package com.rsa.jsafe;

import com.rsa.crypto.AlgorithmStrings;
import com.rsa.crypto.CryptoException;
import com.rsa.crypto.CryptoModule;
import com.rsa.crypto.DHPrivateKey;
import com.rsa.crypto.DHPublicKey;
import com.rsa.crypto.DomainParams;
import com.rsa.crypto.ECParams;
import com.rsa.crypto.ECPrivateKey;
import com.rsa.crypto.ECPublicKey;
import com.rsa.crypto.InvalidKeyException;
import com.rsa.crypto.KeyAgreement;
import com.rsa.crypto.KeyPair;
import com.rsa.crypto.KeyPairGenerator;
import com.rsa.crypto.NoSuchAlgorithmException;
import com.rsa.crypto.PQGParams;
import com.rsa.crypto.PrivateKey;
import com.rsa.crypto.PublicKey;
import com.rsa.crypto.SecureRandom;
import com.rsa.cryptoj.o.ay;
import com.rsa.cryptoj.o.bd;
import com.rsa.cryptoj.o.dl;
import com.rsa.cryptoj.o.ec;
import com.rsa.cryptoj.o.ga;
import com.rsa.cryptoj.o.gc;
import com.rsa.cryptoj.o.hn;
import com.rsa.cryptoj.o.ho;
import com.rsa.cryptoj.o.js;
import com.rsa.cryptoj.o.mk;
import com.rsa.cryptoj.o.nd;
import com.rsa.cryptoj.o.nm;
import com.rsa.cryptoj.o.ow;
import com.rsa.cryptoj.o.ph;
import java.util.Arrays;

/* loaded from: input_file:com/rsa/jsafe/JSAFE_KeyAgree.class */
public final class JSAFE_KeyAgree extends JSAFE_Object {
    protected static final int a = 0;
    protected static final int b = 1;
    protected static final int c = 2;
    protected static final int d = 3;
    private static final String e = "Improper method call order.";
    private static final String f = "Random number generator not set.";
    private static final String g = "Parameters have not been set.";
    private static final String h = "Private value is null.";
    private static final int i = 1;
    private KeyAgreement j;
    private final CryptoModule k;
    private final String l;
    private int m;
    private PrivateKey n;
    private PublicKey r;
    private PublicKey s;
    private DomainParams t;
    private SecureRandom u;

    private JSAFE_KeyAgree(CryptoModule cryptoModule, KeyAgreement keyAgreement, DomainParams domainParams) {
        this(cryptoModule, keyAgreement);
        this.t = domainParams;
    }

    private JSAFE_KeyAgree(CryptoModule cryptoModule, KeyAgreement keyAgreement) {
        this.k = cryptoModule;
        this.j = keyAgreement;
        this.l = this.j.getAlg();
    }

    public static JSAFE_KeyAgree getInstance(byte[] bArr, int i2, String str) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        return a(bArr, i2, str, dl.a());
    }

    public static JSAFE_KeyAgree getInstance(byte[] bArr, int i2, String str, FIPS140Context fIPS140Context) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        return a(bArr, i2, str, fIPS140Context.a());
    }

    public static JSAFE_KeyAgree getInstance(String str, String str2) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        return a(str, str2, dl.a());
    }

    public static JSAFE_KeyAgree getInstance(String str, String str2, FIPS140Context fIPS140Context) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        return a(str, str2, fIPS140Context.a());
    }

    public static int getNextBEROffset(byte[] bArr, int i2) throws JSAFE_UnimplementedException {
        return js.a(bArr, i2);
    }

    private static JSAFE_KeyAgree a(byte[] bArr, int i2, String str, gc gcVar) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        for (nm nmVar : b(str)) {
            try {
                CryptoModule a2 = mk.a(gcVar, nmVar);
                js a3 = js.a(bArr, i2, a2);
                return new JSAFE_KeyAgree(a2, a2.newKeyAgreement(a3.s()), a3.a());
            } catch (NoSuchAlgorithmException | ga e2) {
            }
        }
        throw new JSAFE_UnimplementedException("Algorithm not supported on any devices");
    }

