package io.ktor.network.tls;

import io.ktor.network.tls.extensions.HashAndSign;
import io.ktor.network.tls.extensions.NamedCurve;
import io.ktor.network.tls.extensions.NamedCurvesKt;
import io.ktor.network.tls.extensions.PointFormat;
import io.ktor.network.tls.extensions.PointFormatKt;
import io.ktor.network.tls.extensions.SignatureAlgorithmKt;
import io.ktor.network.tls.extensions.TLSExtensionType;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECField;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.EllipticCurve;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlinx.io.core.BytePacketBuilder;
import kotlinx.io.core.ByteReadPacket;
import kotlinx.io.core.Output;
import kotlinx.io.core.OutputKt;
import kotlinx.io.core.PacketJVMKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: Render.kt */
@Metadata(mv = {1, 1, 12}, bv = {1, 0, 3}, k = 2, xi = 2, d1 = {"��\u0086\u0001\n��\n\u0002\u0010\b\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u0002\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n��\u001a\u0018\u0010\u0003\u001a\u00020\u00042\u000e\b\u0002\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00070\u0006H\u0002\u001a\u0018\u0010\b\u001a\u00020\u00042\u000e\b\u0002\u0010\t\u001a\b\u0012\u0004\u0012\u00020\n0\u0006H\u0002\u001a\u0010\u0010\u000b\u001a\u00020\u00042\u0006\u0010\f\u001a\u00020\rH\u0002\u001a\u0018\u0010\u000e\u001a\u00020\u00042\u000e\b\u0002\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u00100\u0006H\u0002\u001a\u0018\u0010\u0011\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u0015H��\u001a\"\u0010\u0016\u001a\u00020\u00132\u0006\u0010\u0017\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u00152\b\b\u0002\u0010\u0018\u001a\u00020\u0001H��\u001a\u001c\u0010\u0019\u001a\u00020\u001a*\u00020\u001b2\u0006\u0010\u001c\u001a\u00020\u00132\u0006\u0010\u001d\u001a\u00020\u0001H\u0002\u001a\u001c\u0010\u001e\u001a\u00020\u001a*\u00020\u001b2\u0006\u0010\u001f\u001a\u00020 2\u0006\u0010\u001d\u001a\u00020\u0001H��\u001a$\u0010!\u001a\u00020\u001a*\u00020\u001b2\u0006\u0010\"\u001a\u00020\u00132\u0006\u0010#\u001a\u00020$2\u0006\u0010%\u001a\u00020&H��\u001a\u0014\u0010'\u001a\u00020\u001a*\u00020\u001b2\u0006\u0010(\u001a\u00020$H��\u001a\u001d\u0010)\u001a\u00020\u001a*\u00020*2\u0006\u0010+\u001a\u00020,H\u0080@ø\u0001��¢\u0006\u0002\u0010-\u001a>\u0010.\u001a\u00020\u001a*\u00020\u001b2\u0006\u0010/\u001a\u0002002\f\u00101\u001a\b\u0012\u0004\u0012\u0002020\u00062\u0006\u0010%\u001a\u00020\u00132\u0006\u00103\u001a\u00020\u00132\n\b\u0002\u00104\u001a\u0004\u0018\u00010\rH��\u001a\u001c\u00105\u001a\u00020\u001a*\u00020\u001b2\u0006\u00106\u001a\u0002072\u0006\u0010\u0018\u001a\u00020\u0001H��\"\u000e\u0010��\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n��\"\u000e\u0010\u0002\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n��\u0082\u0002\u0004\n\u0002\b\u0019¨\u00068"}, d2 = {"MAX_CURVES_QUANTITY", "", "MAX_SERVER_NAME_LENGTH", "buildECCurvesExtension", "Lkotlinx/io/core/ByteReadPacket;", "curves", "", "Lio/ktor/network/tls/extensions/NamedCurve;", "buildECPointFormatExtension", "formats", "Lio/ktor/network/tls/extensions/PointFormat;", "buildServerNameExtension", "name", "", "buildSignatureAlgorithmsExtension", "algorithms", "Lio/ktor/network/tls/extensions/HashAndSign;", "finished", "digest", "", "secretKey", "Ljavax/crypto/SecretKey;", "serverFinished", "handshakeHash", "length", "writeAligned", "", "Lkotlinx/io/core/BytePacketBuilder;", "src", "fieldSize", "writeECPoint", "point", "Ljava/security/spec/ECPoint;", "writeEncryptedPreMasterSecret", "preSecret", "publicKey", "Ljava/security/PublicKey;", "random", "Ljava/security/SecureRandom;", "writePublicKeyUncompressed", "key", "writeRecord", "Lkotlinx/coroutines/experimental/io/ByteWriteChannel;", "record", "Lio/ktor/network/tls/TLSRecord;", "(Lkotlinx/coroutines/experimental/io/ByteWriteChannel;Lio/ktor/network/tls/TLSRecord;Lkotlin/coroutines/Continuation;)Ljava/lang/Object;", "writeTLSClientHello", "version", "Lio/ktor/network/tls/TLSVersion;", "suites", "Lio/ktor/network/tls/CipherSuite;", "sessionId", "serverName", "writeTLSHandshakeType", "type", "Lio/ktor/network/tls/TLSHandshakeType;", "ktor-network-tls"})
/* loaded from: input_file:io/ktor/network/tls/RenderKt.class */
public final class RenderKt {
    private static final int MAX_SERVER_NAME_LENGTH = 32762;
    private static final int MAX_CURVES_QUANTITY = 16382;

