package org.bouncycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.asn1.x509.RSAPublicKeyStructure;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSABlindedEngine;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.crypto.prng.ThreadedSeedGenerator;

/* loaded from: classes12.dex */
public class TlsProtocolHandler {
    private static final byte[] u = new byte[0];

    /* renamed from: e, reason: collision with root package name */
    private RecordStream f56194e;

    /* renamed from: f, reason: collision with root package name */
    private SecureRandom f56195f;

    /* renamed from: m, reason: collision with root package name */
    private byte[] f56202m;

    /* renamed from: n, reason: collision with root package name */
    private byte[] f56203n;

    /* renamed from: o, reason: collision with root package name */
    private byte[] f56204o;

    /* renamed from: q, reason: collision with root package name */
    private BigInteger f56206q;

    /* renamed from: r, reason: collision with root package name */
    private byte[] f56207r;
    private short t;

    /* renamed from: a, reason: collision with root package name */
    private ByteQueue f56190a = new ByteQueue();

    /* renamed from: b, reason: collision with root package name */
    private ByteQueue f56191b = new ByteQueue();

    /* renamed from: c, reason: collision with root package name */
    private ByteQueue f56192c = new ByteQueue();

    /* renamed from: d, reason: collision with root package name */
    private ByteQueue f56193d = new ByteQueue();

    /* renamed from: g, reason: collision with root package name */
    private RSAKeyParameters f56196g = null;

    /* renamed from: h, reason: collision with root package name */
    private TlsInputStream f56197h = null;

    /* renamed from: i, reason: collision with root package name */
    private TlsOuputStream f56198i = null;

    /* renamed from: j, reason: collision with root package name */
    private boolean f56199j = false;

    /* renamed from: k, reason: collision with root package name */
    private boolean f56200k = false;

    /* renamed from: l, reason: collision with root package name */
    private boolean f56201l = false;

    /* renamed from: p, reason: collision with root package name */
    private TlsCipherSuite f56205p = null;

    /* renamed from: s, reason: collision with root package name */
    private CertificateVerifyer f56208s = null;

    public TlsProtocolHandler(InputStream inputStream, OutputStream outputStream) {
        ThreadedSeedGenerator threadedSeedGenerator = new ThreadedSeedGenerator();
        SecureRandom secureRandom = new SecureRandom();
        this.f56195f = secureRandom;
        secureRandom.setSeed(threadedSeedGenerator.generateSeed(20, true));
        this.f56194e = new RecordStream(this, inputStream, outputStream);
    }

    public TlsProtocolHandler(InputStream inputStream, OutputStream outputStream, SecureRandom secureRandom) {
        this.f56195f = secureRandom;
        this.f56194e = new RecordStream(this, inputStream, outputStream);
    }

    private void d() throws IOException {
        while (this.f56192c.size() >= 2) {
            byte[] bArr = new byte[2];
            this.f56192c.read(bArr, 0, 2, 0);
            this.f56192c.removeData(2);
            short s2 = bArr[0];
            short s3 = bArr[1];
            if (s2 == 2) {
                this.f56200k = true;
                this.f56199j = true;
                try {
                    this.f56194e.a();
                } catch (Exception unused) {
                }
                throw new IOException("Internal TLS error, this could be an attack");
            }
            if (s3 == 0) {
                b((short) 1, (short) 0);
            }
        }
    }

    private void e() {
    }

    private void f() throws IOException {
        short s2;
        while (this.f56191b.size() > 0) {
            byte[] bArr = new byte[1];
            this.f56191b.read(bArr, 0, 1, 0);
            this.f56191b.removeData(1);
            if (bArr[0] != 1) {
                s2 = 10;
            } else if (this.t == 8) {
                RecordStream recordStream = this.f56194e;
                recordStream.f56176f = recordStream.f56177g;
                this.t = (short) 9;
            } else {
                s2 = 40;
            }
            b((short) 2, s2);
        }
    }

