package org.eclipse.californium.scandium.dtls.cipher;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import org.eclipse.californium.scandium.util.ByteArrayUtils;

/* loaded from: input_file:org/eclipse/californium/scandium/dtls/cipher/ECDHECryptography.class */
public class ECDHECryptography {
    private static final String KEYPAIR_GENERATOR_INSTANCE = "EC";
    private static final String KEY_AGREEMENT_INSTANCE = "ECDH";
    private ECPrivateKey privateKey;
    private ECPublicKey publicKey;
    protected static final Logger LOGGER = Logger.getLogger(ECDHECryptography.class.getCanonicalName());
    public static final String[] NAMED_CURVE_TABLE = {null, "sect163k1", "sect163r1", "sect163r2", "sect193r1", "sect193r2", "sect233k1", "sect233r1", "sect239k1", "sect283k1", "sect283r1", "sect409k1", "sect409r1", "sect571k1", "sect571r1", "secp160k1", "secp160r1", "secp160r2", "secp192k1", "secp192r1", "secp224k1", "secp224r1", "secp256k1", "secp256r1", "secp384r1", "secp521r1"};

    public ECDHECryptography(int i) {
        try {
            String str = NAMED_CURVE_TABLE[i];
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEYPAIR_GENERATOR_INSTANCE);
            keyPairGenerator.initialize(new ECGenParameterSpec(str), new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.privateKey = (ECPrivateKey) generateKeyPair.getPrivate();
            this.publicKey = (ECPublicKey) generateKeyPair.getPublic();
        } catch (GeneralSecurityException e) {
            LOGGER.log(Level.SEVERE, "Could not generate the ECDHE keypair.", (Throwable) e);
        }
    }

    public ECDHECryptography(ECParameterSpec eCParameterSpec) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEYPAIR_GENERATOR_INSTANCE);
            keyPairGenerator.initialize(eCParameterSpec, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.privateKey = (ECPrivateKey) generateKeyPair.getPrivate();
            this.publicKey = (ECPublicKey) generateKeyPair.getPublic();
        } catch (GeneralSecurityException e) {
            LOGGER.log(Level.SEVERE, "Could not generate the ECDHE keypair.", (Throwable) e);
        }
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public void setPrivateKey(ECPrivateKey eCPrivateKey) {
        this.privateKey = eCPrivateKey;
    }

    public ECPublicKey getPublicKey() {
        return this.publicKey;
    }

    public void setPublicKey(ECPublicKey eCPublicKey) {
        this.publicKey = eCPublicKey;
    }

    public SecretKey getSecret(byte[] bArr) {
        SecretKey secretKey = null;
        try {
            ECParameterSpec params = this.publicKey.getParams();
            secretKey = getSecret(KeyFactory.getInstance(KEYPAIR_GENERATOR_INSTANCE).generatePublic(new ECPublicKeySpec(decodePoint(bArr, params.getCurve()), params)));
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, "Could not generate the premaster secret.", (Throwable) e);
        }
        return secretKey;
    }

    public SecretKey getSecret(PublicKey publicKey) {
        SecretKey secretKey = null;
        try {
            KeyAgreement keyAgreement = KeyAgreement.getInstance(KEY_AGREEMENT_INSTANCE);
            keyAgreement.init(this.privateKey);
            keyAgreement.doPhase(publicKey, true);
            secretKey = keyAgreement.generateSecret("TlsPremasterSecret");
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, "Could not generate the premaster secret.", (Throwable) e);
        }
        return secretKey;
    }

    public static ECPoint decodePoint(byte[] bArr, EllipticCurve ellipticCurve) {
        if (bArr.length == 0 || bArr[0] != 4) {
            LOGGER.severe("Only uncompressed point format supported.");
            return null;
        }
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) / 8;
        if (bArr.length != (fieldSize * 2) + 1) {
            LOGGER.severe("Point does not match field size.");
            return null;
        }
        byte[] bArr2 = new byte[fieldSize];
        byte[] bArr3 = new byte[fieldSize];
        System.arraycopy(bArr, 1, bArr2, 0, fieldSize);
        System.arraycopy(bArr, fieldSize + 1, bArr3, 0, fieldSize);
        return new ECPoint(new BigInteger(1, bArr2), new BigInteger(1, bArr3));
    }

    public static byte[] encodePoint(ECPoint eCPoint, EllipticCurve ellipticCurve) {
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) / 8;
        byte[] trimZeroes = ByteArrayUtils.trimZeroes(eCPoint.getAffineX().toByteArray());
        byte[] trimZeroes2 = ByteArrayUtils.trimZeroes(eCPoint.getAffineY().toByteArray());
        if (trimZeroes.length > fieldSize || trimZeroes2.length > fieldSize) {
            LOGGER.severe("Point coordinates do not match field size.");
            return null;
        }
        byte[] bArr = new byte[1 + (fieldSize * 2)];
        bArr[0] = 4;
        System.arraycopy(trimZeroes, 0, bArr, (fieldSize - trimZeroes.length) + 1, trimZeroes.length);
        System.arraycopy(trimZeroes2, 0, bArr, bArr.length - trimZeroes2.length, trimZeroes2.length);
        return bArr;
    }
}
