package com.enterprisedt.bouncycastle.tls;

import com.enterprisedt.bouncycastle.tls.SessionParameters;
import com.enterprisedt.bouncycastle.util.Arrays;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Enumeration;
import java.util.Hashtable;

/* loaded from: classes.dex */
public class DTLSClientProtocol extends DTLSProtocol {

    /* loaded from: classes.dex */
    public static class ClientHandshakeState {

        /* renamed from: a, reason: collision with root package name */
        public TlsClient f10805a = null;

        /* renamed from: b, reason: collision with root package name */
        public TlsClientContextImpl f10806b = null;

        /* renamed from: c, reason: collision with root package name */
        public TlsSession f10807c = null;

        /* renamed from: d, reason: collision with root package name */
        public SessionParameters f10808d = null;

        /* renamed from: e, reason: collision with root package name */
        public SessionParameters.Builder f10809e = null;

        /* renamed from: f, reason: collision with root package name */
        public int[] f10810f = null;

        /* renamed from: g, reason: collision with root package name */
        public short[] f10811g = null;

        /* renamed from: h, reason: collision with root package name */
        public Hashtable f10812h = null;

        /* renamed from: i, reason: collision with root package name */
        public Hashtable f10813i = null;

        /* renamed from: j, reason: collision with root package name */
        public byte[] f10814j = null;

        /* renamed from: k, reason: collision with root package name */
        public boolean f10815k = false;

        /* renamed from: l, reason: collision with root package name */
        public boolean f10816l = false;

        /* renamed from: m, reason: collision with root package name */
        public boolean f10817m = false;

        /* renamed from: n, reason: collision with root package name */
        public boolean f10818n = false;

        /* renamed from: o, reason: collision with root package name */
        public TlsKeyExchange f10819o = null;

        /* renamed from: p, reason: collision with root package name */
        public TlsAuthentication f10820p = null;

        /* renamed from: q, reason: collision with root package name */
        public CertificateStatus f10821q = null;

        /* renamed from: r, reason: collision with root package name */
        public CertificateRequest f10822r = null;

        /* renamed from: s, reason: collision with root package name */
        public TlsCredentials f10823s = null;
    }

    public static byte[] patchClientHelloWithCookie(byte[] bArr, byte[] bArr2) throws IOException {
        int readUint8 = TlsUtils.readUint8(bArr, 34) + 35;
        int i10 = readUint8 + 1;
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, readUint8);
        TlsUtils.checkUint8(bArr2.length);
        TlsUtils.writeUint8(bArr2.length, bArr3, readUint8);
        System.arraycopy(bArr2, 0, bArr3, i10, bArr2.length);
        System.arraycopy(bArr, i10, bArr3, bArr2.length + i10, bArr.length - i10);
        return bArr3;
    }

    public void abortClientHandshake(ClientHandshakeState clientHandshakeState, e eVar, short s10) {
        eVar.a(s10);
        invalidateSession(clientHandshakeState);
    }

    /* JADX WARN: Removed duplicated region for block: B:60:0x020c  */
    /* JADX WARN: Removed duplicated region for block: B:63:0x023d  */
    /* JADX WARN: Removed duplicated region for block: B:66:0x025b  */
    /* JADX WARN: Removed duplicated region for block: B:73:0x020e  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.enterprisedt.bouncycastle.tls.DTLSTransport clientHandshake(com.enterprisedt.bouncycastle.tls.DTLSClientProtocol.ClientHandshakeState r22, com.enterprisedt.bouncycastle.tls.e r23) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 790
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.enterprisedt.bouncycastle.tls.DTLSClientProtocol.clientHandshake(com.enterprisedt.bouncycastle.tls.DTLSClientProtocol$ClientHandshakeState, com.enterprisedt.bouncycastle.tls.e):com.enterprisedt.bouncycastle.tls.DTLSTransport");
    }