    /* JADX WARN: Failed to find 'out' block for switch in B:7:0x0042. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:19:0x010c  */
    /* JADX WARN: Removed duplicated region for block: B:23:0x016c  */
    /* JADX WARN: Removed duplicated region for block: B:27:0x01cd  */
    /* JADX WARN: Removed duplicated region for block: B:31:0x0229  */
    /* JADX WARN: Removed duplicated region for block: B:35:0x00ac  */
    /* JADX WARN: Removed duplicated region for block: B:40:0x010f  */
    /* JADX WARN: Removed duplicated region for block: B:45:0x016f  */
    /* JADX WARN: Removed duplicated region for block: B:50:0x01d0  */
    /* JADX WARN: Removed duplicated region for block: B:55:0x022c  */
    /* JADX WARN: Removed duplicated region for block: B:60:0x0266  */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0068  */
    @org.jetbrains.annotations.Nullable
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static final java.lang.Object writeRecord(@org.jetbrains.annotations.NotNull kotlinx.coroutines.experimental.io.ByteWriteChannel r6, @org.jetbrains.annotations.NotNull io.ktor.network.tls.TLSRecord r7, @org.jetbrains.annotations.NotNull kotlin.coroutines.Continuation<? super kotlin.Unit> r8) {
        /*
            Method dump skipped, instructions count: 624
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: io.ktor.network.tls.RenderKt.writeRecord(kotlinx.coroutines.experimental.io.ByteWriteChannel, io.ktor.network.tls.TLSRecord, kotlin.coroutines.Continuation):java.lang.Object");
    }

    public static final void writeTLSHandshakeType(@NotNull BytePacketBuilder bytePacketBuilder, @NotNull TLSHandshakeType tLSHandshakeType, int i) {
        Intrinsics.checkParameterIsNotNull(bytePacketBuilder, "$receiver");
        Intrinsics.checkParameterIsNotNull(tLSHandshakeType, "type");
        if (i > 16777215) {
            throw new TLSException("TLS handshake size limit exceeded: " + i, null, 2, null);
        }
        bytePacketBuilder.writeInt((tLSHandshakeType.getCode() << 24) | i);
    }

