package ru.CryptoPro.ssl;

import java.math.BigInteger;
import java.security.AlgorithmConstraints;
import java.security.CryptoPrimitive;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.EnumSet;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import javax.net.ssl.SSLHandshakeException;
import ru.CryptoPro.ssl.util.KeyUtil;

/* loaded from: classes5.dex */
final class cl_21 {
    private static int e = 2;
    private BigInteger a;
    private BigInteger b;
    private PrivateKey c;
    private BigInteger d;

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_21(int i, SecureRandom secureRandom) {
        try {
            KeyPairGenerator e2 = cl_73.e("DiffieHellman");
            e2.initialize(i, secureRandom);
            DHPublicKeySpec a = a(e2);
            if (a == null) {
                throw new RuntimeException("Could not generate DH keypair");
            }
            this.d = a.getY();
            this.a = a.getP();
            this.b = a.getG();
        } catch (GeneralSecurityException e3) {
            throw new RuntimeException("Could not generate DH keypair", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_21(BigInteger bigInteger, BigInteger bigInteger2, SecureRandom secureRandom) {
        this.a = bigInteger;
        this.b = bigInteger2;
        try {
            KeyPairGenerator e2 = cl_73.e("DiffieHellman");
            e2.initialize(new DHParameterSpec(bigInteger, bigInteger2), secureRandom);
            DHPublicKeySpec a = a(e2);
            if (a == null) {
                throw new RuntimeException("Could not generate DH keypair");
            }
            this.d = a.getY();
        } catch (GeneralSecurityException e3) {
            throw new RuntimeException("Could not generate DH keypair", e3);
        }
    }

    private DHPublicKeySpec a(KeyPairGenerator keyPairGenerator) throws GeneralSecurityException {
        boolean isOracleJCEProvider = KeyUtil.isOracleJCEProvider(keyPairGenerator.getProvider().getName());
        for (int i = 0; i <= e; i++) {
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.c = generateKeyPair.getPrivate();
            DHPublicKeySpec a = a(generateKeyPair.getPublic());
            if (!isOracleJCEProvider) {
                try {
                    KeyUtil.validate(a);
                } catch (InvalidKeyException e2) {
                    if (i == e) {
                        throw e2;
                    }
                }
            }
            return a;
        }
        return null;
    }

    static DHPublicKeySpec a(PublicKey publicKey) {
        if (publicKey instanceof DHPublicKey) {
            DHPublicKey dHPublicKey = (DHPublicKey) publicKey;
            DHParameterSpec params = dHPublicKey.getParams();
            return new DHPublicKeySpec(dHPublicKey.getY(), params.getP(), params.getG());
        }
        try {
            return (DHPublicKeySpec) cl_73.h("DH").getKeySpec(publicKey, DHPublicKeySpec.class);
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger a() {
        return this.a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey a(BigInteger bigInteger, boolean z) throws SSLHandshakeException {
        try {
            KeyFactory h = cl_73.h("DiffieHellman");
            DHPublicKeySpec dHPublicKeySpec = new DHPublicKeySpec(bigInteger, this.a, this.b);
            PublicKey generatePublic = h.generatePublic(dHPublicKeySpec);
            KeyAgreement f = cl_73.f("DiffieHellman");
            if (!z && !KeyUtil.isOracleJCEProvider(f.getProvider().getName())) {
                try {
                    KeyUtil.validate(dHPublicKeySpec);
                } catch (InvalidKeyException e2) {
                    throw new SSLHandshakeException(e2.getMessage());
                }
            }
            f.init(this.c);
            f.doPhase(generatePublic, true);
            return f.generateSecret("TlsPremasterSecret");
        } catch (GeneralSecurityException e3) {
            throw ((SSLHandshakeException) new SSLHandshakeException("Could not generate secret").initCause(e3));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(AlgorithmConstraints algorithmConstraints, BigInteger bigInteger) throws SSLHandshakeException {
        try {
            if (algorithmConstraints.permits(EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), (DHPublicKey) cl_73.h("DiffieHellman").generatePublic(new DHPublicKeySpec(bigInteger, this.a, this.b)))) {
            } else {
                throw new SSLHandshakeException("DHPublicKey does not comply to algorithm constraints");
            }
        } catch (GeneralSecurityException e2) {
            throw ((SSLHandshakeException) new SSLHandshakeException("Could not generate DHPublicKey").initCause(e2));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger b() {
        return this.b;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BigInteger c() {
        return this.d;
    }
}
