package com.xdja.tls.crypto.impl.jcajce;

import com.xdja.jce.coding.asn1.edec.EdECObjectIdentifiers;
import com.xdja.jce.coding.asn1.x509.AlgorithmIdentifier;
import com.xdja.jce.coding.asn1.x509.SubjectPublicKeyInfo;
import com.xdja.jce.core.util.Arrays;
import com.xdja.tls.CipherSuite;
import com.xdja.tls.TlsFatalAlert;
import com.xdja.tls.crypto.TlsAgreement;
import com.xdja.tls.crypto.TlsCryptoException;
import com.xdja.tls.crypto.TlsECDomain;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;

/* loaded from: input_file:com/xdja/tls/crypto/impl/jcajce/JceX25519Domain.class */
public class JceX25519Domain implements TlsECDomain {
    protected final JcaTlsCrypto crypto;

    public JceX25519Domain(JcaTlsCrypto jcaTlsCrypto) {
        this.crypto = jcaTlsCrypto;
    }

    public JceTlsSecret calculateECDHAgreement(PrivateKey privateKey, PublicKey publicKey) throws IOException {
        try {
            byte[] calculateKeyAgreement = this.crypto.calculateKeyAgreement("X25519", privateKey, publicKey, "TlsPremasterSecret");
            if (calculateKeyAgreement == null || calculateKeyAgreement.length != 32) {
                throw new TlsCryptoException("invalid secret calculated");
            }
            if (Arrays.areAllZeroes(calculateKeyAgreement, 0, calculateKeyAgreement.length)) {
                throw new TlsFatalAlert((short) 40);
            }
            return this.crypto.adoptLocalSecret(calculateKeyAgreement);
        } catch (GeneralSecurityException e) {
            throw new TlsCryptoException("cannot calculate secret", e);
        }
    }

    @Override // com.xdja.tls.crypto.TlsECDomain
    public TlsAgreement createECDH() {
        return new JceX25519(this);
    }

    public PublicKey decodePublicKey(byte[] bArr) throws IOException {
        try {
            return this.crypto.getHelper().createKeyFactory("X25519").generatePublic(new X509EncodedKeySpec(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), bArr).getEncoded("DER")));
        } catch (Exception e) {
            throw new TlsFatalAlert((short) 47, e);
        }
    }

    public byte[] encodePublicKey(PublicKey publicKey) throws IOException {
        try {
            if ("X.509".equals(publicKey.getFormat())) {
                return SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()).getPublicKeyData().getOctets();
            }
        } catch (Exception e) {
        }
        throw new TlsFatalAlert((short) 80);
    }

    public KeyPair generateKeyPair() {
        try {
            KeyPairGenerator createKeyPairGenerator = this.crypto.getHelper().createKeyPairGenerator("X25519");
            createKeyPairGenerator.initialize(CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV, this.crypto.getSecureRandom());
            return createKeyPairGenerator.generateKeyPair();
        } catch (GeneralSecurityException e) {
            throw Exceptions.illegalStateException("unable to create key pair: " + e.getMessage(), e);
        }
    }
}