    public static final void writeTLSClientHello(@NotNull BytePacketBuilder bytePacketBuilder, @NotNull TLSVersion tLSVersion, @NotNull List<CipherSuite> list, @NotNull byte[] bArr, @NotNull byte[] bArr2, @Nullable String str) {
        Intrinsics.checkParameterIsNotNull(bytePacketBuilder, "$receiver");
        Intrinsics.checkParameterIsNotNull(tLSVersion, "version");
        Intrinsics.checkParameterIsNotNull(list, "suites");
        Intrinsics.checkParameterIsNotNull(bArr, "random");
        Intrinsics.checkParameterIsNotNull(bArr2, "sessionId");
        bytePacketBuilder.writeShort((short) tLSVersion.getCode());
        OutputKt.writeFully$default((Output) bytePacketBuilder, bArr, 0, 0, 6, (Object) null);
        int length = bArr2.length;
        if (length < 0 || length > 255 || length > bArr2.length) {
            throw new TLSException("Illegal sessionIdLength", null, 2, null);
        }
        bytePacketBuilder.writeByte((byte) length);
        bytePacketBuilder.writeFully(bArr2, 0, length);
        bytePacketBuilder.writeShort((short) (list.size() * 2));
        Iterator<CipherSuite> it = list.iterator();
        while (it.hasNext()) {
            bytePacketBuilder.writeShort(it.next().getCode());
        }
        bytePacketBuilder.writeByte((byte) 1);
        bytePacketBuilder.writeByte((byte) 0);
        ArrayList arrayList = new ArrayList();
        arrayList.add(buildSignatureAlgorithmsExtension$default(null, 1, null));
        arrayList.add(buildECCurvesExtension$default(null, 1, null));
        arrayList.add(buildECPointFormatExtension$default(null, 1, null));
        if (str != null) {
            arrayList.add(buildServerNameExtension(str));
        }
        int i = 0;
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            i += (int) ((ByteReadPacket) it2.next()).getRemaining();
        }
        bytePacketBuilder.writeShort((short) i);
        Iterator it3 = arrayList.iterator();
        while (it3.hasNext()) {
            ByteReadPacket byteReadPacket = (ByteReadPacket) it3.next();
            Intrinsics.checkExpressionValueIsNotNull(byteReadPacket, "e");
            bytePacketBuilder.writePacket(byteReadPacket);
        }
    }

    public static /* bridge */ /* synthetic */ void writeTLSClientHello$default(BytePacketBuilder bytePacketBuilder, TLSVersion tLSVersion, List list, byte[] bArr, byte[] bArr2, String str, int i, Object obj) {
        if ((i & 16) != 0) {
            str = (String) null;
        }
        writeTLSClientHello(bytePacketBuilder, tLSVersion, list, bArr, bArr2, str);
    }

    public static final void writeEncryptedPreMasterSecret(@NotNull BytePacketBuilder bytePacketBuilder, @NotNull byte[] bArr, @NotNull PublicKey publicKey, @NotNull SecureRandom secureRandom) {
        Intrinsics.checkParameterIsNotNull(bytePacketBuilder, "$receiver");
        Intrinsics.checkParameterIsNotNull(bArr, "preSecret");
        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
        Intrinsics.checkParameterIsNotNull(secureRandom, "random");
        if (!(bArr.length == 48)) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        if (cipher == null) {
            Intrinsics.throwNpe();
        }
        cipher.init(1, publicKey, secureRandom);
        byte[] doFinal = cipher.doFinal(bArr);
        if (doFinal.length > 65535) {
            throw new TLSException("Encrypted premaster secret is too long", null, 2, null);
        }
        bytePacketBuilder.writeShort((short) doFinal.length);
        Intrinsics.checkExpressionValueIsNotNull(doFinal, "encryptedSecret");
        OutputKt.writeFully$default((Output) bytePacketBuilder, doFinal, 0, 0, 6, (Object) null);
    }

    @NotNull
    public static final ByteReadPacket finished(@NotNull byte[] bArr, @NotNull SecretKey secretKey) {
        Intrinsics.checkParameterIsNotNull(bArr, "digest");
        Intrinsics.checkParameterIsNotNull(secretKey, "secretKey");
        Output BytePacketBuilder = PacketJVMKt.BytePacketBuilder(0);
        try {
            OutputKt.writeFully$default(BytePacketBuilder, HashesKt.PRF(secretKey, KeysKt.getCLIENT_FINISHED_LABEL(), bArr, 12), 0, 0, 6, (Object) null);
            return BytePacketBuilder.build();
        } catch (Throwable th) {
            BytePacketBuilder.release();
            throw th;
        }
    }

