package net.netca.pki.encoding.asn1.pki;

import net.netca.pki.Device;
import net.netca.pki.KeyPair;
import net.netca.pki.UnsupportedException;
import net.netca.pki.d;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.ObjectIdentifier;
import net.netca.pki.encoding.asn1.ObjectIdentifierType;
import net.netca.pki.u;

/* loaded from: classes.dex */
public class NetcaKeyAgreement implements d, IKeyAgreement {
    private KeyPair keypair;

    public NetcaKeyAgreement() {
    }

    public NetcaKeyAgreement(KeyPair keyPair) {
        int algorithm = keyPair.getAlgorithm();
        if (algorithm != 4 && algorithm != 20 && algorithm != 36) {
            throw new UnsupportedException("unsupport keypair:" + algorithm);
        }
        this.keypair = keyPair.dup();
        if (this.keypair == null) {
            throw new u("keypair dup fail");
        }
    }

    private int getCurve(AlgorithmIdentifier algorithmIdentifier) {
        ASN1Object param = algorithmIdentifier.getParam();
        if (param == null) {
            throw new u("no algo param");
        }
        String string = ((ObjectIdentifier) param.to(ObjectIdentifierType.getInstance())).getString();
        if (string.equals("1.2.840.10045.3.1.1")) {
            return 1;
        }
        if (string.equals("1.3.132.0.33")) {
            return 2;
        }
        if (string.equals("1.2.840.10045.3.1.7")) {
            return 3;
        }
        if (string.equals("1.3.132.0.34")) {
            return 4;
        }
        if (string.equals("1.3.132.0.35")) {
            return 5;
        }
        if (string.equals(AlgorithmIdentifier.BRAINPOOLP192R1Curve_OID)) {
            return 8;
        }
        if (string.equals(AlgorithmIdentifier.BRAINPOOLP224R1Curve_OID)) {
            return 9;
        }
        if (string.equals(AlgorithmIdentifier.BRAINPOOLP256R1Curve_OID)) {
            return 10;
        }
        if (string.equals(AlgorithmIdentifier.BRAINPOOLP384R1Curve_OID)) {
            return 12;
        }
        if (string.equals(AlgorithmIdentifier.BRAINPOOLP512R1Curve_OID)) {
            return 13;
        }
        if (string.equals(AlgorithmIdentifier.FRP256V1Curve_OID)) {
            return 14;
        }
        throw new UnsupportedException("unsupport curve:" + string);
    }

    @Override // net.netca.pki.d
    public void free() {
        if (this.keypair != null) {
            this.keypair.free();
        }
    }

    @Override // net.netca.pki.encoding.asn1.pki.IKeyAgreement
    public PublicKey generateTempKeyPair(AlgorithmIdentifier algorithmIdentifier) {
        String oid = algorithmIdentifier.getOid();
        if (!(oid.equals(AlgorithmIdentifier.ECPubKey_OID) || oid.equals(AlgorithmIdentifier.ECDH_OID) || oid.equals(AlgorithmIdentifier.ECMQV_OID))) {
            throw new UnsupportedException("unsupport algo:" + oid);
        }
        int curve = getCurve(algorithmIdentifier);
        Device pseudoDevice = Device.getPseudoDevice();
        if (pseudoDevice == null) {
            throw new u("getPseudoDevice fail");
        }
        try {
            KeyPair generateTempECCKeyPair = pseudoDevice.generateTempECCKeyPair(curve);
            if (generateTempECCKeyPair == null) {
                throw new u("generateTempECCKeyPair fail");
            }
            net.netca.pki.PublicKey publicKey = generateTempECCKeyPair.getPublicKey();
            if (publicKey == null) {
                generateTempECCKeyPair.free();
                throw new u("getPublicKey fail");
            }
            byte[] encode = publicKey.encode();
            publicKey.free();
            if (encode == null) {
                generateTempECCKeyPair.free();
                throw new u("publicKey encode fail");
            }
            try {
                SubjectPublicKeyInfo decode = SubjectPublicKeyInfo.decode(encode);
                if (this.keypair != null) {
                    this.keypair.free();
                }
                this.keypair = generateTempECCKeyPair;
                return decode.getPublicKey();
            } catch (u e) {
                generateTempECCKeyPair.free();
                throw e;
            }
        } finally {
            pseudoDevice.free();
        }
    }

    @Override // net.netca.pki.encoding.asn1.pki.IKeyAgreement
    public byte[] keyAgreement(AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey) {
        boolean z;
        if (this.keypair == null) {
            throw new u("no keypair");
        }
        String oid = algorithmIdentifier.getOid();
        if (oid.equals(AlgorithmIdentifier.DHSINGLEPASS_STDDH_SHA1KDF_SCHEME_OID) || oid.equals(AlgorithmIdentifier.DHSINGLEPASS_STDDH_SHA224KDF_SCHEME_OID) || oid.equals(AlgorithmIdentifier.DHSINGLEPASS_STDDH_SHA256KDF_SCHEME_OID) || oid.equals(AlgorithmIdentifier.DHSINGLEPASS_STDDH_SHA384KDF_SCHEME_OID) || oid.equals(AlgorithmIdentifier.DHSINGLEPASS_STDDH_SHA512KDF_SCHEME_OID)) {
            z = true;
        } else {
            if (!oid.equals(AlgorithmIdentifier.DHSINGLEPASS_COFACTORDH_SHA1KDF_SCHEME_OID) && !oid.equals(AlgorithmIdentifier.DHSINGLEPASS_COFACTORDH_SHA224KDF_SCHEME_OID) && !oid.equals(AlgorithmIdentifier.DHSINGLEPASS_COFACTORDH_SHA256KDF_SCHEME_OID) && !oid.equals(AlgorithmIdentifier.DHSINGLEPASS_COFACTORDH_SHA384KDF_SCHEME_OID) && !oid.equals(AlgorithmIdentifier.DHSINGLEPASS_COFACTORDH_SHA512KDF_SCHEME_OID)) {
                throw new UnsupportedException("unknown keyagreement algo " + oid);
            }
            z = false;
        }
        byte[] encode = publicKey.toSubjectPublicKeyInfo().getASN1Object().encode();
        Device device = this.keypair.getDevice();
        if (device == null) {
            throw new u("getDevice fail");
        }
        net.netca.pki.PublicKey importSubjectPublicKeyInfo = device.importSubjectPublicKeyInfo(encode);
        device.free();
        if (importSubjectPublicKeyInfo == null) {
            throw new u("importSubjectPublicKeyInfo fail");
        }
        try {
            return z ? this.keypair.ecDH(importSubjectPublicKeyInfo) : this.keypair.ecCDH(importSubjectPublicKeyInfo);
        } finally {
            importSubjectPublicKeyInfo.free();
        }
    }
}
