package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.DHPrivateKeyParameters;
import org.spongycastle.crypto.params.DHPublicKeyParameters;
import org.spongycastle.crypto.params.RSAKeyParameters;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;

/* loaded from: classes.dex */
public class TlsPSKKeyExchange extends AbstractTlsKeyExchange {
    private byte[] aZF;
    private DHPrivateKeyParameters aZG;
    private DHPublicKeyParameters aZH;
    private RSAKeyParameters aZI;
    private TlsEncryptionCredentials aZJ;
    private byte[] aZK;
    private AsymmetricKeyParameter aZl;

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void aI() throws IOException {
        if (this.aXl == 15) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final byte[] aJ() throws IOException {
        byte[] bArr;
        TlsPSKIdentity tlsPSKIdentity = null;
        byte[] aM = tlsPSKIdentity.aM();
        int length = aM.length;
        if (this.aXl == 14) {
            if (this.aZG == null) {
                throw new TlsFatalAlert((short) 80);
            }
            bArr = TlsDHUtils.m7318(this.aZH, this.aZG);
        } else {
            if (this.aXl == 24) {
                throw new TlsFatalAlert((short) 80);
            }
            bArr = this.aXl == 15 ? this.aZK : new byte[length];
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(bArr.length + 4 + aM.length);
        TlsUtils.m7416(bArr, byteArrayOutputStream);
        TlsUtils.m7416(aM, byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange
    public final boolean aj() {
        switch (this.aXl) {
            case 14:
            case 24:
                return true;
            default:
                return false;
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public final byte[] ak() throws IOException {
        this.aZF = null;
        if (this.aZF == null && !aj()) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (this.aZF == null) {
            TlsUtils.m7416(TlsUtils.auv, byteArrayOutputStream);
        } else {
            TlsUtils.m7416(this.aZF, byteArrayOutputStream);
        }
        if (this.aXl == 14) {
            throw new TlsFatalAlert((short) 80);
        }
        return byteArrayOutputStream.toByteArray();
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˊ */
    public final void mo7256(Certificate certificate) throws IOException {
        if (this.aXl != 15) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.isEmpty()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate m7269 = certificate.m7269(0);
        try {
            this.aZl = PublicKeyFactory.m7437(m7269.aFX.aHv);
            if (this.aZl.aUu) {
                throw new TlsFatalAlert((short) 80);
            }
            RSAKeyParameters rSAKeyParameters = (RSAKeyParameters) this.aZl;
            if (!rSAKeyParameters.aVi.isProbablePrime(2)) {
                throw new TlsFatalAlert((short) 47);
            }
            this.aZI = rSAKeyParameters;
            TlsUtils.m7395(m7269, 32);
            super.mo7256(certificate);
        } catch (RuntimeException unused) {
            throw new TlsFatalAlert((short) 43);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˊ */
    public final void mo7310(CertificateRequest certificateRequest) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˊ */
    public final void mo7258(TlsCredentials tlsCredentials) throws IOException {
        if (!(tlsCredentials instanceof TlsEncryptionCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        mo7256(tlsCredentials.au());
        this.aZJ = (TlsEncryptionCredentials) tlsCredentials;
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˋ */
    public final void mo7259(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.aZF = TlsUtils.m7389((InputStream) byteArrayInputStream);
        if (this.aXl == 14) {
            this.aZH = TlsDHUtils.m7316(ServerDHParams.m7301(byteArrayInputStream).aD());
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˋ */
    public final void mo7311(TlsProtocol.HandshakeMessage handshakeMessage) throws IOException {
        TlsPSKIdentity tlsPSKIdentity = null;
        TlsUtils.m7416(tlsPSKIdentity.aL(), handshakeMessage);
        if (this.aXl == 14) {
            this.aZG = TlsDHUtils.m7315(this.aXn.af(), this.aZH.aUF, (OutputStream) handshakeMessage);
        } else {
            if (this.aXl == 24) {
                throw new TlsFatalAlert((short) 80);
            }
            if (this.aXl == 15) {
                this.aZK = TlsRSAUtils.m7372(this.aXn, this.aZI, handshakeMessage);
            }
        }
    }
}
