package org.bouncycastle.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.util.Arrays;

/* loaded from: classes4.dex */
public class TlsExtensionsUtils {
    public static final Integer EXT_application_layer_protocol_negotiation = 16;
    public static final Integer EXT_certificate_authorities = 47;
    public static final Integer EXT_cookie = 44;
    public static final Integer EXT_early_data = 42;
    public static final Integer EXT_ec_point_formats = 11;
    public static final Integer EXT_encrypt_then_mac = 22;
    public static final Integer EXT_extended_master_secret = 23;
    public static final Integer EXT_key_share = 51;
    public static final Integer EXT_max_fragment_length = 1;
    public static final Integer EXT_padding = 21;
    public static final Integer EXT_pre_shared_key = 41;
    public static final Integer EXT_psk_key_exchange_modes = 45;
    public static final Integer EXT_server_name = 0;
    public static final Integer EXT_signature_algorithms = 13;
    public static final Integer EXT_signature_algorithms_cert = 50;
    public static final Integer EXT_status_request = 5;
    public static final Integer EXT_status_request_v2 = 17;
    public static final Integer EXT_supported_groups = 10;
    public static final Integer EXT_supported_versions = 43;
    public static final Integer EXT_truncated_hmac = 4;
    public static final Integer EXT_trusted_ca_keys = 3;

    public static void addCertificateAuthoritiesExtension(Hashtable hashtable, Vector vector) throws IOException {
        Integer num = EXT_certificate_authorities;
        if (vector == null || vector.isEmpty()) {
            throw new TlsFatalAlert((short) 80);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = TlsUtils.EMPTY_BYTES;
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(0);
        for (int i2 = 0; i2 < vector.size(); i2++) {
            TlsUtils.writeOpaque16(((X500Name) vector.elementAt(i2)).getEncoded("DER"), byteArrayOutputStream);
        }
        hashtable.put(num, patchOpaque16(byteArrayOutputStream));
    }

    public static void addCookieExtension(Hashtable hashtable, byte[] bArr) throws IOException {
        Integer num = EXT_cookie;
        if (TlsUtils.isNullOrEmpty(bArr) || bArr.length >= 65536) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsUtils.checkUint16(bArr.length);
        byte[] bArr2 = new byte[bArr.length + 2];
        int length = bArr.length;
        bArr2[0] = (byte) (length >>> 8);
        bArr2[1] = (byte) length;
        System.arraycopy(bArr, 0, bArr2, 2, bArr.length);
        hashtable.put(num, bArr2);
    }

    public static void addExtendedMasterSecretExtension(Hashtable hashtable) {
        hashtable.put(EXT_extended_master_secret, TlsUtils.EMPTY_BYTES);
    }

    public static void addKeyShareClientHello(Hashtable hashtable, Vector vector) throws IOException {
        byte[] patchOpaque16;
        Integer num = EXT_key_share;
        if (vector.isEmpty()) {
            patchOpaque16 = TlsUtils.encodeUint16(0);
        } else {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = TlsUtils.EMPTY_BYTES;
            byteArrayOutputStream.write(0);
            byteArrayOutputStream.write(0);
            for (int i2 = 0; i2 < vector.size(); i2++) {
                KeyShareEntry keyShareEntry = (KeyShareEntry) vector.elementAt(i2);
                int namedGroup = keyShareEntry.getNamedGroup();
                byte[] bArr2 = TlsUtils.EMPTY_BYTES;
                byteArrayOutputStream.write(namedGroup >>> 8);
                byteArrayOutputStream.write(namedGroup);
                TlsUtils.writeOpaque16(keyShareEntry.keyExchange, byteArrayOutputStream);
            }
            patchOpaque16 = patchOpaque16(byteArrayOutputStream);
        }
        hashtable.put(num, patchOpaque16);
    }

    public static void addStatusRequestV2Extension(Hashtable hashtable, Vector vector) throws IOException {
        Integer num = EXT_status_request_v2;
        if (vector.isEmpty()) {
            throw new TlsFatalAlert((short) 80);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = TlsUtils.EMPTY_BYTES;
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(0);
        for (int i2 = 0; i2 < vector.size(); i2++) {
            CertificateStatusRequestItemV2 certificateStatusRequestItemV2 = (CertificateStatusRequestItemV2) vector.elementAt(i2);
            short s2 = certificateStatusRequestItemV2.statusType;
            byte[] bArr2 = TlsUtils.EMPTY_BYTES;
            byteArrayOutputStream.write(s2);
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            short s3 = certificateStatusRequestItemV2.statusType;
            if (s3 != 1 && s3 != 2) {
                throw new TlsFatalAlert((short) 80);
            }
            ((OCSPStatusRequest) certificateStatusRequestItemV2.request).encode(byteArrayOutputStream2);
            TlsUtils.writeOpaque16(byteArrayOutputStream2.toByteArray(), byteArrayOutputStream);
        }
        hashtable.put(num, patchOpaque16(byteArrayOutputStream));
    }

