package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.crypto.tls.TlsProtocol;
import org.bouncycastle.util.Arrays;

/* loaded from: classes8.dex */
public class TlsClientProtocol extends TlsProtocol {
    protected TlsClient b0;
    TlsClientContextImpl c0;
    protected byte[] d0;
    protected TlsKeyExchange e0;
    protected TlsAuthentication f0;
    protected CertificateStatus g0;
    protected CertificateRequest h0;

    public TlsClientProtocol(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        super(inputStream, outputStream, secureRandom);
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
        this.e0 = null;
        this.f0 = null;
        this.g0 = null;
        this.h0 = null;
    }

    public TlsClientProtocol(SecureRandom secureRandom) {
        super(secureRandom);
        this.b0 = null;
        this.c0 = null;
        this.d0 = null;
        this.e0 = null;
        this.f0 = null;
        this.g0 = null;
        this.h0 = null;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:26:0x0049. Please report as an issue. */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected void A(short s, ByteArrayInputStream byteArrayInputStream) throws IOException {
        TlsCredentials a;
        Certificate e;
        if (this.T) {
            if (s != 20 || this.S != 2) {
                throw new TlsFatalAlert((short) 10);
            }
            J(byteArrayInputStream);
            this.S = (short) 15;
            a0();
            this.S = (short) 13;
            i();
            return;
        }
        if (s == 0) {
            TlsProtocol.c(byteArrayInputStream);
            if (this.S == 16) {
                U();
                return;
            }
            return;
        }
        if (s == 2) {
            if (this.S != 1) {
                throw new TlsFatalAlert((short) 10);
            }
            l0(byteArrayInputStream);
            this.S = (short) 2;
            this.A.n();
            b();
            if (this.T) {
                this.M.f = Arrays.l(this.L.e());
                this.A.t(x().l(), x().v());
                Z();
                return;
            } else {
                C();
                byte[] bArr = this.d0;
                if (bArr.length > 0) {
                    this.K = new TlsSessionImpl(bArr, null);
                    return;
                }
                return;
            }
        }
        if (s == 4) {
            if (this.S != 13) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!this.X) {
                throw new TlsFatalAlert((short) 10);
            }
            C();
            k0(byteArrayInputStream);
            this.S = (short) 14;
            return;
        }
        if (s == 20) {
            short s2 = this.S;
            if (s2 != 13) {
                if (s2 != 14) {
                    throw new TlsFatalAlert((short) 10);
                }
            } else if (this.X) {
                throw new TlsFatalAlert((short) 10);
            }
            J(byteArrayInputStream);
            this.S = (short) 15;
            i();
            return;
        }
        if (s == 22) {
            if (this.S != 4) {
                throw new TlsFatalAlert((short) 10);
            }
            if (!this.W) {
                throw new TlsFatalAlert((short) 10);
            }
            this.g0 = CertificateStatus.f(byteArrayInputStream);
            TlsProtocol.c(byteArrayInputStream);
            this.S = (short) 5;
            return;
        }
        if (s == 23) {
            if (this.S != 2) {
                throw new TlsFatalAlert((short) 10);
            }
            j0(TlsProtocol.T(byteArrayInputStream));
            return;
        }
        switch (s) {
            case 11:
                short s3 = this.S;
                if (s3 == 2) {
                    j0(null);
                } else if (s3 != 3) {
                    throw new TlsFatalAlert((short) 10);
                }
                this.N = Certificate.g(byteArrayInputStream);
                TlsProtocol.c(byteArrayInputStream);
                Certificate certificate = this.N;
                if (certificate == null || certificate.f()) {
                    this.W = false;
                }
                this.e0.l(this.N);
                TlsAuthentication H = this.b0.H();
                this.f0 = H;
                H.b(this.N);
                this.S = (short) 4;
                return;
            case 12:
                short s4 = this.S;
                if (s4 == 2) {
                    j0(null);
                } else if (s4 != 3) {
                    if (s4 != 4 && s4 != 5) {
                        throw new TlsFatalAlert((short) 10);
                    }
                    this.e0.c(byteArrayInputStream);
                    TlsProtocol.c(byteArrayInputStream);
                    this.S = (short) 6;
                    return;
                }
                this.e0.o();
                this.f0 = null;
                this.e0.c(byteArrayInputStream);
                TlsProtocol.c(byteArrayInputStream);
                this.S = (short) 6;
                return;
            case 13:
                short s5 = this.S;
                if (s5 == 4 || s5 == 5) {
                    this.e0.k();
                } else if (s5 != 6) {
                    throw new TlsFatalAlert((short) 10);
                }
                if (this.f0 == null) {
                    throw new TlsFatalAlert((short) 40);
                }
                this.h0 = CertificateRequest.e(r(), byteArrayInputStream);
                TlsProtocol.c(byteArrayInputStream);
                this.e0.e(this.h0);
                TlsUtils.W0(this.A.i(), this.h0.d());
                this.S = (short) 7;
                return;
            case 14:
                switch (this.S) {
                    case 2:
                        j0(null);
                    case 3:
                        this.e0.o();
                        this.f0 = null;
                    case 4:
                    case 5:
                        this.e0.k();
                    case 6:
                    case 7:
                        TlsProtocol.c(byteArrayInputStream);
                        this.S = (short) 8;
                        this.A.i().q();
                        Vector h = this.b0.h();
                        if (h != null) {
                            b0(h);
                        }
                        this.S = (short) 9;
                        CertificateRequest certificateRequest = this.h0;
                        if (certificateRequest == null) {
                            this.e0.g();
                            a = null;
                        } else {
                            a = this.f0.a(certificateRequest);
                            TlsKeyExchange tlsKeyExchange = this.e0;
                            if (a == null) {
                                tlsKeyExchange.g();
                                e = Certificate.a;
                            } else {
                                tlsKeyExchange.m(a);
                                e = a.e();
                            }
                            Y(e);
                        }
                        this.S = (short) 10;
                        o0();
                        this.S = (short) 11;
                        if (TlsUtils.d0(r())) {
                            TlsProtocol.m(r(), this.e0);
                        }
                        TlsHandshakeHash o = this.A.o();
                        this.M.i = TlsProtocol.t(r(), o, null);
                        if (!TlsUtils.d0(r())) {
                            TlsProtocol.m(r(), this.e0);
                        }
                        this.A.t(x().l(), x().v());
                        if (a != null && (a instanceof TlsSignerCredentials)) {
                            TlsSignerCredentials tlsSignerCredentials = (TlsSignerCredentials) a;
                            SignatureAndHashAlgorithm V = TlsUtils.V(r(), tlsSignerCredentials);
                            m0(new DigitallySigned(V, tlsSignerCredentials.d(V == null ? this.M.l() : o.n(V.b()))));
                            this.S = (short) 12;
                        }
                        Z();
                        a0();
                        this.S = (short) 13;
                        return;
                    default:
                        throw new TlsFatalAlert((short) 10);
                }
                break;
            default:
                throw new TlsFatalAlert((short) 10);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    public void f() {
        super.f();
        this.d0 = null;
        this.e0 = null;
        this.f0 = null;
        this.g0 = null;
        this.h0 = null;
    }