    private void h() throws IOException {
        int i2;
        do {
            i2 = 0;
            if (this.f56193d.size() >= 4) {
                byte[] bArr = new byte[4];
                this.f56193d.read(bArr, 0, 4, 0);
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
                short g2 = TlsUtils.g(byteArrayInputStream);
                int f2 = TlsUtils.f(byteArrayInputStream);
                int i3 = f2 + 4;
                if (this.f56193d.size() >= i3) {
                    byte[] bArr2 = new byte[f2];
                    this.f56193d.read(bArr2, 0, f2, 4);
                    this.f56193d.removeData(i3);
                    if (g2 != 20) {
                        this.f56194e.f56174d.update(bArr, 0, 4);
                        this.f56194e.f56175e.update(bArr, 0, 4);
                        this.f56194e.f56174d.update(bArr2, 0, f2);
                        this.f56194e.f56175e.update(bArr2, 0, f2);
                    }
                    ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(bArr2);
                    if (g2 != 2) {
                        byte[] bArr3 = null;
                        byte[] bArr4 = null;
                        RSAPublicKeyStructure rSAPublicKeyStructure = null;
                        if (g2 == 14) {
                            short s2 = this.t;
                            if (s2 != 3) {
                                if (s2 != 4) {
                                    b((short) 2, (short) 40);
                                }
                            } else if (this.f56205p.c() != 1) {
                                b((short) 2, (short) 10);
                            }
                            a(byteArrayInputStream2);
                            this.t = (short) 5;
                            short c2 = this.f56205p.c();
                            if (c2 == 1) {
                                byte[] bArr5 = new byte[48];
                                this.f56207r = bArr5;
                                bArr5[0] = 3;
                                bArr5[1] = 1;
                                for (int i4 = 2; i4 < 48; i4++) {
                                    this.f56207r[i4] = (byte) this.f56195f.nextInt();
                                }
                                PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSABlindedEngine());
                                pKCS1Encoding.init(true, new ParametersWithRandom(this.f56196g, this.f56195f));
                                try {
                                    byte[] bArr6 = this.f56207r;
                                    bArr4 = pKCS1Encoding.processBlock(bArr6, 0, bArr6.length);
                                } catch (InvalidCipherTextException unused) {
                                    b((short) 2, (short) 80);
                                }
                                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                                TlsUtils.l((short) 16, byteArrayOutputStream);
                                TlsUtils.j(bArr4.length + 2, byteArrayOutputStream);
                                TlsUtils.h(bArr4.length, byteArrayOutputStream);
                                byteArrayOutputStream.write(bArr4);
                                byte[] byteArray = byteArrayOutputStream.toByteArray();
                                this.f56194e.d((short) 22, byteArray, 0, byteArray.length);
                            } else if (c2 != 5) {
                                b((short) 2, (short) 10);
                            } else {
                                byte[] byteArray2 = this.f56206q.toByteArray();
                                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                                TlsUtils.l((short) 16, byteArrayOutputStream2);
                                TlsUtils.j(byteArray2.length + 2, byteArrayOutputStream2);
                                TlsUtils.h(byteArray2.length, byteArrayOutputStream2);
                                byteArrayOutputStream2.write(byteArray2);
                                byte[] byteArray3 = byteArrayOutputStream2.toByteArray();
                                this.f56194e.d((short) 22, byteArray3, 0, byteArray3.length);
                            }
                            this.t = (short) 6;
                            this.f56194e.d((short) 20, new byte[]{1}, 0, 1);
                            this.t = (short) 7;
                            this.f56204o = new byte[48];
                            byte[] bArr7 = this.f56202m;
