package com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls;

import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.CryptoException;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.Digest;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.Signer;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.agreement.srp.SRP6Client;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.agreement.srp.SRP6Server;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.agreement.srp.SRP6Util;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.params.AsymmetricKeyParameter;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.params.SRP6GroupParameters;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.util.PublicKeyFactory;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.util.Arrays;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.util.BigIntegers;
import com.aspose.pdf.internal.imaging.internal.bouncycastle.util.io.TeeInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Vector;

/* loaded from: input_file:com/aspose/pdf/internal/imaging/internal/bouncycastle/crypto/tls/TlsSRPKeyExchange.class */
public class TlsSRPKeyExchange extends AbstractTlsKeyExchange {
    private TlsSigner m12474;
    private TlsSRPGroupVerifier m12430;
    private byte[] identity;
    private byte[] m7679;
    private AsymmetricKeyParameter m12476;
    private SRP6GroupParameters m12510;
    private SRP6Client m12511;
    private SRP6Server m12512;
    private BigInteger m12513;
    private BigInteger m12514;
    private byte[] m12515;
    private TlsSignerCredentials m12473;

    private static TlsSigner m760(int i) {
        switch (i) {
            case 21:
                return null;
            case 22:
                return new TlsDSSSigner();
            case 23:
                return new TlsRSASigner();
            default:
                throw new IllegalArgumentException("unsupported key exchange algorithm");
        }
    }

    public TlsSRPKeyExchange(int i, Vector vector, byte[] bArr, byte[] bArr2) {
        this(i, vector, new DefaultTlsSRPGroupVerifier(), bArr, bArr2);
    }

    public TlsSRPKeyExchange(int i, Vector vector, TlsSRPGroupVerifier tlsSRPGroupVerifier, byte[] bArr, byte[] bArr2) {
        super(i, vector);
        this.m12476 = null;
        this.m12510 = null;
        this.m12511 = null;
        this.m12512 = null;
        this.m12513 = null;
        this.m12514 = null;
        this.m12515 = null;
        this.m12473 = null;
        this.m12474 = m760(i);
        this.m12430 = tlsSRPGroupVerifier;
        this.identity = bArr;
        this.m7679 = bArr2;
        this.m12511 = new SRP6Client();
    }

