package com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls;

import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.CryptoException;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.Digest;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.Signer;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.agreement.srp.SRP6Client;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.agreement.srp.SRP6Server;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.agreement.srp.SRP6Util;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.params.SRP6GroupParameters;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.util.PublicKeyFactory;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.util.Arrays;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.util.BigIntegers;
import com.zeroturnaround.xrebel.bundled.org.bouncycastle.util.io.TeeInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Vector;

/* loaded from: input_file:com/zeroturnaround/xrebel/bundled/org/bouncycastle/crypto/tls/TlsSRPKeyExchange.class */
public class TlsSRPKeyExchange extends AbstractTlsKeyExchange {
    protected TlsSigner a;

    /* renamed from: a, reason: collision with other field name */
    protected TlsSRPGroupVerifier f1670a;

    /* renamed from: a, reason: collision with other field name */
    protected byte[] f1671a;
    protected byte[] b;

    /* renamed from: a, reason: collision with other field name */
    protected AsymmetricKeyParameter f1672a;

    /* renamed from: a, reason: collision with other field name */
    protected SRP6GroupParameters f1673a;

    /* renamed from: a, reason: collision with other field name */
    protected SRP6Client f1674a;

    /* renamed from: a, reason: collision with other field name */
    protected SRP6Server f1675a;

    /* renamed from: a, reason: collision with other field name */
    protected BigInteger f1676a;

    /* renamed from: b, reason: collision with other field name */
    protected BigInteger f1677b;
    protected byte[] c;

    /* renamed from: a, reason: collision with other field name */
    protected TlsSignerCredentials f1678a;

    protected static TlsSigner a(int i) {
        switch (i) {
            case 21:
                return null;
            case 22:
                return new TlsDSSSigner();
            case 23:
                return new TlsRSASigner();
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
    }

    public TlsSRPKeyExchange(int i, Vector vector, TlsSRPGroupVerifier tlsSRPGroupVerifier, byte[] bArr, byte[] bArr2) {
        super(i, vector);
        this.f1672a = null;
        this.f1673a = null;
        this.f1674a = null;
        this.f1675a = null;
        this.f1676a = null;
        this.f1677b = null;
        this.c = null;
        this.f1678a = null;
        this.a = a(i);
        this.f1670a = tlsSRPGroupVerifier;
        this.f1671a = bArr;
        this.b = bArr2;
        this.f1674a = new SRP6Client();
    }