                            byte[] bArr8 = new byte[bArr7.length + this.f56203n.length];
                            System.arraycopy(bArr7, 0, bArr8, 0, bArr7.length);
                            byte[] bArr9 = this.f56203n;
                            System.arraycopy(bArr9, 0, bArr8, this.f56202m.length, bArr9.length);
                            TlsUtils.a(this.f56207r, "master secret".getBytes(), bArr8, this.f56204o);
                            RecordStream recordStream = this.f56194e;
                            TlsCipherSuite tlsCipherSuite = this.f56205p;
                            recordStream.f56177g = tlsCipherSuite;
                            tlsCipherSuite.d(this.f56204o, this.f56202m, this.f56203n);
                            byte[] bArr10 = new byte[12];
                            byte[] bArr11 = new byte[36];
                            this.f56194e.f56174d.doFinal(bArr11, 0);
                            TlsUtils.a(this.f56204o, "client finished".getBytes(), bArr11, bArr10);
                            ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
                            TlsUtils.l((short) 20, byteArrayOutputStream3);
                            TlsUtils.j(12, byteArrayOutputStream3);
                            byteArrayOutputStream3.write(bArr10);
                            byte[] byteArray4 = byteArrayOutputStream3.toByteArray();
                            this.f56194e.d((short) 22, byteArray4, 0, byteArray4.length);
                            this.t = (short) 8;
                        } else if (g2 == 20) {
                            if (this.t == 9) {
                                byte[] bArr12 = new byte[12];
                                TlsUtils.d(bArr12, byteArrayInputStream2);
                                a(byteArrayInputStream2);
                                byte[] bArr13 = new byte[12];
                                byte[] bArr14 = new byte[36];
                                this.f56194e.f56175e.doFinal(bArr14, 0);
                                TlsUtils.a(this.f56204o, "server finished".getBytes(), bArr14, bArr13);
                                while (i2 < 12) {
                                    if (bArr12[i2] != bArr13[i2]) {
                                        b((short) 2, (short) 40);
                                    }
                                    i2++;
                                }
                                this.t = (short) 10;
                                this.f56201l = true;
                            }
                            b((short) 2, (short) 10);
                        } else if (g2 != 11) {
                            if (g2 == 12 && this.t == 3) {
                                if (this.f56205p.c() != 5) {
                                    b((short) 2, (short) 10);
                                }
                                int e2 = TlsUtils.e(byteArrayInputStream2);
                                byte[] bArr15 = new byte[e2];
                                TlsUtils.d(bArr15, byteArrayInputStream2);
                                int e3 = TlsUtils.e(byteArrayInputStream2);
                                byte[] bArr16 = new byte[e3];
                                TlsUtils.d(bArr16, byteArrayInputStream2);
                                int e4 = TlsUtils.e(byteArrayInputStream2);
                                byte[] bArr17 = new byte[e4];
                                TlsUtils.d(bArr17, byteArrayInputStream2);
                                int e5 = TlsUtils.e(byteArrayInputStream2);
                                byte[] bArr18 = new byte[e5];
                                TlsUtils.d(bArr18, byteArrayInputStream2);
                                a(byteArrayInputStream2);
                                CombinedHash combinedHash = new CombinedHash();
                                ByteArrayOutputStream byteArrayOutputStream4 = new ByteArrayOutputStream();
                                TlsUtils.h(e2, byteArrayOutputStream4);
                                byteArrayOutputStream4.write(bArr15);
                                TlsUtils.h(e3, byteArrayOutputStream4);
                                byteArrayOutputStream4.write(bArr16);
                                TlsUtils.h(e4, byteArrayOutputStream4);
                                byteArrayOutputStream4.write(bArr17);
                                byte[] byteArray5 = byteArrayOutputStream4.toByteArray();
                                byte[] bArr19 = this.f56202m;
                                combinedHash.update(bArr19, 0, bArr19.length);
