package sun.security.ssl;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.XECPublicKey;
import java.security.spec.NamedParameterSpec;
import java.security.spec.XECPublicKeySpec;
import java.util.Iterator;
import sun.security.ssl.NamedGroup;
import sun.security.util.ECUtil;

/* loaded from: input_file:BOOT-INF/lib/java.base-2020-05-04.jar:META-INF/modules/java.base/classes/sun/security/ssl/XDHKeyExchange.class */
final class XDHKeyExchange {
    static final SSLKeyAgreementGenerator xdheKAGenerator = new XDHEKAGenerator();

    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-05-04.jar:META-INF/modules/java.base/classes/sun/security/ssl/XDHKeyExchange$XDHECredentials.class */
    static final class XDHECredentials implements NamedGroupCredentials {
        final XECPublicKey popPublicKey;
        final NamedGroup namedGroup;

        XDHECredentials(XECPublicKey xECPublicKey, NamedGroup namedGroup) {
            this.popPublicKey = xECPublicKey;
            this.namedGroup = namedGroup;
        }

        @Override // sun.security.ssl.NamedGroupCredentials
        public PublicKey getPublicKey() {
            return this.popPublicKey;
        }

        @Override // sun.security.ssl.NamedGroupCredentials
        public NamedGroup getNamedGroup() {
            return this.namedGroup;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static XDHECredentials valueOf(NamedGroup namedGroup, byte[] bArr) throws IOException, GeneralSecurityException {
            if (namedGroup.spec != NamedGroup.NamedGroupSpec.NAMED_GROUP_XDH) {
                throw new RuntimeException("Credentials decoding:  Not XDH named group");
            }
            if (bArr == null || bArr.length == 0) {
                return null;
            }
            byte[] bArr2 = (byte[]) bArr.clone();
            Utilities.reverseBytes(bArr2);
            return new XDHECredentials((XECPublicKey) KeyFactory.getInstance(namedGroup.algorithm).generatePublic(new XECPublicKeySpec(new NamedParameterSpec(namedGroup.name), new BigInteger(1, bArr2))), namedGroup);
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-05-04.jar:META-INF/modules/java.base/classes/sun/security/ssl/XDHKeyExchange$XDHEKAGenerator.class */
    private static final class XDHEKAGenerator implements SSLKeyAgreementGenerator {
        private XDHEKAGenerator() {
        }

        @Override // sun.security.ssl.SSLKeyAgreementGenerator
        public SSLKeyDerivation createKeyDerivation(HandshakeContext handshakeContext) throws IOException {
            XDHEPossession xDHEPossession = null;
            XDHECredentials xDHECredentials = null;
            Iterator<SSLPossession> it = handshakeContext.handshakePossessions.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                SSLPossession next = it.next();
                if (next instanceof XDHEPossession) {
                    NamedGroup namedGroup = ((XDHEPossession) next).namedGroup;
                    Iterator<SSLCredentials> it2 = handshakeContext.handshakeCredentials.iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        SSLCredentials next2 = it2.next();
                        if ((next2 instanceof XDHECredentials) && namedGroup.equals(((XDHECredentials) next2).namedGroup)) {
                            xDHECredentials = (XDHECredentials) next2;
                            break;
                        }
                    }
                    if (xDHECredentials != null) {
                        xDHEPossession = (XDHEPossession) next;
                        break;
                    }
                }
            }
            if (xDHEPossession == null || xDHECredentials == null) {
                handshakeContext.conContext.fatal(Alert.HANDSHAKE_FAILURE, "No sufficient XDHE key agreement parameters negotiated");
            }
            return new KAKeyDerivation("XDH", handshakeContext, xDHEPossession.privateKey, xDHECredentials.popPublicKey);
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/java.base-2020-05-04.jar:META-INF/modules/java.base/classes/sun/security/ssl/XDHKeyExchange$XDHEPossession.class */
    static final class XDHEPossession implements NamedGroupPossession {
        final PrivateKey privateKey;
        final XECPublicKey publicKey;
        final NamedGroup namedGroup;

        /* JADX INFO: Access modifiers changed from: package-private */
        public XDHEPossession(NamedGroup namedGroup, SecureRandom secureRandom) {
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(namedGroup.algorithm);
                keyPairGenerator.initialize(namedGroup.keAlgParamSpec, secureRandom);
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                this.privateKey = generateKeyPair.getPrivate();
                this.publicKey = (XECPublicKey) generateKeyPair.getPublic();
                this.namedGroup = namedGroup;
            } catch (GeneralSecurityException e) {
                throw new RuntimeException("Could not generate XDH keypair", e);
            }
        }

        @Override // sun.security.ssl.SSLPossession
        public byte[] encode() {
            int i;
            byte[] trimZeroes = ECUtil.trimZeroes(this.publicKey.getU().toByteArray());
            switch (this.namedGroup) {
                case X25519:
                    i = 32;
                    break;
                case X448:
                    i = 56;
                    break;
                default:
                    throw new RuntimeException("Invalid XDH group");
            }
            if (trimZeroes.length > i) {
                throw new RuntimeException("Encoded XDH key too large");
            }
            if (trimZeroes.length != i) {
                byte[] bArr = new byte[i];
                System.arraycopy(trimZeroes, 0, bArr, i - trimZeroes.length, trimZeroes.length);
                trimZeroes = bArr;
            }
            Utilities.reverseBytes(trimZeroes);
            return trimZeroes;
        }

        @Override // sun.security.ssl.NamedGroupPossession
        public PublicKey getPublicKey() {
            return this.publicKey;
        }

        @Override // sun.security.ssl.NamedGroupPossession
        public NamedGroup getNamedGroup() {
            return this.namedGroup;
        }

        @Override // sun.security.ssl.NamedGroupPossession
        public PrivateKey getPrivateKey() {
            return this.privateKey;
        }
    }

    XDHKeyExchange() {
    }
}