    public TlsSRPKeyExchange(int i, Vector vector, byte[] bArr, TlsSRPLoginParameters tlsSRPLoginParameters) {
        super(i, vector);
        this.f1672a = null;
        this.f1673a = null;
        this.f1674a = null;
        this.f1675a = null;
        this.f1676a = null;
        this.f1677b = null;
        this.c = null;
        this.f1678a = null;
        this.a = a(i);
        this.f1671a = bArr;
        this.f1675a = new SRP6Server();
        this.f1673a = tlsSRPLoginParameters.a();
        this.f1677b = tlsSRPLoginParameters.m1578a();
        this.c = tlsSRPLoginParameters.m1577a();
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    public void a(TlsContext tlsContext) {
        super.a(tlsContext);
        if (this.a != null) {
            this.a.a(tlsContext);
        }
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    public void c() throws IOException {
        if (this.a != null) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    public void a(Certificate certificate) throws IOException {
        if (this.a == null) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.a()) {
            throw new TlsFatalAlert((short) 42);
        }
        com.zeroturnaround.xrebel.bundled.org.bouncycastle.asn1.x509.Certificate a = certificate.a(0);
        try {
            this.f1672a = PublicKeyFactory.a(a.m1198a());
            if (!this.a.a(this.f1672a)) {
                throw new TlsFatalAlert((short) 46);
            }
            TlsUtils.a(a, 128);
            super.a(certificate);
        } catch (RuntimeException e) {
            throw new TlsFatalAlert((short) 43, e);
        }
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    public void a(TlsCredentials tlsCredentials) throws IOException {
        if (this.a == 21 || !(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        a(tlsCredentials.a());
        this.f1678a = (TlsSignerCredentials) tlsCredentials;
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.AbstractTlsKeyExchange
    public boolean a() {
        return true;
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    /* renamed from: a */
    public byte[] mo1489a() throws IOException {
        this.f1675a.a(this.f1673a, this.f1677b, TlsUtils.m1599a((short) 2), this.f1488a.mo1486a());
        ServerSRPParams serverSRPParams = new ServerSRPParams(this.f1673a.b(), this.f1673a.a(), this.c, this.f1675a.a());
        DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
        serverSRPParams.a(digestInputBuffer);
        if (this.f1678a != null) {
            SignatureAndHashAlgorithm a = TlsUtils.a(this.f1488a, this.f1678a);
            Digest a2 = TlsUtils.a(a);
            SecurityParameters mo1487a = this.f1488a.mo1487a();
            a2.a(mo1487a.f1580b, 0, mo1487a.f1580b.length);
            a2.a(mo1487a.f1581c, 0, mo1487a.f1581c.length);
            digestInputBuffer.a(a2);
            byte[] bArr = new byte[a2.mo1286a()];
            a2.mo1308a(bArr, 0);
            new DigitallySigned(a, this.f1678a.a(bArr)).a(digestInputBuffer);
        }
        return digestInputBuffer.toByteArray();
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    /* renamed from: a */
    public void mo1491a(InputStream inputStream) throws IOException {
        SecurityParameters mo1487a = this.f1488a.mo1487a();
        SignerInputBuffer signerInputBuffer = null;
        InputStream inputStream2 = inputStream;
        if (this.a != null) {
            signerInputBuffer = new SignerInputBuffer();
            inputStream2 = new TeeInputStream(inputStream, signerInputBuffer);
        }
        ServerSRPParams a = ServerSRPParams.a(inputStream2);
        if (signerInputBuffer != null) {
            DigitallySigned a2 = mo1491a(inputStream);
            Signer a3 = a(this.a, a2.a(), mo1487a);
            signerInputBuffer.a(a3);
            if (!a3.mo1478a(a2.m1519a())) {
                throw new TlsFatalAlert((short) 51);
            }
        }
        this.f1673a = new SRP6GroupParameters(a.c(), a.b());
        if (!this.f1670a.a(this.f1673a)) {
            throw new TlsFatalAlert((short) 71);
        }
        this.c = a.m1543a();
        try {
            this.f1676a = SRP6Util.a(this.f1673a.b(), a.a());
            this.f1674a.a(this.f1673a, TlsUtils.m1599a((short) 2), this.f1488a.mo1486a());
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    public void a(CertificateRequest certificateRequest) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    public void b(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    public void a(OutputStream outputStream) throws IOException {
        TlsSRPUtils.a(this.f1674a.a(this.c, this.f1671a, this.b), outputStream);
        this.f1488a.mo1487a().f = Arrays.m2169a(this.f1671a);
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    public void b(InputStream inputStream) throws IOException {
        try {
            this.f1676a = SRP6Util.a(this.f1673a.b(), TlsSRPUtils.a(inputStream));
            this.f1488a.mo1487a().f = Arrays.m2169a(this.f1671a);
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // com.zeroturnaround.xrebel.bundled.org.bouncycastle.crypto.tls.TlsKeyExchange
    /* renamed from: b */
    public byte[] mo1571b() throws IOException {
        try {
            return BigIntegers.a(this.f1675a != null ? this.f1675a.a(this.f1676a) : this.f1674a.a(this.f1676a));
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    protected Signer a(TlsSigner tlsSigner, SignatureAndHashAlgorithm signatureAndHashAlgorithm, SecurityParameters securityParameters) {
        Signer a = tlsSigner.a(signatureAndHashAlgorithm, this.f1672a);
        a.a(securityParameters.f1580b, 0, securityParameters.f1580b.length);
        a.a(securityParameters.f1581c, 0, securityParameters.f1581c.length);
        return a;
    }
}