    private static JSAFE_KeyAgree a(String str, String str2, gc gcVar) throws JSAFE_UnimplementedException {
        if (str == null || str2 == null) {
            throw new JSAFE_UnimplementedException("A JSAFE_KeyAgree object of " + str + " is not available on any of the devices. (" + str2 + ")");
        }
        nm[] b2 = b(str2);
        String a2 = ay.a(str);
        for (nm nmVar : b2) {
            try {
                CryptoModule a3 = mk.a(gcVar, nmVar);
                return new JSAFE_KeyAgree(a3, a3.newKeyAgreement(a2));
            } catch (NoSuchAlgorithmException | ga e2) {
            }
        }
        throw new JSAFE_UnimplementedException("Algorithm not supported on any devices");
    }

    @Override // com.rsa.jsafe.JSAFE_Object
    public void clearSensitiveData() {
        this.t = null;
        bd.a.a(this.j);
        bd.a.a(this.n);
        bd.a.a(this.r);
        bd.a.a(this.s);
    }

    @Override // com.rsa.jsafe.JSAFE_Object
    public Object clone() throws CloneNotSupportedException {
        JSAFE_KeyAgree jSAFE_KeyAgree = (JSAFE_KeyAgree) super.clone();
        jSAFE_KeyAgree.j = (KeyAgreement) this.j.clone();
        jSAFE_KeyAgree.n = (PrivateKey) nd.a(this.n);
        jSAFE_KeyAgree.r = (PublicKey) nd.a(this.r);
        jSAFE_KeyAgree.s = (PublicKey) nd.a(this.s);
        jSAFE_KeyAgree.t = this.t;
        jSAFE_KeyAgree.u = this.u == null ? null : this.u.newInstance();
        return jSAFE_KeyAgree;
    }

    public JSAFE_PublicKey generateMyPublicValue() throws JSAFE_InvalidUseException {
        if (this.m != 1) {
            throw new JSAFE_InvalidUseException(e);
        }
        a(this.t, this.u);
        a();
        this.m = 2;
        return ow.a(this.r, this.k);
    }

    private void a(DomainParams domainParams, SecureRandom secureRandom) throws JSAFE_InvalidUseException {
        if (domainParams == null) {
            throw new JSAFE_InvalidUseException("Params should not be null.");
        }
        if (this.n != null) {
            this.n.clearSensitiveData();
        }
        if (this.r != null) {
            this.r.clearSensitiveData();
        }
        try {
            KeyPairGenerator newKeyPairGenerator = this.k.newKeyPairGenerator(b() ? AlgorithmStrings.EC : "DH");
            newKeyPairGenerator.initialize(domainParams, secureRandom);
            KeyPair generate = newKeyPairGenerator.generate();
            this.n = generate.getPrivate();
            this.r = generate.getPublic();
        } catch (CryptoException e2) {
            throw new JSAFE_InvalidUseException(e2);
        }
    }

    public byte[] generateSharedSecret() throws JSAFE_InvalidUseException {
        if (this.m < 1) {
            throw new JSAFE_InvalidUseException("KeyAgreement has not been initialized.");
        }
        if (this.m >= 3) {
            throw new JSAFE_InvalidUseException(e);
        }
        if (this.s == null) {
            throw new JSAFE_InvalidUseException("Public key of target must be given.");
        }
        this.j.doPhase(this.s, true);
        this.m = 3;
        return this.j.getSecret();
    }

    public int generateSharedSecret(byte[] bArr, int i2) throws JSAFE_InvalidUseException {
        if (this.m < 2 || this.m >= 3) {
            throw new JSAFE_InvalidUseException(e);
        }
        byte[] generateSharedSecret = generateSharedSecret();
        System.arraycopy(generateSharedSecret, 0, bArr, i2, generateSharedSecret.length);
        return generateSharedSecret.length;
    }

