package org.eclipse.californium.scandium.dtls;

import java.net.InetSocketAddress;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.util.Arrays;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.eclipse.californium.scandium.dtls.SignatureAndHashAlgorithm;
import org.eclipse.californium.scandium.dtls.cipher.ECDHECryptography;

/* compiled from: ECDHServerKeyExchange.java */
/* loaded from: classes4.dex */
public final class o extends l0 {
    private static final org.slf4j.b n = org.slf4j.c.i(o.class.getCanonicalName());

    /* renamed from: g, reason: collision with root package name */
    private ECPublicKey f27014g;

    /* renamed from: h, reason: collision with root package name */
    private ECPoint f27015h;

    /* renamed from: i, reason: collision with root package name */
    private byte[] f27016i;
    private final int j;
    private byte[] k;
    private final SignatureAndHashAlgorithm l;
    private int m;

    private o(SignatureAndHashAlgorithm signatureAndHashAlgorithm, int i2, InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
        this.f27014g = null;
        this.f27015h = null;
        this.f27016i = null;
        this.k = null;
        this.m = 3;
        this.l = signatureAndHashAlgorithm;
        this.j = i2;
    }

    private o(SignatureAndHashAlgorithm signatureAndHashAlgorithm, int i2, byte[] bArr, byte[] bArr2, InetSocketAddress inetSocketAddress) throws HandshakeException {
        this(signatureAndHashAlgorithm, i2, inetSocketAddress);
        this.f27016i = Arrays.copyOf(bArr, bArr.length);
        this.k = Arrays.copyOf(bArr2, bArr2.length);
        ECDHECryptography.SupportedGroup fromId = ECDHECryptography.SupportedGroup.fromId(i2);
        if (fromId == null || !fromId.isUsable()) {
            throw new HandshakeException(String.format("Server used unsupported elliptic curve (%d) for ECDH", Integer.valueOf(i2)), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, inetSocketAddress));
        }
        try {
            this.f27015h = ECDHECryptography.b(bArr, fromId.getEcParams().getCurve());
            this.f27014g = (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(new ECPublicKeySpec(this.f27015h, fromId.getEcParams()));
        } catch (GeneralSecurityException e2) {
            n.debug("Cannot re-create server's public key from params", (Throwable) e2);
            throw new HandshakeException(String.format("Cannot re-create server's public key from params: %s", e2.getMessage()), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.INTERNAL_ERROR, inetSocketAddress));
        }
    }

    public o(SignatureAndHashAlgorithm signatureAndHashAlgorithm, ECDHECryptography eCDHECryptography, PrivateKey privateKey, b0 b0Var, b0 b0Var2, int i2, InetSocketAddress inetSocketAddress) throws GeneralSecurityException {
        this(signatureAndHashAlgorithm, i2, inetSocketAddress);
        ECPublicKey d2 = eCDHECryptography.d();
        this.f27014g = d2;
        ECParameterSpec params = d2.getParams();
        ECPoint w = this.f27014g.getW();
        this.f27015h = w;
        this.f27016i = ECDHECryptography.c(w, params.getCurve());
        Signature signature = Signature.getInstance(this.l.c());
        signature.initSign(privateKey);
        r(signature, b0Var, b0Var2);
        this.k = signature.sign();
    }

    public static r o(byte[] bArr, InetSocketAddress inetSocketAddress) throws HandshakeException {
        org.eclipse.californium.elements.s.b bVar = new org.eclipse.californium.elements.s.b(bArr);
        int d2 = bVar.d(8);
        if (d2 == 3) {
            return q(bVar, inetSocketAddress);
        }
        throw new HandshakeException(String.format("Curve type [%s] received in ServerKeyExchange message from peer [%s] is unsupported", Integer.valueOf(d2), inetSocketAddress), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, inetSocketAddress));
    }

