package ru.CryptoPro.ssl;

import java.io.IOException;
import java.io.PrintStream;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Collection;
import javax.crypto.spec.DHPublicKeySpec;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLKeyException;
import ru.CryptoPro.JCP.Util.GetProperty;
import ru.CryptoPro.ssl.util.KeyUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes5.dex */
public final class cl_53 extends cl_62 {
    private static final boolean r = GetProperty.getBooleanProperty("com.sun.net.ssl.dhKeyExchangeFix", true);
    cl_84 q;
    private byte[] s;
    private byte[] t;
    private byte[] u;
    private byte[] v;
    private cl_109 w;

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_53(cl_21 cl_21Var, PrivateKey privateKey, byte[] bArr, byte[] bArr2, SecureRandom secureRandom, cl_109 cl_109Var, cl_84 cl_84Var) throws GeneralSecurityException {
        Signature b;
        this.q = cl_84Var;
        a(cl_21Var);
        if (cl_84Var.n >= cl_84.h.n) {
            this.w = cl_109Var;
            b = cl_73.b(cl_109Var.c());
        } else {
            this.w = null;
            b = privateKey.getAlgorithm().equals("DSA") ? cl_73.b("DSA") : cl_86.a();
        }
        b.initSign(privateKey, secureRandom);
        a(b, bArr, bArr2);
        this.v = b.sign();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_53(cl_21 cl_21Var, cl_84 cl_84Var) {
        this.q = cl_84Var;
        this.w = null;
        a(cl_21Var);
        this.v = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_53(cl_47 cl_47Var, PublicKey publicKey, byte[] bArr, byte[] bArr2, int i, Collection collection, cl_84 cl_84Var) throws IOException, GeneralSecurityException {
        byte[] bArr3;
        Signature b;
        this.q = cl_84Var;
        this.s = cl_47Var.g();
        this.t = cl_47Var.g();
        this.u = cl_47Var.g();
        KeyUtil.validate(new DHPublicKeySpec(new BigInteger(1, this.u), new BigInteger(1, this.s), new BigInteger(1, this.t)));
        if (cl_84Var.n >= cl_84.h.n) {
            cl_109 a = cl_109.a(cl_47Var.b(), cl_47Var.b(), 0);
            this.w = a;
            if (!collection.contains(a)) {
                throw new SSLHandshakeException("Unsupported SignatureAndHashAlgorithm in ServerKeyExchange message: " + this.w);
            }
        } else {
            this.w = null;
        }
        if (r) {
            bArr3 = cl_47Var.g();
        } else {
            byte[] bArr4 = new byte[((i - (this.s.length + 2)) - (this.t.length + 2)) - (this.u.length + 2)];
            cl_47Var.read(bArr4);
            bArr3 = bArr4;
        }
        String algorithm = publicKey.getAlgorithm();
        if (cl_84Var.n >= cl_84.h.n) {
            b = cl_73.b(this.w.c());
        } else {
            algorithm.hashCode();
            if (algorithm.equals("DSA")) {
                b = cl_73.b("DSA");
            } else {
                if (!algorithm.equals("RSA")) {
                    throw new SSLKeyException("neither an RSA or a DSA key: " + algorithm);
                }
                b = cl_86.a();
            }
        }
        b.initVerify(publicKey);
        a(b, bArr, bArr2);
        if (!b.verify(bArr3)) {
            throw new SSLKeyException("Server D-H key verification failed");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_53(cl_47 cl_47Var, cl_84 cl_84Var) throws IOException, GeneralSecurityException {
        this.q = cl_84Var;
        this.w = null;
        this.s = cl_47Var.g();
        this.t = cl_47Var.g();
        this.u = cl_47Var.g();
        KeyUtil.validate(new DHPublicKeySpec(new BigInteger(1, this.u), new BigInteger(1, this.s), new BigInteger(1, this.t)));
        this.v = null;
    }

    private void a(Signature signature, byte[] bArr, byte[] bArr2) throws SignatureException {
        signature.update(bArr);
        signature.update(bArr2);
        int length = this.s.length;
        signature.update((byte) (length >> 8));
        signature.update((byte) (length & 255));
        signature.update(this.s);
        int length2 = this.t.length;
        signature.update((byte) (length2 >> 8));
        signature.update((byte) (length2 & 255));
        signature.update(this.t);
        int length3 = this.u.length;
        signature.update((byte) (length3 >> 8));
        signature.update((byte) (length3 & 255));
        signature.update(this.u);
    }

    private void a(cl_21 cl_21Var) {
        this.s = a(cl_21Var.a());
        this.t = a(cl_21Var.b());
        this.u = a(cl_21Var.c());
    }

    @Override // ru.CryptoPro.ssl.cl_48
    void a(PrintStream printStream) throws IOException {
        String str;
        printStream.println("*** Diffie-Hellman ServerKeyExchange");
        a(printStream, "DH Modulus", this.s);
        a(printStream, "DH Base", this.t);
        a(printStream, "Server DH Public Key", this.u);
        if (this.v == null) {
            str = "Anonymous";
        } else {
            if (this.q.n >= cl_84.h.n) {
                printStream.println("Signature Algorithm " + this.w.c());
            }
            str = "Signed with a DSA or RSA public key";
        }
        printStream.println(str);
    }

    @Override // ru.CryptoPro.ssl.cl_48
    void a(cl_63 cl_63Var) throws IOException {
        cl_63Var.b(this.s);
        cl_63Var.b(this.t);
        cl_63Var.b(this.u);
        if (this.v != null) {
            if (this.q.n >= cl_84.h.n) {
                cl_63Var.a(this.w.a());
                cl_63Var.a(this.w.b());
            }
            if (r) {
                cl_63Var.b(this.v);
            } else {
                cl_63Var.write(this.v);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger b() {
        return new BigInteger(1, this.s);
    }

    @Override // ru.CryptoPro.ssl.cl_48
    int c() {
        int length = this.s.length + 6 + this.t.length + this.u.length;
        if (this.v == null) {
            return length;
        }
        if (this.q.n >= cl_84.h.n) {
            length += cl_109.d();
        }
        int length2 = length + this.v.length;
        return r ? length2 + 2 : length2;
    }

    @Override // ru.CryptoPro.ssl.cl_48
    String d() {
        String str;
        StringBuffer stringBuffer = new StringBuffer("*** Diffie-Hellman ServerKeyExchange\n");
        stringBuffer.append(a("DH Modulus", this.s));
        stringBuffer.append(a("DH Base", this.t));
        stringBuffer.append(a("Server DH Public Key", this.u));
        if (this.v == null) {
            str = "Anonymous\n";
        } else {
            if (this.q.n >= cl_84.h.n) {
                stringBuffer.append("Signature Algorithm ");
                stringBuffer.append(this.w.c());
                stringBuffer.append("\n");
            }
            str = "Signed with a DSA or RSA public key\n";
        }
        stringBuffer.append(str);
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger e() {
        return new BigInteger(1, this.t);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger g() {
        return new BigInteger(1, this.u);
    }
}
