package cn.cloudcore.gmtls;

import cn.cloudcore.gmtls.com.sun.crypto.provider.SunJCE;
import cn.cloudcore.gmtls.sun.security.ssl.AbstractGMJSSE;
import com.cloudcore.fpaas.security.DataStreamAlgorithm;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.EllipticCurve;
import java.security.spec.RSAPublicKeySpec;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;

/* compiled from: JsseJce.java */
/* loaded from: classes.dex */
public final class z1 {

    /* renamed from: a, reason: collision with root package name */
    public static Boolean f2770a;

    /* renamed from: b, reason: collision with root package name */
    public static final boolean f2771b;

    /* compiled from: JsseJce.java */
    /* loaded from: classes.dex */
    public class a implements PrivilegedExceptionAction<Void> {
        @Override // java.security.PrivilegedExceptionAction
        public Void run() throws Exception {
            Class.forName("sun.security.krb5.PrincipalName", true, null);
            return null;
        }
    }

    /* compiled from: JsseJce.java */
    /* loaded from: classes.dex */
    public static final class b extends Provider {

        /* compiled from: JsseJce.java */
        /* loaded from: classes.dex */
        public class a implements PrivilegedAction<Object> {

            /* renamed from: b, reason: collision with root package name */
            public final /* synthetic */ Provider f2773b;

            public a(Provider provider) {
                this.f2773b = provider;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                for (Map.Entry<Object, Object> entry : this.f2773b.entrySet()) {
                    String str = (String) entry.getKey();
                    if (str.startsWith("CertPathValidator.") || str.startsWith("CertPathBuilder.") || str.startsWith("CertStore.") || str.startsWith("CertificateFactory.")) {
                        b.this.put(str, entry.getValue());
                    }
                }
                return null;
            }
        }

        public b(Provider provider) {
            super("SunCertificates", 1.0d, "SunJSSE internal");
            AccessController.doPrivileged(new a(provider));
        }
    }

    static {
        boolean z;
        d1.a("ssl");
        try {
            AccessController.doPrivileged(new a());
            z = true;
        } catch (Exception unused) {
            z = false;
        }
        f2771b = z;
        if (AbstractGMJSSE.o()) {
            Provider provider = Security.getProvider("SUN");
            if (provider == null) {
                throw new RuntimeException("FIPS mode: SUN provider must be installed");
            }
            Provider[] providerArr = {AbstractGMJSSE.g2, new b(provider)};
            n3 n3Var = c0.f281b;
            a0[] a0VarArr = new a0[2];
            for (int i2 = 0; i2 < 2; i2++) {
                a0VarArr[i2] = new a0(providerArr[i2]);
            }
            new c0(a0VarArr, true);
        }
    }

    public static int a(PublicKey publicKey) {
        return (publicKey instanceof RSAPublicKey ? ((RSAPublicKey) publicKey).getModulus() : g(publicKey).getModulus()).bitLength();
    }

    public static SecureRandom b() throws KeyManagementException {
        Provider provider = AbstractGMJSSE.g2;
        if (provider == null) {
            return new SecureRandom();
        }
        try {
            return SecureRandom.getInstance("PKCS11", provider);
        } catch (NoSuchAlgorithmException unused) {
            Iterator<Provider.Service> it = AbstractGMJSSE.g2.getServices().iterator();
            while (it.hasNext()) {
                Provider.Service next = it.next();
                if (next.getType().equals("SecureRandom")) {
                    try {
                        return SecureRandom.getInstance(next.getAlgorithm(), AbstractGMJSSE.g2);
                    } catch (NoSuchAlgorithmException unused2) {
                    }
                }
            }
            throw new KeyManagementException("FIPS mode: no SecureRandom  implementation found in provider " + AbstractGMJSSE.g2.getName());
        }
    }

    public static ECPoint c(byte[] bArr, EllipticCurve ellipticCurve) throws IOException {
        int i2 = q.f1879a;
        if (bArr.length == 0 || bArr[0] != 4) {
            throw new IOException("Only uncompressed point format supported");
        }
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) >> 3;
        if (bArr.length != (fieldSize * 2) + 1) {
            throw new IOException("Point does not match field size");
        }
        byte[] bArr2 = new byte[fieldSize];
        byte[] bArr3 = new byte[fieldSize];
        System.arraycopy(bArr, 1, bArr2, 0, fieldSize);
        System.arraycopy(bArr, fieldSize + 1, bArr3, 0, fieldSize);
        return new ECPoint(new BigInteger(1, bArr2), new BigInteger(1, bArr3));
    }

