package com.bugvm.conscrypt;

import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPublicKeySpec;

/* loaded from: input_file:com/bugvm/conscrypt/ServerKeyExchange.class */
public class ServerKeyExchange extends Message {
    final BigInteger par1;
    final byte[] bytes1;
    final BigInteger par2;
    final byte[] bytes2;
    final BigInteger par3;
    final byte[] bytes3;
    final byte[] hash;
    private RSAPublicKey key;

    public ServerKeyExchange(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, byte[] bArr) {
        this.par1 = bigInteger;
        this.par2 = bigInteger2;
        this.par3 = bigInteger3;
        this.hash = bArr;
        this.bytes1 = toUnsignedByteArray(this.par1);
        this.bytes2 = toUnsignedByteArray(this.par2);
        this.length = 4 + this.bytes1.length + this.bytes2.length;
        if (bArr != null) {
            this.length += 2 + bArr.length;
        }
        if (bigInteger3 == null) {
            this.bytes3 = null;
        } else {
            this.bytes3 = toUnsignedByteArray(this.par3);
            this.length += 2 + this.bytes3.length;
        }
    }

    public static byte[] toUnsignedByteArray(BigInteger bigInteger) {
        if (bigInteger == null) {
            return null;
        }
        byte[] byteArray = bigInteger.toByteArray();
        if (byteArray[0] != 0) {
            return byteArray;
        }
        byte[] bArr = new byte[byteArray.length - 1];
        System.arraycopy((Object) byteArray, 1, (Object) bArr, 0, bArr.length);
        return bArr;
    }

    public static void updateSignatureRsa(DigitalSignature digitalSignature, BigInteger bigInteger, BigInteger bigInteger2) {
        byte[] unsignedByteArray = toUnsignedByteArray(bigInteger);
        byte[] bArr = {(byte) ((unsignedByteArray.length & 65280) >>> 8), (byte) (unsignedByteArray.length & 255)};
        digitalSignature.update(bArr);
        digitalSignature.update(unsignedByteArray);
        byte[] unsignedByteArray2 = toUnsignedByteArray(bigInteger2);
        bArr[0] = (byte) ((unsignedByteArray2.length & 65280) >>> 8);
        bArr[1] = (byte) (unsignedByteArray2.length & 255);
        digitalSignature.update(bArr);
        digitalSignature.update(unsignedByteArray2);
    }

    public static void updateSignatureDh(DigitalSignature digitalSignature, BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3) {
        byte[] unsignedByteArray = toUnsignedByteArray(bigInteger);
        byte[] bArr = {(byte) ((unsignedByteArray.length & 65280) >>> 8), (byte) (unsignedByteArray.length & 255)};
        digitalSignature.update(bArr);
        digitalSignature.update(unsignedByteArray);
        byte[] unsignedByteArray2 = toUnsignedByteArray(bigInteger2);
        bArr[0] = (byte) ((unsignedByteArray2.length & 65280) >>> 8);
        bArr[1] = (byte) (unsignedByteArray2.length & 255);
        digitalSignature.update(bArr);
        digitalSignature.update(unsignedByteArray2);
        byte[] unsignedByteArray3 = toUnsignedByteArray(bigInteger3);
        bArr[0] = (byte) ((unsignedByteArray3.length & 65280) >>> 8);
        bArr[1] = (byte) (unsignedByteArray3.length & 255);
        digitalSignature.update(bArr);
        digitalSignature.update(unsignedByteArray3);
    }

    public boolean verifySignature(DigitalSignature digitalSignature) {
        if (this.par3 != null) {
            updateSignatureDh(digitalSignature, this.par1, this.par2, this.par3);
        } else {
            updateSignatureRsa(digitalSignature, this.par1, this.par2);
        }
        return digitalSignature.verifySignature(this.hash);
    }

    public boolean isAnonymous() {
        return this.hash == null;
    }

    public ServerKeyExchange(HandshakeIODataStream handshakeIODataStream, int i, int i2) throws IOException {
        this.bytes1 = handshakeIODataStream.read(handshakeIODataStream.readUint16());
        this.par1 = new BigInteger(1, this.bytes1);
        this.length = 2 + this.bytes1.length;
        this.bytes2 = handshakeIODataStream.read(handshakeIODataStream.readUint16());
        this.par2 = new BigInteger(1, this.bytes2);
        this.length += 2 + this.bytes2.length;
        if (i2 != 2) {
            this.bytes3 = handshakeIODataStream.read(handshakeIODataStream.readUint16());
            this.par3 = new BigInteger(1, this.bytes3);
            this.length += 2 + this.bytes3.length;
        } else {
            this.par3 = null;
            this.bytes3 = null;
        }
        if (i2 == 10 || i2 == 9) {
            this.hash = null;
        } else {
            this.hash = handshakeIODataStream.read(handshakeIODataStream.readUint16());
            this.length += 2 + this.hash.length;
        }
        if (this.length != i) {
            fatalAlert((byte) 50, "DECODE ERROR: incorrect ServerKeyExchange");
        }
    }

    @Override // com.bugvm.conscrypt.Message
    public void send(HandshakeIODataStream handshakeIODataStream) {
        handshakeIODataStream.writeUint16(this.bytes1.length);
        handshakeIODataStream.write(this.bytes1);
        handshakeIODataStream.writeUint16(this.bytes2.length);
        handshakeIODataStream.write(this.bytes2);
        if (this.bytes3 != null) {
            handshakeIODataStream.writeUint16(this.bytes3.length);
            handshakeIODataStream.write(this.bytes3);
        }
        if (this.hash != null) {
            handshakeIODataStream.writeUint16(this.hash.length);
            handshakeIODataStream.write(this.hash);
        }
    }

    public RSAPublicKey getRSAPublicKey() {
        if (this.key != null) {
            return this.key;
        }
        try {
            this.key = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(this.par1, this.par2));
            return this.key;
        } catch (Exception e) {
            return null;
        }
    }

    @Override // com.bugvm.conscrypt.Message
    public int getType() {
        return 12;
    }
}
