHandshakeState.k, hashtable, hashtable2, (short) 47);
            securityParameters.m = TlsExtensionsUtils.hasTruncatedHMacExtension(hashtable2);
            clientHandshakeState.m = !clientHandshakeState.k && TlsUtils.hasExpectedEmptyExtensionData(hashtable2, TlsExtensionsUtils.EXT_status_request, (short) 47);
            if (!clientHandshakeState.k && TlsUtils.hasExpectedEmptyExtensionData(hashtable2, TlsProtocol.EXT_SessionTicket, (short) 47)) {
                z = true;
            }
            clientHandshakeState.n = z;
        }
        if (hashtable != null) {
            clientHandshakeState.a.processServerExtensions(hashtable2);
        }
        securityParameters.d = TlsProtocol.getPRFAlgorithm(clientHandshakeState.b, securityParameters.getCipherSuite());
        securityParameters.e = 12;
    }

    protected void processServerKeyExchange(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.o.processServerKeyExchange(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
    }

    protected void processServerSupplementalData(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        clientHandshakeState.a.processServerSupplementalData(TlsProtocol.readSupplementalDataMessage(new ByteArrayInputStream(bArr)));
    }

    protected void reportServerVersion(ClientHandshakeState clientHandshakeState, ProtocolVersion protocolVersion) throws IOException {
        m mVar = clientHandshakeState.b;
        ProtocolVersion serverVersion = mVar.getServerVersion();
        if (serverVersion == null) {
            mVar.b(protocolVersion);
            clientHandshakeState.a.notifyServerVersion(protocolVersion);
        } else if (!serverVersion.equals(protocolVersion)) {
            throw new TlsFatalAlert((short) 47);
        }
    }
}