                                byte[] bArr20 = this.f56203n;
                                combinedHash.update(bArr20, 0, bArr20.length);
                                combinedHash.update(byteArray5, 0, byteArray5.length);
                                int digestSize = combinedHash.getDigestSize();
                                byte[] bArr21 = new byte[digestSize];
                                combinedHash.doFinal(bArr21, 0);
                                PKCS1Encoding pKCS1Encoding2 = new PKCS1Encoding(new RSABlindedEngine());
                                pKCS1Encoding2.init(false, this.f56196g);
                                try {
                                    bArr3 = pKCS1Encoding2.processBlock(bArr18, 0, e5);
                                } catch (InvalidCipherTextException unused2) {
                                    b((short) 2, (short) 42);
                                }
                                if (bArr3.length != digestSize) {
                                    b((short) 2, (short) 42);
                                }
                                for (int i5 = 0; i5 < bArr3.length; i5++) {
                                    if (bArr3[i5] != bArr21[i5]) {
                                        b((short) 2, (short) 42);
                                    }
                                }
                                BigInteger bigInteger = new BigInteger(1, bArr15);
                                BigInteger bigInteger2 = new BigInteger(1, bArr16);
                                BigInteger bigInteger3 = new BigInteger(1, bArr17);
                                BigInteger bigInteger4 = new BigInteger(bigInteger.bitLength() - 1, this.f56195f);
                                this.f56206q = bigInteger2.modPow(bigInteger4, bigInteger);
                                byte[] byteArray6 = bigInteger3.modPow(bigInteger4, bigInteger).toByteArray();
                                this.f56207r = byteArray6;
                                if (byteArray6[0] == 0) {
                                    int length = byteArray6.length - 1;
                                    byte[] bArr22 = new byte[length];
                                    System.arraycopy(byteArray6, 1, bArr22, 0, length);
                                    this.f56207r = bArr22;
                                }
                                this.t = (short) 4;
                            }
                            b((short) 2, (short) 10);
                        } else {
                            if (this.t == 2) {
                                Certificate a2 = Certificate.a(byteArrayInputStream2);
                                a(byteArrayInputStream2);
                                if (!this.f56208s.isValid(a2.getCerts())) {
                                    b((short) 2, (short) 90);
                                }
                                try {
                                    rSAPublicKeyStructure = RSAPublicKeyStructure.getInstance(a2.f56168a[0].getTBSCertificate().getSubjectPublicKeyInfo().getPublicKey());
                                } catch (Exception unused3) {
                                    b((short) 2, (short) 43);
                                }
                                this.f56196g = new RSAKeyParameters(false, rSAPublicKeyStructure.getModulus(), rSAPublicKeyStructure.getPublicExponent());
                                this.t = (short) 3;
                            }
                            b((short) 2, (short) 10);
                        }
                        i2 = 1;
                    } else {
                        if (this.t == 1) {
                            TlsUtils.b(byteArrayInputStream2, this);
                            byte[] bArr23 = new byte[32];
                            this.f56203n = bArr23;
                            TlsUtils.d(bArr23, byteArrayInputStream2);
                            TlsUtils.d(new byte[TlsUtils.g(byteArrayInputStream2)], byteArrayInputStream2);
                            this.f56205p = TlsCipherSuiteManager.a(TlsUtils.e(byteArrayInputStream2), this);
                            if (TlsUtils.g(byteArrayInputStream2) != 0) {
                                b((short) 2, (short) 47);
                            }
                            a(byteArrayInputStream2);
                            this.t = (short) 2;
                            i2 = 1;
                        }
                        b((short) 2, (short) 10);
                    }
                }
            }
        } while (i2 != 0);
    }

