package o;

import javax.crypto.SecretKey;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.eclipse.californium.scandium.dtls.pskstore.PskStore;
import org.slf4j.Logger;

/* loaded from: classes6.dex */
public class jkb implements Destroyable {
    private static final Logger a = jlt.d((Class<?>) jkb.class);
    private final SecretKey b;
    private final jju d;
    private final jhs e;

    public jkb(boolean z, jje jjeVar, PskStore pskStore) throws jjm {
        this(z, jjeVar, pskStore, c(z, jjeVar, pskStore));
    }

    public jkb(boolean z, jje jjeVar, PskStore pskStore, jju jjuVar) throws jjm {
        if (jjeVar == null) {
            throw new NullPointerException("Dtls session must not be null");
        }
        if (pskStore == null) {
            throw new NullPointerException("psk store must not be null");
        }
        if (jjuVar == null) {
            throw new NullPointerException("psk identity must not be null");
        }
        this.d = jjuVar;
        String str = null;
        jlh a2 = jjeVar.a();
        if (!z || a2 == null) {
            a.debug("client [{}] uses PSK identity [{}]", jjeVar.y(), jjuVar);
            this.b = pskStore.getKey(jjuVar);
        } else {
            str = jjeVar.c();
            a.debug("client [{}] uses PSK identity [{}] for server [{}]", jjeVar.y(), jjuVar, str);
            this.b = pskStore.getKey(a2, jjuVar);
        }
        if (this.b == null) {
            AlertMessage alertMessage = new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.UNKNOWN_PSK_IDENTITY, jjeVar.y());
            if (str == null) {
                throw new jjm(String.format("No pre-shared key found for [identity: %s]", jjuVar), alertMessage);
            }
            throw new jjm(String.format("No pre-shared key found for [virtual host: %s, identity: %s]", str, jjuVar), alertMessage);
        }
        if (z) {
            this.e = new jhs(str, jjuVar.h());
        } else {
            this.e = new jhs(jjuVar.h());
        }
        jjeVar.d(this.e);
    }

    private static jju c(boolean z, jje jjeVar, PskStore pskStore) throws jjm {
        jju identity;
        if (jjeVar == null) {
            throw new NullPointerException("Dtls session must not be null");
        }
        if (pskStore == null) {
            throw new NullPointerException("psk store must not be null");
        }
        jlh a2 = jjeVar.a();
        if (!z || a2 == null) {
            identity = pskStore.getIdentity(jjeVar.y());
            if (identity == null) {
                throw new jjm(String.format("No Identity found for peer [address: %s]", jjeVar.y()), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, jjeVar.y()));
            }
        } else {
            if (!jjeVar.d()) {
                a.warn("client is configured to use SNI but server does not support it, PSK authentication is likely to fail");
            }
            identity = pskStore.getIdentity(jjeVar.y(), a2);
            if (identity == null) {
                throw new jjm(String.format("No Identity found for peer [address: %s, virtual host: %s]", jjeVar.y(), jjeVar.c()), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, jjeVar.y()));
            }
        }
        return identity;
    }

    public SecretKey a(SecretKey secretKey) {
        byte[] encoded = this.b.getEncoded();
        int length = encoded.length;
        byte[] encoded2 = secretKey != null ? secretKey.getEncoded() : new byte[length];
        jif jifVar = new jif(true);
        jifVar.a(encoded2.length, 16);
        jifVar.b(encoded2);
        jifVar.a(length, 16);
        jifVar.b(encoded);
        byte[] a2 = jifVar.a();
        jifVar.d();
        SecretKey d = jky.d(a2, "MAC");
        jib.e(encoded);
        jib.e(encoded2);
        jib.e(a2);
        return d;
    }

    public jju a() {
        return this.d;
    }

    public jhs b() {
        return this.e;
    }

    @Override // javax.security.auth.Destroyable
    public void destroy() throws DestroyFailedException {
        jky.b(this.b);
    }

    @Override // javax.security.auth.Destroyable
    public boolean isDestroyed() {
        return jky.a(this.b);
    }
}