    public DTLSTransport connect(TlsClient tlsClient, DatagramTransport datagramTransport) throws IOException {
        SessionParameters exportSessionParameters;
        if (tlsClient == null) {
            throw new IllegalArgumentException("'client' cannot be null");
        }
        if (datagramTransport == null) {
            throw new IllegalArgumentException("'transport' cannot be null");
        }
        SecurityParameters securityParameters = new SecurityParameters();
        securityParameters.f10849a = 1;
        ClientHandshakeState clientHandshakeState = new ClientHandshakeState();
        clientHandshakeState.f10805a = tlsClient;
        clientHandshakeState.f10806b = new TlsClientContextImpl(tlsClient.getCrypto(), securityParameters);
        securityParameters.clientRandom = TlsProtocol.createRandomBlock(tlsClient.shouldUseGMTUnixTime(), clientHandshakeState.f10806b);
        securityParameters.f10860l = tlsClient.shouldUseExtendedPadding();
        tlsClient.init(clientHandshakeState.f10806b);
        e eVar = new e(datagramTransport, clientHandshakeState.f10806b, tlsClient, (short) 22);
        TlsSession sessionToResume = clientHandshakeState.f10805a.getSessionToResume();
        if (sessionToResume != null && sessionToResume.isResumable() && (exportSessionParameters = sessionToResume.exportSessionParameters()) != null) {
            clientHandshakeState.f10807c = sessionToResume;
            clientHandshakeState.f10808d = exportSessionParameters;
        }
        try {
            try {
                try {
                    try {
                        return clientHandshake(clientHandshakeState, eVar);
                    } catch (RuntimeException e10) {
                        abortClientHandshake(clientHandshakeState, eVar, (short) 80);
                        throw new TlsFatalAlert((short) 80, e10);
                    }
                } catch (TlsFatalAlert e11) {
                    abortClientHandshake(clientHandshakeState, eVar, e11.getAlertDescription());
                    throw e11;
                }
            } catch (IOException e12) {
                abortClientHandshake(clientHandshakeState, eVar, (short) 80);
                throw e12;
            }
        } finally {
            securityParameters.a();
        }
    }

    public byte[] generateCertificateVerify(ClientHandshakeState clientHandshakeState, DigitallySigned digitallySigned) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        digitallySigned.encode(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] generateClientHello(ClientHandshakeState clientHandshakeState, TlsClient tlsClient) throws IOException {
        byte[] bArr;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ProtocolVersion clientVersion = tlsClient.getClientVersion();
        if (!clientVersion.isDTLS()) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsClientContextImpl tlsClientContextImpl = clientHandshakeState.f10806b;
        tlsClientContextImpl.setClientVersion(clientVersion);
        TlsUtils.writeVersion(clientVersion, byteArrayOutputStream);
        byteArrayOutputStream.write(tlsClientContextImpl.getSecurityParameters().getClientRandom());
        byte[] bArr2 = TlsUtils.EMPTY_BYTES;
        TlsSession tlsSession = clientHandshakeState.f10807c;
        if (tlsSession == null || (bArr = tlsSession.getSessionID()) == null || bArr.length > 32) {
            bArr = bArr2;
        }
        TlsUtils.writeOpaque8(bArr, byteArrayOutputStream);
        TlsUtils.writeOpaque8(bArr2, byteArrayOutputStream);
        boolean isFallback = tlsClient.isFallback();
        clientHandshakeState.f10810f = tlsClient.getCipherSuites();
        Hashtable clientExtensions = tlsClient.getClientExtensions();
        clientHandshakeState.f10812h = clientExtensions;
        boolean z7 = TlsUtils.getExtensionData(clientExtensions, TlsProtocol.EXT_RenegotiationInfo) == null;
        boolean z10 = !Arrays.contains(clientHandshakeState.f10810f, 255);
        if (z7 && z10) {
            clientHandshakeState.f10810f = Arrays.append(clientHandshakeState.f10810f, 255);
        }
        if (isFallback && !Arrays.contains(clientHandshakeState.f10810f, 22016)) {
            clientHandshakeState.f10810f = Arrays.append(clientHandshakeState.f10810f, 22016);
        }
        TlsUtils.writeUint16ArrayWithUint16Length(clientHandshakeState.f10810f, byteArrayOutputStream);
        short[] sArr = {0};
        clientHandshakeState.f10811g = sArr;
        TlsUtils.writeUint8ArrayWithUint8Length(sArr, byteArrayOutputStream);
        Hashtable hashtable = clientHandshakeState.f10812h;
        if (hashtable != null) {
            TlsProtocol.writeExtensions(byteArrayOutputStream, hashtable);
        }
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] generateClientKeyExchange(ClientHandshakeState clientHandshakeState) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        clientHandshakeState.f10819o.generateClientKeyExchange(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public void invalidateSession(ClientHandshakeState clientHandshakeState) {
        SessionParameters sessionParameters = clientHandshakeState.f10808d;
        if (sessionParameters != null) {
            sessionParameters.clear();
            clientHandshakeState.f10808d = null;
        }
        TlsSession tlsSession = clientHandshakeState.f10807c;
        if (tlsSession != null) {
            tlsSession.invalidate();
            clientHandshakeState.f10807c = null;
        }
    }

