package fm.icelink;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import java.util.Locale;
import java.util.Vector;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.tls.Certificate;
import org.bouncycastle.crypto.tls.CertificateRequest;
import org.bouncycastle.crypto.tls.DTLSTransport;
import org.bouncycastle.crypto.tls.DefaultTlsEncryptionCredentials;
import org.bouncycastle.crypto.tls.DefaultTlsServer;
import org.bouncycastle.crypto.tls.DefaultTlsSignerCredentials;
import org.bouncycastle.crypto.tls.ExporterLabel;
import org.bouncycastle.crypto.tls.ProtocolVersion;
import org.bouncycastle.crypto.tls.SignatureAndHashAlgorithm;
import org.bouncycastle.crypto.tls.TlsEncryptionCredentials;
import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
import org.bouncycastle.crypto.tls.TlsFatalAlert;
import org.bouncycastle.crypto.tls.TlsSRTPUtils;
import org.bouncycastle.crypto.tls.TlsSignerCredentials;
import org.bouncycastle.crypto.tls.TlsUtils;
import org.bouncycastle.crypto.tls.UseSRTPData;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: DtlsBouncyCastleServer.java */
/* loaded from: classes2.dex */
public class y3 extends DefaultTlsServer implements j4 {
    private boolean a;
    private int[] b;
    private int[] c;
    public String e;
    public String f;
    private k6<byte[]> g;
    private byte[] h;
    private k6<z2> i;
    private k6<z2> j;
    private k6<Exception> k;
    private c4 l;
    private d4[] m;
    private m4 n;
    private m4 o;
    private a4 p;
    private z3 q;
    private DTLSTransport r;
    private k6<z2> t;
    private List<k4> u = new ArrayList();
    private int d = -1;
    private Object s = new Object();

    /* compiled from: DtlsBouncyCastleServer.java */
    /* loaded from: classes2.dex */
    class a implements k6<byte[]> {
        final /* synthetic */ k6 a;

        a(k6 k6Var) {
            this.a = k6Var;
        }

        @Override // fm.icelink.k6
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void invoke(byte[] bArr) {
            if (y3.this.l()) {
                return;
            }
            if (y3.this.r != null) {
                this.a.invoke(z2.d0(bArr));
                return;
            }
            qa.a(String.format(Locale.getDefault(), "Sending DTLS packet (%d bytes).", Integer.valueOf(bArr.length)));
            k4[] i = k4.i(z2.d0(bArr));
            if (i != null) {
                for (k4 k4Var : i) {
                    y3.this.u.add(k4Var);
                }
            }
            if (y3.this.u.size() >= 1) {
                k4 k4Var2 = (k4) y3.this.u.get(y3.this.u.size() - 1);
                if (k4Var2.a() == e4.e() && (k4Var2.c() == h4.k() || k4Var2.c() == h4.h() || k4Var2.c() == h4.i())) {
                    y3.this.q(this.a);
                } else if (y3.this.u.size() >= 2 && ((k4) y3.this.u.get(y3.this.u.size() - 2)).a() == e4.c() && k4Var2.a() == e4.e()) {
                    y3.this.q(this.a);
                }
            }
        }
    }

    public y3(c4 c4Var, d4[] d4VarArr, m4 m4Var, m4 m4Var2, g4 g4Var, int[] iArr, k6<byte[]> k6Var, k6<z2> k6Var2) {
        this.l = c4Var;
        this.m = d4VarArr;
        this.n = m4Var;
        this.o = m4Var2;
        this.e = g4Var.a();
        this.f = g4Var.e();
        this.b = iArr;
        this.g = k6Var;
        this.t = k6Var2;
        this.p = new a4(new a(k6Var2));
    }

    private void o() {
        if (this.r == null || this.h == null) {
            return;
        }
        int i = 0;
        while (i != -1) {
            try {
                DTLSTransport dTLSTransport = this.r;
                byte[] bArr = this.h;
                i = dTLSTransport.receive(bArr, 0, bArr.length, 0);
                if (i > 0) {
                    this.i.invoke(z2.e0(this.h, 0, i));
                }
            } catch (Exception e) {
                k6<Exception> k6Var = this.k;
                if (k6Var != null) {
                    k6Var.invoke(new Exception(String.format("DTLS server could not process incoming message.", e.getMessage())));
                    return;
                }
                return;
            }
        }
    }

    private boolean p() {
        for (int i : this.b) {
            for (int i2 : this.c) {
                if (i2 == i) {
                    this.d = i2;
                    return true;
                }
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void q(k6<z2> k6Var) {
        z2 f = this.u.get(0).f();
        for (int i = 1; i < this.u.size(); i++) {
            f.c(this.u.get(i).f());
        }
        this.u.clear();
        k6Var.invoke(f);
    }

