package by.avest.net.tls;

import by.avest.net.tls.Handshake;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.ArrayList;
import javax.security.auth.x500.X500Principal;
import org.apache.batik.constants.XMLConstants;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:by/avest/net/tls/CertificateRequest.class */
public class CertificateRequest implements Handshake.Body {
    private final ClientCertificateType[] certificateTypes;
    private final SignatureAndHashAlgorithm[] supportedSignatureAlgorithms;
    private final X500Principal[] certificateAuthorities;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:by/avest/net/tls/CertificateRequest$ClientCertificateType.class */
    public static final class ClientCertificateType implements Enumerated {
        static final ClientCertificateType RSA_SIGN = new ClientCertificateType(1, "RSA");
        static final ClientCertificateType DSS_SIGN = new ClientCertificateType(2, "DSS");
        static final ClientCertificateType RSA_FIXED_DH = new ClientCertificateType(3, "RSA");
        static final ClientCertificateType DSS_FIXED_DH = new ClientCertificateType(4, "DSS");
        static final ClientCertificateType BIGN128_SIGN = new ClientCertificateType(231, "1.2.112.0.2.0.34.101.45.2.1");
        private final int value;
        private String algorithm;

        private ClientCertificateType(int i, String str) {
            this.value = i;
            this.algorithm = str;
        }

        public static ClientCertificateType read(InputStream inputStream) throws IOException {
            int read = inputStream.read();
            if (read == -1) {
                throw new EOFException("Unexpected end of input stream.");
            }
            switch (read & 255) {
                case 1:
                    return RSA_SIGN;
                case 2:
                    return DSS_SIGN;
                case 3:
                    return RSA_FIXED_DH;
                case 4:
                    return DSS_FIXED_DH;
                case 231:
                    return BIGN128_SIGN;
                default:
                    return new ClientCertificateType(read, "unknown");
            }
        }

        @Override // by.avest.net.tls.Enumerated
        public byte[] getEncoded() {
            return new byte[]{(byte) this.value};
        }

        @Override // by.avest.net.tls.Enumerated
        public int getValue() {
            return this.value;
        }

        public String getAlgorithm() {
            return this.algorithm;
        }

        public String toString() {
            switch (this.value) {
                case 1:
                    return "rsa_sign";
                case 2:
                    return "dss_sign";
                case 3:
                    return "rsa_fixed_dh";
                case 4:
                    return "dss_fixed_dh";
                case 231:
                    return "bign128_sign";
                default:
                    return "unknown(" + this.value + ")";
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CertificateRequest(ClientCertificateType[] clientCertificateTypeArr, SignatureAndHashAlgorithm[] signatureAndHashAlgorithmArr, X500Principal[] x500PrincipalArr) {
        if (clientCertificateTypeArr == null) {
            throw new NullPointerException();
        }
        this.certificateTypes = clientCertificateTypeArr;
        if (x500PrincipalArr == null) {
            throw new NullPointerException();
        }
        this.certificateAuthorities = x500PrincipalArr;
        this.supportedSignatureAlgorithms = signatureAndHashAlgorithmArr;
    }

