package org.spongycastle.tls.crypto.impl.jcajce;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import org.spongycastle.tls.TlsDHUtils;
import org.spongycastle.tls.TlsFatalAlert;
import org.spongycastle.tls.crypto.DHGroup;
import org.spongycastle.tls.crypto.TlsAgreement;
import org.spongycastle.tls.crypto.TlsCryptoException;
import org.spongycastle.tls.crypto.TlsDHConfig;
import org.spongycastle.tls.crypto.TlsDHDomain;
import org.spongycastle.util.BigIntegers;

/* loaded from: classes6.dex */
public class JceTlsDHDomain implements TlsDHDomain {
    protected final JcaTlsCrypto crypto;
    protected final TlsDHConfig dhConfig;
    protected final DHParameterSpec dhParameterSpec;

    public JceTlsDHDomain(JcaTlsCrypto jcaTlsCrypto, TlsDHConfig tlsDHConfig) {
        this.crypto = jcaTlsCrypto;
        this.dhConfig = tlsDHConfig;
        this.dhParameterSpec = getParameters(tlsDHConfig);
    }

    public static BigInteger decodeParameter(byte[] bArr) throws IOException {
        return new BigInteger(1, bArr);
    }

    public static DHParameterSpec getParameters(TlsDHConfig tlsDHConfig) {
        DHGroup dHGroup = TlsDHUtils.getDHGroup(tlsDHConfig);
        if (dHGroup != null) {
            return new DHParameterSpec(dHGroup.getP(), dHGroup.getG(), dHGroup.getL());
        }
        throw new IllegalArgumentException("No DH configuration provided");
    }

    public JceTlsSecret calculateDHAgreement(DHPrivateKey dHPrivateKey, DHPublicKey dHPublicKey) throws IOException {
        try {
            return this.crypto.adoptLocalSecret(this.crypto.calculateKeyAgreement("DH", dHPrivateKey, dHPublicKey, "TlsPremasterSecret").getEncoded());
        } catch (GeneralSecurityException e) {
            throw new TlsCryptoException("cannot calculate secret", e);
        }
    }

    @Override // org.spongycastle.tls.crypto.TlsDHDomain
    public TlsAgreement createDH() {
        return new JceTlsDH(this);
    }

    public DHPublicKey decodePublicKey(byte[] bArr) throws IOException {
        try {
            return (DHPublicKey) this.crypto.getHelper().createKeyFactory("DH").generatePublic(new DHPublicKeySpec(decodeParameter(bArr), this.dhParameterSpec.getP(), this.dhParameterSpec.getG()));
        } catch (Exception e) {
            throw new TlsFatalAlert((short) 40, e);
        }
    }

    public byte[] encodeParameter(BigInteger bigInteger) throws IOException {
        return BigIntegers.asUnsignedByteArray(bigInteger);
    }

    public byte[] encodePublicKey(DHPublicKey dHPublicKey) throws IOException {
        return encodeParameter(dHPublicKey.getY());
    }

    public KeyPair generateKeyPair() throws IOException {
        try {
            KeyPairGenerator createKeyPairGenerator = this.crypto.getHelper().createKeyPairGenerator("DH");
            createKeyPairGenerator.initialize(this.dhParameterSpec, this.crypto.getSecureRandom());
            return createKeyPairGenerator.generateKeyPair();
        } catch (GeneralSecurityException e) {
            throw new TlsCryptoException("unable to create key pair", e);
        }
    }
}
