package io.ktor.network.tls;

import io.ktor.network.tls.extensions.HashAndSign;
import io.ktor.network.tls.extensions.NamedCurve;
import io.ktor.network.tls.extensions.SignatureAlgorithmKt;
import io.ktor.utils.io.core.PacketKt;
import io.ktor.utils.io.core.StringsKt;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.util.ArrayList;
import java.util.LinkedHashSet;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlinx.io.Source;
import org.jetbrains.annotations.NotNull;

/* compiled from: TLSClientHandshake.kt */
@Metadata(mv = {2, 0, 0}, k = 2, xi = 48, d1 = {"��2\n\u0002\u0018\u0002\n\u0002\u0010\u0012\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\u001a\u0013\u0010\u0002\u001a\u00020\u0001*\u00020��H\u0002¢\u0006\u0004\b\u0002\u0010\u0003\u001a\u001f\u0010\t\u001a\u00020\b2\u0006\u0010\u0005\u001a\u00020\u00042\u0006\u0010\u0007\u001a\u00020\u0006H\u0002¢\u0006\u0004\b\t\u0010\n\u001a\u001b\u0010\u000f\u001a\u00020\u000e2\n\u0010\r\u001a\u00060\u000bj\u0002`\fH��¢\u0006\u0004\b\u000f\u0010\u0010¨\u0006\u0011"}, d2 = {"Ljava/security/SecureRandom;", "", "generateClientSeed", "(Ljava/security/SecureRandom;)[B", "Lio/ktor/network/tls/extensions/NamedCurve;", "curve", "Ljava/security/spec/ECPoint;", "serverPoint", "Lio/ktor/network/tls/EncryptionInfo;", "generateECKeys", "(Lio/ktor/network/tls/extensions/NamedCurve;Ljava/security/spec/ECPoint;)Lio/ktor/network/tls/EncryptionInfo;", "Lkotlinx/io/Source;", "Lio/ktor/utils/io/core/ByteReadPacket;", "packet", "Lio/ktor/network/tls/CertificateInfo;", "readClientCertificateRequest", "(Lkotlinx/io/Source;)Lio/ktor/network/tls/CertificateInfo;", "ktor-network-tls"})
@SourceDebugExtension({"SMAP\nTLSClientHandshake.kt\nKotlin\n*S Kotlin\n*F\n+ 1 TLSClientHandshake.kt\nio/ktor/network/tls/TLSClientHandshakeKt\n+ 2 ArraysJVM.kt\nkotlin/collections/ArraysKt__ArraysJVMKt\n*L\n1#1,552:1\n37#2,2:553\n*S KotlinDebug\n*F\n+ 1 TLSClientHandshake.kt\nio/ktor/network/tls/TLSClientHandshakeKt\n*L\n548#1:553,2\n*E\n"})
/* loaded from: input_file:io/ktor/network/tls/TLSClientHandshakeKt.class */
public final class TLSClientHandshakeKt {
    /* JADX INFO: Access modifiers changed from: private */
    public static final byte[] generateClientSeed(SecureRandom secureRandom) {
        byte[] bArr = new byte[32];
        secureRandom.nextBytes(bArr);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        bArr[0] = (byte) (currentTimeMillis >> 24);
        bArr[1] = (byte) (currentTimeMillis >> 16);
        bArr[2] = (byte) (currentTimeMillis >> 8);
        bArr[3] = (byte) (currentTimeMillis >> 0);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final EncryptionInfo generateECKeys(NamedCurve namedCurve, ECPoint eCPoint) {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        Intrinsics.checkNotNull(keyPairGenerator);
        keyPairGenerator.initialize(new ECGenParameterSpec(namedCurve.name()));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Intrinsics.checkNotNull(generateKeyPair);
        PublicKey publicKey = generateKeyPair.getPublic();
        Intrinsics.checkNotNull(publicKey, "null cannot be cast to non-null type java.security.interfaces.ECPublicKey");
        ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
        KeyFactory keyFactory = KeyFactory.getInstance("EC");
        Intrinsics.checkNotNull(keyFactory);
        ECParameterSpec params = eCPublicKey.getParams();
        Intrinsics.checkNotNull(params);
        PublicKey generatePublic = keyFactory.generatePublic(new ECPublicKeySpec(eCPoint, params));
        Intrinsics.checkNotNull(generatePublic);
        PublicKey publicKey2 = generateKeyPair.getPublic();
        Intrinsics.checkNotNullExpressionValue(publicKey2, "getPublic(...)");
        PrivateKey privateKey = generateKeyPair.getPrivate();
        Intrinsics.checkNotNullExpressionValue(privateKey, "getPrivate(...)");
        return new EncryptionInfo(generatePublic, publicKey2, privateKey);
    }

    @NotNull
    public static final CertificateInfo readClientCertificateRequest(@NotNull Source packet) {
        Intrinsics.checkNotNullParameter(packet, "packet");
        byte[] readBytes = StringsKt.readBytes(packet, packet.readByte() & 255);
        int readShort = packet.readShort() & 65535;
        ArrayList arrayList = new ArrayList();
        int i = readShort / 2;
        for (int i2 = 0; i2 < i; i2++) {
            ArrayList arrayList2 = arrayList;
            HashAndSign byCode = SignatureAlgorithmKt.byCode(HashAndSign.Companion, packet.readByte(), packet.readByte());
            if (byCode != null) {
                arrayList2.add(byCode);
            }
        }
        int readShort2 = packet.readShort() & 65535;
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        int i3 = 0;
        while (i3 < readShort2) {
            int readShort3 = packet.readShort() & 65535;
            i3 += readShort3 + 2;
            linkedHashSet.add(new X500Principal(StringsKt.readBytes(packet, readShort3)));
        }
        CertificateInfo certificateInfo = new CertificateInfo(readBytes, (HashAndSign[]) arrayList.toArray(new HashAndSign[0]), linkedHashSet);
        if (PacketKt.isEmpty(packet)) {
            return certificateInfo;
        }
        throw new IllegalStateException("Check failed.".toString());
    }

    public static final /* synthetic */ byte[] access$generateClientSeed(SecureRandom secureRandom) {
        return generateClientSeed(secureRandom);
    }

    public static final /* synthetic */ EncryptionInfo access$generateECKeys(NamedCurve namedCurve, ECPoint eCPoint) {
        return generateECKeys(namedCurve, eCPoint);
    }
}
