package org.bouncycastle.tls.crypto.impl.jcajce;

import android.support.v4.media.a;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.ECPublicKeySpec;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jce.interfaces.ECPublicKey;
import org.bouncycastle.math.ec.ECFieldElement;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.crypto.TlsAgreement;
import org.bouncycastle.tls.crypto.TlsCryptoException;
import org.bouncycastle.util.BigIntegers;

/* loaded from: classes3.dex */
public class JceTlsECDH implements TlsAgreement {
    public final JceTlsECDomain a;
    public KeyPair b;
    public PublicKey c;

    public JceTlsECDH(JceTlsECDomain jceTlsECDomain) {
        this.a = jceTlsECDomain;
    }

    @Override // org.bouncycastle.tls.crypto.TlsAgreement
    public final byte[] a() throws IOException {
        ECPoint a;
        JceTlsECDomain jceTlsECDomain = this.a;
        jceTlsECDomain.getClass();
        try {
            ((DefaultJcaJceHelper) jceTlsECDomain.a.a).getClass();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(jceTlsECDomain.b, jceTlsECDomain.a.b);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.b = generateKeyPair;
            JceTlsECDomain jceTlsECDomain2 = this.a;
            PublicKey publicKey = generateKeyPair.getPublic();
            jceTlsECDomain2.getClass();
            if (publicKey instanceof ECPublicKey) {
                a = ((ECPublicKey) publicKey).getQ();
            } else {
                if (!(publicKey instanceof java.security.interfaces.ECPublicKey)) {
                    return SubjectPublicKeyInfo.n(publicKey.getEncoded()).b.D();
                }
                java.security.spec.ECPoint w = ((java.security.interfaces.ECPublicKey) publicKey).getW();
                a = jceTlsECDomain2.c.a(w.getAffineX(), w.getAffineY());
            }
            if (a.g()) {
                return new byte[1];
            }
            ECPoint i = a.i();
            ECFieldElement eCFieldElement = i.b;
            byte[] a2 = BigIntegers.a((eCFieldElement.e() + 7) / 8, eCFieldElement.s());
            ECFieldElement d = i.d();
            byte[] a3 = BigIntegers.a((d.e() + 7) / 8, d.s());
            byte[] bArr = new byte[a2.length + a3.length + 1];
            bArr[0] = 4;
            System.arraycopy(a2, 0, bArr, 1, a2.length);
            System.arraycopy(a3, 0, bArr, a2.length + 1, a3.length);
            return bArr;
        } catch (GeneralSecurityException e) {
            StringBuilder w2 = a.w("unable to create key pair: ");
            w2.append(e.getMessage());
            throw new IllegalStateException(w2.toString(), e);
        }
    }

    @Override // org.bouncycastle.tls.crypto.TlsAgreement
    public final void b(byte[] bArr) throws IOException {
        JceTlsECDomain jceTlsECDomain = this.a;
        jceTlsECDomain.getClass();
        try {
            ECPoint i = jceTlsECDomain.b(bArr).i();
            i.b();
            BigInteger s = i.b.s();
            i.b();
            ECPublicKeySpec eCPublicKeySpec = new ECPublicKeySpec(new java.security.spec.ECPoint(s, i.d().s()), jceTlsECDomain.b);
            ((DefaultJcaJceHelper) jceTlsECDomain.a.a).getClass();
            this.c = KeyFactory.getInstance("EC").generatePublic(eCPublicKeySpec);
        } catch (Exception e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    @Override // org.bouncycastle.tls.crypto.TlsAgreement
    public final JceTlsSecret c() throws IOException {
        JceTlsECDomain jceTlsECDomain = this.a;
        PrivateKey privateKey = this.b.getPrivate();
        PublicKey publicKey = this.c;
        jceTlsECDomain.getClass();
        try {
            byte[] b = jceTlsECDomain.a.b("ECDH", privateKey, publicKey);
            JcaTlsCrypto jcaTlsCrypto = jceTlsECDomain.a;
            jcaTlsCrypto.getClass();
            return new JceTlsSecret(jcaTlsCrypto, b);
        } catch (GeneralSecurityException e) {
            throw new TlsCryptoException("cannot calculate secret", e);
        }
    }
}