    public byte[] generateSharedSecret(JSAFE_PublicKey jSAFE_PublicKey) throws JSAFE_InvalidUseException, JSAFE_InvalidKeyException {
        if (this.m != 1) {
            throw new JSAFE_InvalidUseException(e);
        }
        if (jSAFE_PublicKey == null || jSAFE_PublicKey.g() == null) {
            throw new JSAFE_InvalidKeyException("PublicKey must not be null");
        }
        PublicKey a2 = jSAFE_PublicKey.a(this.k);
        try {
            this.j.doPhase(a2, true);
            a2.clearSensitiveData();
            this.m = 3;
            return this.j.getSecret();
        } catch (Throwable th) {
            a2.clearSensitiveData();
            throw th;
        }
    }

    public int generateSharedSecret(JSAFE_PublicKey jSAFE_PublicKey, byte[] bArr, int i2) throws JSAFE_InvalidUseException, JSAFE_InvalidKeyException {
        if (this.m != 1) {
            throw new JSAFE_InvalidUseException(e);
        }
        byte[] generateSharedSecret = generateSharedSecret(jSAFE_PublicKey);
        System.arraycopy(generateSharedSecret, 0, bArr, i2, generateSharedSecret.length);
        return generateSharedSecret.length;
    }

    public JSAFE_KeyPair getBlankKeyPair() {
        String str = this.l;
        if (str.startsWith(AlgorithmStrings.EC)) {
            str = AlgorithmStrings.EC;
        }
        return JSAFE_KeyPair.a(this.k, ay.b(str));
    }

    /* JADX WARN: Type inference failed for: r1v1, types: [byte[], byte[][]] */
    public byte[] getDERAlgorithmID() throws JSAFE_UnimplementedException {
        return this.t == null ? js.a(this.l, (byte[][]) new byte[0]) : b() ? ho.a((ECParams) this.t) : ho.a((PQGParams) this.t);
    }

    public String getDevice() {
        return this.k.getDeviceType();
    }

    public String[] getDeviceList() {
        String[] strArr = new String[1];
        Arrays.fill(strArr, getDevice());
        return strArr;
    }

    public String getKeyAgreeAlgorithm() {
        return this.l;
    }

    public int getOutputSize() {
        if (this.t == null) {
            return 0;
        }
        return b() ? (((((ECParams) this.t).getFieldSize() + 7) / 8) * 2) + 1 : (((PQGParams) this.t).getP().getBitLength() + 7) / 8;
    }

    public byte[] getPrivateValue() {
        return this.n == null ? new byte[0] : b() ? ((ECPrivateKey) this.n).getD().toOctetString() : ((DHPrivateKey) this.n).getX().toOctetString();
    }

    public int getPrivateValue(byte[] bArr, int i2) {
        byte[] privateValue = getPrivateValue();
        System.arraycopy(privateValue, 0, bArr, i2, privateValue.length);
        return privateValue.length;
    }

    public JSAFE_PrivateKey getPrivateValueAsKey() throws JSAFE_InvalidUseException {
        if (this.n == null) {
            throw new JSAFE_InvalidUseException(h);
        }
        return ow.a(this.n, this.k);
    }

    public JSAFE_Parameters getSharedParameters() throws JSAFE_InvalidUseException {
        if (this.t == null) {
            throw new JSAFE_InvalidUseException(g);
        }
        try {
            return ec.a(this.t, this.k, this.l);
        } catch (JSAFE_UnimplementedException e2) {
            throw new JSAFE_InvalidUseException(e2);
        }
    }

