package net.luminis.tls.extension;

import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.AlgorithmParameters;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.NamedParameterSpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import net.luminis.tls.TlsConstants;
import net.luminis.tls.TlsProtocolException;
import net.luminis.tls.alert.DecodeErrorException;
import net.luminis.tls.util.ByteUtils;

/* loaded from: classes4.dex */
public class KeyShareExtension extends Extension {
    public static final Map<TlsConstants.NamedGroup, Integer> c;
    public static final List<TlsConstants.NamedGroup> d;

    /* renamed from: a, reason: collision with root package name */
    public TlsConstants.HandshakeType f24161a;
    public List<KeyShareEntry> b;

    /* loaded from: classes4.dex */
    public static class ECKeyShareEntry extends KeyShareEntry {
        public final ECPublicKey c;

        public ECKeyShareEntry(TlsConstants.NamedGroup namedGroup, ECPublicKey eCPublicKey) {
            super(namedGroup, eCPublicKey);
            this.f24162a = namedGroup;
            this.c = eCPublicKey;
        }

        @Override // net.luminis.tls.extension.KeyShareExtension.KeyShareEntry
        /* renamed from: c, reason: merged with bridge method [inline-methods] */
        public ECPublicKey a() {
            return this.c;
        }
    }

    /* loaded from: classes4.dex */
    public static class KeyShareEntry {

        /* renamed from: a, reason: collision with root package name */
        public TlsConstants.NamedGroup f24162a;
        public final PublicKey b;

        public KeyShareEntry(TlsConstants.NamedGroup namedGroup, PublicKey publicKey) {
            this.f24162a = namedGroup;
            this.b = publicKey;
        }

        public PublicKey a() {
            return this.b;
        }

        public TlsConstants.NamedGroup b() {
            return this.f24162a;
        }
    }

    static {
        HashMap hashMap = new HashMap(3);
        c = hashMap;
        ArrayList arrayList = new ArrayList(2);
        d = arrayList;
        TlsConstants.NamedGroup namedGroup = TlsConstants.NamedGroup.secp256r1;
        hashMap.put(namedGroup, 65);
        TlsConstants.NamedGroup namedGroup2 = TlsConstants.NamedGroup.x25519;
        hashMap.put(namedGroup2, 32);
        hashMap.put(TlsConstants.NamedGroup.x448, 56);
        arrayList.add(namedGroup);
        arrayList.add(namedGroup2);
    }

    public KeyShareExtension(ByteBuffer byteBuffer, TlsConstants.HandshakeType handshakeType) throws TlsProtocolException {
        this(byteBuffer, handshakeType, false);
    }

    public KeyShareExtension(ByteBuffer byteBuffer, TlsConstants.HandshakeType handshakeType, boolean z) throws TlsProtocolException {
        this.b = new ArrayList();
        int c2 = c(byteBuffer, TlsConstants.ExtensionType.key_share, 1);
        if (c2 < 2) {
            throw new DecodeErrorException("extension underflow");
        }
        if (handshakeType != TlsConstants.HandshakeType.client_hello) {
            if (handshakeType != TlsConstants.HandshakeType.server_hello) {
                throw new IllegalArgumentException();
            }
            if (c2 - f(byteBuffer, z) != 0) {
                throw new DecodeErrorException("inconsistent length");
            }
            return;
        }
        int i = byteBuffer.getShort();
        if (c2 != i + 2) {
            throw new DecodeErrorException("inconsistent length");
        }
        while (i > 0) {
            i -= f(byteBuffer, z);
        }
        if (i != 0) {
            throw new DecodeErrorException("inconsistent length");
        }
    }

    public KeyShareExtension(PublicKey publicKey, TlsConstants.NamedGroup namedGroup, TlsConstants.HandshakeType handshakeType) {
        this.b = new ArrayList();
        this.f24161a = handshakeType;
        if (d.contains(namedGroup)) {
            this.b.add(new KeyShareEntry(namedGroup, publicKey));
            return;
        }
        throw new IllegalArgumentException("Named group " + namedGroup + "not supported");
    }

    public static ECParameterSpec d(String str) {
        try {
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC");
            algorithmParameters.init(new ECGenParameterSpec(str));
            return (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class);
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("Missing support for EC algorithm");
        } catch (InvalidParameterSpecException unused2) {
            throw new RuntimeException("Inappropriate parameter specification");
        }
    }

    public static ECPublicKey g(TlsConstants.NamedGroup namedGroup, byte[] bArr) {
        try {
            return (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(1, Arrays.copyOfRange(bArr, 0, bArr.length / 2)), new BigInteger(1, Arrays.copyOfRange(bArr, bArr.length / 2, bArr.length))), d(namedGroup.name())));
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("Missing support for EC algorithm");
        } catch (InvalidKeySpecException unused2) {
            throw new RuntimeException("Inappropriate parameter specification");
        }
    }

    public static PublicKey h(TlsConstants.NamedGroup namedGroup, byte[] bArr) {
        try {
            i(bArr);
            BigInteger bigInteger = new BigInteger(bArr);
            KeyFactory keyFactory = KeyFactory.getInstance("XDH");
            net.luminis.tls.engine.impl.d.a();
            NamedParameterSpec a2 = net.luminis.tls.engine.impl.c.a(namedGroup.name().toUpperCase());
            d.a();
            return keyFactory.generatePublic(c.a(a2, bigInteger));
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("Missing support for EC algorithm");
        } catch (InvalidKeySpecException unused2) {
            throw new RuntimeException("Inappropriate parameter specification");
        }
    }

    public static void i(byte[] bArr) {
        if (bArr == null) {
            return;
        }
        int length = bArr.length - 1;
        for (int i = 0; length > i; i++) {
            byte b = bArr[length];
            bArr[length] = bArr[i];
            bArr[i] = b;
            length--;
        }
    }