    public static CertificateRequest read(InputStream inputStream, ProtocolVersion protocolVersion, CipherSuite cipherSuite) throws IOException {
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        int readUnsignedByte = dataInputStream.readUnsignedByte();
        Util.checkAvailable(readUnsignedByte, inputStream);
        ClientCertificateType[] clientCertificateTypeArr = new ClientCertificateType[readUnsignedByte];
        for (int i = 0; i < clientCertificateTypeArr.length; i++) {
            clientCertificateTypeArr[i] = ClientCertificateType.read(dataInputStream);
        }
        SignatureAndHashAlgorithm[] signatureAndHashAlgorithmArr = null;
        if (protocolVersion.compareTo(ProtocolVersion.TLS_1_2) >= 0) {
            int readUnsignedShort = dataInputStream.readUnsignedShort();
            byte[] bArr = new byte[readUnsignedShort];
            Util.checkAvailable(readUnsignedShort, inputStream);
            dataInputStream.readFully(bArr);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ArrayList arrayList = new ArrayList();
            while (byteArrayInputStream.available() > 1) {
                arrayList.add(SignatureAndHashAlgorithm.read(byteArrayInputStream));
            }
            signatureAndHashAlgorithmArr = (SignatureAndHashAlgorithm[]) arrayList.toArray(new SignatureAndHashAlgorithm[0]);
        }
        ArrayList arrayList2 = new ArrayList();
        int readUnsignedShort2 = dataInputStream.readUnsignedShort();
        Util.checkAvailable(readUnsignedShort2, inputStream);
        byte[] bArr2 = new byte[readUnsignedShort2];
        dataInputStream.readFully(bArr2);
        ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(bArr2);
        while (byteArrayInputStream2.available() > 0) {
            try {
                int read = ((byteArrayInputStream2.read() & 255) << 8) | (byteArrayInputStream2.read() & 255);
                Util.checkAvailable(read, byteArrayInputStream2);
                byte[] bArr3 = new byte[read];
                byteArrayInputStream2.read(bArr3);
                arrayList2.add(new X500Principal(bArr3));
            } catch (IOException e) {
                throw e;
            } catch (Exception e2) {
                throw new Error(e2.toString());
            }
        }
        return new CertificateRequest(clientCertificateTypeArr, signatureAndHashAlgorithmArr, (X500Principal[]) arrayList2.toArray(new X500Principal[arrayList2.size()]));
    }

    @Override // by.avest.net.tls.Constructed
    public void write(OutputStream outputStream) throws IOException {
        outputStream.write(this.certificateTypes.length);
        for (ClientCertificateType clientCertificateType : this.certificateTypes) {
            outputStream.write(clientCertificateType.getValue());
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (this.supportedSignatureAlgorithms != null) {
            try {
                for (SignatureAndHashAlgorithm signatureAndHashAlgorithm : this.supportedSignatureAlgorithms) {
                    signatureAndHashAlgorithm.write(byteArrayOutputStream);
                }
                outputStream.write((byteArrayOutputStream.size() >>> 8) & 255);
                outputStream.write(byteArrayOutputStream.size() & 255);
                byteArrayOutputStream.writeTo(outputStream);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        try {
            for (X500Principal x500Principal : this.certificateAuthorities) {
                byte[] encoded = x500Principal.getEncoded();
                byteArrayOutputStream2.write((encoded.length >>> 8) & 255);
                byteArrayOutputStream2.write(encoded.length & 255);
                byteArrayOutputStream2.write(encoded, 0, encoded.length);
            }
            outputStream.write((byteArrayOutputStream2.size() >>> 8) & 255);
            outputStream.write(byteArrayOutputStream2.size() & 255);
            byteArrayOutputStream2.writeTo(outputStream);
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public ClientCertificateType[] getCertificateTypes() {
        return this.certificateTypes;
    }

    public SignatureAndHashAlgorithm[] getSupportedSignatureAlgorithms() {
        return this.supportedSignatureAlgorithms;
    }

    public X500Principal[] getCertificateAuthorities() {
        return this.certificateAuthorities;
    }

    public String toString() {
        StringWriter stringWriter = new StringWriter();
        PrintWriter printWriter = new PrintWriter(stringWriter);
        printWriter.println("struct {");
        printWriter.print("  types = ");
        for (int i = 0; i < this.certificateTypes.length; i++) {
            printWriter.print(this.certificateTypes[i]);
            if (i != this.certificateTypes.length - 1) {
                printWriter.print(", ");
            }
        }
        printWriter.println(";");
        if (this.supportedSignatureAlgorithms != null) {
            printWriter.print("  supportedSignatureAlgorithms = ");
            for (int i2 = 0; i2 < this.supportedSignatureAlgorithms.length; i2++) {
                printWriter.print(this.supportedSignatureAlgorithms[i2]);
                if (i2 != this.supportedSignatureAlgorithms.length - 1) {
                    printWriter.print(", ");
                }
            }
            printWriter.println(";");
        }
        printWriter.println("  authorities =");
        for (int i3 = 0; i3 < this.certificateAuthorities.length; i3++) {
            printWriter.print(XMLConstants.XML_TAB);
            printWriter.print(this.certificateAuthorities[i3]);
            if (i3 != this.certificateAuthorities.length - 1) {
                printWriter.println(",");
            }
        }
        printWriter.println(";");
        printWriter.println("} CertificateRequest;");
        return stringWriter.toString();
    }
}
