package org.bouncycastle.tls;

import defpackage.i;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.tls.crypto.TlsCertificate;
import org.bouncycastle.tls.crypto.TlsCrypto;

/* loaded from: classes5.dex */
public class Certificate {
    public static final Certificate EMPTY_CHAIN;
    public static final Certificate EMPTY_CHAIN_TLS13;
    public static final TlsCertificate[] a;
    public static final CertificateEntry[] b;
    protected final CertificateEntry[] certificateEntryList;
    protected final byte[] certificateRequestContext;

    /* loaded from: classes5.dex */
    public static class ParseOptions {
        public int a = Integer.MAX_VALUE;

        public int getMaxChainLength() {
            return this.a;
        }

        public ParseOptions setMaxChainLength(int i) {
            this.a = i;
            return this;
        }
    }

    static {
        TlsCertificate[] tlsCertificateArr = new TlsCertificate[0];
        a = tlsCertificateArr;
        CertificateEntry[] certificateEntryArr = new CertificateEntry[0];
        b = certificateEntryArr;
        EMPTY_CHAIN = new Certificate(tlsCertificateArr);
        EMPTY_CHAIN_TLS13 = new Certificate(TlsUtils.EMPTY_BYTES, certificateEntryArr);
    }

    public Certificate(byte[] bArr, CertificateEntry[] certificateEntryArr) {
        if (bArr != null && !TlsUtils.isValidUint8(bArr.length)) {
            throw new IllegalArgumentException("'certificateRequestContext' cannot be longer than 255");
        }
        if (TlsUtils.isNullOrContainsNull(certificateEntryArr)) {
            throw new NullPointerException("'certificateEntryList' cannot be null or contain any nulls");
        }
        this.certificateRequestContext = TlsUtils.clone(bArr);
        this.certificateEntryList = certificateEntryArr;
    }

    /* JADX WARN: Illegal instructions before constructor call */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public Certificate(org.bouncycastle.tls.crypto.TlsCertificate[] r7) {
        /*
            r6 = this;
            boolean r0 = org.bouncycastle.tls.TlsUtils.isNullOrContainsNull(r7)
            if (r0 != 0) goto L1d
            int r0 = r7.length
            org.bouncycastle.tls.CertificateEntry[] r1 = new org.bouncycastle.tls.CertificateEntry[r0]
            r2 = 0
        La:
            r3 = 0
            if (r2 >= r0) goto L19
            org.bouncycastle.tls.CertificateEntry r4 = new org.bouncycastle.tls.CertificateEntry
            r5 = r7[r2]
            r4.<init>(r5, r3)
            r1[r2] = r4
            int r2 = r2 + 1
            goto La
        L19:
            r6.<init>(r3, r1)
            return
        L1d:
            java.lang.NullPointerException r7 = new java.lang.NullPointerException
            java.lang.String r0 = "'certificateList' cannot be null or contain any nulls"
            r7.<init>(r0)
            throw r7
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.tls.Certificate.<init>(org.bouncycastle.tls.crypto.TlsCertificate[]):void");
    }

