package org.spongycastle.crypto.tls;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.RSAKeyParameters;
import org.spongycastle.crypto.util.PublicKeyFactory;
import org.spongycastle.util.io.Streams;

/* loaded from: classes2.dex */
public class TlsRSAKeyExchange extends AbstractTlsKeyExchange {
    protected RSAKeyParameters cWI;
    protected TlsEncryptionCredentials cWJ;
    protected byte[] cWK;
    protected AsymmetricKeyParameter cWf;

    protected RSAKeyParameters a(RSAKeyParameters rSAKeyParameters) throws IOException {
        if (rSAKeyParameters.getExponent().isProbablePrime(2)) {
            return rSAKeyParameters;
        }
        throw new TlsFatalAlert((short) 47);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void a(Certificate certificate) throws IOException {
        if (certificate.isEmpty()) {
            throw new TlsFatalAlert((short) 42);
        }
        org.spongycastle.asn1.x509.Certificate gg = certificate.gg(0);
        try {
            this.cWf = PublicKeyFactory.b(gg.ZO());
            if (this.cWf.isPrivate()) {
                throw new TlsFatalAlert((short) 80);
            }
            this.cWI = a((RSAKeyParameters) this.cWf);
            TlsUtils.a(gg, 32);
            super.a(certificate);
        } catch (RuntimeException e2) {
            throw new TlsFatalAlert((short) 43, e2);
        }
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void a(TlsCredentials tlsCredentials) throws IOException {
        if (!(tlsCredentials instanceof TlsEncryptionCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
        a(tlsCredentials.afr());
        this.cWJ = (TlsEncryptionCredentials) tlsCredentials;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void agw() throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public byte[] agx() throws IOException {
        byte[] bArr = this.cWK;
        if (bArr == null) {
            throw new TlsFatalAlert((short) 80);
        }
        this.cWK = null;
        return bArr;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void b(CertificateRequest certificateRequest) throws IOException {
        for (short s : certificateRequest.afl()) {
            if (s != 64) {
                switch (s) {
                    case 1:
                    case 2:
                        break;
                    default:
                        throw new TlsFatalAlert((short) 47);
                }
            }
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void b(TlsCredentials tlsCredentials) throws IOException {
        if (!(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public void g(OutputStream outputStream) throws IOException {
        this.cWK = TlsRSAUtils.a(this.cTy, this.cWI, outputStream);
    }

    @Override // org.spongycastle.crypto.tls.AbstractTlsKeyExchange, org.spongycastle.crypto.tls.TlsKeyExchange
    public void u(InputStream inputStream) throws IOException {
        this.cWK = this.cWJ.bn(TlsUtils.c(this.cTy) ? Streams.Y(inputStream) : TlsUtils.J(inputStream));
    }
}
