package org.spongycastle.crypto.tls;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Vector;
import org.spongycastle.crypto.CryptoException;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.Signer;
import org.spongycastle.crypto.agreement.srp.SRP6Client;
import org.spongycastle.crypto.agreement.srp.SRP6Server;
import org.spongycastle.crypto.agreement.srp.SRP6Util;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.SRP6GroupParameters;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.BigIntegers;
import org.spongycastle.util.io.TeeInputStream;

/* loaded from: classes2.dex */
public class TlsSRPKeyExchange extends AbstractTlsKeyExchange {
    protected BigInteger a;

    /* renamed from: a, reason: collision with other field name */
    protected SRP6Client f4660a;

    /* renamed from: a, reason: collision with other field name */
    protected SRP6Server f4661a;

    /* renamed from: a, reason: collision with other field name */
    protected AsymmetricKeyParameter f4662a;

    /* renamed from: a, reason: collision with other field name */
    protected SRP6GroupParameters f4663a;

    /* renamed from: a, reason: collision with other field name */
    protected TlsSRPGroupVerifier f4664a;

    /* renamed from: a, reason: collision with other field name */
    protected TlsSigner f4665a;

    /* renamed from: a, reason: collision with other field name */
    protected TlsSignerCredentials f4666a;

    /* renamed from: a, reason: collision with other field name */
    protected byte[] f4667a;
    protected BigInteger b;

    /* renamed from: b, reason: collision with other field name */
    protected byte[] f4668b;
    protected byte[] c;

    public TlsSRPKeyExchange(int i, Vector vector, TlsSRPGroupVerifier tlsSRPGroupVerifier, byte[] bArr, byte[] bArr2) {
        super(i, vector);
        this.f4662a = null;
        this.f4663a = null;
        this.f4660a = null;
        this.f4661a = null;
        this.a = null;
        this.b = null;
        this.c = null;
        this.f4666a = null;
        this.f4665a = a(i);
        this.f4664a = tlsSRPGroupVerifier;
        this.f4667a = bArr;
        this.f4668b = bArr2;
        this.f4660a = new SRP6Client();
    }

    public TlsSRPKeyExchange(int i, Vector vector, byte[] bArr, TlsSRPLoginParameters tlsSRPLoginParameters) {
        super(i, vector);
        this.f4662a = null;
        this.f4663a = null;
        this.f4660a = null;
        this.f4661a = null;
        this.a = null;
        this.b = null;
        this.c = null;
        this.f4666a = null;
        this.f4665a = a(i);
        this.f4667a = bArr;
        this.f4661a = new SRP6Server();
        this.f4663a = tlsSRPLoginParameters.m925a();
        this.b = tlsSRPLoginParameters.a();
        this.c = tlsSRPLoginParameters.m926a();
    }

    private static TlsSigner a(int i) {
        switch (i) {
            case 21:
                return null;
            case 22:
                return new TlsDSSSigner();
            case 23:
                return new TlsRSASigner();
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: a */
    public final void mo875a(InputStream inputStream) throws IOException {
        SignerInputBuffer signerInputBuffer;
        InputStream inputStream2;
        SecurityParameters mo874a = this.f4483a.mo874a();
        if (this.f4665a != null) {
            signerInputBuffer = new SignerInputBuffer();
            inputStream2 = new TeeInputStream(inputStream, signerInputBuffer);
        } else {
            signerInputBuffer = null;
            inputStream2 = inputStream;
        }
        ServerSRPParams a = ServerSRPParams.a(inputStream2);
        if (signerInputBuffer != null) {
            DigitallySigned a2 = mo875a(inputStream);
            Signer a3 = this.f4665a.a(a2.a(), this.f4662a);
            a3.a(mo874a.f4573b, 0, mo874a.f4573b.length);
            a3.a(mo874a.f4575c, 0, mo874a.f4575c.length);
            signerInputBuffer.a(a3);
            if (!a3.mo869a(a2.m899a())) {
                throw new TlsFatalAlert((short) 51);
            }
        }
        this.f4663a = new SRP6GroupParameters(a.c(), a.b());
        if (!this.f4664a.a(this.f4663a)) {
            throw new TlsFatalAlert((short) 71);
        }
        this.c = a.m908a();
        try {
            this.a = SRP6Util.a(this.f4663a.a, a.a());
            this.f4660a.a(this.f4663a, TlsUtils.m932a((short) 2), this.f4483a.a());
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(OutputStream outputStream) throws IOException {
        TlsSRPUtils.a(this.f4660a.a(this.c, this.f4667a, this.f4668b), outputStream);
        this.f4483a.mo874a().f = Arrays.m1188a(this.f4667a);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(Certificate certificate) throws IOException {
        if (this.f4665a == null) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.m885a()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate a = certificate.a();
        try {
            this.f4662a = PublicKeyFactory.a(a.f3745a.f3792a);
            if (!this.f4665a.a(this.f4662a)) {
                throw new TlsFatalAlert((short) 46);
            }
            TlsUtils.a(a, 128);
            super.a(certificate);
        } catch (RuntimeException e) {
            throw new TlsFatalAlert((short) 43, e);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(CertificateRequest certificateRequest) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(TlsContext tlsContext) {
        super.a(tlsContext);
        TlsSigner tlsSigner = this.f4665a;
        if (tlsSigner != null) {
            tlsSigner.a(tlsContext);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final void a(TlsCredentials tlsCredentials) throws IOException {
        if (this.a == 21 || !(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        a(tlsCredentials.a());
        this.f4666a = (TlsSignerCredentials) tlsCredentials;
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange
    /* renamed from: a */
    public final boolean mo876a() {
        return true;
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: a */
    public final byte[] mo877a() throws IOException {
        this.f4661a.a(this.f4663a, this.b, TlsUtils.m932a((short) 2), this.f4483a.a());
        ServerSRPParams serverSRPParams = new ServerSRPParams(this.f4663a.a, this.f4663a.b, this.c, this.f4661a.a());
        DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
        serverSRPParams.a(digestInputBuffer);
        if (this.f4666a != null) {
            SignatureAndHashAlgorithm a = TlsUtils.a(this.f4483a, this.f4666a);
            Digest a2 = TlsUtils.a(a);
            SecurityParameters mo874a = this.f4483a.mo874a();
            a2.a(mo874a.f4573b, 0, mo874a.f4573b.length);
            a2.a(mo874a.f4575c, 0, mo874a.f4575c.length);
            digestInputBuffer.a(a2);
            byte[] bArr = new byte[a2.a()];
            a2.mo834a(bArr, 0);
            new DigitallySigned(a, this.f4666a.a(bArr)).a(digestInputBuffer);
        }
        return digestInputBuffer.toByteArray();
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void b() throws IOException {
        if (this.f4665a != null) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final void b(InputStream inputStream) throws IOException {
        try {
            this.a = SRP6Util.a(this.f4663a.a, TlsSRPUtils.a(inputStream));
            this.f4483a.mo874a().f = Arrays.m1188a(this.f4667a);
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void b(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: b */
    public final byte[] mo913b() throws IOException {
        try {
            return BigIntegers.a(this.f4661a != null ? this.f4661a.a(this.a) : this.f4660a.a(this.a));
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }
}
