package io.ktor.network.tls;

import io.ktor.network.tls.extensions.HashAndSign;
import io.ktor.network.tls.extensions.NamedCurve;
import io.ktor.network.tls.extensions.SignatureAlgorithmKt;
import io.ktor.utils.io.core.ByteReadPacket;
import io.ktor.utils.io.core.InputPrimitivesKt;
import io.ktor.utils.io.core.StringsKt;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.util.ArrayList;
import java.util.LinkedHashSet;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: TLSClientHandshake.kt */
@Metadata(d1 = {"\u0000*\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0002\u0018\u0002\n\u0000\u001a\u0018\u0010\u0000\u001a\u00020\u00012\u0006\u0010\u0002\u001a\u00020\u00032\u0006\u0010\u0004\u001a\u00020\u0005H\u0002\u001a\u0010\u0010\u0006\u001a\u00020\u00072\u0006\u0010\b\u001a\u00020\tH\u0000\u001a\f\u0010\n\u001a\u00020\u000b*\u00020\fH\u0002¨\u0006\r"}, d2 = {"generateECKeys", "Lio/ktor/network/tls/EncryptionInfo;", "curve", "Lio/ktor/network/tls/extensions/NamedCurve;", "serverPoint", "Ljava/security/spec/ECPoint;", "readClientCertificateRequest", "Lio/ktor/network/tls/CertificateInfo;", "packet", "Lio/ktor/utils/io/core/ByteReadPacket;", "generateClientSeed", "", "Ljava/security/SecureRandom;", "ktor-network-tls"}, k = 2, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes6.dex */
public final class TLSClientHandshakeKt {
    public static final /* synthetic */ byte[] access$generateClientSeed(SecureRandom secureRandom) {
        return generateClientSeed(secureRandom);
    }

    public static final /* synthetic */ EncryptionInfo access$generateECKeys(NamedCurve namedCurve, ECPoint eCPoint) {
        return generateECKeys(namedCurve, eCPoint);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final byte[] generateClientSeed(SecureRandom secureRandom) {
        byte[] bArr = new byte[32];
        secureRandom.nextBytes(bArr);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        bArr[0] = (byte) (currentTimeMillis >> 24);
        bArr[1] = (byte) (currentTimeMillis >> 16);
        bArr[2] = (byte) (currentTimeMillis >> 8);
        bArr[3] = (byte) currentTimeMillis;
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final EncryptionInfo generateECKeys(NamedCurve namedCurve, ECPoint eCPoint) {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        Intrinsics.checkNotNull(keyPairGenerator);
        keyPairGenerator.initialize(new ECGenParameterSpec(namedCurve.name()));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Intrinsics.checkNotNull(generateKeyPair);
        PublicKey publicKey = generateKeyPair.getPublic();
        Intrinsics.checkNotNull(publicKey, "null cannot be cast to non-null type java.security.interfaces.ECPublicKey");
        ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
        KeyFactory keyFactory = KeyFactory.getInstance("EC");
        Intrinsics.checkNotNull(keyFactory);
        ECParameterSpec params = eCPublicKey.getParams();
        Intrinsics.checkNotNull(params);
        PublicKey generatePublic = keyFactory.generatePublic(new ECPublicKeySpec(eCPoint, params));
        Intrinsics.checkNotNull(generatePublic);
        PublicKey publicKey2 = generateKeyPair.getPublic();
        Intrinsics.checkNotNullExpressionValue(publicKey2, "clientKeys.public");
        PrivateKey privateKey = generateKeyPair.getPrivate();
        Intrinsics.checkNotNullExpressionValue(privateKey, "clientKeys.private");
        return new EncryptionInfo(generatePublic, publicKey2, privateKey);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static final CertificateInfo readClientCertificateRequest(ByteReadPacket packet) {
        Intrinsics.checkNotNullParameter(packet, "packet");
        byte[] readBytes = StringsKt.readBytes(packet, packet.readByte() & 255);
        ByteReadPacket byteReadPacket = packet;
        int readShort = InputPrimitivesKt.readShort(byteReadPacket) & 65535;
        ArrayList arrayList = new ArrayList();
        int i = readShort / 2;
        for (int i2 = 0; i2 < i; i2++) {
            ArrayList arrayList2 = arrayList;
            HashAndSign byCode = SignatureAlgorithmKt.byCode(HashAndSign.INSTANCE, packet.readByte(), packet.readByte());
            if (byCode != null) {
                arrayList2.add(byCode);
            }
        }
        int readShort2 = InputPrimitivesKt.readShort(byteReadPacket) & 65535;
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        int i3 = 0;
        while (i3 < readShort2) {
            int readShort3 = InputPrimitivesKt.readShort(byteReadPacket) & 65535;
            i3 += readShort3 + 2;
            linkedHashSet.add(new X500Principal(StringsKt.readBytes(packet, readShort3)));
        }
        CertificateInfo certificateInfo = new CertificateInfo(readBytes, (HashAndSign[]) arrayList.toArray(new HashAndSign[0]), linkedHashSet);
        if (packet.getEndOfInput()) {
            return certificateInfo;
        }
        throw new IllegalStateException("Check failed.".toString());
    }
}