    public static void addSupportedPointFormatsExtension(Hashtable hashtable, short[] sArr) throws IOException {
        Integer num = EXT_ec_point_formats;
        if (!Arrays.contains(sArr, (short) 0)) {
            int length = sArr.length;
            short[] sArr2 = new short[length + 1];
            System.arraycopy(sArr, 0, sArr2, 1, length);
            sArr2[0] = 0;
            sArr = sArr2;
        }
        hashtable.put(num, TlsUtils.encodeUint8ArrayWithUint8Length(sArr));
    }

    public static void addSupportedVersionsExtensionServer(Hashtable hashtable, ProtocolVersion protocolVersion) throws IOException {
        Integer num = EXT_supported_versions;
        byte[] bArr = TlsUtils.EMPTY_BYTES;
        hashtable.put(num, new byte[]{(byte) protocolVersion.getMajorVersion(), (byte) protocolVersion.getMinorVersion()});
    }

    public static void addTrustedCAKeysExtensionClient(Hashtable hashtable, Vector vector) throws IOException {
        Integer num = EXT_trusted_ca_keys;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = TlsUtils.EMPTY_BYTES;
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(0);
        for (int i2 = 0; i2 < vector.size(); i2++) {
            TrustedAuthority trustedAuthority = (TrustedAuthority) vector.elementAt(i2);
            short s2 = trustedAuthority.identifierType;
            byte[] bArr2 = TlsUtils.EMPTY_BYTES;
            byteArrayOutputStream.write(s2);
            short s3 = trustedAuthority.identifierType;
            if (s3 != 0) {
                if (s3 != 1) {
                    if (s3 == 2) {
                        TlsUtils.writeOpaque16(((X500Name) trustedAuthority.identifier).getEncoded("DER"), byteArrayOutputStream);
                    } else if (s3 != 3) {
                        throw new TlsFatalAlert((short) 80);
                    }
                }
                byteArrayOutputStream.write((byte[]) trustedAuthority.identifier);
            }
        }
        hashtable.put(num, patchOpaque16(byteArrayOutputStream));
    }

    public static byte[] createALPNExtensionClient(Vector vector) throws IOException {
        if (vector == null || vector.size() < 1) {
            throw new TlsFatalAlert((short) 80);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = TlsUtils.EMPTY_BYTES;
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(0);
        for (int i2 = 0; i2 < vector.size(); i2++) {
            ((ProtocolName) vector.elementAt(i2)).encode(byteArrayOutputStream);
        }
        return patchOpaque16(byteArrayOutputStream);
    }

    public static Hashtable ensureExtensionsInitialised(Hashtable hashtable) {
        return hashtable == null ? new Hashtable() : hashtable;
    }

    public static ProtocolName getALPNExtensionServer(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_application_layer_protocol_negotiation);
        if (extensionData == null) {
            return null;
        }
        Vector readALPNExtensionClient = readALPNExtensionClient(extensionData);
        if (readALPNExtensionClient.size() == 1) {
            return (ProtocolName) readALPNExtensionClient.elementAt(0);
        }
        throw new TlsFatalAlert((short) 50);
    }

    public static Vector getCertificateAuthoritiesExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_certificate_authorities);
        if (extensionData == null) {
            return null;
        }
        if (extensionData.length < 5) {
            throw new TlsFatalAlert((short) 50);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(extensionData);
        if (TlsUtils.readUint16(byteArrayInputStream) != extensionData.length - 2) {
            throw new TlsFatalAlert((short) 50);
        }
        Vector vector = new Vector();
        while (byteArrayInputStream.available() > 0) {
            byte[] readOpaque16 = TlsUtils.readOpaque16(byteArrayInputStream, 1);
            X500Name x500Name = X500Name.getInstance(TlsUtils.readASN1Object(readOpaque16));
            TlsUtils.requireDEREncoding(x500Name, readOpaque16);
            vector.addElement(x500Name);
        }
        return vector;
    }

    public static byte[] getCookieExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_cookie);
        if (extensionData == null) {
            return null;
        }
        byte[] bArr = TlsUtils.EMPTY_BYTES;
        if (extensionData.length < 2) {
            throw new TlsFatalAlert((short) 50);
        }
        int readUint16 = TlsUtils.readUint16(extensionData, 0);
        if (extensionData.length != readUint16 + 2 || readUint16 < 1) {
            throw new TlsFatalAlert((short) 50);
        }
        return TlsUtils.copyOfRangeExact(extensionData, 2, extensionData.length);
    }