    @Override // fm.icelink.j4
    public void a(k6<z2> k6Var) {
        this.j = k6Var;
    }

    @Override // fm.icelink.j4
    public z4 b() {
        try {
            z3 z3Var = new z3();
            this.q = z3Var;
            this.r = z3Var.accept(this, this.p);
            synchronized (this.s) {
                this.h = new byte[this.r.getReceiveLimit()];
                o();
            }
            if (this.a) {
                return new z4(a5.DtlsKeyExchangeFailed, new Exception("Could not accept DTLS client connection."));
            }
            return null;
        } catch (Exception e) {
            return new z4(a5.DtlsKeyExchangeFailed, e);
        }
    }

    @Override // fm.icelink.j4
    public void c(z2 z2Var) {
        if (this.r == null) {
            qa.a(String.format(Locale.getDefault(), "Received DTLS packet (%d bytes).", Integer.valueOf(z2Var.l())));
        }
        synchronized (this.s) {
            a4 a4Var = this.p;
            if (a4Var != null) {
                a4Var.b(z2Var);
            }
            o();
        }
    }

    @Override // fm.icelink.j4
    public void close() {
        DTLSTransport dTLSTransport = this.r;
        if (dTLSTransport != null) {
            try {
                dTLSTransport.close();
            } catch (Exception unused) {
            }
            this.r = null;
        }
        z3 z3Var = this.q;
        if (z3Var != null) {
            try {
                z3Var.cancel();
            } catch (Exception unused2) {
            }
            this.q = null;
        }
        a4 a4Var = this.p;
        if (a4Var != null) {
            try {
                a4Var.close();
            } catch (Exception unused3) {
            }
            this.p = null;
        }
        this.a = true;
    }

    @Override // fm.icelink.j4
    public void d(k6<z2> k6Var) {
        this.i = k6Var;
    }

    @Override // fm.icelink.j4
    public void e(z2 z2Var) {
        DTLSTransport dTLSTransport = this.r;
        if (dTLSTransport != null) {
            try {
                dTLSTransport.send(z2Var.g(), z2Var.i(), z2Var.l());
            } catch (Exception e) {
                k6<Exception> k6Var = this.k;
                if (k6Var != null) {
                    k6Var.invoke(new Exception(String.format("DTLS server could not process outgoing message.", e.getMessage())));
                }
            }
        }
    }

    @Override // fm.icelink.j4
    public int f() {
        return this.d;
    }

    @Override // fm.icelink.j4
    public void g(k6<Exception> k6Var) {
        this.k = k6Var;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsServer, org.bouncycastle.crypto.tls.TlsServer
    public CertificateRequest getCertificateRequest() {
        return new CertificateRequest(new short[]{1, 64}, TlsUtils.isSignatureAlgorithmsExtensionAllowed(this.serverVersion) ? TlsUtils.getDefaultSupportedSignatureAlgorithms() : null, null);
    }

    @Override // org.bouncycastle.crypto.tls.DefaultTlsServer, org.bouncycastle.crypto.tls.AbstractTlsServer
    protected int[] getCipherSuites() {
        int length = n().length;
        int[] iArr = new int[length];
        for (int i = 0; i < length; i++) {
            iArr[i] = b4.a(n()[i]);
        }
        return iArr;
    }

    @Override // org.bouncycastle.crypto.tls.DefaultTlsServer
    protected TlsSignerCredentials getECDSASignerCredentials() throws IOException {
        AsymmetricKeyParameter c = b4.c(k());
        if (c == null) {
            return null;
        }
        Vector vector = this.supportedSignatureAlgorithms;
        if (vector == null) {
            return new DefaultTlsSignerCredentials(this.context, b4.b(k()), c);
        }
        SignatureAndHashAlgorithm e = b4.e(vector, (short) 3);
        if (e != null) {
            return new DefaultTlsSignerCredentials(this.context, b4.b(k()), c, e);
        }
        return null;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsServer
    protected ProtocolVersion getMaximumVersion() {
        return this.o == m4.Dtls10 ? ProtocolVersion.DTLSv10 : ProtocolVersion.DTLSv12;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsServer
    protected ProtocolVersion getMinimumVersion() {
        return this.n == m4.Dtls12 ? ProtocolVersion.DTLSv12 : ProtocolVersion.DTLSv10;
    }

