package net.netca.pki.encoding.json.jose.impl.jce;

import com.sun.jna.Function;
import com.tencent.soter.core.keystore.KeyPropertiesCompact;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.KeyAgreement;
import net.netca.pki.UnsupportedException;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;
import net.netca.pki.encoding.asn1.pki.PrivateKeyInfo;
import net.netca.pki.encoding.asn1.pki.SubjectPublicKeyInfo;
import net.netca.pki.encoding.json.jose.IJWEKeyAgreement;
import net.netca.pki.u;

/* loaded from: classes.dex */
public class JCEJWEKeyAgreement implements IJWEKeyAgreement {
    private String keyAgreemnetProvider;
    private String keyFactoryProvider;
    private String keyPairProvider;
    private PrivateKey privkey;
    private SecureRandom randomSecure;

    public JCEJWEKeyAgreement() {
        this.keyPairProvider = null;
        this.keyAgreemnetProvider = null;
        this.keyFactoryProvider = null;
        this.randomSecure = null;
        this.privkey = null;
    }

    public JCEJWEKeyAgreement(String str, String str2, String str3, SecureRandom secureRandom) {
        this.keyPairProvider = null;
        this.keyAgreemnetProvider = null;
        this.keyFactoryProvider = null;
        this.randomSecure = null;
        this.privkey = null;
        this.keyPairProvider = str;
        this.randomSecure = secureRandom;
        this.keyAgreemnetProvider = str3;
        this.keyFactoryProvider = str2;
    }

    public JCEJWEKeyAgreement(PrivateKey privateKey) {
        this.keyPairProvider = null;
        this.keyAgreemnetProvider = null;
        this.keyFactoryProvider = null;
        this.randomSecure = null;
        this.privkey = null;
        this.privkey = privateKey;
    }

    public JCEJWEKeyAgreement(PrivateKeyInfo privateKeyInfo) {
        this.keyPairProvider = null;
        this.keyAgreemnetProvider = null;
        this.keyFactoryProvider = null;
        this.randomSecure = null;
        this.privkey = null;
        if (!privateKeyInfo.getPrivateKeyAlgorithm().getOid().equals(AlgorithmIdentifier.ECPubKey_OID)) {
            throw new u("unknow PrivateKeyInfo");
        }
        try {
            this.privkey = KeyFactory.getInstance(KeyPropertiesCompact.KEY_ALGORITHM_EC).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getASN1Object().encode()));
        } catch (NoSuchAlgorithmException e) {
            throw new u("generatePrivate fail", e);
        } catch (InvalidKeySpecException e2) {
            throw new u("generatePrivate fail", e2);
        }
    }

    private int getCurveKeySize(String str) {
        if (str.equals("1.2.840.10045.3.1.1")) {
            return 192;
        }
        if (str.equals("1.3.132.0.33")) {
            return 224;
        }
        if (str.equals("1.2.840.10045.3.1.7")) {
            return 256;
        }
        if (str.equals("1.3.132.0.34")) {
            return Function.USE_VARARGS;
        }
        if (str.equals("1.3.132.0.35")) {
            return 521;
        }
        throw new UnsupportedException("unsupport curve:" + str);
    }

    @Override // net.netca.pki.encoding.json.jose.IJWEKeyAgreement
    public byte[] ecdhkeyAgreement(SubjectPublicKeyInfo subjectPublicKeyInfo) {
        try {
            if (this.privkey == null) {
                throw new u("no privkey");
            }
            PublicKey generatePublic = (this.keyFactoryProvider != null ? KeyFactory.getInstance(KeyPropertiesCompact.KEY_ALGORITHM_EC, this.keyFactoryProvider) : KeyFactory.getInstance(KeyPropertiesCompact.KEY_ALGORITHM_EC)).generatePublic(new X509EncodedKeySpec(subjectPublicKeyInfo.getASN1Object().encode()));
            KeyAgreement keyAgreement = this.keyAgreemnetProvider != null ? KeyAgreement.getInstance("ECDH", this.keyAgreemnetProvider) : KeyAgreement.getInstance("ECDH");
            keyAgreement.init(this.privkey);
            keyAgreement.doPhase(generatePublic, true);
            return keyAgreement.generateSecret();
        } catch (Exception e) {
            throw new u("ecdhkeyAgreement fail: " + e.getMessage());
        }
    }

    @Override // net.netca.pki.encoding.json.jose.IJWEKeyAgreement
    public SubjectPublicKeyInfo generateTempEccKeyPair(String str) {
        try {
            KeyPairGenerator keyPairGenerator = this.keyPairProvider != null ? KeyPairGenerator.getInstance(KeyPropertiesCompact.KEY_ALGORITHM_EC, this.keyPairProvider) : KeyPairGenerator.getInstance(KeyPropertiesCompact.KEY_ALGORITHM_EC);
            if (this.randomSecure != null) {
                keyPairGenerator.initialize(getCurveKeySize(str), this.randomSecure);
            } else {
                keyPairGenerator.initialize(getCurveKeySize(str));
            }
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.privkey = generateKeyPair.getPrivate();
            return SubjectPublicKeyInfo.decode(generateKeyPair.getPublic().getEncoded());
        } catch (Exception e) {
            throw new u("generateTempEccKeyPair fail: " + e.getMessage());
        }
    }
}
