package org.eclipse.californium.scandium.dtls;

import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.eclipse.californium.scandium.dtls.CertificateRequest;
import org.eclipse.californium.scandium.dtls.cipher.ECDHECryptography;
import org.eclipse.californium.scandium.util.DatagramReader;
import org.eclipse.californium.scandium.util.DatagramWriter;

/* loaded from: input_file:org/eclipse/californium/scandium/dtls/ECDHServerKeyExchange.class */
public class ECDHServerKeyExchange extends ServerKeyExchange {
    private static final int CURVE_TYPE_BITS = 8;
    private static final int NAMED_CURVE_BITS = 16;
    private static final int PUBLIC_LENGTH_BITS = 8;
    private static final int HASH_ALGORITHM_BITS = 8;
    private static final int SIGNATURE_ALGORITHM_BITS = 8;
    private static final int SIGNATURE_LENGTH_BITS = 16;
    private static final String KEYPAIR_GENERATOR_INSTANCE = "EC";
    private static final int EXPLICIT_PRIME = 1;
    private static final int EXPLICIT_CHAR2 = 2;
    private static final int NAMED_CURVE = 3;
    private ECPublicKey publicKey;
    private ECPoint point;
    private byte[] pointEncoded;
    private int curveId;
    private byte[] signatureEncoded;
    private SignatureAndHashAlgorithm signatureAndHashAlgorithm;
    private int curveType;
    public static final Map<Integer, ECParameterSpec> NAMED_CURVE_PARAMETERS;
    private static final Logger LOGGER = Logger.getLogger(ECDHServerKeyExchange.class.getCanonicalName());
    public static final Map<String, Integer> NAMED_CURVE_INDEX = new HashMap();

    public ECDHServerKeyExchange(SignatureAndHashAlgorithm signatureAndHashAlgorithm, ECDHECryptography eCDHECryptography, PrivateKey privateKey, Random random, Random random2, int i) {
        this.publicKey = null;
        this.point = null;
        this.pointEncoded = null;
        this.signatureEncoded = null;
        this.curveType = 3;
        this.signatureAndHashAlgorithm = signatureAndHashAlgorithm;
        try {
            this.publicKey = eCDHECryptography.getPublicKey();
            ECParameterSpec params = this.publicKey.getParams();
            this.curveId = i;
            this.point = this.publicKey.getW();
            this.pointEncoded = ECDHECryptography.encodePoint(this.point, params.getCurve());
            Signature signature = Signature.getInstance(this.signatureAndHashAlgorithm.toString());
            signature.initSign(privateKey);
            updateSignature(signature, random, random2);
            this.signatureEncoded = signature.sign();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public ECDHServerKeyExchange(SignatureAndHashAlgorithm signatureAndHashAlgorithm, int i, byte[] bArr, byte[] bArr2) {
        this.publicKey = null;
        this.point = null;
        this.pointEncoded = null;
        this.signatureEncoded = null;
        this.curveType = 3;
        this.signatureAndHashAlgorithm = signatureAndHashAlgorithm;
        this.curveId = i;
        this.pointEncoded = bArr;
        this.signatureEncoded = bArr2;
    }

    @Override // org.eclipse.californium.scandium.dtls.HandshakeMessage
    public byte[] fragmentToByteArray() {
        DatagramWriter datagramWriter = new DatagramWriter();
        switch (this.curveType) {
            case 1:
            case 2:
                break;
            case 3:
                datagramWriter.write(3, 8);
                datagramWriter.write(this.curveId, 16);
                datagramWriter.write(this.pointEncoded.length, 8);
                datagramWriter.writeBytes(this.pointEncoded);
                if (this.signatureEncoded != null) {
                    datagramWriter.write(this.signatureAndHashAlgorithm.getHash().getCode(), 8);
                    datagramWriter.write(this.signatureAndHashAlgorithm.getSignature().getCode(), 8);
                    datagramWriter.write(this.signatureEncoded.length, 16);
                    datagramWriter.writeBytes(this.signatureEncoded);
                    break;
                }
                break;
            default:
                LOGGER.severe("Unknown curve type: " + this.curveId);
                break;
        }
        return datagramWriter.toByteArray();
    }