    @Override // org.bouncycastle.crypto.tls.DefaultTlsServer
    protected TlsEncryptionCredentials getRSAEncryptionCredentials() {
        AsymmetricKeyParameter d = b4.d(k());
        if (d != null) {
            return new DefaultTlsEncryptionCredentials(this.context, b4.b(k()), d);
        }
        return null;
    }

    @Override // org.bouncycastle.crypto.tls.DefaultTlsServer
    protected TlsSignerCredentials getRSASignerCredentials() {
        AsymmetricKeyParameter d = b4.d(k());
        if (d == null) {
            return null;
        }
        Vector vector = this.supportedSignatureAlgorithms;
        if (vector == null) {
            return new DefaultTlsSignerCredentials(this.context, b4.b(k()), d);
        }
        SignatureAndHashAlgorithm e = b4.e(vector, (short) 1);
        if (e != null) {
            return new DefaultTlsSignerCredentials(this.context, b4.b(k()), d, e);
        }
        return null;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsServer, org.bouncycastle.crypto.tls.TlsServer
    public Hashtable getServerExtensions() throws IOException {
        Hashtable ensureExtensionsInitialised = TlsExtensionsUtils.ensureExtensionsInitialised(super.getServerExtensions());
        int i = this.d;
        if (i >= 0 && this.b != null) {
            TlsSRTPUtils.addUseSRTPExtension(ensureExtensionsInitialised, new UseSRTPData(new int[]{i}, new byte[0]));
        }
        return ensureExtensionsInitialised;
    }

    public c4 k() {
        return this.l;
    }

    public boolean l() {
        return this.a;
    }

    public byte[] m() {
        return this.context.exportKeyingMaterial(ExporterLabel.dtls_srtp, null, 60);
    }

    public d4[] n() {
        return this.m;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsServer, org.bouncycastle.crypto.tls.TlsServer
    public void notifyClientCertificate(Certificate certificate) throws IOException {
        String b0;
        k6<byte[]> k6Var;
        if (certificate == null) {
            throw new TlsFatalAlert((short) 42);
        }
        org.bouncycastle.asn1.x509.Certificate[] certificateList = certificate.getCertificateList();
        if (certificateList == null || certificateList.length == 0) {
            throw new TlsFatalAlert((short) 42);
        }
        org.bouncycastle.asn1.x509.Certificate certificate2 = certificateList[0];
        if (this.e.toLowerCase().equals("sha2") || this.e.toLowerCase().equals("sha256") || this.e.toLowerCase().equals("sha-256")) {
            b0 = f6.b(h6.Sha256, z2.d0(certificate2.getEncoded())).b0();
        } else {
            if (!this.e.toLowerCase().equals("sha") && !this.e.toLowerCase().equals("sha1") && !this.e.toLowerCase().equals("sha-1")) {
                throw new TlsFatalAlert((short) 49);
            }
            b0 = f6.b(h6.Sha1, z2.d0(certificate2.getEncoded())).b0();
        }
        if (!b0.toLowerCase().equals(this.f.replace(":", "").toLowerCase())) {
            throw new TlsFatalAlert((short) 49);
        }
        byte[] bArr = null;
        try {
            bArr = certificate2.getEncoded();
        } catch (Exception e) {
            qa.d("Could not parse remote DTLS certificate.", e);
        }
        if (bArr == null || (k6Var = this.g) == null) {
            return;
        }
        k6Var.invoke(bArr);
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsPeer, org.bouncycastle.crypto.tls.TlsPeer
    public void notifyHandshakeComplete() throws IOException {
        super.notifyHandshakeComplete();
        k6<z2> k6Var = this.j;
        if (k6Var != null) {
            k6Var.invoke(z2.d0(m()));
        }
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsServer, org.bouncycastle.crypto.tls.TlsServer
    public void processClientExtensions(Hashtable hashtable) throws IOException {
        UseSRTPData useSRTPExtension;
        k6<Exception> k6Var;
        super.processClientExtensions(hashtable);
        if (hashtable == null || this.b == null || (useSRTPExtension = TlsSRTPUtils.getUseSRTPExtension(hashtable)) == null || useSRTPExtension.getProtectionProfiles() == null || useSRTPExtension.getProtectionProfiles().length <= 0) {
            return;
        }
        this.c = useSRTPExtension.getProtectionProfiles();
        if (p() || (k6Var = this.k) == null) {
            return;
        }
        k6Var.invoke(new Exception("DTLS server could not select an SRTP protection profile."));
    }
}