    public void processCertificateRequest(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        if (clientHandshakeState.f10820p == null) {
            throw new TlsFatalAlert((short) 40);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.f10822r = CertificateRequest.parse(clientHandshakeState.f10806b, byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        clientHandshakeState.f10822r = TlsUtils.a(clientHandshakeState.f10822r, clientHandshakeState.f10819o);
    }

    public void processCertificateStatus(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        if (!clientHandshakeState.f10817m) {
            throw new TlsFatalAlert((short) 10);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.f10821q = CertificateStatus.parse(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
    }

    public byte[] processHelloVerifyRequest(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ProtocolVersion readVersion = TlsUtils.readVersion(byteArrayInputStream);
        byte[] readOpaque8 = TlsUtils.readOpaque8(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        if (!readVersion.isEqualOrEarlierVersionOf(clientHandshakeState.f10806b.getClientVersion())) {
            throw new TlsFatalAlert((short) 47);
        }
        if (ProtocolVersion.DTLSv12.isEqualOrEarlierVersionOf(readVersion) || readOpaque8.length <= 32) {
            return readOpaque8;
        }
        throw new TlsFatalAlert((short) 47);
    }

    public void processNewSessionTicket(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        NewSessionTicket parse = NewSessionTicket.parse(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        clientHandshakeState.f10805a.notifyNewSessionTicket(parse);
    }

    public Certificate processServerCertificate(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Certificate parse = Certificate.parse(clientHandshakeState.f10806b, byteArrayInputStream, byteArrayOutputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        clientHandshakeState.f10806b.getSecurityParameters().f10856h = byteArrayOutputStream.toByteArray();
        TlsAuthentication authentication = clientHandshakeState.f10805a.getAuthentication();
        clientHandshakeState.f10820p = authentication;
        if (authentication != null) {
            return parse;
        }
        throw new TlsFatalAlert((short) 80);
    }