    @Override // net.luminis.tls.extension.Extension
    public byte[] a() {
        BigInteger u;
        Iterator<KeyShareEntry> it2 = this.b.iterator();
        short s = 0;
        while (it2.hasNext()) {
            s = (short) (s + c.get(it2.next().b()).intValue() + 4);
        }
        TlsConstants.HandshakeType handshakeType = this.f24161a;
        TlsConstants.HandshakeType handshakeType2 = TlsConstants.HandshakeType.client_hello;
        short s2 = handshakeType == handshakeType2 ? (short) (s + 2) : s;
        ByteBuffer allocate = ByteBuffer.allocate(s2 + 4);
        allocate.putShort(TlsConstants.ExtensionType.key_share.b);
        allocate.putShort(s2);
        if (this.f24161a == handshakeType2) {
            allocate.putShort(s);
        }
        for (KeyShareEntry keyShareEntry : this.b) {
            allocate.putShort(keyShareEntry.b().b);
            Map<TlsConstants.NamedGroup, Integer> map = c;
            allocate.putShort(map.get(keyShareEntry.b()).shortValue());
            if (keyShareEntry.b() == TlsConstants.NamedGroup.secp256r1) {
                allocate.put((byte) 4);
                j(allocate, ((ECPublicKey) keyShareEntry.a()).getW().getAffineX().toByteArray());
                j(allocate, ((ECPublicKey) keyShareEntry.a()).getW().getAffineY().toByteArray());
            } else {
                if (keyShareEntry.b() != TlsConstants.NamedGroup.x25519 && keyShareEntry.b() != TlsConstants.NamedGroup.x448) {
                    throw new RuntimeException();
                }
                u = a.a(keyShareEntry.a()).getU();
                byte[] byteArray = u.toByteArray();
                if (byteArray.length > map.get(keyShareEntry.b()).intValue()) {
                    throw new RuntimeException("Invalid " + keyShareEntry.b() + " key length: " + byteArray.length);
                }
                if (byteArray.length < map.get(keyShareEntry.b()).intValue()) {
                    i(byteArray);
                    byteArray = Arrays.copyOf(byteArray, map.get(keyShareEntry.b()).intValue());
                } else {
                    i(byteArray);
                }
                allocate.put(byteArray);
            }
        }
        return allocate.array();
    }

    public List<KeyShareEntry> e() {
        return this.b;
    }

    public int f(ByteBuffer byteBuffer, boolean z) throws TlsProtocolException {
        int position = byteBuffer.position();
        if ((z && byteBuffer.remaining() < 2) || (!z && byteBuffer.remaining() < 4)) {
            throw new DecodeErrorException("extension underflow");
        }
        TlsConstants.NamedGroup a2 = TlsConstants.a(byteBuffer.getShort());
        if (!z) {
            int i = byteBuffer.getShort();
            if (byteBuffer.remaining() < i) {
                throw new DecodeErrorException("extension underflow");
            }
            if (a2 == null || !d.contains(a2)) {
                byteBuffer.get(new byte[i]);
            } else {
                if (i != c.get(a2).intValue()) {
                    throw new DecodeErrorException("Invalid " + a2.name() + " key length: " + i);
                }
                if (a2 == TlsConstants.NamedGroup.secp256r1) {
                    if (byteBuffer.get() != 4) {
                        throw new DecodeErrorException("EC keys must be in legacy form");
                    }
                    byte[] bArr = new byte[i - 1];
                    byteBuffer.get(bArr);
                    this.b.add(new ECKeyShareEntry(a2, g(a2, bArr)));
                } else if (a2 == TlsConstants.NamedGroup.x25519 || a2 == TlsConstants.NamedGroup.x448) {
                    byte[] bArr2 = new byte[i];
                    byteBuffer.get(bArr2);
                    this.b.add(new KeyShareEntry(a2, h(a2, bArr2)));
                }
            }
        } else if (a2 != null) {
            this.b.add(new ECKeyShareEntry(a2, null));
        }
        return byteBuffer.position() - position;
    }

    public final void j(ByteBuffer byteBuffer, byte[] bArr) {
        if (bArr.length == 32) {
            byteBuffer.put(bArr);
            return;
        }
        if (bArr.length < 32) {
            for (int i = 0; i < 32 - bArr.length; i++) {
                byteBuffer.put((byte) 0);
            }
            byteBuffer.put(bArr, 0, bArr.length);
            return;
        }
        if (bArr.length > 32) {
            for (int i2 = 0; i2 < bArr.length - 32; i2++) {
                if (bArr[i2] != 0) {
                    throw new RuntimeException("W Affine more then 32 bytes, leading bytes not 0 " + ByteUtils.a(bArr));
                }
            }
            byteBuffer.put(bArr, bArr.length - 32, 32);
        }
    }
}
