package org.e.d.b;

import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import org.e.a.al.bc;
import org.e.a.bp;
import org.e.a.bt;
import org.e.d.bi;

/* loaded from: classes3.dex */
public class aa extends bi {
    private static ak j = new an();

    /* renamed from: a, reason: collision with root package name */
    private org.e.p.ae f21333a;

    /* renamed from: b, reason: collision with root package name */
    private List f21334b;

    /* renamed from: c, reason: collision with root package name */
    private List f21335c;

    /* renamed from: d, reason: collision with root package name */
    private PublicKey f21336d;
    private PrivateKey e;
    private c f;
    private SecureRandom g;
    private KeyPair h;
    private byte[] i;

    public aa(org.e.a.q qVar, PrivateKey privateKey, PublicKey publicKey, org.e.a.q qVar2) {
        super(qVar, bc.a(publicKey.getEncoded()), qVar2);
        this.f21333a = new org.e.p.j();
        this.f21334b = new ArrayList();
        this.f21335c = new ArrayList();
        this.f = new c(new b());
        this.f21336d = publicKey;
        this.e = privateKey;
    }

    private void a(org.e.a.q qVar) throws org.e.d.ac {
        if (this.g == null) {
            this.g = new SecureRandom();
        }
        if (a.a(qVar) && this.h == null) {
            try {
                bc a2 = bc.a(this.f21336d.getEncoded());
                AlgorithmParameters g = this.f.g(qVar);
                g.init(a2.a().b().k().l());
                KeyPairGenerator h = this.f.h(qVar);
                h.initialize(g.getParameterSpec(AlgorithmParameterSpec.class), this.g);
                this.h = h.generateKeyPair();
            } catch (Exception e) {
                throw new org.e.d.ac("cannot determine MQV ephemeral key pair parameters from public key: " + e, e);
            }
        }
    }

    @Override // org.e.d.bi
    public org.e.a.w a(org.e.a.al.b bVar, org.e.a.al.b bVar2, org.e.p.o oVar) throws org.e.d.ac {
        AlgorithmParameterSpec jVar;
        bp bpVar;
        if (this.f21334b.isEmpty()) {
            throw new org.e.d.ac("No recipients associated with generator - use addRecipient()");
        }
        a(bVar.a());
        PrivateKey privateKey = this.e;
        org.e.a.q a2 = bVar.a();
        org.e.a.g gVar = new org.e.a.g();
        for (int i = 0; i != this.f21334b.size(); i++) {
            PublicKey publicKey = (PublicKey) this.f21335c.get(i);
            org.e.a.f.ab abVar = (org.e.a.f.ab) this.f21334b.get(i);
            try {
                org.e.a.q a3 = bVar2.a();
                if (a.a(a2)) {
                    jVar = new org.e.k.c.e(this.h, publicKey, this.i);
                } else if (a.b(a2)) {
                    jVar = new org.e.k.c.j(j.a(bVar2, this.f21333a.a(a3), this.i));
                } else if (!a.d(a2)) {
                    if (!a.c(a2)) {
                        throw new org.e.d.ac("Unknown key agreement algorithm: " + a2);
                    }
                    if (this.i == null) {
                        throw new org.e.d.ac("User keying material must be set for static keys.");
                    }
                    jVar = new org.e.k.c.j(this.i);
                } else if (this.i != null) {
                    jVar = new org.e.k.c.j(this.i);
                } else {
                    if (a2.equals(org.e.a.ac.s.bO)) {
                        throw new org.e.d.ac("User keying material must be set for static keys.");
                    }
                    jVar = null;
                }
                KeyAgreement e = this.f.e(a2);
                e.init(privateKey, jVar, this.g);
                e.doPhase(publicKey, true);
                SecretKey generateSecret = e.generateSecret(a3.b());
                Cipher b2 = this.f.b(a3);
                if (!a3.equals(org.e.a.h.a.f20686d) && !a3.equals(org.e.a.h.a.e)) {
                    b2.init(3, generateSecret, this.g);
                    bpVar = new bp(b2.wrap(this.f.a(oVar)));
                    gVar.a(new org.e.a.f.am(abVar, bpVar));
                }
                b2.init(3, generateSecret, new org.e.k.c.c(org.e.a.h.a.h, this.i));
                byte[] wrap = b2.wrap(this.f.a(oVar));
                bpVar = new bp(new org.e.a.h.h(org.e.u.a.b(wrap, 0, wrap.length - 4), org.e.u.a.b(wrap, wrap.length - 4, wrap.length)).a(org.e.a.h.f20680a));
                gVar.a(new org.e.a.f.am(abVar, bpVar));
            } catch (IOException e2) {
                throw new org.e.d.ac("unable to encode wrapped key: " + e2.getMessage(), e2);
            } catch (GeneralSecurityException e3) {
                throw new org.e.d.ac("cannot perform agreement step: " + e3.getMessage(), e3);
            }
        }
        return new bt(gVar);
    }

    public aa a(String str) {
        this.f = new c(new al(str));
        return this;
    }

    public aa a(Provider provider) {
        this.f = new c(new am(provider));
        return this;
    }

    public aa a(SecureRandom secureRandom) {
        this.g = secureRandom;
        return this;
    }

    public aa a(X509Certificate x509Certificate) throws CertificateEncodingException {
        this.f21334b.add(new org.e.a.f.ab(a.a(x509Certificate)));
        this.f21335c.add(x509Certificate.getPublicKey());
        return this;
    }

    public aa a(byte[] bArr) {
        this.i = org.e.u.a.b(bArr);
        return this;
    }

    public aa a(byte[] bArr, PublicKey publicKey) throws CertificateEncodingException {
        this.f21334b.add(new org.e.a.f.ab(new org.e.a.f.ap(bArr)));
        this.f21335c.add(publicKey);
        return this;
    }

    @Override // org.e.d.bi
    protected byte[] a(org.e.a.al.b bVar) throws org.e.d.ac {
        a(bVar.a());
        KeyPair keyPair = this.h;
        if (keyPair == null) {
            return this.i;
        }
        org.e.a.f.ah a2 = a(bc.a(keyPair.getPublic().getEncoded()));
        try {
            return this.i != null ? new org.e.a.f.a.b(a2, new bp(this.i)).l() : new org.e.a.f.a.b(a2, null).l();
        } catch (IOException e) {
            throw new org.e.d.ac("unable to encode user keying material: " + e.getMessage(), e);
        }
    }
}