    public static Cipher d(String str) throws NoSuchAlgorithmException {
        try {
            if ("RSA/ECB/PKCS1Padding".equals(str)) {
                return Cipher.getInstance(str, new SunJCE());
            }
            Provider provider = AbstractGMJSSE.g2;
            return provider == null ? Cipher.getInstance(str) : Cipher.getInstance(str, provider);
        } catch (NoSuchPaddingException e2) {
            throw new NoSuchAlgorithmException(e2);
        }
    }

    public static byte[] e(ECPoint eCPoint, EllipticCurve ellipticCurve) {
        int i2 = q.f1879a;
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) >> 3;
        byte[] a2 = q.a(eCPoint.getAffineX().toByteArray());
        byte[] a3 = q.a(eCPoint.getAffineY().toByteArray());
        if (a2.length > fieldSize || a3.length > fieldSize) {
            throw new RuntimeException("Point coordinates do not match field size");
        }
        int i3 = (fieldSize << 1) + 1;
        byte[] bArr = new byte[i3];
        bArr[0] = 4;
        System.arraycopy(a2, 0, bArr, (fieldSize - a2.length) + 1, a2.length);
        System.arraycopy(a3, 0, bArr, i3 - a3.length, a3.length);
        return bArr;
    }

    public static ECParameterSpec f(String str) {
        s sVar = s.f2057c.get(str);
        return sVar != null ? sVar : s.f2058d.get(str);
    }

    public static RSAPublicKeySpec g(PublicKey publicKey) {
        if (publicKey instanceof RSAPublicKey) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            return new RSAPublicKeySpec(rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent());
        }
        try {
            return (RSAPublicKeySpec) j(DataStreamAlgorithm.RSA).getKeySpec(publicKey, RSAPublicKeySpec.class);
        } catch (Exception e2) {
            throw ((RuntimeException) new RuntimeException().initCause(e2));
        }
    }

    public static synchronized boolean h() {
        boolean booleanValue;
        synchronized (z1.class) {
            if (f2770a == null) {
                try {
                    o("SHA1withECDSA");
                    o("NONEwithECDSA");
                    i("ECDH");
                    j("EC");
                    l("EC");
                    f2770a = Boolean.TRUE;
                } catch (Exception unused) {
                    f2770a = Boolean.FALSE;
                }
            }
            booleanValue = f2770a.booleanValue();
        }
        return booleanValue;
    }

    public static KeyAgreement i(String str) throws NoSuchAlgorithmException {
        Provider provider = AbstractGMJSSE.g2;
        return provider == null ? KeyAgreement.getInstance(str) : KeyAgreement.getInstance(str, provider);
    }

    public static KeyFactory j(String str) throws NoSuchAlgorithmException {
        Provider provider = AbstractGMJSSE.g2;
        return provider == null ? KeyFactory.getInstance(str) : KeyFactory.getInstance(str, provider);
    }

    public static KeyGenerator k(String str) throws NoSuchAlgorithmException {
        Provider provider = AbstractGMJSSE.g2;
        return provider == null ? KeyGenerator.getInstance(str) : KeyGenerator.getInstance(str, provider);
    }

    public static KeyPairGenerator l(String str) throws NoSuchAlgorithmException {
        Provider provider = AbstractGMJSSE.g2;
        return provider == null ? KeyPairGenerator.getInstance(str) : KeyPairGenerator.getInstance(str, provider);
    }

    public static Mac m(String str) throws NoSuchAlgorithmException {
        Provider provider = AbstractGMJSSE.g2;
        return provider == null ? Mac.getInstance(str) : Mac.getInstance(str, provider);
    }

    public static MessageDigest n(String str) {
        try {
            Provider provider = AbstractGMJSSE.g2;
            return provider == null ? MessageDigest.getInstance(str) : MessageDigest.getInstance(str, provider);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Algorithm " + str + " not available", e2);
        }
    }

    public static Signature o(String str) throws NoSuchAlgorithmException {
        Provider provider = AbstractGMJSSE.g2;
        if (provider == null) {
            return Signature.getInstance(str);
        }
        if (str != "MD5andSHA1withRSA" || provider.getService("Signature", str) != null) {
            return Signature.getInstance(str, AbstractGMJSSE.g2);
        }
        try {
            return Signature.getInstance(str, "SunJSSE");
        } catch (NoSuchProviderException e2) {
            throw new NoSuchAlgorithmException(e2);
        }
    }
}
