package o;

import java.net.InetSocketAddress;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.util.Arrays;
import o.gok;
import o.gqt;
import o.grc;

/* loaded from: classes15.dex */
public final class gpi extends gqp {
    private static final gsr b = gso.c(gpi.class.getCanonicalName());
    private byte[] a;
    private ECPoint c;
    private final int d;
    private ECPublicKey e;
    private final gqt f;
    private int g;
    private byte[] h;

    private gpi(gqt gqtVar, int i, InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
        this.e = null;
        this.c = null;
        this.a = null;
        this.h = null;
        this.g = 3;
        this.f = gqtVar;
        this.d = i;
    }

    private gpi(gqt gqtVar, int i, byte[] bArr, byte[] bArr2, InetSocketAddress inetSocketAddress) throws gpo {
        this(gqtVar, i, inetSocketAddress);
        this.a = Arrays.copyOf(bArr, bArr.length);
        this.h = Arrays.copyOf(bArr2, bArr2.length);
        grc.e e = grc.e.e(i);
        if (e == null || !e.a()) {
            throw new gpo(String.format("Server used unsupported elliptic curve (%d) for ECDH", Integer.valueOf(i)), new gok(gok.d.FATAL, gok.c.HANDSHAKE_FAILURE, inetSocketAddress));
        }
        try {
            this.c = grc.c(bArr, e.b().getCurve());
            this.e = (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(new ECPublicKeySpec(this.c, e.b()));
        } catch (GeneralSecurityException e2) {
            b.c("Cannot re-create server's public key from params", (Throwable) e2);
            throw new gpo(String.format("Cannot re-create server's public key from params: %s", e2.getMessage()), new gok(gok.d.FATAL, gok.c.INTERNAL_ERROR, inetSocketAddress));
        }
    }

    public gpi(gqt gqtVar, grc grcVar, PrivateKey privateKey, gqf gqfVar, gqf gqfVar2, int i, InetSocketAddress inetSocketAddress) throws GeneralSecurityException {
        this(gqtVar, i, inetSocketAddress);
        this.e = grcVar.d();
        ECParameterSpec params = this.e.getParams();
        this.c = this.e.getW();
        this.a = grc.e(this.c, params.getCurve());
        Signature signature = Signature.getInstance(this.f.c());
        signature.initSign(privateKey);
        a(signature, gqfVar, gqfVar2);
        this.h = signature.sign();
    }

    private void a(Signature signature, gqf gqfVar, gqf gqfVar2) throws SignatureException {
        signature.update(gqfVar.b());
        signature.update(gqfVar2.b());
        int i = this.g;
        if (i == 1 || i == 2) {
            return;
        }
        if (i != 3) {
            b.a("Unknown curve type [{}]", Integer.valueOf(i));
        } else {
            e(signature);
        }
    }

    private void a(gnu gnuVar) {
        gnuVar.b(3, 8);
        gnuVar.b(this.d, 16);
        gnuVar.b(this.a.length, 8);
        gnuVar.d(this.a);
        if (this.h != null) {
            gnuVar.b(this.f.d().a(), 8);
            gnuVar.b(this.f.a().a(), 8);
            gnuVar.b(this.h.length, 16);
            gnuVar.d(this.h);
        }
    }

    public static gpp d(byte[] bArr, InetSocketAddress inetSocketAddress) throws gpo {
        gnt gntVar = new gnt(bArr);
        int a = gntVar.a(8);
        if (a == 3) {
            return e(gntVar, inetSocketAddress);
        }
        throw new gpo(String.format("Curve type [%s] received in ServerKeyExchange message from peer [%s] is unsupported", Integer.valueOf(a), inetSocketAddress), new gok(gok.d.FATAL, gok.c.HANDSHAKE_FAILURE, inetSocketAddress));
    }

    private static gpi e(gnt gntVar, InetSocketAddress inetSocketAddress) throws gpo {
        byte[] bArr;
        int a = gntVar.a(16);
        byte[] c = gntVar.c(gntVar.a(8));
        byte[] b2 = gntVar.b();
        gqt gqtVar = new gqt(gqt.e.SHA256, gqt.c.ECDSA);
        if (b2.length > 0) {
            gnt gntVar2 = new gnt(b2);
            gqt gqtVar2 = new gqt(gntVar2.a(8), gntVar2.a(8));
            bArr = gntVar2.c(gntVar2.a(16));
            gqtVar = gqtVar2;
        } else {
            bArr = null;
        }
        return new gpi(gqtVar, a, c, bArr, inetSocketAddress);
    }

    private void e(Signature signature) throws SignatureException {
        signature.update((byte) 3);
        signature.update((byte) (this.d >> 8));
        signature.update((byte) this.d);
        signature.update((byte) this.a.length);
        signature.update(this.a);
    }

    @Override // o.gpp
    public int e() {
        int i = this.g;
        if (i == 1 || i == 2) {
            return 0;
        }
        if (i != 3) {
            b.a("Unknown curve type [{}]", Integer.valueOf(i));
            return 0;
        }
        byte[] bArr = this.h;
        return (bArr != null ? bArr.length + 4 : 0) + this.a.length + 4;
    }

    public void e(PublicKey publicKey, gqf gqfVar, gqf gqfVar2) throws gpo {
        if (this.h == null) {
            return;
        }
        boolean z = false;
        try {
            Signature signature = Signature.getInstance(this.f.c());
            signature.initVerify(publicKey);
            a(signature, gqfVar, gqfVar2);
            z = signature.verify(this.h);
        } catch (GeneralSecurityException e) {
            b.d("Could not verify the server's signature.", (Throwable) e);
        }
        if (!z) {
            throw new gpo("The server's ECDHE key exchange message's signature could not be verified.", new gok(gok.d.FATAL, gok.c.HANDSHAKE_FAILURE, b()));
        }
    }

    public ECPublicKey h() {
        return this.e;
    }

    @Override // o.gpp
    public byte[] i() {
        gnu gnuVar = new gnu();
        int i = this.g;
        if (i != 1 && i != 2) {
            if (i != 3) {
                b.a("Unknown curve type [{}]", Integer.valueOf(i));
            } else {
                a(gnuVar);
            }
        }
        return gnuVar.b();
    }

    @Override // o.gpp
    public String toString() {
        return super.toString() + "\t\tDiffie-Hellman public key: " + h().toString() + goa.c();
    }
}