    public void keyAgreeInit(JSAFE_Parameters jSAFE_Parameters, JSAFE_PrivateKey jSAFE_PrivateKey, java.security.SecureRandom secureRandom) throws JSAFE_InvalidParameterException, JSAFE_InvalidKeyException, JSAFE_InvalidUseException {
        if (jSAFE_Parameters == null) {
            throw new JSAFE_InvalidUseException(g);
        }
        if (jSAFE_Parameters.getAlgorithm().indexOf(this.l) == -1 && this.l.indexOf(jSAFE_Parameters.getAlgorithm()) == -1) {
            throw new JSAFE_InvalidParameterException("Invalid " + this.l + " parameters.");
        }
        if (jSAFE_PrivateKey == null) {
            throw new JSAFE_InvalidKeyException("Invalid " + this.l + " private key.");
        }
        a(jSAFE_Parameters, jSAFE_PrivateKey);
        this.u = b.b(secureRandom);
        a();
        this.m = 1;
    }

    public void keyAgreeInit(JSAFE_Parameters jSAFE_Parameters, JSAFE_PublicKey jSAFE_PublicKey, java.security.SecureRandom secureRandom) throws JSAFE_InvalidParameterException, JSAFE_InvalidKeyException, JSAFE_InvalidUseException {
        if (secureRandom == null) {
            throw new JSAFE_InvalidUseException(f);
        }
        if (jSAFE_Parameters == null) {
            throw new JSAFE_InvalidUseException(g);
        }
        a(jSAFE_Parameters.getAlgorithm());
        if (jSAFE_PublicKey == null || jSAFE_PublicKey.g() == null) {
            throw new JSAFE_InvalidKeyException("Invalid " + this.l + " public key.");
        }
        a(jSAFE_Parameters, jSAFE_PublicKey);
        this.u = b.b(secureRandom);
        this.m = 1;
    }

    private void a(String str) throws JSAFE_InvalidParameterException {
        if (this.l.indexOf(str) == -1) {
            throw new JSAFE_InvalidParameterException("Invalid " + this.l + " parameters.");
        }
    }

    public void keyAgreeInit(JSAFE_Parameters jSAFE_Parameters, java.security.SecureRandom secureRandom) throws JSAFE_InvalidParameterException, JSAFE_InvalidUseException {
        if (secureRandom == null) {
            throw new JSAFE_InvalidUseException(f);
        }
        if (jSAFE_Parameters == null || jSAFE_Parameters.d() == null) {
            throw new JSAFE_InvalidUseException(g);
        }
        if (jSAFE_Parameters.getAlgorithm().indexOf(this.l) == -1 && this.l.indexOf(jSAFE_Parameters.getAlgorithm()) == -1) {
            throw new JSAFE_InvalidParameterException("Invalid " + this.l + " parameters.");
        }
        this.u = b.b(secureRandom);
        this.t = jSAFE_Parameters.d();
        this.m = 1;
    }

    public void keyAgreeInit(JSAFE_PrivateKey jSAFE_PrivateKey, java.security.SecureRandom secureRandom) throws JSAFE_InvalidKeyException, JSAFE_InvalidUseException {
        if (secureRandom == null) {
            throw new JSAFE_InvalidUseException(f);
        }
        if (jSAFE_PrivateKey == null || jSAFE_PrivateKey.f() == null) {
            throw new JSAFE_InvalidKeyException("Invalid " + this.l + " private key.");
        }
        if (this.t == null && !jSAFE_PrivateKey.c()) {
            throw new JSAFE_InvalidUseException(g);
        }
        if (this.s != null) {
            this.s.clearSensitiveData();
        }
        if (this.n != null) {
            this.n.clearSensitiveData();
        }
        this.u = b.b(secureRandom);
        if (jSAFE_PrivateKey.c()) {
            this.n = jSAFE_PrivateKey.a(this.k);
            if (b()) {
                this.t = ((ECPrivateKey) this.n).getParams();
            } else {
                this.t = ((DHPrivateKey) this.n).getParams();
            }
        } else {
            this.n = a(this.t, jSAFE_PrivateKey.f());
        }
        a();
        this.m = 1;
    }

