package com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls;

import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.CryptoException;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.Digest;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.Signer;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.agreement.srp.SRP6Client;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.agreement.srp.SRP6Server;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.agreement.srp.SRP6Util;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.params.AsymmetricKeyParameter;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.params.SRP6GroupParameters;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.util.PublicKeyFactory;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.util.Arrays;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.util.BigIntegers;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.util.io.TeeInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Vector;

/* loaded from: classes4.dex */
public class TlsSRPKeyExchange extends AbstractTlsKeyExchange {
    private byte[] identity;
    private TlsSRPGroupVerifier m12197;
    private TlsSignerCredentials m12240;
    private TlsSigner m12241;
    private AsymmetricKeyParameter m12243;
    private SRP6GroupParameters m12277;
    private SRP6Client m12278;
    private SRP6Server m12279;
    private BigInteger m12280;
    private BigInteger m12281;
    private byte[] m12282;
    private byte[] m7607;

    public TlsSRPKeyExchange(int i, Vector vector, TlsSRPGroupVerifier tlsSRPGroupVerifier, byte[] bArr, byte[] bArr2) {
        super(i, vector);
        this.m12243 = null;
        this.m12277 = null;
        this.m12278 = null;
        this.m12279 = null;
        this.m12280 = null;
        this.m12281 = null;
        this.m12282 = null;
        this.m12240 = null;
        this.m12241 = m758(i);
        this.m12197 = tlsSRPGroupVerifier;
        this.identity = bArr;
        this.m7607 = bArr2;
        this.m12278 = new SRP6Client();
    }

    public TlsSRPKeyExchange(int i, Vector vector, byte[] bArr, TlsSRPLoginParameters tlsSRPLoginParameters) {
        super(i, vector);
        this.m12243 = null;
        this.m12277 = null;
        this.m12278 = null;
        this.m12279 = null;
        this.m12280 = null;
        this.m12281 = null;
        this.m12282 = null;
        this.m12240 = null;
        this.m12241 = m758(i);
        this.identity = bArr;
        this.m12279 = new SRP6Server();
        this.m12277 = tlsSRPLoginParameters.getGroup();
        this.m12281 = tlsSRPLoginParameters.getVerifier();
        this.m12282 = tlsSRPLoginParameters.getSalt();
    }

    public TlsSRPKeyExchange(int i, Vector vector, byte[] bArr, byte[] bArr2) {
        this(i, vector, new DefaultTlsSRPGroupVerifier(), bArr, bArr2);
    }

    private static TlsSigner m758(int i) {
        switch (i) {
            case 21:
                return null;
            case 22:
                return new TlsDSSSigner();
            case 23:
                return new TlsRSASigner();
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void generateClientKeyExchange(OutputStream outputStream) throws IOException {
        TlsSRPUtils.writeSRPParameter(this.m12278.generateClientCredentials(this.m12282, this.identity, this.m7607), outputStream);
        this.m12137.getSecurityParameters().m12199 = Arrays.clone(this.identity);
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public byte[] generatePremasterSecret() throws IOException {
        try {
            return BigIntegers.asUnsignedByteArray(this.m12279 != null ? this.m12279.calculateSecret(this.m12280) : this.m12278.calculateSecret(this.m12280));
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public byte[] generateServerKeyExchange() throws IOException {
        this.m12279.init(this.m12277, this.m12281, TlsUtils.createHash((short) 2), this.m12137.getSecureRandom());
        ServerSRPParams serverSRPParams = new ServerSRPParams(this.m12277.getN(), this.m12277.getG(), this.m12282, this.m12279.generateServerCredentials());
        z3 z3Var = new z3();
        serverSRPParams.encode(z3Var);
        if (this.m12240 != null) {
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.getSignatureAndHashAlgorithm(this.m12137, this.m12240);
            Digest createHash = TlsUtils.createHash(signatureAndHashAlgorithm);
            SecurityParameters securityParameters = this.m12137.getSecurityParameters();
            createHash.update(securityParameters.m12209, 0, securityParameters.m12209.length);
            createHash.update(securityParameters.m12210, 0, securityParameters.m12210.length);
            z3Var.m2(createHash);
            byte[] bArr = new byte[createHash.getDigestSize()];
            createHash.doFinal(bArr, 0);
            new DigitallySigned(signatureAndHashAlgorithm, this.m12240.generateCertificateSignature(bArr)).encode(z3Var);
        }
        return z3Var.toByteArray();
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void init(TlsContext tlsContext) {
        super.init(tlsContext);
        TlsSigner tlsSigner = this.m12241;
        if (tlsSigner != null) {
            tlsSigner.init(tlsContext);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processClientCredentials(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processClientKeyExchange(InputStream inputStream) throws IOException {
        try {
            this.m12280 = SRP6Util.validatePublicValue(this.m12277.getN(), TlsSRPUtils.readSRPParameter(inputStream));
            this.m12137.getSecurityParameters().m12199 = Arrays.clone(this.identity);
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processServerCertificate(Certificate certificate) throws IOException {
        if (this.m12241 == null) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.isEmpty()) {
            throw new TlsFatalAlert((short) 42);
        }
        com.aspose.pdf.internal.imaging.internal.bouncycastle.asn1.x509.Certificate certificateAt = certificate.getCertificateAt(0);
        try {
            this.m12243 = PublicKeyFactory.createKey(certificateAt.getSubjectPublicKeyInfo());
            if (!this.m12241.isValidPublicKey(this.m12243)) {
                throw new TlsFatalAlert((short) 46);
            }
            TlsUtils.m1(certificateAt, 128);
            super.processServerCertificate(certificate);
        } catch (RuntimeException e) {
            throw new TlsFatalAlert((short) 43, e);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processServerCredentials(TlsCredentials tlsCredentials) throws IOException {
        if (this.m12136 == 21 || !(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        processServerCertificate(tlsCredentials.getCertificate());
        this.m12240 = (TlsSignerCredentials) tlsCredentials;
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processServerKeyExchange(InputStream inputStream) throws IOException {
        z6 z6Var;
        InputStream inputStream2;
        SecurityParameters securityParameters = this.m12137.getSecurityParameters();
        if (this.m12241 != null) {
            z6Var = new z6();
            inputStream2 = new TeeInputStream(inputStream, z6Var);
        } else {
            z6Var = null;
            inputStream2 = inputStream;
        }
        ServerSRPParams parse = ServerSRPParams.parse(inputStream2);
        if (z6Var != null) {
            DigitallySigned m13 = m13(inputStream);
            Signer createVerifyer = this.m12241.createVerifyer(m13.getAlgorithm(), this.m12243);
            createVerifyer.update(securityParameters.m12209, 0, securityParameters.m12209.length);
            createVerifyer.update(securityParameters.m12210, 0, securityParameters.m12210.length);
            z6Var.m1(createVerifyer);
            if (!createVerifyer.verifySignature(m13.getSignature())) {
                throw new TlsFatalAlert((short) 51);
            }
        }
        this.m12277 = new SRP6GroupParameters(parse.getN(), parse.getG());
        if (!this.m12197.accept(this.m12277)) {
            throw new TlsFatalAlert((short) 71);
        }
        this.m12282 = parse.getS();
        try {
            this.m12280 = SRP6Util.validatePublicValue(this.m12277.getN(), parse.getB());
            this.m12278.init(this.m12277, TlsUtils.createHash((short) 2), this.m12137.getSecureRandom());
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public boolean requiresServerKeyExchange() {
        return true;
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void skipServerCredentials() throws IOException {
        if (this.m12241 != null) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void validateCertificateRequest(CertificateRequest certificateRequest) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }
}
