package org.bouncycastle.tls;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import org.bouncycastle.tls.crypto.TlsAgreement;
import org.bouncycastle.tls.crypto.TlsECConfig;
import org.bouncycastle.tls.crypto.impl.AbstractTlsSecret;
import org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto;

/* loaded from: classes4.dex */
public class TlsECDHanonKeyExchange extends AbstractTlsKeyExchange {
    protected TlsAgreement agreement;
    protected TlsECConfig ecConfig;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public TlsECDHanonKeyExchange(int i2) {
        super(i2);
        if (i2 != 20) {
            throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
        this.ecConfig = null;
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public TlsECDHanonKeyExchange(int i2, TlsECConfig tlsECConfig) {
        super(i2);
        if (i2 != 20) {
            throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
        this.ecConfig = tlsECConfig;
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public void generateClientKeyExchange(OutputStream outputStream) throws IOException {
        TlsUtils.writeOpaque8(this.agreement.generateEphemeral(), outputStream);
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public AbstractTlsSecret generatePreMasterSecret() throws IOException {
        return this.agreement.calculateSecret();
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public byte[] generateServerKeyExchange() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TlsECCUtils.writeECConfig(this.ecConfig, byteArrayOutputStream);
        TlsAgreement createECDH = ((JcaTlsCrypto) ((AbstractTlsContext) this.context).getCrypto()).createECDomain(this.ecConfig).createECDH();
        this.agreement = createECDH;
        TlsUtils.writeOpaque8(createECDH.generateEphemeral(), byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public short[] getClientCertificateTypes() {
        return null;
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public void processClientCertificate(Certificate certificate) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public void processClientCredentials(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public void processClientKeyExchange(InputStream inputStream) throws IOException {
        byte[] readOpaque8 = TlsUtils.readOpaque8(inputStream, 1);
        TlsECCUtils.checkPointEncoding(this.ecConfig.getNamedGroup(), readOpaque8);
        this.agreement.receivePeerValue(readOpaque8);
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public void processServerCertificate(Certificate certificate) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public void processServerCredentials(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public void processServerKeyExchange(InputStream inputStream) throws IOException {
        this.ecConfig = TlsECCUtils.receiveECDHConfig(this.context, inputStream);
        byte[] readOpaque8 = TlsUtils.readOpaque8(inputStream, 1);
        this.agreement = ((JcaTlsCrypto) ((AbstractTlsContext) this.context).getCrypto()).createECDomain(this.ecConfig).createECDH();
        TlsECCUtils.checkPointEncoding(this.ecConfig.getNamedGroup(), readOpaque8);
        this.agreement.receivePeerValue(readOpaque8);
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public boolean requiresServerKeyExchange() {
        return true;
    }

    @Override // org.bouncycastle.tls.AbstractTlsKeyExchange
    public void skipServerCredentials() throws IOException {
    }
}
