package org.bouncycastle.tls;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.util.Arrays;

/* loaded from: classes4.dex */
public class TlsExtensionsUtils {
    public static final Integer EXT_application_layer_protocol_negotiation = 16;
    public static final Integer EXT_certificate_authorities = 47;
    public static final Integer EXT_client_certificate_type = 19;
    public static final Integer EXT_cookie = 44;
    public static final Integer EXT_early_data = 42;
    public static final Integer EXT_ec_point_formats = 11;
    public static final Integer EXT_encrypt_then_mac = 22;
    public static final Integer EXT_extended_master_secret = 23;
    public static final Integer EXT_key_share = 51;
    public static final Integer EXT_max_fragment_length = 1;
    public static final Integer EXT_padding = 21;
    public static final Integer EXT_pre_shared_key = 41;
    public static final Integer EXT_psk_key_exchange_modes = 45;
    public static final Integer EXT_server_certificate_type = 20;
    public static final Integer EXT_server_name = 0;
    public static final Integer EXT_signature_algorithms = 13;
    public static final Integer EXT_signature_algorithms_cert = 50;
    public static final Integer EXT_status_request = 5;
    public static final Integer EXT_status_request_v2 = 17;
    public static final Integer EXT_supported_groups = 10;
    public static final Integer EXT_supported_versions = 43;
    public static final Integer EXT_truncated_hmac = 4;
    public static final Integer EXT_trusted_ca_keys = 3;

    public static void addCertificateAuthoritiesExtension(Hashtable hashtable, Vector vector) throws IOException {
        Integer num = EXT_certificate_authorities;
        if (vector == null || vector.isEmpty()) {
            throw new TlsFatalAlert((short) 80);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = TlsUtils.DOWNGRADE_TLS11;
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(0);
        for (int i = 0; i < vector.size(); i++) {
            TlsUtils.writeOpaque16(byteArrayOutputStream, ((X500Name) vector.elementAt(i)).getEncoded("DER"));
        }
        hashtable.put(num, patchOpaque16(byteArrayOutputStream));
    }

    public static void addCookieExtension(Hashtable hashtable, byte[] bArr) throws IOException {
        Integer num = EXT_cookie;
        if (TlsUtils.isNullOrEmpty(bArr) || bArr.length >= 65536) {
            throw new TlsFatalAlert((short) 80);
        }
        TlsUtils.checkUint16(bArr.length);
        byte[] bArr2 = new byte[bArr.length + 2];
        TlsUtils.writeUint16(bArr2, bArr.length, 0);
        System.arraycopy(bArr, 0, bArr2, 2, bArr.length);
        hashtable.put(num, bArr2);
    }

    public static void addKeyShareClientHello(Hashtable hashtable, Vector vector) throws IOException {
        byte[] patchOpaque16;
        Integer num = EXT_key_share;
        if (vector.isEmpty()) {
            TlsUtils.checkUint16(0);
            patchOpaque16 = new byte[2];
            TlsUtils.writeUint16(patchOpaque16, 0, 0);
        } else {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = TlsUtils.DOWNGRADE_TLS11;
            byteArrayOutputStream.write(0);
            byteArrayOutputStream.write(0);
            for (int i = 0; i < vector.size(); i++) {
                KeyShareEntry keyShareEntry = (KeyShareEntry) vector.elementAt(i);
                int i2 = keyShareEntry.namedGroup;
                byte[] bArr2 = TlsUtils.DOWNGRADE_TLS11;
                byteArrayOutputStream.write(i2 >>> 8);
                byteArrayOutputStream.write(i2);
                TlsUtils.writeOpaque16(byteArrayOutputStream, keyShareEntry.keyExchange);
            }
            patchOpaque16 = patchOpaque16(byteArrayOutputStream);
        }
        hashtable.put(num, patchOpaque16);
    }

    public static void addSupportedPointFormatsExtension(Hashtable hashtable, short[] sArr) throws IOException {
        Integer num = EXT_ec_point_formats;
        if (!Arrays.contains((short) 0, sArr)) {
            int length = sArr.length;
            short[] sArr2 = new short[length + 1];
            System.arraycopy(sArr, 0, sArr2, 1, length);
            sArr2[0] = 0;
            sArr = sArr2;
        }
        hashtable.put(num, TlsUtils.encodeUint8ArrayWithUint8Length(sArr));
    }

    public static byte[] createALPNExtensionClient(Vector vector) throws IOException {
        if (vector.size() < 1) {
            throw new TlsFatalAlert((short) 80);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = TlsUtils.DOWNGRADE_TLS11;
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(0);
        for (int i = 0; i < vector.size(); i++) {
            TlsUtils.writeOpaque8(byteArrayOutputStream, ((ProtocolName) vector.elementAt(i)).bytes);
        }
        return patchOpaque16(byteArrayOutputStream);
    }

    public static ProtocolName getALPNExtensionServer(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_application_layer_protocol_negotiation);
        if (extensionData == null) {
            return null;
        }
        Vector readALPNExtensionClient = readALPNExtensionClient(extensionData);
        if (readALPNExtensionClient.size() == 1) {
            return (ProtocolName) readALPNExtensionClient.elementAt(0);
        }
        throw new TlsFatalAlert((short) 50);
    }

    public static Vector getCertificateAuthoritiesExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_certificate_authorities);
        if (extensionData == null) {
            return null;
        }
        if (extensionData.length < 5) {
            throw new TlsFatalAlert((short) 50);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(extensionData);
        if (TlsUtils.readUint16(byteArrayInputStream) != extensionData.length - 2) {
            throw new TlsFatalAlert((short) 50);
        }
        Vector vector = new Vector();
        while (byteArrayInputStream.available() > 0) {
            byte[] readOpaque16 = TlsUtils.readOpaque16(byteArrayInputStream);
            X500Name x500Name = X500Name.getInstance(TlsUtils.readASN1Object(readOpaque16));
            TlsUtils.requireDEREncoding(x500Name, readOpaque16);
            vector.addElement(x500Name);
        }
        return vector;
    }

    public static short getClientCertificateTypeExtensionServer(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_client_certificate_type);
        if (extensionData == null) {
            return (short) 0;
        }
        return TlsUtils.decodeUint8(extensionData);
    }

    public static byte[] getCookieExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_cookie);
        if (extensionData == null) {
            return null;
        }
        if (extensionData.length < 2) {
            throw new TlsFatalAlert((short) 50);
        }
        int readUint16 = TlsUtils.readUint16(0, extensionData);
        if (extensionData.length != readUint16 + 2 || readUint16 < 1) {
            throw new TlsFatalAlert((short) 50);
        }
        return TlsUtils.copyOfRangeExact(extensionData, 2, extensionData.length);
    }

    public static void getPaddingExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_padding);
        if (extensionData == null) {
            return;
        }
        int i = 0;
        for (byte b : extensionData) {
            i |= b;
        }
        if (i != 0) {
            throw new TlsFatalAlert((short) 47);
        }
    }

    public static Vector getServerNameExtensionClient(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_server_name);
        if (extensionData == null) {
            return null;
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(extensionData);
        ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(TlsUtils.readOpaque16(byteArrayInputStream));
        short[] sArr = TlsUtils.EMPTY_SHORTS;
        Vector vector = new Vector();
        while (byteArrayInputStream2.available() > 0) {
            ServerName serverName = new ServerName(TlsUtils.readUint8(byteArrayInputStream2), TlsUtils.readOpaque16(byteArrayInputStream2));
            short s = serverName.nameType;
            if (Arrays.contains(s, sArr)) {
                sArr = null;
            } else {
                int length = sArr.length;
                short[] sArr2 = new short[length + 1];
                System.arraycopy(sArr, 0, sArr2, 0, length);
                sArr2[length] = s;
                sArr = sArr2;
            }
            if (sArr == null) {
                throw new TlsFatalAlert((short) 47);
            }
            vector.addElement(serverName);
        }
        ServerNameList serverNameList = new ServerNameList(vector);
        TlsProtocol.assertEmpty(byteArrayInputStream);
        return serverNameList.serverNameList;
    }

    public static int[] getSupportedGroupsExtension(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_supported_groups);
        if (extensionData == null) {
            return null;
        }
        return readSupportedGroupsExtension(extensionData);
    }

    public static ProtocolVersion getSupportedVersionsExtensionServer(Hashtable hashtable) throws IOException {
        byte[] extensionData = TlsUtils.getExtensionData(hashtable, EXT_supported_versions);
        if (extensionData == null) {
            return null;
        }
        if (extensionData.length == 2) {
            return TlsUtils.readVersion(0, extensionData);
        }
        throw new TlsFatalAlert((short) 50);
    }

    public static byte[] patchOpaque16(ByteArrayOutputStream byteArrayOutputStream) throws IOException {
        int size = byteArrayOutputStream.size() - 2;
        TlsUtils.checkUint16(size);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        TlsUtils.writeUint16(byteArray, size, 0);
        return byteArray;
    }

    public static Vector readALPNExtensionClient(byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        if (TlsUtils.readUint16(byteArrayInputStream) != bArr.length - 2) {
            throw new TlsFatalAlert((short) 50);
        }
        Vector vector = new Vector();
        while (byteArrayInputStream.available() > 0) {
            vector.addElement(new ProtocolName(TlsUtils.readOpaque8(byteArrayInputStream, 1)));
        }
        return vector;
    }

    public static void readEmptyExtensionData(byte[] bArr) throws IOException {
        if (bArr.length != 0) {
            throw new TlsFatalAlert((short) 47);
        }
    }

    public static int[] readSupportedGroupsExtension(byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        int readUint16 = TlsUtils.readUint16(byteArrayInputStream);
        if (readUint16 < 2 || (readUint16 & 1) != 0) {
            throw new TlsFatalAlert((short) 50);
        }
        int i = readUint16 / 2;
        int[] iArr = new int[i];
        for (int i2 = 0; i2 < i; i2++) {
            iArr[i2] = TlsUtils.readUint16(byteArrayInputStream);
        }
        TlsProtocol.assertEmpty(byteArrayInputStream);
        return iArr;
    }
}
