package org.bouncycastle.mls.codec;

import java.io.IOException;
import org.bouncycastle.mls.codec.MLSInputStream;
import org.bouncycastle.mls.codec.MLSOutputStream;
import org.bouncycastle.mls.crypto.MlsCipherSuite;
import org.bouncycastle.mls.crypto.Secret;
import org.bouncycastle.util.Arrays;

/* loaded from: input_file:org/bouncycastle/mls/codec/PublicMessage.class */
public class PublicMessage implements MLSInputStream.Readable, MLSOutputStream.Writable {
    FramedContent content;
    FramedContentAuthData auth;
    byte[] membership_tag;

    public PublicMessage(MLSInputStream mLSInputStream) throws IOException {
        this.content = (FramedContent) mLSInputStream.read(FramedContent.class);
        this.auth = new FramedContentAuthData(mLSInputStream, this.content.contentType);
        switch (this.content.sender.senderType) {
            case RESERVED:
            case EXTERNAL:
            case NEW_MEMBER_PROPOSAL:
            case NEW_MEMBER_COMMIT:
            default:
                return;
            case MEMBER:
                this.membership_tag = mLSInputStream.readOpaque();
                return;
        }
    }

    @Override // org.bouncycastle.mls.codec.MLSOutputStream.Writable
    public void writeTo(MLSOutputStream mLSOutputStream) throws IOException {
        mLSOutputStream.write(this.content);
        mLSOutputStream.write(this.auth);
        switch (this.content.sender.senderType) {
            case RESERVED:
            case EXTERNAL:
            case NEW_MEMBER_PROPOSAL:
            case NEW_MEMBER_COMMIT:
            default:
                return;
            case MEMBER:
                mLSOutputStream.writeOpaque(this.membership_tag);
                return;
        }
    }

    public PublicMessage(FramedContent framedContent, FramedContentAuthData framedContentAuthData, byte[] bArr) {
        this.content = framedContent;
        this.auth = framedContentAuthData;
        switch (framedContent.sender.senderType) {
            case RESERVED:
            case EXTERNAL:
            case NEW_MEMBER_PROPOSAL:
            case NEW_MEMBER_COMMIT:
            default:
                return;
            case MEMBER:
                this.membership_tag = bArr;
                return;
        }
    }

    public static PublicMessage protect(AuthenticatedContent authenticatedContent, MlsCipherSuite mlsCipherSuite, byte[] bArr, byte[] bArr2) throws IOException {
        PublicMessage publicMessage = new PublicMessage(authenticatedContent.content, authenticatedContent.auth, null);
        if (publicMessage.content.sender.senderType == SenderType.MEMBER) {
            publicMessage.membership_tag = publicMessage.membershipMac(mlsCipherSuite, new Secret(bArr), (GroupContext) MLSInputStream.decode(bArr2, GroupContext.class));
        }
        return publicMessage;
    }

    public AuthenticatedContent unprotect(MlsCipherSuite mlsCipherSuite, Secret secret, GroupContext groupContext) throws Exception {
        if (this.content.sender.senderType != SenderType.MEMBER || Arrays.areEqual(membershipMac(mlsCipherSuite, secret, groupContext), this.membership_tag)) {
            return new AuthenticatedContent(WireFormat.mls_public_message, this.content, this.auth);
        }
        throw new IOException("incorrect membership tag");
    }

    public byte[] membershipMac(MlsCipherSuite mlsCipherSuite, Secret secret, GroupContext groupContext) throws IOException {
        return Secret.extract(mlsCipherSuite, secret, new Secret(MLSOutputStream.encode(new AuthenticatedContentTBM(new FramedContentTBS(WireFormat.mls_public_message, this.content, groupContext), this.auth)))).value();
    }
}
