package org.bouncycastle.jcajce.provider.asymmetric.dh;

import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.crypto.BasicAgreement;
import org.bouncycastle.crypto.agreement.DHUnifiedAgreement;
import org.bouncycastle.crypto.params.DHMQVPrivateParameters;
import org.bouncycastle.crypto.params.DHMQVPublicParameters;
import org.bouncycastle.crypto.params.DHParameters;
import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
import org.bouncycastle.crypto.params.DHPublicKeyParameters;
import org.bouncycastle.crypto.params.DHUPrivateParameters;
import org.bouncycastle.crypto.params.DHUPublicParameters;
import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
import org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
import org.bouncycastle.jcajce.spec.DHUParameterSpec;
import org.bouncycastle.jcajce.spec.MQVParameterSpec;
import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
import org.bouncycastle.util.BigIntegers;

/* loaded from: classes6.dex */
public class KeyAgreementSpi extends BaseAgreementSpi {

    /* renamed from: s, reason: collision with root package name */
    private static final BigInteger f58036s = BigInteger.valueOf(1);

    /* renamed from: t, reason: collision with root package name */
    private static final BigInteger f58037t = BigInteger.valueOf(2);

    /* renamed from: k, reason: collision with root package name */
    private final DHUnifiedAgreement f58038k;

    /* renamed from: l, reason: collision with root package name */
    private final BasicAgreement f58039l;

    /* renamed from: m, reason: collision with root package name */
    private DHUParameterSpec f58040m;

    /* renamed from: n, reason: collision with root package name */
    private MQVParameterSpec f58041n;

    /* renamed from: o, reason: collision with root package name */
    private BigInteger f58042o;

    /* renamed from: p, reason: collision with root package name */
    private BigInteger f58043p;

    /* renamed from: q, reason: collision with root package name */
    private BigInteger f58044q;

    /* renamed from: r, reason: collision with root package name */
    private byte[] f58045r;

    /* loaded from: classes6.dex */
    public static class DHUwithSHA1CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA1KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA224CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA224KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA256CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA256KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA384CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA384KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA512CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHUwithSHA512KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithRFC2631KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA1CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA1KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA224CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA224KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA256CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA256KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA384CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA384KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA512CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class DHwithSHA512KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA1CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA1KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA224CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA224KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA256CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA256KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA384CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA384KDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA512CKDF extends KeyAgreementSpi {
    }

    /* loaded from: classes6.dex */
    public static class MQVwithSHA512KDF extends KeyAgreementSpi {
    }

    private DHPrivateKeyParameters i(PrivateKey privateKey) {
        if (!(privateKey instanceof DHPrivateKey)) {
            throw new InvalidKeyException("private key not a DHPrivateKey");
        }
        if (privateKey instanceof BCDHPrivateKey) {
            return ((BCDHPrivateKey) privateKey).f();
        }
        DHPrivateKey dHPrivateKey = (DHPrivateKey) privateKey;
        DHParameterSpec params = dHPrivateKey.getParams();
        return new DHPrivateKeyParameters(dHPrivateKey.getX(), new DHParameters(params.getP(), params.getG(), null, params.getL()));
    }

    private DHPublicKeyParameters j(PublicKey publicKey) {
        if (!(publicKey instanceof DHPublicKey)) {
            throw new InvalidKeyException("public key not a DHPublicKey");
        }
        if (publicKey instanceof BCDHPublicKey) {
            return ((BCDHPublicKey) publicKey).b();
        }
        DHPublicKey dHPublicKey = (DHPublicKey) publicKey;
        DHParameterSpec params = dHPublicKey.getParams();
        return params instanceof DHDomainParameterSpec ? new DHPublicKeyParameters(dHPublicKey.getY(), ((DHDomainParameterSpec) params).a()) : new DHPublicKeyParameters(dHPublicKey.getY(), new DHParameters(params.getP(), params.getG(), null, params.getL()));
    }

    @Override // org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi
    protected byte[] b() {
        return this.f58045r;
    }

