package j.a.a.c.i;

import java.net.InetSocketAddress;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.eclipse.californium.scandium.dtls.HandshakeException;
import org.eclipse.californium.scandium.dtls.SignatureAndHashAlgorithm;
import org.eclipse.californium.scandium.dtls.cipher.ECDHECryptography;

/* loaded from: classes3.dex */
public final class y extends d1 {
    public static final int A = 2;
    public static final int B = 3;
    public static final String r = "Unknown curve type [{}]";
    public static final j.c.c s = j.c.d.a((Class<?>) y.class);
    public static final int t = 8;
    public static final int u = 16;
    public static final int v = 8;
    public static final int w = 8;
    public static final int x = 8;
    public static final int y = 16;
    public static final int z = 1;
    public ECPublicKey l;
    public byte[] m;
    public final int n;
    public byte[] o;
    public final SignatureAndHashAlgorithm p;
    public int q;

    public y(SignatureAndHashAlgorithm signatureAndHashAlgorithm, int i2, InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
        this.l = null;
        this.m = null;
        this.o = null;
        this.q = 3;
        this.p = signatureAndHashAlgorithm;
        this.n = i2;
    }

    public y(SignatureAndHashAlgorithm signatureAndHashAlgorithm, int i2, byte[] bArr, byte[] bArr2, InetSocketAddress inetSocketAddress) {
        this(signatureAndHashAlgorithm, i2, inetSocketAddress);
        this.m = Arrays.copyOf(bArr, bArr.length);
        this.o = Arrays.copyOf(bArr2, bArr2.length);
        ECDHECryptography.SupportedGroup fromId = ECDHECryptography.SupportedGroup.fromId(i2);
        if (fromId == null || !fromId.isUsable()) {
            throw new HandshakeException(String.format("Server used unsupported elliptic curve (%d) for ECDH", Integer.valueOf(i2)), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, inetSocketAddress));
        }
        try {
            this.l = j.a.a.b.z.a.a(new j.a.a.b.z.h(bArr, false), fromId.getEcParams());
        } catch (GeneralSecurityException e2) {
            s.debug("Cannot re-create server's public key from params", (Throwable) e2);
            throw new HandshakeException(String.format("Cannot re-create server's public key from params: %s", e2.getMessage()), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.INTERNAL_ERROR, inetSocketAddress));
        }
    }

    public y(SignatureAndHashAlgorithm signatureAndHashAlgorithm, ECDHECryptography eCDHECryptography, PrivateKey privateKey, s0 s0Var, s0 s0Var2, int i2, InetSocketAddress inetSocketAddress) {
        this(signatureAndHashAlgorithm, i2, inetSocketAddress);
        ECPublicKey b2 = eCDHECryptography.b();
        this.l = b2;
        this.m = ECDHECryptography.a(this.l.getW(), b2.getParams().getCurve());
        Signature signature = Signature.getInstance(this.p.c());
        signature.initSign(privateKey);
        a(signature, s0Var, s0Var2);
        this.o = signature.sign();
    }

    public static e0 a(j.a.a.b.z.h hVar, InetSocketAddress inetSocketAddress) {
        int d2 = hVar.d(8);
        if (d2 == 3) {
            return b(hVar, inetSocketAddress);
        }
        throw new HandshakeException(String.format("Curve type [%s] received in ServerKeyExchange message from peer [%s] is unsupported", Integer.valueOf(d2), inetSocketAddress), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, inetSocketAddress));
    }

    private void a(j.a.a.b.z.i iVar) {
        iVar.a(3, 8);
        iVar.a(this.n, 16);
        iVar.a(this.m.length, 8);
        iVar.a(this.m);
        if (this.o != null) {
            iVar.a(this.p.a().getCode(), 8);
            iVar.a(this.p.b().getCode(), 8);
            iVar.a(this.o.length, 16);
            iVar.a(this.o);
        }
    }

    private void a(Signature signature) {
        signature.update((byte) 3);
        signature.update((byte) (this.n >> 8));
        signature.update((byte) this.n);
        signature.update((byte) this.m.length);
        signature.update(this.m);
    }

    private void a(Signature signature, s0 s0Var, s0 s0Var2) {
        signature.update(s0Var.b());
        signature.update(s0Var2.b());
        int i2 = this.q;
        if (i2 == 1 || i2 == 2) {
            return;
        }
        if (i2 != 3) {
            s.warn("Unknown curve type [{}]", Integer.valueOf(i2));
        } else {
            a(signature);
        }
    }

    public static y b(j.a.a.b.z.h hVar, InetSocketAddress inetSocketAddress) {
        byte[] bArr;
        int d2 = hVar.d(16);
        byte[] e2 = hVar.e(hVar.d(8));
        SignatureAndHashAlgorithm signatureAndHashAlgorithm = new SignatureAndHashAlgorithm(SignatureAndHashAlgorithm.HashAlgorithm.SHA256, SignatureAndHashAlgorithm.SignatureAlgorithm.ECDSA);
        if (hVar.b()) {
            SignatureAndHashAlgorithm signatureAndHashAlgorithm2 = new SignatureAndHashAlgorithm(hVar.d(8), hVar.d(8));
            bArr = hVar.e(hVar.d(16));
            signatureAndHashAlgorithm = signatureAndHashAlgorithm2;
        } else {
            bArr = null;
        }
        return new y(signatureAndHashAlgorithm, d2, e2, bArr, inetSocketAddress);
    }

    public void a(PublicKey publicKey, s0 s0Var, s0 s0Var2) {
        if (this.o == null) {
            return;
        }
        boolean z2 = false;
        try {
            Signature signature = Signature.getInstance(this.p.c());
            signature.initVerify(publicKey);
            a(signature, s0Var, s0Var2);
            z2 = signature.verify(this.o);
        } catch (GeneralSecurityException e2) {
            s.error("Could not verify the server's signature.", (Throwable) e2);
        }
        if (!z2) {
            throw new HandshakeException("The server's ECDHE key exchange message's signature could not be verified.", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, getPeer()));
        }
    }

    @Override // j.a.a.c.i.e0
    public byte[] b() {
        j.a.a.b.z.i iVar = new j.a.a.b.z.i();
        int i2 = this.q;
        if (i2 != 1 && i2 != 2) {
            if (i2 != 3) {
                s.warn("Unknown curve type [{}]", Integer.valueOf(i2));
            } else {
                a(iVar);
            }
        }
        return iVar.d();
    }

    @Override // j.a.a.c.i.e0
    public int e() {
        int i2 = this.q;
        if (i2 == 1 || i2 == 2) {
            return 0;
        }
        if (i2 != 3) {
            s.warn("Unknown curve type [{}]", Integer.valueOf(i2));
            return 0;
        }
        byte[] bArr = this.o;
        return (bArr != null ? bArr.length + 4 : 0) + this.m.length + 4;
    }

    public int i() {
        return this.n;
    }

    public ECPublicKey j() {
        return this.l;
    }

    @Override // j.a.a.c.i.e0
    public String toString() {
        return super.toString() + "\t\tDiffie-Hellman public key: " + j().toString() + j.a.a.b.z.v.a();
    }
}
