package org.bouncycastle.tls;

import com.visualon.OSMPUtils.voOSType;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.tls.crypto.TlsCrypto;

/* loaded from: classes4.dex */
public abstract class AbstractTlsClient extends AbstractTlsPeer implements TlsClient {
    protected int[] cipherSuites;
    protected TlsClientContext context;
    protected ProtocolVersion[] protocolVersions;
    protected Vector supportedGroups;
    protected Vector supportedSignatureAlgorithms;
    protected Vector supportedSignatureAlgorithmsCert;

    public AbstractTlsClient(TlsCrypto tlsCrypto) {
        super(tlsCrypto);
    }

    protected void checkForUnexpectedServerExtension(Hashtable hashtable, Integer num) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, num);
        if (extensionData != null) {
            int intValue = num.intValue();
            boolean z = true;
            if (intValue == 10) {
                TlsExtensionsUtils.readSupportedGroupsExtension(extensionData);
            } else if (intValue != 11) {
                z = false;
            } else {
                TlsExtensionsUtils.readSupportedPointFormatsExtension(extensionData);
            }
            if (!z) {
                throw new TlsFatalAlert((short) 47);
            }
        }
    }

    protected Vector getCertificateAuthorities() {
        return null;
    }

    protected CertificateStatusRequest getCertificateStatusRequest() {
        return new CertificateStatusRequest((short) 1, new OCSPStatusRequest(null, null));
    }

    @Override // org.bouncycastle.tls.TlsPeer
    public int[] getCipherSuites() {
        return this.cipherSuites;
    }