    public TlsSRPKeyExchange(int i, Vector vector, byte[] bArr, TlsSRPLoginParameters tlsSRPLoginParameters) {
        super(i, vector);
        this.m12476 = null;
        this.m12510 = null;
        this.m12511 = null;
        this.m12512 = null;
        this.m12513 = null;
        this.m12514 = null;
        this.m12515 = null;
        this.m12473 = null;
        this.m12474 = m760(i);
        this.identity = bArr;
        this.m12512 = new SRP6Server();
        this.m12510 = tlsSRPLoginParameters.getGroup();
        this.m12514 = tlsSRPLoginParameters.getVerifier();
        this.m12515 = tlsSRPLoginParameters.getSalt();
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void init(TlsContext tlsContext) {
        super.init(tlsContext);
        if (this.m12474 != null) {
            this.m12474.init(tlsContext);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void skipServerCredentials() throws IOException {
        if (this.m12474 != null) {
            throw new TlsFatalAlert((short) 10);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processServerCertificate(Certificate certificate) throws IOException {
        if (this.m12474 == null) {
            throw new TlsFatalAlert((short) 10);
        }
        if (certificate.isEmpty()) {
            throw new TlsFatalAlert((short) 42);
        }
        com.aspose.pdf.internal.imaging.internal.bouncycastle.asn1.x509.Certificate certificateAt = certificate.getCertificateAt(0);
        try {
            this.m12476 = PublicKeyFactory.createKey(certificateAt.getSubjectPublicKeyInfo());
            if (!this.m12474.isValidPublicKey(this.m12476)) {
                throw new TlsFatalAlert((short) 46);
            }
            TlsUtils.m1(certificateAt, 128);
            super.processServerCertificate(certificate);
        } catch (RuntimeException e) {
            throw new TlsFatalAlert((short) 43, e);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processServerCredentials(TlsCredentials tlsCredentials) throws IOException {
        if (this.m12369 == 21 || !(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        processServerCertificate(tlsCredentials.getCertificate());
        this.m12473 = (TlsSignerCredentials) tlsCredentials;
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public boolean requiresServerKeyExchange() {
        return true;
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public byte[] generateServerKeyExchange() throws IOException {
        this.m12512.init(this.m12510, this.m12514, TlsUtils.createHash((short) 2), this.m12370.getSecureRandom());
        ServerSRPParams serverSRPParams = new ServerSRPParams(this.m12510.getN(), this.m12510.getG(), this.m12515, this.m12512.generateServerCredentials());
        z3 z3Var = new z3();
        serverSRPParams.encode(z3Var);
        if (this.m12473 != null) {
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.getSignatureAndHashAlgorithm(this.m12370, this.m12473);
            Digest createHash = TlsUtils.createHash(signatureAndHashAlgorithm);
            SecurityParameters securityParameters = this.m12370.getSecurityParameters();
            createHash.update(securityParameters.m12442, 0, securityParameters.m12442.length);
            createHash.update(securityParameters.m12443, 0, securityParameters.m12443.length);
            z3Var.m2(createHash);
            byte[] bArr = new byte[createHash.getDigestSize()];
            createHash.doFinal(bArr, 0);
            new DigitallySigned(signatureAndHashAlgorithm, this.m12473.generateCertificateSignature(bArr)).encode(z3Var);
        }
        return z3Var.toByteArray();
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processServerKeyExchange(InputStream inputStream) throws IOException {
        SecurityParameters securityParameters = this.m12370.getSecurityParameters();
        z6 z6Var = null;
        InputStream inputStream2 = inputStream;
        if (this.m12474 != null) {
            z6Var = new z6();
            inputStream2 = new TeeInputStream(inputStream, z6Var);
        }
        ServerSRPParams parse = ServerSRPParams.parse(inputStream2);
        if (z6Var != null) {
            DigitallySigned m13 = m13(inputStream);
            Signer createVerifyer = this.m12474.createVerifyer(m13.getAlgorithm(), this.m12476);
            createVerifyer.update(securityParameters.m12442, 0, securityParameters.m12442.length);
            createVerifyer.update(securityParameters.m12443, 0, securityParameters.m12443.length);
            z6Var.m1(createVerifyer);
            if (!createVerifyer.verifySignature(m13.getSignature())) {
                throw new TlsFatalAlert((short) 51);
            }
        }
        this.m12510 = new SRP6GroupParameters(parse.getN(), parse.getG());
        if (!this.m12430.accept(this.m12510)) {
            throw new TlsFatalAlert((short) 71);
        }
        this.m12515 = parse.getS();
        try {
            this.m12513 = SRP6Util.validatePublicValue(this.m12510.getN(), parse.getB());
            this.m12511.init(this.m12510, TlsUtils.createHash((short) 2), this.m12370.getSecureRandom());
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void validateCertificateRequest(CertificateRequest certificateRequest) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processClientCredentials(TlsCredentials tlsCredentials) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void generateClientKeyExchange(OutputStream outputStream) throws IOException {
        TlsSRPUtils.writeSRPParameter(this.m12511.generateClientCredentials(this.m12515, this.identity, this.m7679), outputStream);
        this.m12370.getSecurityParameters().m12432 = Arrays.clone(this.identity);
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.AbstractTlsKeyExchange, com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public void processClientKeyExchange(InputStream inputStream) throws IOException {
        try {
            this.m12513 = SRP6Util.validatePublicValue(this.m12510.getN(), TlsSRPUtils.readSRPParameter(inputStream));
            this.m12370.getSecurityParameters().m12432 = Arrays.clone(this.identity);
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // com.aspose.pdf.internal.imaging.internal.bouncycastle.crypto.tls.TlsKeyExchange
    public byte[] generatePremasterSecret() throws IOException {
        try {
            return BigIntegers.asUnsignedByteArray(this.m12512 != null ? this.m12512.calculateSecret(this.m12513) : this.m12511.calculateSecret(this.m12513));
        } catch (CryptoException e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }
}