    public void keyAgreeInit(JSAFE_PublicKey jSAFE_PublicKey, java.security.SecureRandom secureRandom) throws JSAFE_InvalidKeyException, JSAFE_InvalidUseException {
        if (secureRandom == null) {
            throw new JSAFE_InvalidUseException(f);
        }
        if (this.s != null) {
            this.s.clearSensitiveData();
        }
        if (jSAFE_PublicKey == null) {
            throw new JSAFE_InvalidKeyException("Invalid public key.");
        }
        if (!jSAFE_PublicKey.a() && this.t == null) {
            throw new JSAFE_InvalidUseException(g);
        }
        if (jSAFE_PublicKey.a()) {
            this.s = jSAFE_PublicKey.a(this.k);
            this.t = jSAFE_PublicKey.d();
        } else {
            this.s = a(this.t, jSAFE_PublicKey.g());
        }
        this.u = b.b(secureRandom);
        this.m = 1;
    }

    public void keyAgreeInit(java.security.SecureRandom secureRandom) throws JSAFE_InvalidUseException {
        if (this.t == null) {
            throw new JSAFE_InvalidUseException(g);
        }
        if (secureRandom == null) {
            throw new JSAFE_InvalidUseException(f);
        }
        this.u = b.b(secureRandom);
        this.m = 1;
    }

    public byte[] keyAgreePhase1() throws JSAFE_InvalidUseException {
        if (this.m != 1) {
            throw new JSAFE_InvalidUseException(e);
        }
        a(this.t, this.u);
        a();
        this.m = 2;
        return this.l.indexOf(AlgorithmStrings.EC) != -1 ? ((ECPublicKey) this.r).getPublicPoint().getEncoded() : ((DHPublicKey) this.r).getY().toOctetString();
    }

    private void a() throws JSAFE_InvalidUseException {
        try {
            this.j.init(this.n);
        } catch (InvalidKeyException e2) {
            throw new JSAFE_InvalidUseException("Could not initialize " + e2.getMessage());
        }
    }

    public int keyAgreePhase1(byte[] bArr, int i2) throws JSAFE_InvalidUseException {
        byte[] keyAgreePhase1 = keyAgreePhase1();
        System.arraycopy(keyAgreePhase1, 0, bArr, i2, keyAgreePhase1.length);
        return keyAgreePhase1.length;
    }

    public byte[] keyAgreePhase2(byte[] bArr, int i2, int i3) throws JSAFE_InvalidUseException {
        if (this.t == null) {
            throw new JSAFE_InvalidUseException("Parameters should not be null.");
        }
        this.s = a(this.t, bArr, i2, i3);
        this.j.doPhase(this.s, true);
        this.m = 3;
        return this.j.getSecret();
    }

    public int keyAgreePhase2(byte[] bArr, int i2, int i3, byte[] bArr2, int i4) throws JSAFE_InvalidUseException {
        if (this.m != 2) {
            throw new JSAFE_InvalidUseException(e);
        }
        byte[] keyAgreePhase2 = keyAgreePhase2(bArr, i2, i3);
        if (keyAgreePhase2.length > bArr2.length - i4) {
            throw new JSAFE_InvalidUseException("sharedSecret output buffer is too small.");
        }
        System.arraycopy(keyAgreePhase2, 0, bArr2, i4, keyAgreePhase2.length);
        return keyAgreePhase2.length;
    }

    public void keyAgreeReInit() throws JSAFE_InvalidUseException {
        if (this.m < 1) {
            throw new JSAFE_InvalidUseException("Object not initialized.");
        }
        this.s = null;
        if (this.n != null) {
            a();
        }
        this.m = 1;
    }

    private boolean b() {
        return this.l.startsWith(AlgorithmStrings.EC);
    }

    private PrivateKey a(DomainParams domainParams, PrivateKey privateKey) {
        return b() ? this.k.getKeyBuilder().newECPrivateKey(((ECPrivateKey) privateKey).getD().toOctetString(), (ECParams) domainParams) : this.k.getKeyBuilder().newDHPrivateKey(((DHPrivateKey) privateKey).getX().toOctetString(), (PQGParams) domainParams);
    }

