package org.spongycastle.crypto.tls;

import java.io.InputStream;
import java.io.OutputStream;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.RSAKeyParameters;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.io.Streams;

/* loaded from: classes2.dex */
public class TlsRSAKeyExchange extends AbstractTlsKeyExchange {
    public AsymmetricKeyParameter o;
    public RSAKeyParameters p;
    public TlsEncryptionCredentials q;
    public byte[] r;

    public TlsRSAKeyExchange(Vector vector) {
        super(1, vector);
        this.o = null;
        this.p = null;
        this.q = null;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void aa(CertificateRequest certificateRequest) {
        for (short s : certificateRequest.g()) {
            if (s != 1 && s != 2 && s != 64) {
                throw new TlsFatalAlert((short) 47);
            }
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] ab() {
        byte[] bArr = this.r;
        if (bArr == null) {
            throw new TlsFatalAlert((short) 80);
        }
        this.r = null;
        return bArr;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void ac(TlsCredentials tlsCredentials) {
        if (!(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void f(Certificate certificate) {
        if (certificate.g()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate e2 = certificate.e(0);
        try {
            this.o = PublicKeyFactory.b(e2.k());
            if (this.o.b()) {
                throw new TlsFatalAlert((short) 80);
            }
            this.p = s((RSAKeyParameters) this.o);
            TlsUtils.as(e2, 32);
            super.f(certificate);
        } catch (RuntimeException e3) {
            throw new TlsFatalAlert((short) 43, e3);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void h(TlsCredentials tlsCredentials) {
        if (!(tlsCredentials instanceof TlsEncryptionCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        f(tlsCredentials.e());
        this.q = (TlsEncryptionCredentials) tlsCredentials;
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void k(InputStream inputStream) {
        this.r = this.q.d(TlsUtils.bm(this.f18793c) ? Streams.g(inputStream) : TlsUtils.bp(inputStream));
    }

    public RSAKeyParameters s(RSAKeyParameters rSAKeyParameters) {
        if (rSAKeyParameters.e().isProbablePrime(2)) {
            return rSAKeyParameters;
        }
        throw new TlsFatalAlert((short) 47);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void y() {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void z(OutputStream outputStream) {
        this.r = TlsRSAUtils.a(this.f18793c, this.p, outputStream);
    }
}
