package sun.security.ssl;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import javax.net.ssl.SSLHandshakeException;
import sun.security.util.KeyUtil;

/* loaded from: classes.dex */
final class DHCrypt {
    private static int MAX_FAILOVER_TIMES = 2;
    private BigInteger base;
    private BigInteger modulus;
    private PrivateKey privateKey;
    private BigInteger publicValue;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DHCrypt(int i, SecureRandom secureRandom) {
        try {
            KeyPairGenerator keyPairGenerator = JsseJce.getKeyPairGenerator("DiffieHellman");
            keyPairGenerator.initialize(i, secureRandom);
            DHPublicKeySpec generateDHPublicKeySpec = generateDHPublicKeySpec(keyPairGenerator);
            if (generateDHPublicKeySpec == null) {
                throw new RuntimeException("Could not generate DH keypair");
            }
            this.publicValue = generateDHPublicKeySpec.getY();
            this.modulus = generateDHPublicKeySpec.getP();
            this.base = generateDHPublicKeySpec.getG();
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("Could not generate DH keypair", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DHCrypt(BigInteger bigInteger, BigInteger bigInteger2, SecureRandom secureRandom) {
        this.modulus = bigInteger;
        this.base = bigInteger2;
        try {
            KeyPairGenerator keyPairGenerator = JsseJce.getKeyPairGenerator("DiffieHellman");
            keyPairGenerator.initialize(new DHParameterSpec(bigInteger, bigInteger2), secureRandom);
            DHPublicKeySpec generateDHPublicKeySpec = generateDHPublicKeySpec(keyPairGenerator);
            if (generateDHPublicKeySpec == null) {
                throw new RuntimeException("Could not generate DH keypair");
            }
            this.publicValue = generateDHPublicKeySpec.getY();
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("Could not generate DH keypair", e);
        }
    }

    private DHPublicKeySpec generateDHPublicKeySpec(KeyPairGenerator keyPairGenerator) throws GeneralSecurityException {
        boolean z = !KeyUtil.isOracleJCEProvider(keyPairGenerator.getProvider().getName());
        for (int i = 0; i <= MAX_FAILOVER_TIMES; i++) {
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.privateKey = generateKeyPair.getPrivate();
            DHPublicKeySpec dHPublicKeySpec = getDHPublicKeySpec(generateKeyPair.getPublic());
            if (z) {
                try {
                    KeyUtil.validate(dHPublicKeySpec);
                } catch (InvalidKeyException e) {
                    if (i == MAX_FAILOVER_TIMES) {
                        throw e;
                    }
                }
            }
            return dHPublicKeySpec;
        }
        return null;
    }

    static DHPublicKeySpec getDHPublicKeySpec(PublicKey publicKey) {
        if (publicKey instanceof DHPublicKey) {
            DHPublicKey dHPublicKey = (DHPublicKey) publicKey;
            DHParameterSpec params = dHPublicKey.getParams();
            return new DHPublicKeySpec(dHPublicKey.getY(), params.getP(), params.getG());
        }
        try {
            return (DHPublicKeySpec) JsseJce.getKeyFactory("DH").getKeySpec(publicKey, DHPublicKeySpec.class);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey getAgreedSecret(BigInteger bigInteger, boolean z) throws IOException {
        try {
            KeyFactory keyFactory = JsseJce.getKeyFactory("DiffieHellman");
            DHPublicKeySpec dHPublicKeySpec = new DHPublicKeySpec(bigInteger, this.modulus, this.base);
            PublicKey generatePublic = keyFactory.generatePublic(dHPublicKeySpec);
            KeyAgreement keyAgreement = JsseJce.getKeyAgreement("DiffieHellman");
            if (!z && !KeyUtil.isOracleJCEProvider(keyAgreement.getProvider().getName())) {
                try {
                    KeyUtil.validate(dHPublicKeySpec);
                } catch (InvalidKeyException e) {
                    throw new SSLHandshakeException(e.getMessage());
                }
            }
            keyAgreement.init(this.privateKey);
            keyAgreement.doPhase(generatePublic, true);
            return keyAgreement.generateSecret("TlsPremasterSecret");
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException("Could not generate secret", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger getBase() {
        return this.base;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger getModulus() {
        return this.modulus;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger getPublicKey() {
        return this.publicValue;
    }
}
