package com.tongweb.gmssl.jsse.security.ssl;

import java.io.PrintStream;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.util.Collection;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLKeyException;

/* loaded from: input_file:com/tongweb/gmssl/jsse/security/ssl/R.class */
public final class R extends AbstractC0001aa {
    private static final boolean a = C0046u.a("com.sun.net.ssl.dhKeyExchangeFix", true);
    private byte[] g;
    private byte[] h;
    private byte[] i;
    private byte[] j;
    private C0016ap k;
    private aZ l;

    /* JADX INFO: Access modifiers changed from: package-private */
    public R(C0028c c0028c, C0016ap c0016ap) {
        this.k = c0016ap;
        this.l = null;
        a(c0028c);
        this.j = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public R(C0028c c0028c, PrivateKey privateKey, byte[] bArr, byte[] bArr2, SecureRandom secureRandom, aZ aZVar, C0016ap c0016ap) {
        Signature b;
        this.k = c0016ap;
        a(c0028c);
        if (c0016ap.m >= C0016ap.f.m) {
            this.l = aZVar;
            b = C0009ai.b(aZVar.c());
        } else {
            this.l = null;
            b = privateKey.getAlgorithm().equals("DSA") ? C0009ai.b("DSA") : C0018ar.a();
        }
        b.initSign(privateKey, secureRandom);
        a(b, bArr, bArr2);
        this.j = b.sign();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public R(K k, C0016ap c0016ap) {
        this.k = c0016ap;
        this.l = null;
        this.g = k.f();
        this.h = k.f();
        this.i = k.f();
        this.j = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public R(K k, PublicKey publicKey, byte[] bArr, byte[] bArr2, int i, Collection<aZ> collection, C0016ap c0016ap) {
        byte[] bArr3;
        Signature a2;
        this.k = c0016ap;
        this.g = k.f();
        this.h = k.f();
        this.i = k.f();
        if (c0016ap.m >= C0016ap.f.m) {
            this.l = aZ.a(k.read(), k.read(), 0);
            if (!collection.contains(this.l)) {
                throw new SSLHandshakeException("Unsupported SignatureAndHashAlgorithm in ServerKeyExchange message");
            }
        } else {
            this.l = null;
        }
        if (a) {
            bArr3 = k.f();
        } else {
            bArr3 = new byte[((i - (this.g.length + 2)) - (this.h.length + 2)) - (this.i.length + 2)];
            k.read(bArr3);
        }
        String algorithm = publicKey.getAlgorithm();
        if (c0016ap.m >= C0016ap.f.m) {
            a2 = C0009ai.b(this.l.c());
        } else if (algorithm.equals("DSA")) {
            a2 = C0009ai.b("DSA");
        } else {
            if (!algorithm.equals("RSA")) {
                throw new SSLKeyException("neither an RSA or a DSA key");
            }
            a2 = C0018ar.a();
        }
        a2.initVerify(publicKey);
        a(a2, bArr, bArr2);
        if (!a2.verify(bArr3)) {
            throw new SSLKeyException("Server D-H key verification failed");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final BigInteger b() {
        return new BigInteger(1, this.g);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final BigInteger d() {
        return new BigInteger(1, this.h);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final BigInteger e() {
        return new BigInteger(1, this.i);
    }

    private void a(Signature signature, byte[] bArr, byte[] bArr2) {
        signature.update(bArr);
        signature.update(bArr2);
        int length = this.g.length;
        signature.update((byte) (length >> 8));
        signature.update((byte) length);
        signature.update(this.g);
        int length2 = this.h.length;
        signature.update((byte) (length2 >> 8));
        signature.update((byte) length2);
        signature.update(this.h);
        int length3 = this.i.length;
        signature.update((byte) (length3 >> 8));
        signature.update((byte) length3);
        signature.update(this.i);
    }

    private void a(C0028c c0028c) {
        this.g = a(c0028c.a());
        this.h = a(c0028c.b());
        this.i = a(c0028c.c());
    }

    @Override // com.tongweb.gmssl.jsse.security.ssl.L
    public final int c() {
        int length = 6 + this.g.length + this.h.length + this.i.length;
        if (this.j != null) {
            if (this.k.m >= C0016ap.f.m) {
                length += aZ.d();
            }
            length += this.j.length;
            if (a) {
                length += 2;
            }
        }
        return length;
    }

    @Override // com.tongweb.gmssl.jsse.security.ssl.L
    public final void a(C0002ab c0002ab) {
        c0002ab.b(this.g);
        c0002ab.b(this.h);
        c0002ab.b(this.i);
        if (this.j != null) {
            if (this.k.m >= C0016ap.f.m) {
                c0002ab.a(this.l.a());
                c0002ab.a(this.l.b());
            }
            if (a) {
                c0002ab.b(this.j);
            } else {
                c0002ab.write(this.j);
            }
        }
    }

    @Override // com.tongweb.gmssl.jsse.security.ssl.L
    public final void a(PrintStream printStream) {
        printStream.println("*** Diffie-Hellman ServerKeyExchange");
        if (b == null || !C0046u.b("verbose")) {
            return;
        }
        C0046u.a(printStream, "DH Modulus", this.g);
        C0046u.a(printStream, "DH Base", this.h);
        C0046u.a(printStream, "Server DH Public Key", this.i);
        if (this.j == null) {
            printStream.println("Anonymous");
            return;
        }
        if (this.k.m >= C0016ap.f.m) {
            printStream.println("Signature Algorithm " + this.l.c());
        }
        printStream.println("Signed with a DSA or RSA public key");
    }

    @Override // com.tongweb.gmssl.jsse.security.ssl.AbstractC0001aa, com.tongweb.gmssl.jsse.security.ssl.L
    public final /* bridge */ /* synthetic */ int a() {
        return super.a();
    }
}