    public static HandshakeMessage fromByteArray(byte[] bArr) throws HandshakeException {
        DatagramReader datagramReader = new DatagramReader(bArr);
        int read = datagramReader.read(8);
        switch (read) {
            case 1:
            case 2:
                throw new HandshakeException("Not supported curve type in ServerKeyExchange message", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
            case 3:
                int read2 = datagramReader.read(16);
                byte[] readBytes = datagramReader.readBytes(datagramReader.read(8));
                byte[] readBytesLeft = datagramReader.readBytesLeft();
                SignatureAndHashAlgorithm signatureAndHashAlgorithm = new SignatureAndHashAlgorithm(CertificateRequest.HashAlgorithm.SHA256, CertificateRequest.SignatureAlgorithm.ECDSA);
                byte[] bArr2 = null;
                if (readBytesLeft.length > 0) {
                    DatagramReader datagramReader2 = new DatagramReader(readBytesLeft);
                    signatureAndHashAlgorithm = new SignatureAndHashAlgorithm(datagramReader2.read(8), datagramReader2.read(8));
                    bArr2 = datagramReader2.readBytes(datagramReader2.read(16));
                }
                return new ECDHServerKeyExchange(signatureAndHashAlgorithm, read2, readBytes, bArr2);
            default:
                LOGGER.severe("Unknown curve type: " + read);
                return null;
        }
    }

    @Override // org.eclipse.californium.scandium.dtls.HandshakeMessage
    public int getMessageLength() {
        int i = 0;
        switch (this.curveType) {
            case 1:
            case 2:
                break;
            case 3:
                i = 4 + this.pointEncoded.length + (this.signatureEncoded == null ? 0 : 4 + this.signatureEncoded.length);
                break;
            default:
                LOGGER.severe("Unknown curve type: " + this.curveType);
                break;
        }
        return i;
    }

    public void verifySignature(PublicKey publicKey, Random random, Random random2) throws HandshakeException {
        if (this.signatureEncoded == null) {
            return;
        }
        boolean z = false;
        try {
            Signature signature = Signature.getInstance(this.signatureAndHashAlgorithm.toString());
            signature.initVerify(publicKey);
            updateSignature(signature, random, random2);
            z = signature.verify(this.signatureEncoded);
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, "Could not verify the server's signature.", (Throwable) e);
        }
        if (!z) {
            throw new HandshakeException("The server's ECDHE key exchange message's signature could not be verified.", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
        }
    }

    private void updateSignature(Signature signature, Random random, Random random2) throws SignatureException {
        signature.update(random.getRandomBytes());
        signature.update(random2.getRandomBytes());
        switch (this.curveType) {
            case 1:
            case 2:
                return;
            case 3:
                signature.update((byte) 3);
                signature.update((byte) (this.curveId >> 8));
                signature.update((byte) this.curveId);
                signature.update((byte) this.pointEncoded.length);
                signature.update(this.pointEncoded);
                return;
            default:
                LOGGER.severe("Unknown curve type: " + this.curveId);
                return;
        }
    }

    public ECPublicKey getPublicKey(ECParameterSpec eCParameterSpec) {
        if (this.publicKey == null) {
            try {
                this.point = ECDHECryptography.decodePoint(this.pointEncoded, eCParameterSpec.getCurve());
                this.publicKey = (ECPublicKey) KeyFactory.getInstance(KEYPAIR_GENERATOR_INSTANCE).generatePublic(new ECPublicKeySpec(this.point, eCParameterSpec));
            } catch (Exception e) {
                LOGGER.log(Level.SEVERE, "Could not reconstruct the server's ephemeral public key.", (Throwable) e);
            }
        }
        return this.publicKey;
    }

    private ECPublicKey getPublicKey() {
        return this.publicKey;
    }

    public int getCurveId() {
        return this.curveId;
    }

    @Override // org.eclipse.californium.scandium.dtls.HandshakeMessage
    public String toString() {
        return super.toString() + "\t\tDiffie-Hellman public key: " + getPublicKey().toString() + "\n";
    }

    private static void addParameterSpec(int i, String str, String str2, String str3, String str4, String str5, String str6, int i2) {
        NAMED_CURVE_PARAMETERS.put(Integer.valueOf(i), new ECParameterSpec(new EllipticCurve(new ECFieldFp(new BigInteger(str, 16)), new BigInteger(str2, 16), new BigInteger(str3, 16)), new ECPoint(new BigInteger(str4, 16), new BigInteger(str5, 16)), new BigInteger(str6, 16), i2));
    }

    static {
        for (int i = 1; i < ECDHECryptography.NAMED_CURVE_TABLE.length; i++) {
            NAMED_CURVE_INDEX.put(ECDHECryptography.NAMED_CURVE_TABLE[i], Integer.valueOf(i));
        }
        NAMED_CURVE_PARAMETERS = new HashMap();
        addParameterSpec(20, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", "00000000000000000000000000000000000000000000000000000000", "00000000000000000000000000000000000000000000000000000005", "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", 1);
        addParameterSpec(21, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", 1);
        addParameterSpec(22, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000007", "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", 1);
        addParameterSpec(23, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", 1);
        addParameterSpec(24, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", 1);
        addParameterSpec(25, "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 1);
    }
}
