package org.spongycastle.crypto.tls;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Vector;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.RSAKeyParameters;
import org.spongycastle.crypto.tls.TlsProtocol;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.io.Streams;

/* loaded from: classes.dex */
public class TlsRSAKeyExchange extends AbstractTlsKeyExchange {
    private RSAKeyParameters aZI;
    private TlsEncryptionCredentials aZJ;
    private byte[] aZK;
    private AsymmetricKeyParameter aZl;

    public TlsRSAKeyExchange(Vector vector) {
        super(1, vector);
        this.aZl = null;
        this.aZI = null;
        this.aZJ = null;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void aI() throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final byte[] aJ() throws IOException {
        if (this.aZK == null) {
            throw new TlsFatalAlert((short) 80);
        }
        byte[] bArr = this.aZK;
        this.aZK = null;
        return bArr;
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˊ */
    public final void mo7256(Certificate certificate) throws IOException {
        if (certificate.isEmpty()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate m7269 = certificate.m7269(0);
        try {
            this.aZl = PublicKeyFactory.m7437(m7269.aFX.aHv);
            if (this.aZl.aUu) {
                throw new TlsFatalAlert((short) 80);
            }
            RSAKeyParameters rSAKeyParameters = (RSAKeyParameters) this.aZl;
            if (!rSAKeyParameters.aVi.isProbablePrime(2)) {
                throw new TlsFatalAlert((short) 47);
            }
            this.aZI = rSAKeyParameters;
            TlsUtils.m7395(m7269, 32);
            super.mo7256(certificate);
        } catch (RuntimeException unused) {
            throw new TlsFatalAlert((short) 43);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˊ */
    public final void mo7310(CertificateRequest certificateRequest) throws IOException {
        for (short s : certificateRequest.ao()) {
            switch (s) {
                case 1:
                case 2:
                case 64:
                default:
                    throw new TlsFatalAlert((short) 47);
            }
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˊ */
    public final void mo7258(TlsCredentials tlsCredentials) throws IOException {
        if (!(tlsCredentials instanceof TlsEncryptionCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        mo7256(tlsCredentials.au());
        this.aZJ = (TlsEncryptionCredentials) tlsCredentials;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˋ */
    public final void mo7311(TlsProtocol.HandshakeMessage handshakeMessage) throws IOException {
        this.aZK = TlsRSAUtils.m7372(this.aXn, this.aZI, handshakeMessage);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    /* renamed from: ˎ */
    public final void mo7260(ByteArrayInputStream byteArrayInputStream) throws IOException {
        this.aZK = this.aZJ.mo7285(TlsUtils.m7412(this.aXn) ? Streams.m8371(byteArrayInputStream) : TlsUtils.m7389((InputStream) byteArrayInputStream));
    }
}