    @Override // org.bouncycastle.tls.TlsClient
    public Hashtable getClientExtensions() throws IOException {
        Vector certificateAuthorities;
        Hashtable hashtable = new Hashtable();
        boolean z = false;
        boolean z2 = false;
        for (ProtocolVersion protocolVersion : this.protocolVersions) {
            if (TlsUtils.isTLSv13(protocolVersion)) {
                z = true;
            } else {
                z2 = true;
            }
        }
        Vector protocolNames = getProtocolNames();
        if (protocolNames != null) {
            hashtable.put(TlsExtensionsUtils.EXT_application_layer_protocol_negotiation, TlsExtensionsUtils.createALPNExtensionClient(protocolNames));
        }
        Vector sNIServerNames = getSNIServerNames();
        if (sNIServerNames != null) {
            Integer num = TlsExtensionsUtils.EXT_server_name;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new ServerNameList(sNIServerNames).encode(byteArrayOutputStream);
            hashtable.put(num, byteArrayOutputStream.toByteArray());
        }
        CertificateStatusRequest certificateStatusRequest = getCertificateStatusRequest();
        if (certificateStatusRequest != null) {
            Integer num2 = TlsExtensionsUtils.EXT_status_request;
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            short s2 = certificateStatusRequest.statusType;
            byte[] bArr = TlsUtils.EMPTY_BYTES;
            byteArrayOutputStream2.write(s2);
            if (certificateStatusRequest.statusType != 1) {
                throw new TlsFatalAlert((short) 80);
            }
            ((OCSPStatusRequest) certificateStatusRequest.request).encode(byteArrayOutputStream2);
            hashtable.put(num2, byteArrayOutputStream2.toByteArray());
        }
        if (z && (certificateAuthorities = getCertificateAuthorities()) != null) {
            TlsExtensionsUtils.addCertificateAuthoritiesExtension(hashtable, certificateAuthorities);
        }
        if (z2) {
            hashtable.put(TlsExtensionsUtils.EXT_encrypt_then_mac, TlsUtils.EMPTY_BYTES);
            Vector multiCertStatusRequest = getMultiCertStatusRequest();
            if (multiCertStatusRequest != null) {
                TlsExtensionsUtils.addStatusRequestV2Extension(hashtable, multiCertStatusRequest);
            }
            Vector trustedCAIndication = getTrustedCAIndication();
            if (trustedCAIndication != null) {
                TlsExtensionsUtils.addTrustedCAKeysExtensionClient(hashtable, trustedCAIndication);
            }
        }
        if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(((AbstractTlsContext) this.context).getClientVersion())) {
            Vector supportedSignatureAlgorithms = getSupportedSignatureAlgorithms();
            if (supportedSignatureAlgorithms != null && !supportedSignatureAlgorithms.isEmpty()) {
                this.supportedSignatureAlgorithms = supportedSignatureAlgorithms;
                Integer num3 = TlsExtensionsUtils.EXT_signature_algorithms;
                ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
                TlsUtils.encodeSupportedSignatureAlgorithms(supportedSignatureAlgorithms, byteArrayOutputStream3);
                hashtable.put(num3, byteArrayOutputStream3.toByteArray());
            }
            Vector supportedSignatureAlgorithmsCert = getSupportedSignatureAlgorithmsCert();
            if (supportedSignatureAlgorithmsCert != null && !supportedSignatureAlgorithmsCert.isEmpty()) {
                this.supportedSignatureAlgorithmsCert = supportedSignatureAlgorithmsCert;
                Integer num4 = TlsExtensionsUtils.EXT_signature_algorithms_cert;
                ByteArrayOutputStream byteArrayOutputStream4 = new ByteArrayOutputStream();
                TlsUtils.encodeSupportedSignatureAlgorithms(supportedSignatureAlgorithmsCert, byteArrayOutputStream4);
                hashtable.put(num4, byteArrayOutputStream4.toByteArray());
            }
        }
        int[] iArr = this.cipherSuites;
        byte[] bArr2 = TlsUtils.EMPTY_BYTES;
        Vector vector = new Vector();
        if (iArr != null) {
            for (int i2 : iArr) {
                TlsUtils.addToSet(vector, TlsUtils.getKeyExchangeAlgorithm(i2));
            }
            vector.removeElement(-1);
        }
        Vector vector2 = new Vector();
        for (int i3 = 0; i3 < vector.size(); i3++) {
            int intValue = ((Integer) vector.elementAt(i3)).intValue();
            if (intValue != 0) {
                if (intValue != 3 && intValue != 5 && intValue != 7 && intValue != 9 && intValue != 11 && intValue != 14) {
                    if (intValue != 24) {
                        switch (intValue) {
                            case 16:
                            case 17:
                                TlsUtils.addToSet(vector2, 2);
                                TlsUtils.addToSet(vector2, 3);
                                break;
                        }
                    }
                } else {
                    TlsUtils.addToSet(vector2, 1);
                }
            } else {
                TlsUtils.addToSet(vector2, 1);
            }
            TlsUtils.addToSet(vector2, 2);
        }
        Vector vector3 = this.supportedSignatureAlgorithms;
        Vector vector4 = this.supportedSignatureAlgorithmsCert;
        if (vector3 == null || TlsUtils.containsAnySignatureAlgorithm(vector3, (short) 3) || (vector4 != null && TlsUtils.containsAnySignatureAlgorithm(vector4, (short) 3))) {
            TlsUtils.addToSet(vector2, 3);
        }
        Vector supportedGroups = getSupportedGroups(vector2);
        if (supportedGroups != null && !supportedGroups.isEmpty()) {
            this.supportedGroups = supportedGroups;
            Integer num5 = TlsExtensionsUtils.EXT_supported_groups;
            if (supportedGroups.isEmpty()) {
                throw new TlsFatalAlert((short) 80);
            }
            int size = supportedGroups.size();
            int[] iArr2 = new int[size];
            for (int i4 = 0; i4 < size; i4++) {
                iArr2[i4] = ((Integer) supportedGroups.elementAt(i4)).intValue();
            }
            byte[] bArr3 = TlsUtils.EMPTY_BYTES;
            int i5 = size * 2;
            byte[] bArr4 = new byte[i5 + 2];
            TlsUtils.checkUint16(i5);
            bArr4[0] = (byte) (i5 >>> 8);
            bArr4[1] = (byte) i5;
            int i6 = 2;
            for (int i7 = 0; i7 < size; i7++) {
                int i8 = iArr2[i7];
                bArr4[i6] = (byte) (i8 >>> 8);
                bArr4[i6 + 1] = (byte) i8;
                i6 += 2;
            }
            hashtable.put(num5, bArr4);
        }
        if (z2 && (vector2.contains(2) || vector2.contains(3))) {
            TlsExtensionsUtils.addSupportedPointFormatsExtension(hashtable, new short[]{0});
        }
        return hashtable;
    }

    @Override // org.bouncycastle.tls.TlsClient
    public Vector getClientSupplementalData() throws IOException {
        return null;
    }

    public TlsDHGroupVerifier getDHGroupVerifier() {
        return new DefaultTlsDHGroupVerifier();
    }

    @Override // org.bouncycastle.tls.TlsClient
    public Vector getEarlyKeyShareGroups() {
        Vector vector = this.supportedGroups;
        if (vector == null || vector.isEmpty()) {
            return null;
        }
        return this.supportedGroups.contains(29) ? TlsUtils.vectorOfOne(29) : this.supportedGroups.contains(23) ? TlsUtils.vectorOfOne(23) : TlsUtils.vectorOfOne(this.supportedGroups.elementAt(0));
    }