    /* JADX WARN: Removed duplicated region for block: B:16:0x0061  */
    /* JADX WARN: Removed duplicated region for block: B:17:0x0063  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void calculateEndPointHash(org.bouncycastle.tls.TlsContext r5, org.bouncycastle.tls.crypto.TlsCertificate r6, byte[] r7, java.io.OutputStream r8) {
        /*
            byte[] r0 = org.bouncycastle.tls.TlsUtils.a
            int r0 = r7.length
            java.lang.String r1 = r6.getSigAlgOID()
            r2 = 4
            r3 = 0
            if (r1 == 0) goto L56
            org.bouncycastle.asn1.ASN1ObjectIdentifier r4 = org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.id_RSASSA_PSS
            java.lang.String r4 = r4.getId()
            boolean r4 = r4.equals(r1)
            if (r4 == 0) goto L47
            org.bouncycastle.asn1.ASN1Encodable r6 = r6.getSigAlgParams()
            org.bouncycastle.asn1.pkcs.RSASSAPSSparams r6 = org.bouncycastle.asn1.pkcs.RSASSAPSSparams.getInstance(r6)
            if (r6 == 0) goto L56
            org.bouncycastle.asn1.x509.AlgorithmIdentifier r6 = r6.getHashAlgorithm()
            org.bouncycastle.asn1.ASN1ObjectIdentifier r6 = r6.getAlgorithm()
            org.bouncycastle.asn1.ASN1ObjectIdentifier r1 = org.bouncycastle.asn1.nist.NISTObjectIdentifiers.id_sha256
            boolean r1 = r1.equals(r6)
            if (r1 == 0) goto L33
            r6 = 4
            goto L57
        L33:
            org.bouncycastle.asn1.ASN1ObjectIdentifier r1 = org.bouncycastle.asn1.nist.NISTObjectIdentifiers.id_sha384
            boolean r1 = r1.equals(r6)
            if (r1 == 0) goto L3d
            r6 = 5
            goto L57
        L3d:
            org.bouncycastle.asn1.ASN1ObjectIdentifier r1 = org.bouncycastle.asn1.nist.NISTObjectIdentifiers.id_sha512
            boolean r6 = r1.equals(r6)
            if (r6 == 0) goto L56
            r6 = 6
            goto L57
        L47:
            java.util.Hashtable r6 = org.bouncycastle.tls.TlsUtils.c
            java.lang.Object r6 = r6.get(r1)
            org.bouncycastle.tls.SignatureAndHashAlgorithm r6 = (org.bouncycastle.tls.SignatureAndHashAlgorithm) r6
            if (r6 == 0) goto L56
            short r6 = r6.getHash()
            goto L57
        L56:
            r6 = 0
        L57:
            r1 = 1
            if (r6 == r1) goto L64
            r1 = 2
            if (r6 == r1) goto L64
            r1 = 8
            if (r6 == r1) goto L63
            r2 = r6
            goto L64
        L63:
            r2 = 0
        L64:
            if (r2 == 0) goto L7c
            org.bouncycastle.tls.crypto.TlsCrypto r5 = r5.getCrypto()
            int r6 = org.bouncycastle.tls.crypto.TlsCryptoUtils.getHash(r2)
            org.bouncycastle.tls.crypto.TlsHash r5 = r5.createHash(r6)
            if (r5 == 0) goto L7c
            r5.update(r7, r3, r0)
            byte[] r5 = r5.calculateHash()
            goto L7e
        L7c:
            byte[] r5 = org.bouncycastle.tls.TlsUtils.EMPTY_BYTES
        L7e:
            if (r5 == 0) goto L86
            int r6 = r5.length
            if (r6 <= 0) goto L86
            r8.write(r5)
        L86:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.tls.Certificate.calculateEndPointHash(org.bouncycastle.tls.TlsContext, org.bouncycastle.tls.crypto.TlsCertificate, byte[], java.io.OutputStream):void");
    }

    public static Certificate parse(ParseOptions parseOptions, TlsContext tlsContext, InputStream inputStream, OutputStream outputStream) {
        boolean isTLSv13 = TlsUtils.isTLSv13(tlsContext.getSecurityParameters().getNegotiatedVersion());
        byte[] readOpaque8 = isTLSv13 ? TlsUtils.readOpaque8(inputStream) : null;
        int readUint24 = TlsUtils.readUint24(inputStream);
        if (readUint24 == 0) {
            return !isTLSv13 ? EMPTY_CHAIN : readOpaque8.length < 1 ? EMPTY_CHAIN_TLS13 : new Certificate(readOpaque8, b);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(TlsUtils.readFully(readUint24, inputStream));
        TlsCrypto crypto = tlsContext.getCrypto();
        int max = Math.max(1, parseOptions.getMaxChainLength());
        Vector vector = new Vector();
        while (byteArrayInputStream.available() > 0) {
            if (vector.size() >= max) {
                throw new TlsFatalAlert((short) 80, i.b("Certificate chain longer than maximum (", max, ")"));
            }
            byte[] readOpaque24 = TlsUtils.readOpaque24(byteArrayInputStream, 1);
            TlsCertificate createCertificate = crypto.createCertificate(readOpaque24);
            if (vector.isEmpty() && outputStream != null) {
                calculateEndPointHash(tlsContext, createCertificate, readOpaque24, outputStream);
            }
            vector.addElement(new CertificateEntry(createCertificate, isTLSv13 ? TlsProtocol.readExtensionsData13(11, TlsUtils.readOpaque16(byteArrayInputStream)) : null));
        }
        CertificateEntry[] certificateEntryArr = new CertificateEntry[vector.size()];
        for (int i = 0; i < vector.size(); i++) {
            certificateEntryArr[i] = (CertificateEntry) vector.elementAt(i);
        }
        return new Certificate(readOpaque8, certificateEntryArr);
    }