    public void i0(TlsClient tlsClient) throws IOException {
        SessionParameters c;
        if (tlsClient == null) {
            throw new IllegalArgumentException("'tlsClient' cannot be null");
        }
        if (this.b0 != null) {
            throw new IllegalStateException("'connect' can only be called once");
        }
        this.b0 = tlsClient;
        SecurityParameters securityParameters = new SecurityParameters();
        this.M = securityParameters;
        securityParameters.a = 1;
        this.c0 = new TlsClientContextImpl(this.B, this.M);
        this.M.g = TlsProtocol.j(tlsClient.N(), this.c0.i());
        this.b0.k(this.c0);
        this.A.m(this.c0);
        TlsSession E = tlsClient.E();
        if (E != null && E.b() && (c = E.c()) != null) {
            this.K = E;
            this.L = c;
        }
        n0();
        this.S = (short) 1;
        d();
    }

    protected void j0(Vector vector) throws IOException {
        this.b0.D(vector);
        this.S = (short) 3;
        TlsKeyExchange a = this.b0.a();
        this.e0 = a;
        a.a(r());
    }

    protected void k0(ByteArrayInputStream byteArrayInputStream) throws IOException {
        NewSessionTicket d = NewSessionTicket.d(byteArrayInputStream);
        TlsProtocol.c(byteArrayInputStream);
        this.b0.O(d);
    }

