package com.timevale.tgtext.bouncycastle.crypto.tls;

import com.timevale.tgtext.bouncycastle.crypto.params.AsymmetricKeyParameter;
import com.timevale.tgtext.bouncycastle.crypto.params.RSAKeyParameters;
import com.timevale.tgtext.bouncycastle.crypto.util.PublicKeyFactory;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;

/* compiled from: TlsRSAKeyExchange.java */
/* loaded from: input_file:com/timevale/tgtext/bouncycastle/crypto/tls/n.class */
class n implements TlsKeyExchange {
    protected TlsClientContext a;
    protected AsymmetricKeyParameter b = null;
    protected RSAKeyParameters c = null;
    protected byte[] d;

    /* JADX INFO: Access modifiers changed from: package-private */
    public n(TlsClientContext tlsClientContext) {
        this.a = tlsClientContext;
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public void skipServerCertificate() throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public void processServerCertificate(Certificate certificate) throws IOException {
        com.timevale.tgtext.bouncycastle.asn1.x509.Certificate certificate2 = certificate.certs[0];
        try {
            this.b = PublicKeyFactory.createKey(certificate2.getSubjectPublicKeyInfo());
            if (this.b.isPrivate()) {
                throw new TlsFatalAlert((short) 80);
            }
            this.c = a((RSAKeyParameters) this.b);
            TlsUtils.validateKeyUsage(certificate2, 32);
        } catch (RuntimeException unused) {
            throw new TlsFatalAlert((short) 43);
        }
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public void skipServerKeyExchange() throws IOException {
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public void processServerKeyExchange(InputStream inputStream) throws IOException {
        throw new TlsFatalAlert((short) 10);
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public void validateCertificateRequest(CertificateRequest certificateRequest) throws IOException {
        for (short s : certificateRequest.getCertificateTypes()) {
            switch (s) {
                case 1:
                case 2:
                case 64:
                default:
                    throw new TlsFatalAlert((short) 47);
            }
        }
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public void skipClientCredentials() throws IOException {
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public void processClientCredentials(TlsCredentials tlsCredentials) throws IOException {
        if (!(tlsCredentials instanceof TlsSignerCredentials)) {
            throw new TlsFatalAlert((short) 80);
        }
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public void generateClientKeyExchange(OutputStream outputStream) throws IOException {
        this.d = TlsRSAUtils.generateEncryptedPreMasterSecret(this.a, this.c, outputStream);
    }

    @Override // com.timevale.tgtext.bouncycastle.crypto.tls.TlsKeyExchange
    public byte[] generatePremasterSecret() throws IOException {
        byte[] bArr = this.d;
        this.d = null;
        return bArr;
    }

    protected RSAKeyParameters a(RSAKeyParameters rSAKeyParameters) throws IOException {
        if (rSAKeyParameters.getExponent().isProbablePrime(2)) {
            return rSAKeyParameters;
        }
        throw new TlsFatalAlert((short) 47);
    }
}