    public static short getMaxFragmentLengthExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_max_fragment_length);
        if (extensionData == null) {
            return (short) -1;
        }
        byte[] bArr = TlsUtils.EMPTY_BYTES;
        if (extensionData.length == 1) {
            return (short) (extensionData[0] & 255);
        }
        throw new TlsFatalAlert((short) 50);
    }

    public static int getPaddingExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_padding);
        if (extensionData == null) {
            return -1;
        }
        int i2 = 0;
        for (byte b2 : extensionData) {
            i2 |= b2;
        }
        if (i2 == 0) {
            return extensionData.length;
        }
        throw new TlsFatalAlert((short) 47);
    }

    public static Vector getServerNameExtensionClient(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_server_name);
        if (extensionData == null) {
            return null;
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(extensionData);
        ServerNameList parse = ServerNameList.parse(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        return parse.serverNameList;
    }

    public static int[] getSupportedGroupsExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_supported_groups);
        if (extensionData == null) {
            return null;
        }
        return readSupportedGroupsExtension(extensionData);
    }

    public static ProtocolVersion getSupportedVersionsExtensionServer(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_supported_versions);
        if (extensionData == null) {
            return null;
        }
        if (extensionData.length == 2) {
            return TlsUtils.readVersion(extensionData, 0);
        }
        throw new TlsFatalAlert((short) 50);
    }

    public static boolean hasEncryptThenMACExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_encrypt_then_mac);
        if (extensionData == null) {
            return false;
        }
        readEmptyExtensionData(extensionData);
        return true;
    }

    public static boolean hasExtendedMasterSecretExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_extended_master_secret);
        if (extensionData == null) {
            return false;
        }
        readEmptyExtensionData(extensionData);
        return true;
    }

    public static boolean hasServerNameExtensionServer(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_server_name);
        if (extensionData == null) {
            return false;
        }
        readEmptyExtensionData(extensionData);
        return true;
    }

    public static boolean hasTruncatedHMacExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_truncated_hmac);
        if (extensionData == null) {
            return false;
        }
        readEmptyExtensionData(extensionData);
        return true;
    }

    private static byte[] patchOpaque16(ByteArrayOutputStream byteArrayOutputStream) throws IOException {
        int size = byteArrayOutputStream.size() - 2;
        TlsUtils.checkUint16(size);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        TlsUtils.writeUint16(size, byteArray, 0);
        return byteArray;
    }

    public static Vector readALPNExtensionClient(byte[] bArr) throws IOException {
        if (bArr == null) {
            throw new IllegalArgumentException("'extensionData' cannot be null");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        if (TlsUtils.readUint16(byteArrayInputStream) != bArr.length - 2) {
            throw new TlsFatalAlert((short) 50);
        }
        Vector vector = new Vector();
        while (byteArrayInputStream.available() > 0) {
            vector.addElement(ProtocolName.parse(byteArrayInputStream));
        }
        return vector;
    }

    private static boolean readEmptyExtensionData(byte[] bArr) throws IOException {
        if (bArr == null) {
            throw new IllegalArgumentException("'extensionData' cannot be null");
        }
        if (bArr.length == 0) {
            return true;
        }
        throw new TlsFatalAlert((short) 47);
    }

    public static Vector readSignatureAlgorithmsExtension(byte[] bArr) throws IOException {
        if (bArr == null) {
            throw new IllegalArgumentException("'extensionData' cannot be null");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Vector parseSupportedSignatureAlgorithms = TlsUtils.parseSupportedSignatureAlgorithms(byteArrayInputStream);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        return parseSupportedSignatureAlgorithms;
    }

    public static int[] readSupportedGroupsExtension(byte[] bArr) throws IOException {
        if (bArr == null) {
            throw new IllegalArgumentException("'extensionData' cannot be null");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        int readUint16 = TlsUtils.readUint16(byteArrayInputStream);
        if (readUint16 < 2 || (readUint16 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        int i2 = readUint16 / 2;
        int[] iArr = new int[i2];
        for (int i3 = 0; i3 < i2; i3++) {
            iArr[i3] = TlsUtils.readUint16(byteArrayInputStream);
        }
        TlsProtocol.assertEmpty(byteArrayInputStream);
        return iArr;
    }

    public static short[] readSupportedPointFormatsExtension(byte[] bArr) throws IOException {
        short[] decodeUint8ArrayWithUint8Length = TlsUtils.decodeUint8ArrayWithUint8Length(bArr);
        if (Arrays.contains(decodeUint8ArrayWithUint8Length, (short) 0)) {
            return decodeUint8ArrayWithUint8Length;
        }
        throw new TlsFatalAlert((short) 47);
    }
}