    private static o q(org.eclipse.californium.elements.s.b bVar, InetSocketAddress inetSocketAddress) throws HandshakeException {
        byte[] bArr;
        int d2 = bVar.d(16);
        byte[] e2 = bVar.e(bVar.d(8));
        byte[] f2 = bVar.f();
        SignatureAndHashAlgorithm signatureAndHashAlgorithm = new SignatureAndHashAlgorithm(SignatureAndHashAlgorithm.HashAlgorithm.SHA256, SignatureAndHashAlgorithm.SignatureAlgorithm.ECDSA);
        if (f2.length > 0) {
            org.eclipse.californium.elements.s.b bVar2 = new org.eclipse.californium.elements.s.b(f2);
            SignatureAndHashAlgorithm signatureAndHashAlgorithm2 = new SignatureAndHashAlgorithm(bVar2.d(8), bVar2.d(8));
            bArr = bVar2.e(bVar2.d(16));
            signatureAndHashAlgorithm = signatureAndHashAlgorithm2;
        } else {
            bArr = null;
        }
        return new o(signatureAndHashAlgorithm, d2, e2, bArr, inetSocketAddress);
    }

    private void r(Signature signature, b0 b0Var, b0 b0Var2) throws SignatureException {
        signature.update(b0Var.a());
        signature.update(b0Var2.a());
        int i2 = this.m;
        if (i2 == 1 || i2 == 2) {
            return;
        }
        if (i2 != 3) {
            n.warn("Unknown curve type [{}]", Integer.valueOf(i2));
        } else {
            s(signature);
        }
    }

    private void s(Signature signature) throws SignatureException {
        signature.update((byte) 3);
        signature.update((byte) (this.j >> 8));
        signature.update((byte) this.j);
        signature.update((byte) this.f27016i.length);
        signature.update(this.f27016i);
    }

    private void u(org.eclipse.californium.elements.s.c cVar) {
        cVar.b(3, 8);
        cVar.b(this.j, 16);
        cVar.b(this.f27016i.length, 8);
        cVar.d(this.f27016i);
        if (this.k != null) {
            cVar.b(this.l.a().getCode(), 8);
            cVar.b(this.l.b().getCode(), 8);
            cVar.b(this.k.length, 16);
            cVar.d(this.k);
        }
    }

    @Override // org.eclipse.californium.scandium.dtls.r
    public byte[] b() {
        org.eclipse.californium.elements.s.c cVar = new org.eclipse.californium.elements.s.c();
        int i2 = this.m;
        if (i2 != 1 && i2 != 2) {
            if (i2 != 3) {
                n.warn("Unknown curve type [{}]", Integer.valueOf(i2));
            } else {
                u(cVar);
            }
        }
        return cVar.a();
    }

    @Override // org.eclipse.californium.scandium.dtls.r
    public int f() {
        int i2 = this.m;
        if (i2 == 1 || i2 == 2) {
            return 0;
        }
        if (i2 != 3) {
            n.warn("Unknown curve type [{}]", Integer.valueOf(i2));
            return 0;
        }
        byte[] bArr = this.k;
        return (bArr != null ? bArr.length + 4 : 0) + this.f27016i.length + 4;
    }

    public ECPublicKey p() {
        return this.f27014g;
    }

    public void t(PublicKey publicKey, b0 b0Var, b0 b0Var2) throws HandshakeException {
        if (this.k == null) {
            return;
        }
        boolean z = false;
        try {
            Signature signature = Signature.getInstance(this.l.c());
            signature.initVerify(publicKey);
            r(signature, b0Var, b0Var2);
            z = signature.verify(this.k);
        } catch (GeneralSecurityException e2) {
            n.error("Could not verify the server's signature.", (Throwable) e2);
        }
        if (!z) {
            throw new HandshakeException("The server's ECDHE key exchange message's signature could not be verified.", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, a()));
        }
    }

    @Override // org.eclipse.californium.scandium.dtls.r
    public String toString() {
        return super.toString() + "\t\tDiffie-Hellman public key: " + p().toString() + System.lineSeparator();
    }
}