    @NotNull
    public static final byte[] serverFinished(@NotNull byte[] bArr, @NotNull SecretKey secretKey, int i) {
        Intrinsics.checkParameterIsNotNull(bArr, "handshakeHash");
        Intrinsics.checkParameterIsNotNull(secretKey, "secretKey");
        return HashesKt.PRF(secretKey, KeysKt.getSERVER_FINISHED_LABEL(), bArr, i);
    }

    @NotNull
    public static /* bridge */ /* synthetic */ byte[] serverFinished$default(byte[] bArr, SecretKey secretKey, int i, int i2, Object obj) {
        if ((i2 & 4) != 0) {
            i = 12;
        }
        return serverFinished(bArr, secretKey, i);
    }

    public static final void writePublicKeyUncompressed(@NotNull BytePacketBuilder bytePacketBuilder, @NotNull PublicKey publicKey) {
        Intrinsics.checkParameterIsNotNull(bytePacketBuilder, "$receiver");
        Intrinsics.checkParameterIsNotNull(publicKey, "key");
        if (!(publicKey instanceof ECPublicKey)) {
            throw new TLSException("Unsupported public key type: " + publicKey, null, 2, null);
        }
        ECParameterSpec params = ((ECPublicKey) publicKey).getParams();
        Intrinsics.checkExpressionValueIsNotNull(params, "key.params");
        EllipticCurve curve = params.getCurve();
        Intrinsics.checkExpressionValueIsNotNull(curve, "key.params.curve");
        ECField field = curve.getField();
        Intrinsics.checkExpressionValueIsNotNull(field, "key.params.curve.field");
        int fieldSize = field.getFieldSize();
        ECPoint w = ((ECPublicKey) publicKey).getW();
        Intrinsics.checkExpressionValueIsNotNull(w, "key.w");
        writeECPoint(bytePacketBuilder, w, fieldSize);
    }

    public static final void writeECPoint(@NotNull BytePacketBuilder bytePacketBuilder, @NotNull ECPoint eCPoint, int i) {
        Intrinsics.checkParameterIsNotNull(bytePacketBuilder, "$receiver");
        Intrinsics.checkParameterIsNotNull(eCPoint, "point");
        BytePacketBuilder BytePacketBuilder = PacketJVMKt.BytePacketBuilder(0);
        try {
            BytePacketBuilder.writeByte((byte) 4);
            byte[] byteArray = eCPoint.getAffineX().toByteArray();
            Intrinsics.checkExpressionValueIsNotNull(byteArray, "point.affineX.toByteArray()");
            writeAligned(BytePacketBuilder, byteArray, i);
            byte[] byteArray2 = eCPoint.getAffineY().toByteArray();
            Intrinsics.checkExpressionValueIsNotNull(byteArray2, "point.affineY.toByteArray()");
            writeAligned(BytePacketBuilder, byteArray2, i);
            ByteReadPacket build = BytePacketBuilder.build();
            bytePacketBuilder.writeByte((byte) build.getRemaining());
            bytePacketBuilder.writePacket(build);
        } catch (Throwable th) {
            BytePacketBuilder.release();
            throw th;
        }
    }

    private static final ByteReadPacket buildSignatureAlgorithmsExtension(List<HashAndSign> list) {
        BytePacketBuilder BytePacketBuilder = PacketJVMKt.BytePacketBuilder(0);
        try {
            BytePacketBuilder.writeShort(TLSExtensionType.SIGNATURE_ALGORITHMS.getCode());
            int size = list.size();
            BytePacketBuilder.writeShort((short) (2 + (size * 2)));
            BytePacketBuilder.writeShort((short) (size * 2));
            for (HashAndSign hashAndSign : list) {
                BytePacketBuilder.writeByte(hashAndSign.getHash().getCode());
                BytePacketBuilder.writeByte(hashAndSign.getSign().getCode());
            }
            return BytePacketBuilder.build();
        } catch (Throwable th) {
            BytePacketBuilder.release();
            throw th;
        }
    }

    static /* bridge */ /* synthetic */ ByteReadPacket buildSignatureAlgorithmsExtension$default(List list, int i, Object obj) {
        if ((i & 1) != 0) {
            list = SignatureAlgorithmKt.getSupportedSignatureAlgorithms();
        }
        return buildSignatureAlgorithmsExtension(list);
    }

