package cn.gmssl.sun.security.ssl;

import cn.gmssl.crypto.impl.sm2.SM2Util;
import cn.gmssl.sun.security.ssl.HandshakeMessage;
import java.io.IOException;
import java.io.PrintStream;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.X509Certificate;

/* loaded from: classes2.dex */
public class ECCServerKeyExchange extends HandshakeMessage.ServerKeyExchange {
    private Signature signature;
    private byte[] signatureBytes;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ECCServerKeyExchange(HandshakeInStream handshakeInStream) throws IOException, NoSuchAlgorithmException {
        this.signature = Signature.getInstance("SM3withSM2");
        this.signatureBytes = handshakeInStream.getBytes16();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ECCServerKeyExchange(PrivateKey privateKey, PublicKey publicKey, RandomCookie randomCookie, RandomCookie randomCookie2, X509Certificate x509Certificate, SecureRandom secureRandom) throws GeneralSecurityException {
        Signature sm2Sign = SM2Util.sm2Sign(privateKey, publicKey);
        this.signature = sm2Sign;
        sm2Sign.initSign(privateKey, secureRandom);
        this.signature.update(randomCookie.random_bytes);
        this.signature.update(randomCookie2.random_bytes);
        byte[] encoded = x509Certificate.getEncoded();
        int length = encoded.length;
        this.signature.update((byte) ((length >> 16) & 255));
        this.signature.update((byte) ((length >> 8) & 255));
        this.signature.update((byte) (length & 255));
        this.signature.update(encoded);
        this.signatureBytes = this.signature.sign();
    }

    @Override // cn.gmssl.sun.security.ssl.HandshakeMessage
    int messageLength() {
        return this.signatureBytes.length + 2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // cn.gmssl.sun.security.ssl.HandshakeMessage
    public void print(PrintStream printStream) throws IOException {
        printStream.println("*** ECC ServerKeyExchange");
    }

    @Override // cn.gmssl.sun.security.ssl.HandshakeMessage
    void send(HandshakeOutStream handshakeOutStream) throws IOException {
        handshakeOutStream.putBytes16(this.signatureBytes);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean verify(PublicKey publicKey, RandomCookie randomCookie, RandomCookie randomCookie2, X509Certificate x509Certificate) throws GeneralSecurityException {
        this.signature.initVerify(publicKey);
        this.signature.update(randomCookie.random_bytes);
        this.signature.update(randomCookie2.random_bytes);
        byte[] encoded = x509Certificate.getEncoded();
        int length = encoded.length;
        this.signature.update((byte) ((length >> 16) & 255));
        this.signature.update((byte) ((length >> 8) & 255));
        this.signature.update((byte) (length & 255));
        this.signature.update(encoded);
        return this.signature.verify(this.signatureBytes);
    }
}
