package com.aspose.ms.core.System.Security.Protocol.Tls.Handshake.Client;

import com.aspose.ms.System.h.a.af;
import com.aspose.ms.core.System.Security.Cryptography.MD5SHA1;
import com.aspose.ms.core.System.Security.Protocol.Tls.Context;
import com.aspose.ms.core.System.Security.Protocol.Tls.Handshake.HandshakeMessage;
import com.aspose.ms.core.System.Security.Protocol.Tls.TlsException;
import com.aspose.ms.core.System.Security.Protocol.Tls.TlsStream;

/* loaded from: input_file:com/aspose/ms/core/System/Security/Protocol/Tls/Handshake/Client/TlsServerKeyExchange.class */
public class TlsServerKeyExchange extends HandshakeMessage {
    private af gFp;
    private byte[] gFq;

    public TlsServerKeyExchange(Context context, byte[] bArr) {
        super(context, (byte) 12, bArr);
        this.gFp = new af();
        brk();
    }

    @Override // com.aspose.ms.core.System.Security.Protocol.Tls.Handshake.HandshakeMessage
    public void update() {
        super.update();
        getContext().getServerSettings().setServerKeyExchange(true);
        getContext().getServerSettings().setRsaParameters(this.gFp.Clone());
        getContext().getServerSettings().setSignedParams(this.gFq);
    }

    @Override // com.aspose.ms.core.System.Security.Protocol.Tls.Handshake.HandshakeMessage
    protected void bri() {
        brj();
    }

    @Override // com.aspose.ms.core.System.Security.Protocol.Tls.Handshake.HandshakeMessage
    protected void brj() {
        this.gFp = new af();
        this.gFp.fyi = readBytes(readInt16());
        this.gFp.fyj = readBytes(readInt16());
        this.gFq = readBytes(readInt16());
    }

    private void brk() {
        MD5SHA1 md5sha1 = new MD5SHA1();
        int length = this.gFp.fyi.length + this.gFp.fyj.length + 4;
        TlsStream tlsStream = new TlsStream();
        tlsStream.write(getContext().getRandomCS());
        tlsStream.write(toArray(), 0, length);
        md5sha1.computeHash(tlsStream.toArray());
        tlsStream.reset();
        if (!md5sha1.verifySignature(getContext().getServerSettings().getCertificateRSA(), this.gFq)) {
            throw new TlsException((byte) 50, "Data was not signed with the server certificate.");
        }
    }
}