    private static final ByteReadPacket buildServerNameExtension(String str) {
        BytePacketBuilder BytePacketBuilder = PacketJVMKt.BytePacketBuilder(0);
        try {
            if (!(str.length() < MAX_SERVER_NAME_LENGTH)) {
                throw new IllegalArgumentException("Server name length limit exceeded: at most 32762 characters allowed".toString());
            }
            BytePacketBuilder.writeShort(TLSExtensionType.SERVER_NAME.getCode());
            BytePacketBuilder.writeShort((short) (str.length() + 2 + 1 + 2));
            BytePacketBuilder.writeShort((short) (str.length() + 2 + 1));
            BytePacketBuilder.writeByte((byte) 0);
            BytePacketBuilder.writeShort((short) str.length());
            BytePacketBuilder.writeStringUtf8(str);
            return BytePacketBuilder.build();
        } catch (Throwable th) {
            BytePacketBuilder.release();
            throw th;
        }
    }

    private static final ByteReadPacket buildECCurvesExtension(List<? extends NamedCurve> list) {
        BytePacketBuilder BytePacketBuilder = PacketJVMKt.BytePacketBuilder(0);
        try {
            if (!(list.size() <= MAX_CURVES_QUANTITY)) {
                throw new IllegalArgumentException("Too many named curves provided: at most 16382 could be provided".toString());
            }
            BytePacketBuilder.writeShort(TLSExtensionType.ELLIPTIC_CURVES.getCode());
            int size = list.size() * 2;
            BytePacketBuilder.writeShort((short) (2 + size));
            BytePacketBuilder.writeShort((short) size);
            Iterator<T> it = list.iterator();
            while (it.hasNext()) {
                BytePacketBuilder.writeShort(((NamedCurve) it.next()).getCode());
            }
            return BytePacketBuilder.build();
        } catch (Throwable th) {
            BytePacketBuilder.release();
            throw th;
        }
    }

    static /* bridge */ /* synthetic */ ByteReadPacket buildECCurvesExtension$default(List list, int i, Object obj) {
        if ((i & 1) != 0) {
            list = NamedCurvesKt.getSupportedNamedCurves();
        }
        return buildECCurvesExtension(list);
    }

    private static final ByteReadPacket buildECPointFormatExtension(List<? extends PointFormat> list) {
        BytePacketBuilder BytePacketBuilder = PacketJVMKt.BytePacketBuilder(0);
        try {
            BytePacketBuilder.writeShort(TLSExtensionType.EC_POINT_FORMAT.getCode());
            int size = list.size();
            BytePacketBuilder.writeShort((short) (1 + size));
            BytePacketBuilder.writeByte((byte) size);
            Iterator<T> it = list.iterator();
            while (it.hasNext()) {
                BytePacketBuilder.writeByte(((PointFormat) it.next()).getCode());
            }
            return BytePacketBuilder.build();
        } catch (Throwable th) {
            BytePacketBuilder.release();
            throw th;
        }
    }

    static /* bridge */ /* synthetic */ ByteReadPacket buildECPointFormatExtension$default(List list, int i, Object obj) {
        if ((i & 1) != 0) {
            list = PointFormatKt.getSupportedPointFormats();
        }
        return buildECPointFormatExtension(list);
    }

    private static final void writeAligned(@NotNull BytePacketBuilder bytePacketBuilder, byte[] bArr, int i) {
        int i2;
        int i3 = (i + 7) >>> 3;
        int i4 = 0;
        int length = bArr.length;
        while (true) {
            if (i4 >= length) {
                i2 = -1;
                break;
            }
            if (bArr[i4] != ((byte) 0)) {
                i2 = i4;
                break;
            }
            i4++;
        }
        int i5 = i2;
        int length2 = i3 - (bArr.length - i5);
        if (length2 > 0) {
            OutputKt.writeFully$default((Output) bytePacketBuilder, new byte[length2], 0, 0, 6, (Object) null);
        }
        bytePacketBuilder.writeFully(bArr, i5, bArr.length - i5);
    }
}