    @Override // org.bouncycastle.tls.TlsClient
    public Vector getExternalPSKs() {
        return null;
    }

    protected Vector getMultiCertStatusRequest() {
        return null;
    }

    @Override // org.bouncycastle.tls.TlsClient
    public TlsPSKIdentity getPSKIdentity() throws IOException {
        return null;
    }

    protected Vector getProtocolNames() {
        return null;
    }

    @Override // org.bouncycastle.tls.TlsPeer
    public ProtocolVersion[] getProtocolVersions() {
        return this.protocolVersions;
    }

    protected Vector getSNIServerNames() {
        return null;
    }

    @Override // org.bouncycastle.tls.TlsClient
    public TlsSRPConfigVerifier getSRPConfigVerifier() {
        return new DefaultTlsSRPConfigVerifier();
    }

    @Override // org.bouncycastle.tls.TlsClient
    public TlsSRPIdentity getSRPIdentity() throws IOException {
        return null;
    }

    public TlsSession getSessionToResume() {
        return null;
    }

    protected Vector getSupportedGroups(Vector vector) {
        TlsCrypto crypto = getCrypto();
        Vector vector2 = new Vector();
        if (vector.contains(2)) {
            TlsUtils.addIfSupported(vector2, crypto, new int[]{29, 30});
        }
        if (vector.contains(2) || vector.contains(3)) {
            TlsUtils.addIfSupported(vector2, crypto, new int[]{23, 24});
        }
        if (vector.contains(1)) {
            TlsUtils.addIfSupported(vector2, crypto, new int[]{voOSType.VOOSMP_SRC_FFMOVIE_FLV, 257, 258});
        }
        return vector2;
    }

    protected Vector getSupportedSignatureAlgorithms() {
        return TlsUtils.getDefaultSupportedSignatureAlgorithms(this.context);
    }

    protected Vector getSupportedSignatureAlgorithmsCert() {
        return null;
    }

    protected Vector getTrustedCAIndication() {
        return null;
    }

    public void init(TlsClientContext tlsClientContext) {
        this.context = tlsClientContext;
        this.protocolVersions = getSupportedVersions();
        this.cipherSuites = getSupportedCipherSuites();
    }

    @Override // org.bouncycastle.tls.TlsClient
    public boolean isFallback() {
        return false;
    }

    @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
    public void notifyHandshakeBeginning() throws IOException {
        this.supportedGroups = null;
        this.supportedSignatureAlgorithms = null;
        this.supportedSignatureAlgorithmsCert = null;
    }

    @Override // org.bouncycastle.tls.TlsClient
    public void notifyNewSessionTicket(NewSessionTicket newSessionTicket) throws IOException {
    }

    public void notifySelectedCipherSuite(int i2) {
    }

    @Override // org.bouncycastle.tls.TlsClient
    public void notifySelectedPSK(TlsPSK tlsPSK) throws IOException {
    }

    public void notifyServerVersion(ProtocolVersion protocolVersion) throws IOException {
    }

    public void notifySessionID(byte[] bArr) {
    }

    public void notifySessionToResume(TlsSession tlsSession) {
    }

    public void processServerExtensions(Hashtable hashtable) throws IOException {
        if (hashtable == null) {
            return;
        }
        SecurityParameters securityParametersHandshake = ((AbstractTlsContext) this.context).getSecurityParametersHandshake();
        if (TlsUtils.isTLSv13(securityParametersHandshake.negotiatedVersion)) {
            return;
        }
        checkForUnexpectedServerExtension(hashtable, TlsExtensionsUtils.EXT_signature_algorithms);
        checkForUnexpectedServerExtension(hashtable, TlsExtensionsUtils.EXT_signature_algorithms_cert);
        checkForUnexpectedServerExtension(hashtable, TlsExtensionsUtils.EXT_supported_groups);
        if (TlsECCUtils.isECCCipherSuite(securityParametersHandshake.getCipherSuite())) {
            byte[] extensionData = TlsUtils.getExtensionData(hashtable, TlsExtensionsUtils.EXT_ec_point_formats);
            if (extensionData != null) {
                TlsExtensionsUtils.readSupportedPointFormatsExtension(extensionData);
            }
        } else {
            checkForUnexpectedServerExtension(hashtable, TlsExtensionsUtils.EXT_ec_point_formats);
        }
        checkForUnexpectedServerExtension(hashtable, TlsExtensionsUtils.EXT_padding);
    }

    @Override // org.bouncycastle.tls.TlsClient
    public void processServerSupplementalData(Vector vector) throws IOException {
        if (vector != null) {
            throw new TlsFatalAlert((short) 10);
        }
    }
}