    public void processServerHello(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        TlsSession tlsSession;
        SecurityParameters securityParameters = clientHandshakeState.f10806b.getSecurityParameters();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ProtocolVersion readVersion = TlsUtils.readVersion(byteArrayInputStream);
        reportServerVersion(clientHandshakeState, readVersion);
        securityParameters.serverRandom = TlsUtils.readFully(32, byteArrayInputStream);
        byte[] readOpaque8 = TlsUtils.readOpaque8(byteArrayInputStream);
        clientHandshakeState.f10814j = readOpaque8;
        if (readOpaque8.length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        clientHandshakeState.f10805a.notifySessionID(readOpaque8);
        byte[] bArr2 = clientHandshakeState.f10814j;
        boolean z7 = false;
        clientHandshakeState.f10815k = bArr2.length > 0 && (tlsSession = clientHandshakeState.f10807c) != null && Arrays.areEqual(bArr2, tlsSession.getSessionID());
        int readUint16 = TlsUtils.readUint16(byteArrayInputStream);
        if (!Arrays.contains(clientHandshakeState.f10810f, readUint16) || readUint16 == 0 || CipherSuite.isSCSV(readUint16) || !TlsUtils.isValidCipherSuiteForVersion(readUint16, clientHandshakeState.f10806b.getServerVersion())) {
            throw new TlsFatalAlert((short) 47);
        }
        DTLSProtocol.validateSelectedCipherSuite(readUint16, (short) 47);
        clientHandshakeState.f10805a.notifySelectedCipherSuite(readUint16);
        short readUint8 = TlsUtils.readUint8(byteArrayInputStream);
        if (!Arrays.contains(clientHandshakeState.f10811g, readUint8)) {
            throw new TlsFatalAlert((short) 47);
        }
        clientHandshakeState.f10805a.notifySelectedCompressionMethod(readUint8);
        Hashtable readExtensions = TlsProtocol.readExtensions(byteArrayInputStream);
        clientHandshakeState.f10813i = readExtensions;
        if (readExtensions != null) {
            Enumeration keys = readExtensions.keys();
            while (keys.hasMoreElements()) {
                Integer num = (Integer) keys.nextElement();
                if (!num.equals(TlsProtocol.EXT_RenegotiationInfo) && TlsUtils.getExtensionData(clientHandshakeState.f10812h, num) == null) {
                    throw new TlsFatalAlert((short) 110);
                }
            }
        }
        byte[] extensionData = TlsUtils.getExtensionData(clientHandshakeState.f10813i, TlsProtocol.EXT_RenegotiationInfo);
        if (extensionData != null) {
            clientHandshakeState.f10816l = true;
            if (!Arrays.constantTimeAreEqual(extensionData, TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        clientHandshakeState.f10805a.notifySecureRenegotiation(clientHandshakeState.f10816l);
        Hashtable hashtable = clientHandshakeState.f10812h;
        Hashtable hashtable2 = clientHandshakeState.f10813i;
        if (clientHandshakeState.f10815k) {
            if (readUint16 != clientHandshakeState.f10808d.getCipherSuite() || readUint8 != clientHandshakeState.f10808d.getCompressionAlgorithm() || !readVersion.equals(clientHandshakeState.f10808d.getNegotiatedVersion())) {
                throw new TlsFatalAlert((short) 47);
            }
            hashtable = null;
            hashtable2 = clientHandshakeState.f10808d.readServerExtensions();
        }
        securityParameters.cipherSuite = readUint16;
        securityParameters.f10850b = readUint8;
        if (hashtable2 != null) {
            boolean hasEncryptThenMACExtension = TlsExtensionsUtils.hasEncryptThenMACExtension(hashtable2);
            if (hasEncryptThenMACExtension && !TlsUtils.isBlockCipherSuite(securityParameters.getCipherSuite())) {
                throw new TlsFatalAlert((short) 47);
            }
            securityParameters.f10858j = hasEncryptThenMACExtension;
            securityParameters.f10859k = TlsExtensionsUtils.hasExtendedMasterSecretExtension(hashtable2);
            securityParameters.f10851c = DTLSProtocol.evaluateMaxFragmentLengthExtension(clientHandshakeState.f10815k, hashtable, hashtable2, (short) 47);
            securityParameters.f10861m = TlsExtensionsUtils.hasTruncatedHMacExtension(hashtable2);
            clientHandshakeState.f10817m = !clientHandshakeState.f10815k && TlsUtils.hasExpectedEmptyExtensionData(hashtable2, TlsExtensionsUtils.EXT_status_request, (short) 47);
            if (!clientHandshakeState.f10815k && TlsUtils.hasExpectedEmptyExtensionData(hashtable2, TlsProtocol.EXT_SessionTicket, (short) 47)) {
                z7 = true;
            }
            clientHandshakeState.f10818n = z7;
        }
        if (hashtable != null) {
            clientHandshakeState.f10805a.processServerExtensions(hashtable2);
        }
        securityParameters.prfAlgorithm = TlsProtocol.getPRFAlgorithm(clientHandshakeState.f10806b, securityParameters.getCipherSuite());
        securityParameters.verifyDataLength = 12;
    }

    public void processServerKeyExchange(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        clientHandshakeState.f10819o.processServerKeyExchange(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
    }

    public void processServerSupplementalData(ClientHandshakeState clientHandshakeState, byte[] bArr) throws IOException {
        clientHandshakeState.f10805a.processServerSupplementalData(TlsProtocol.readSupplementalDataMessage(new ByteArrayInputStream(bArr)));
    }

    public void reportServerVersion(ClientHandshakeState clientHandshakeState, ProtocolVersion protocolVersion) throws IOException {
        TlsClientContextImpl tlsClientContextImpl = clientHandshakeState.f10806b;
        ProtocolVersion serverVersion = tlsClientContextImpl.getServerVersion();
        if (serverVersion == null) {
            tlsClientContextImpl.setServerVersion(protocolVersion);
            clientHandshakeState.f10805a.notifyServerVersion(protocolVersion);
        } else if (!serverVersion.equals(protocolVersion)) {
            throw new TlsFatalAlert((short) 47);
        }
    }
}