    @Override // org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi
    protected void c(Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) {
        BasicAgreement basicAgreement;
        DHMQVPrivateParameters dHMQVPrivateParameters;
        DHUnifiedAgreement dHUnifiedAgreement;
        DHUPrivateParameters dHUPrivateParameters;
        if (!(key instanceof DHPrivateKey)) {
            throw new InvalidKeyException("DHKeyAgreement requires DHPrivateKey for initialisation");
        }
        DHPrivateKey dHPrivateKey = (DHPrivateKey) key;
        if (algorithmParameterSpec == null) {
            this.f58043p = dHPrivateKey.getParams().getP();
            this.f58044q = dHPrivateKey.getParams().getG();
        } else if (algorithmParameterSpec instanceof DHParameterSpec) {
            DHParameterSpec dHParameterSpec = (DHParameterSpec) algorithmParameterSpec;
            this.f58043p = dHParameterSpec.getP();
            this.f58044q = dHParameterSpec.getG();
            this.f58040m = null;
            this.f58400c = null;
        } else if (algorithmParameterSpec instanceof DHUParameterSpec) {
            if (this.f58038k == null) {
                throw new InvalidAlgorithmParameterException("agreement algorithm not DHU based");
            }
            this.f58043p = dHPrivateKey.getParams().getP();
            this.f58044q = dHPrivateKey.getParams().getG();
            DHUParameterSpec dHUParameterSpec = (DHUParameterSpec) algorithmParameterSpec;
            this.f58040m = dHUParameterSpec;
            this.f58400c = dHUParameterSpec.d();
            if (this.f58040m.b() != null) {
                dHUnifiedAgreement = this.f58038k;
                dHUPrivateParameters = new DHUPrivateParameters(i(dHPrivateKey), i(this.f58040m.a()), j(this.f58040m.b()));
            } else {
                dHUnifiedAgreement = this.f58038k;
                dHUPrivateParameters = new DHUPrivateParameters(i(dHPrivateKey), i(this.f58040m.a()));
            }
            dHUnifiedAgreement.c(dHUPrivateParameters);
        } else if (algorithmParameterSpec instanceof MQVParameterSpec) {
            if (this.f58039l == null) {
                throw new InvalidAlgorithmParameterException("agreement algorithm not MQV based");
            }
            this.f58043p = dHPrivateKey.getParams().getP();
            this.f58044q = dHPrivateKey.getParams().getG();
            MQVParameterSpec mQVParameterSpec = (MQVParameterSpec) algorithmParameterSpec;
            this.f58041n = mQVParameterSpec;
            this.f58400c = mQVParameterSpec.d();
            if (this.f58041n.b() != null) {
                basicAgreement = this.f58039l;
                dHMQVPrivateParameters = new DHMQVPrivateParameters(i(dHPrivateKey), i(this.f58041n.a()), j(this.f58041n.b()));
            } else {
                basicAgreement = this.f58039l;
                dHMQVPrivateParameters = new DHMQVPrivateParameters(i(dHPrivateKey), i(this.f58041n.a()));
            }
            basicAgreement.a(dHMQVPrivateParameters);
        } else {
            if (!(algorithmParameterSpec instanceof UserKeyingMaterialSpec)) {
                throw new InvalidAlgorithmParameterException("DHKeyAgreement only accepts DHParameterSpec");
            }
            if (this.f58399b == null) {
                throw new InvalidAlgorithmParameterException("no KDF specified for UserKeyingMaterialSpec");
            }
            this.f58043p = dHPrivateKey.getParams().getP();
            this.f58044q = dHPrivateKey.getParams().getG();
            this.f58040m = null;
            this.f58400c = ((UserKeyingMaterialSpec) algorithmParameterSpec).b();
        }
        BigInteger x2 = dHPrivateKey.getX();
        this.f58042o = x2;
        this.f58045r = h(x2);
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected Key engineDoPhase(Key key, boolean z2) {
        if (this.f58042o == null) {
            throw new IllegalStateException("Diffie-Hellman not initialised.");
        }
        if (!(key instanceof DHPublicKey)) {
            throw new InvalidKeyException("DHKeyAgreement doPhase requires DHPublicKey");
        }
        DHPublicKey dHPublicKey = (DHPublicKey) key;
        if (!dHPublicKey.getParams().getG().equals(this.f58044q) || !dHPublicKey.getParams().getP().equals(this.f58043p)) {
            throw new InvalidKeyException("DHPublicKey not for this KeyAgreement!");
        }
        BigInteger y2 = dHPublicKey.getY();
        if (y2 != null && y2.compareTo(f58037t) >= 0) {
            BigInteger bigInteger = this.f58043p;
            BigInteger bigInteger2 = f58036s;
            if (y2.compareTo(bigInteger.subtract(bigInteger2)) < 0) {
                if (this.f58038k != null) {
                    if (!z2) {
                        throw new IllegalStateException("unified Diffie-Hellman can use only two key pairs");
                    }
                    this.f58045r = this.f58038k.a(new DHUPublicParameters(j((PublicKey) key), j(this.f58040m.c())));
                    return null;
                }
                if (this.f58039l != null) {
                    if (!z2) {
                        throw new IllegalStateException("MQV Diffie-Hellman can use only two key pairs");
                    }
                    this.f58045r = h(this.f58039l.c(new DHMQVPublicParameters(j((PublicKey) key), j(this.f58041n.c()))));
                    return null;
                }
                BigInteger modPow = y2.modPow(this.f58042o, this.f58043p);
                if (modPow.compareTo(bigInteger2) == 0) {
                    throw new InvalidKeyException("Shared key can't be 1");
                }
                this.f58045r = h(modPow);
                if (z2) {
                    return null;
                }
                return new BCDHPublicKey(modPow, dHPublicKey.getParams());
            }
        }
        throw new InvalidKeyException("Invalid DH PublicKey");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi, javax.crypto.KeyAgreementSpi
    public int engineGenerateSecret(byte[] bArr, int i3) {
        if (this.f58042o != null) {
            return super.engineGenerateSecret(bArr, i3);
        }
        throw new IllegalStateException("Diffie-Hellman not initialised.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi, javax.crypto.KeyAgreementSpi
    public SecretKey engineGenerateSecret(String str) {
        if (this.f58042o != null) {
            return str.equals("TlsPremasterSecret") ? new SecretKeySpec(BaseAgreementSpi.g(this.f58045r), str) : super.engineGenerateSecret(str);
        }
        throw new IllegalStateException("Diffie-Hellman not initialised.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi, javax.crypto.KeyAgreementSpi
    public byte[] engineGenerateSecret() {
        if (this.f58042o != null) {
            return super.engineGenerateSecret();
        }
        throw new IllegalStateException("Diffie-Hellman not initialised.");
    }

    @Override // org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi, javax.crypto.KeyAgreementSpi
    protected void engineInit(Key key, SecureRandom secureRandom) {
        if (!(key instanceof DHPrivateKey)) {
            throw new InvalidKeyException("DHKeyAgreement requires DHPrivateKey");
        }
        DHPrivateKey dHPrivateKey = (DHPrivateKey) key;
        this.f58043p = dHPrivateKey.getParams().getP();
        this.f58044q = dHPrivateKey.getParams().getG();
        BigInteger x2 = dHPrivateKey.getX();
        this.f58042o = x2;
        this.f58045r = h(x2);
    }

    protected byte[] h(BigInteger bigInteger) {
        return BigIntegers.b((this.f58043p.bitLength() + 7) / 8, bigInteger);
    }
}