    protected void l0(ByteArrayInputStream byteArrayInputStream) throws IOException {
        TlsSession tlsSession;
        ProtocolVersion S0 = TlsUtils.S0(byteArrayInputStream);
        if (S0.h()) {
            throw new TlsFatalAlert((short) 47);
        }
        if (!S0.a(this.A.l())) {
            throw new TlsFatalAlert((short) 47);
        }
        if (!S0.i(r().c())) {
            throw new TlsFatalAlert((short) 47);
        }
        this.A.x(S0);
        s().n(S0);
        this.b0.x(S0);
        this.M.h = TlsUtils.B0(32, byteArrayInputStream);
        byte[] E0 = TlsUtils.E0(byteArrayInputStream);
        this.d0 = E0;
        if (E0.length > 32) {
            throw new TlsFatalAlert((short) 47);
        }
        this.b0.F(E0);
        byte[] bArr = this.d0;
        boolean z = false;
        this.T = bArr.length > 0 && (tlsSession = this.K) != null && Arrays.e(bArr, tlsSession.a());
        int G0 = TlsUtils.G0(byteArrayInputStream);
        if (!Arrays.C(this.O, G0) || G0 == 0 || CipherSuite.a(G0) || !TlsUtils.l0(G0, r().b())) {
            throw new TlsFatalAlert((short) 47);
        }
        this.b0.K(G0);
        short P0 = TlsUtils.P0(byteArrayInputStream);
        if (!Arrays.D(this.P, P0)) {
            throw new TlsFatalAlert((short) 47);
        }
        this.b0.e(P0);
        Hashtable Q = TlsProtocol.Q(byteArrayInputStream);
        this.R = Q;
        if (Q != null) {
            Enumeration keys = Q.keys();
            while (keys.hasMoreElements()) {
                Integer num = (Integer) keys.nextElement();
                if (!num.equals(TlsProtocol.a) && TlsUtils.O(this.Q, num) == null) {
                    throw new TlsFatalAlert(AlertDescription.y);
                }
            }
        }
        byte[] O = TlsUtils.O(this.R, TlsProtocol.a);
        if (O != null) {
            this.V = true;
            if (!Arrays.B(O, TlsProtocol.k(TlsUtils.a))) {
                throw new TlsFatalAlert((short) 40);
            }
        }
        this.b0.u(this.V);
        Hashtable hashtable = this.Q;
        Hashtable hashtable2 = this.R;
        if (this.T) {
            if (G0 != this.L.c() || P0 != this.L.d()) {
                throw new TlsFatalAlert((short) 47);
            }
            hashtable = null;
            hashtable2 = this.L.j();
        }
        SecurityParameters securityParameters = this.M;
        securityParameters.b = G0;
        securityParameters.c = P0;
        if (hashtable2 != null) {
            boolean x = TlsExtensionsUtils.x(hashtable2);
            if (x && !TlsUtils.c0(G0)) {
                throw new TlsFatalAlert((short) 47);
            }
            SecurityParameters securityParameters2 = this.M;
            securityParameters2.n = x;
            securityParameters2.o = TlsExtensionsUtils.y(hashtable2);
            this.M.l = L(hashtable, hashtable2, (short) 47);
            this.M.m = TlsExtensionsUtils.z(hashtable2);
            this.W = !this.T && TlsUtils.X(hashtable2, TlsExtensionsUtils.g, (short) 47);
            if (!this.T && TlsUtils.X(hashtable2, TlsProtocol.b, (short) 47)) {
                z = true;
            }
            this.X = z;
        }
        if (hashtable != null) {
            this.b0.m(hashtable2);
        }
        this.M.d = TlsProtocol.w(r(), this.M.b());
        this.M.e = 12;
    }

    protected void m0(DigitallySigned digitallySigned) throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 15);
        digitallySigned.a(handshakeMessage);
        handshakeMessage.a();
    }

    protected void n0() throws IOException {
        byte[] bArr;
        SessionParameters sessionParameters;
        this.A.x(this.b0.r());
        ProtocolVersion c = this.b0.c();
        if (c.h()) {
            throw new TlsFatalAlert((short) 80);
        }
        s().l(c);
        byte[] bArr2 = TlsUtils.a;
        TlsSession tlsSession = this.K;
        if (tlsSession == null || (bArr = tlsSession.a()) == null || bArr.length > 32) {
            bArr = bArr2;
        }
        boolean f = this.b0.f();
        this.O = this.b0.t();
        this.P = this.b0.B();
        if (bArr.length <= 0 || (sessionParameters = this.L) == null || (Arrays.C(this.O, sessionParameters.c()) && Arrays.D(this.P, this.L.d()))) {
            bArr2 = bArr;
        }
        this.Q = this.b0.P();
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 1);
        TlsUtils.A1(c, handshakeMessage);
        handshakeMessage.write(this.M.c());
        TlsUtils.d1(bArr2, handshakeMessage);
        boolean z = TlsUtils.O(this.Q, TlsProtocol.a) == null;
        boolean z2 = !Arrays.C(this.O, 255);
        if (z && z2) {
            this.O = Arrays.b(this.O, 255);
        }
        if (f && !Arrays.C(this.O, CipherSuite.Q3)) {
            this.O = Arrays.b(this.O, CipherSuite.Q3);
        }
        TlsUtils.i1(this.O, handshakeMessage);
        TlsUtils.y1(this.P, handshakeMessage);
        Hashtable hashtable = this.Q;
        if (hashtable != null) {
            TlsProtocol.e0(handshakeMessage, hashtable);
        }
        handshakeMessage.a();
    }

    protected void o0() throws IOException {
        TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(this, (short) 16);
        this.e0.h(handshakeMessage);
        handshakeMessage.a();
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsContext r() {
        return this.c0;
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    AbstractTlsContext s() {
        return this.c0;
    }

    @Override // org.bouncycastle.crypto.tls.TlsProtocol
    protected TlsPeer x() {
        return this.b0;
    }
}
