package org.spongycastle.crypto.tls;

import java.io.InputStream;
import java.io.OutputStream;
import org.spongycastle.asn1.x509.X509CertificateStructure;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.RSAKeyParameters;
import org.spongycastle.crypto.util.PublicKeyFactory;

/* loaded from: classes2.dex */
final class n implements TlsKeyExchange {
    protected TlsClientContext a;
    protected AsymmetricKeyParameter b = null;
    protected RSAKeyParameters c = null;
    protected byte[] d;

    /* JADX INFO: Access modifiers changed from: package-private */
    public n(TlsClientContext tlsClientContext) {
        this.a = tlsClientContext;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void generateClientKeyExchange(OutputStream outputStream) {
        this.d = TlsRSAUtils.generateEncryptedPreMasterSecret(this.a, this.c, outputStream);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final byte[] generatePremasterSecret() {
        byte[] bArr = this.d;
        this.d = null;
        return bArr;
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void processClientCredentials(TlsCredentials tlsCredentials) {
        if (!(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void processServerCertificate(Certificate certificate) {
        X509CertificateStructure x509CertificateStructure = certificate.certs[0];
        try {
            this.b = PublicKeyFactory.createKey(x509CertificateStructure.getSubjectPublicKeyInfo());
            if (this.b.isPrivate()) {
                throw new TlsFatalAlert((short) 80);
            }
            RSAKeyParameters rSAKeyParameters = (RSAKeyParameters) this.b;
            if (!rSAKeyParameters.getExponent().isProbablePrime(2)) {
                throw new TlsFatalAlert((short) 47);
            }
            this.c = rSAKeyParameters;
            TlsUtils.a(x509CertificateStructure, 32);
        } catch (RuntimeException unused) {
            throw new TlsFatalAlert((short) 43);
        }
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void processServerKeyExchange(InputStream inputStream) {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void skipClientCredentials() {
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void skipServerCertificate() {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void skipServerKeyExchange() {
    }

    @Override // org.spongycastle.crypto.tls.TlsKeyExchange
    public final void validateCertificateRequest(CertificateRequest certificateRequest) {
        for (short s : certificateRequest.getCertificateTypes()) {
            if (s != 64) {
                switch (s) {
                    case 1:
                    case 2:
                        break;
                    default:
                        throw new TlsFatalAlert((short) 47);
                }
            }
        }
    }
}