    public static Certificate parse(TlsContext tlsContext, InputStream inputStream, OutputStream outputStream) {
        return parse(new ParseOptions(), tlsContext, inputStream, outputStream);
    }

    public CertificateEntry[] cloneCertificateEntryList() {
        CertificateEntry[] certificateEntryArr = this.certificateEntryList;
        int length = certificateEntryArr.length;
        if (length == 0) {
            return b;
        }
        CertificateEntry[] certificateEntryArr2 = new CertificateEntry[length];
        System.arraycopy(certificateEntryArr, 0, certificateEntryArr2, 0, length);
        return certificateEntryArr2;
    }

    public TlsCertificate[] cloneCertificateList() {
        int length = this.certificateEntryList.length;
        if (length == 0) {
            return a;
        }
        TlsCertificate[] tlsCertificateArr = new TlsCertificate[length];
        for (int i = 0; i < length; i++) {
            tlsCertificateArr[i] = this.certificateEntryList[i].getCertificate();
        }
        return tlsCertificateArr;
    }

    public void encode(TlsContext tlsContext, OutputStream outputStream, OutputStream outputStream2) {
        boolean isTLSv13 = TlsUtils.isTLSv13(tlsContext);
        byte[] bArr = this.certificateRequestContext;
        if ((bArr != null) != isTLSv13) {
            throw new IllegalStateException();
        }
        if (isTLSv13) {
            TlsUtils.writeOpaque8(bArr, outputStream);
        }
        int length = this.certificateEntryList.length;
        Vector vector = new Vector(length);
        Vector vector2 = isTLSv13 ? new Vector(length) : null;
        long j = 0;
        for (int i = 0; i < length; i++) {
            CertificateEntry certificateEntry = this.certificateEntryList[i];
            TlsCertificate certificate = certificateEntry.getCertificate();
            byte[] encoded = certificate.getEncoded();
            if (i == 0 && outputStream2 != null) {
                calculateEndPointHash(tlsContext, certificate, encoded, outputStream2);
            }
            vector.addElement(encoded);
            j = j + encoded.length + 3;
            if (isTLSv13) {
                Hashtable extensions = certificateEntry.getExtensions();
                vector2.addElement(extensions == null ? TlsUtils.EMPTY_BYTES : TlsProtocol.writeExtensionsData(extensions));
                j = j + r8.length + 2;
            }
        }
        TlsUtils.checkUint24(j);
        TlsUtils.writeUint24((int) j, outputStream);
        for (int i2 = 0; i2 < length; i2++) {
            TlsUtils.writeOpaque24((byte[]) vector.elementAt(i2), outputStream);
            if (isTLSv13) {
                TlsUtils.writeOpaque16((byte[]) vector2.elementAt(i2), outputStream);
            }
        }
    }

    public TlsCertificate getCertificateAt(int i) {
        return this.certificateEntryList[i].getCertificate();
    }

    public CertificateEntry getCertificateEntryAt(int i) {
        return this.certificateEntryList[i];
    }

    public CertificateEntry[] getCertificateEntryList() {
        return cloneCertificateEntryList();
    }

    public TlsCertificate[] getCertificateList() {
        return cloneCertificateList();
    }

    public byte[] getCertificateRequestContext() {
        return TlsUtils.clone(this.certificateRequestContext);
    }

    public short getCertificateType() {
        return (short) 0;
    }

    public int getLength() {
        return this.certificateEntryList.length;
    }

    public boolean isEmpty() {
        return this.certificateEntryList.length == 0;
    }
}