    protected void a(ByteArrayInputStream byteArrayInputStream) throws IOException {
        if (byteArrayInputStream.available() > 0) {
            b((short) 2, (short) 50);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void b(short s2, short s3) throws IOException {
        if (this.f56199j) {
            throw new IOException("Internal TLS error, this could be an attack");
        }
        byte[] bArr = {(byte) s2, (byte) s3};
        this.f56199j = true;
        if (s2 == 2) {
            this.f56200k = true;
        }
        this.f56194e.d((short) 21, bArr, 0, 2);
        this.f56194e.a();
        if (s2 == 2) {
            throw new IOException("Internal TLS error, this could be an attack");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void c() throws IOException {
        this.f56194e.c();
    }

    public void close() throws IOException {
        if (this.f56199j) {
            return;
        }
        b((short) 1, (short) 0);
    }

    public void connect(CertificateVerifyer certificateVerifyer) throws IOException {
        this.f56208s = certificateVerifyer;
        this.f56202m = new byte[32];
        int currentTimeMillis = (int) (System.currentTimeMillis() / 1000);
        byte[] bArr = this.f56202m;
        bArr[0] = (byte) (currentTimeMillis >> 24);
        bArr[1] = (byte) (currentTimeMillis >> 16);
        bArr[2] = (byte) (currentTimeMillis >> 8);
        bArr[3] = (byte) currentTimeMillis;
        int i2 = 4;
        while (true) {
            byte[] bArr2 = this.f56202m;
            if (i2 >= bArr2.length) {
                break;
            }
            bArr2[i2] = (byte) this.f56195f.nextInt();
            i2++;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsUtils.n(byteArrayOutputStream);
        byteArrayOutputStream.write(this.f56202m);
        TlsUtils.l((short) 0, byteArrayOutputStream);
        TlsCipherSuiteManager.b(byteArrayOutputStream);
        TlsUtils.l((short) 1, byteArrayOutputStream);
        byteArrayOutputStream.write(new byte[]{0});
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        TlsUtils.l((short) 1, byteArrayOutputStream2);
        TlsUtils.j(byteArrayOutputStream.size(), byteArrayOutputStream2);
        byteArrayOutputStream2.write(byteArrayOutputStream.toByteArray());
        byte[] byteArray = byteArrayOutputStream2.toByteArray();
        this.f56194e.d((short) 22, byteArray, 0, byteArray.length);
        this.t = (short) 1;
        while (this.t != 10) {
            this.f56194e.readData();
        }
        this.f56197h = new TlsInputStream(this);
        this.f56198i = new TlsOuputStream(this);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void g(short s2, byte[] bArr, int i2, int i3) throws IOException {
        switch (s2) {
            case 20:
                this.f56191b.addData(bArr, i2, i3);
                f();
                return;
            case 21:
                this.f56192c.addData(bArr, i2, i3);
                d();
                return;
            case 22:
                this.f56193d.addData(bArr, i2, i3);
                h();
                return;
            case 23:
                if (!this.f56201l) {
                    b((short) 2, (short) 10);
                }
                this.f56190a.addData(bArr, i2, i3);
                e();
                return;
            default:
                return;
        }
    }

    public TlsInputStream getTlsInputStream() {
        return this.f56197h;
    }

    public TlsOuputStream getTlsOuputStream() {
        return this.f56198i;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int i(byte[] bArr, int i2, int i3) throws IOException {
        while (this.f56190a.size() == 0) {
            if (this.f56200k) {
                throw new IOException("Internal TLS error, this could be an attack");
            }
            if (this.f56199j) {
                return -1;
            }
            try {
                this.f56194e.readData();
            } catch (IOException e2) {
                if (!this.f56199j) {
                    b((short) 2, (short) 80);
                }
                throw e2;
            } catch (RuntimeException e3) {
                if (!this.f56199j) {
                    b((short) 2, (short) 80);
                }
                throw e3;
            }
        }
        int min = Math.min(i3, this.f56190a.size());
        this.f56190a.read(bArr, i2, min, 0);
        this.f56190a.removeData(min);
        return min;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void j(byte[] bArr, int i2, int i3) throws IOException {
        if (this.f56200k) {
            throw new IOException("Internal TLS error, this could be an attack");
        }
        if (this.f56199j) {
            throw new IOException("Sorry, connection has been closed, you cannot write more data");
        }
        this.f56194e.d((short) 23, u, 0, 0);
        do {
            int min = Math.min(i3, 16384);
            try {
                this.f56194e.d((short) 23, bArr, i2, min);
                i2 += min;
                i3 -= min;
            } catch (IOException e2) {
                if (!this.f56199j) {
                    b((short) 2, (short) 80);
                }
                throw e2;
            } catch (RuntimeException e3) {
                if (!this.f56199j) {
                    b((short) 2, (short) 80);
                }
                throw e3;
            }
        } while (i3 > 0);
    }
}