    private PublicKey a(DomainParams domainParams, PublicKey publicKey) {
        return b() ? this.k.getKeyBuilder().newECPublicKey(((ECPublicKey) publicKey).getPublicPoint().getX(), ((ECPublicKey) publicKey).getPublicPoint().getY(), (ECParams) domainParams) : this.k.getKeyBuilder().newDHPublicKey(((DHPublicKey) publicKey).getY().toOctetString(), (PQGParams) domainParams);
    }

    private PublicKey a(DomainParams domainParams, byte[] bArr, int i2, int i3) {
        if (b()) {
            byte[][] e2 = hn.e(bArr, i2, i3);
            return this.k.getKeyBuilder().newECPublicKey(e2[0], e2[1], (ECParams) domainParams);
        }
        byte[] bArr2 = new byte[i3];
        System.arraycopy(bArr, i2, bArr2, 0, i3);
        return this.k.getKeyBuilder().newDHPublicKey(bArr2, (PQGParams) domainParams);
    }

    private void a(JSAFE_Parameters jSAFE_Parameters, JSAFE_PrivateKey jSAFE_PrivateKey) throws JSAFE_InvalidUseException, JSAFE_InvalidKeyException {
        if (this.n != null) {
            this.n.clearSensitiveData();
        }
        if (b()) {
            if (!ph.a((ECParams) jSAFE_Parameters.d(), (ECParams) jSAFE_PrivateKey.a())) {
                throw new JSAFE_InvalidKeyException("System parameters and key parameters don't match.");
            }
            this.n = jSAFE_PrivateKey.a(this.k);
            this.t = ((ECPrivateKey) this.n).getParams();
            return;
        }
        if (jSAFE_Parameters.d() == null && !jSAFE_PrivateKey.c()) {
            throw new JSAFE_InvalidUseException("Neither parameters nor key contain domain parameters.");
        }
        PQGParams pQGParams = (PQGParams) jSAFE_Parameters.d();
        PQGParams pQGParams2 = (PQGParams) jSAFE_PrivateKey.a();
        if (pQGParams != null && !ph.a(pQGParams, pQGParams2)) {
            this.n = a(pQGParams, jSAFE_PrivateKey.f());
        } else {
            this.n = jSAFE_PrivateKey.a(this.k);
            this.t = pQGParams2;
        }
    }

    private void a(JSAFE_Parameters jSAFE_Parameters, JSAFE_PublicKey jSAFE_PublicKey) throws JSAFE_InvalidKeyException {
        if (this.s != null) {
            this.s.clearSensitiveData();
        }
        if (b()) {
            if (!ph.a((ECParams) jSAFE_Parameters.d(), (ECParams) jSAFE_PublicKey.d())) {
                throw new JSAFE_InvalidKeyException("System parameters and key parameters don't match.");
            }
            this.s = jSAFE_PublicKey.a(this.k);
            this.t = ((ECPublicKey) this.s).getParams();
            return;
        }
        if (jSAFE_Parameters.d() == null && !jSAFE_PublicKey.a()) {
            throw new JSAFE_InvalidKeyException("Neither parameters nor key contain domain parameters.");
        }
        PQGParams pQGParams = (PQGParams) jSAFE_Parameters.d();
        PQGParams pQGParams2 = (PQGParams) jSAFE_PublicKey.d();
        DHPublicKey dHPublicKey = (DHPublicKey) jSAFE_PublicKey.g();
        this.s = this.k.getKeyBuilder().newDHPublicKey(dHPublicKey.getY().toOctetString(), (PQGParams) this.t);
        if (pQGParams == null || ph.a(pQGParams, pQGParams2)) {
            this.s = jSAFE_PublicKey.a(this.k);
        } else {
            this.s = this.k.getKeyBuilder().newDHPublicKey(dHPublicKey.getY().toOctetString(), (PQGParams) this.t);
        }
    }
}
