package iaik.cms.ecc;

import iaik.asn1.ASN;
import iaik.asn1.ASN1Object;
import iaik.asn1.CON_SPEC;
import iaik.asn1.DerCoder;
import iaik.asn1.NULL;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.cms.CMSAlgorithmID;
import iaik.cms.CMSException;
import iaik.cms.IaikProvider;
import iaik.pki.pathvalidation.I;
import iaik.security.ec.common.ECKey;
import iaik.security.ec.common.ECKeyFactory;
import iaik.security.ec.common.ECParameterSpec;
import iaik.security.ec.common.ECPrivateKey;
import iaik.security.ec.common.SecurityStrength;
import iaik.security.ec.common.X963KDFParameterSpec;
import iaik.security.ec.ecdh.ECDHParameterSpec;
import iaik.security.ec.ecies.ECIESParameterSpec;
import iaik.security.ec.errorhandling.DecodingException;
import iaik.security.ec.provider.ECCelerate;
import iaik.utils.CryptoUtils;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.interfaces.ECPublicKey;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_eccelerate_cms-5.01.jar:iaik/cms/ecc/ECCelerateProvider.class */
public class ECCelerateProvider extends IaikProvider {
    public static final AlgorithmID ecka_eg_X963KDF_SHA256 = new CMSAlgorithmID("0.4.0.127.0.7.1.1.5.1.1.3", "ECKA-EG", ECIESParameterSpec.DEFAULT_KEY_AGREEMENT);
    public static final AlgorithmID ecka_eg_X963KDF_SHA384 = new CMSAlgorithmID("0.4.0.127.0.7.1.1.5.1.1.4", "ECKA-EG", ECIESParameterSpec.DEFAULT_KEY_AGREEMENT);
    public static final AlgorithmID ecka_eg_X963KDF_SHA512 = new CMSAlgorithmID("0.4.0.127.0.7.1.1.5.1.1.5", "ECKA-EG", ECIESParameterSpec.DEFAULT_KEY_AGREEMENT);

    public ECCelerateProvider() {
        if (Security.getProvider("IAIK ECCelerate") == null) {
            ECCelerate.addAsProvider();
        }
        if (Security.getProvider("IAIK ECCelerate") == null) {
            System.err.println("Could not add ECC provider! IAIK ECCelerate crypto provider not installed!");
            throw new RuntimeException("Could not add ECC provider! IAIK ECCelerate crypto provider not installed!");
        }
    }

    @Override // iaik.cms.SecurityProvider
    public int getKeyLength(PublicKey publicKey) {
        return a(publicKey);
    }

    @Override // iaik.cms.SecurityProvider
    public int getKeyLength(PrivateKey privateKey) {
        return a(privateKey);
    }

    private int a(Key key) {
        int keyLength;
        try {
            keyLength = ECKeyFactory.translateKey(key).getKeyLength();
        } catch (InvalidKeyException e) {
            keyLength = key instanceof PrivateKey ? super.getKeyLength((PrivateKey) key) : super.getKeyLength((PublicKey) key);
        }
        return keyLength;
    }

    @Override // iaik.cms.IaikProvider, iaik.cms.SecurityProvider
    public KeyPair generateKeyAgreementKeyPair(AlgorithmID algorithmID, PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException {
        if (!(publicKey instanceof ECPublicKey)) {
            return super.generateKeyAgreementKeyPair(algorithmID, publicKey);
        }
        ECKey translateKey = ECKeyFactory.translateKey(publicKey);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(I.C, ECCelerate.getInstance());
        ECParameterSpec params = translateKey.getParams();
        keyPairGenerator.initialize(params, a(params.getOrder()));
        return keyPairGenerator.generateKeyPair();
    }

    private static SecureRandom a(BigInteger bigInteger) {
        return SecurityStrength.getSecureRandom(SecurityStrength.getSecurityStrength(bigInteger));
    }

    @Override // iaik.cms.IaikProvider, iaik.cms.SecurityProvider
    public ASN1Object getASN1OriginatorPublicKey(PublicKey publicKey) throws CMSException {
        try {
            return new a((iaik.security.ec.common.ECPublicKey) ECKeyFactory.translateKey(publicKey)).toASN1Object();
        } catch (Exception e) {
            return super.getASN1OriginatorPublicKey(publicKey);
        }
    }

    @Override // iaik.cms.SecurityProvider
    public PublicKey getOriginatorPublicKey(ASN1Object aSN1Object) throws CMSException {
        PublicKey originatorPublicKey;
        try {
            originatorPublicKey = new a(aSN1Object);
        } catch (Throwable th) {
            originatorPublicKey = super.getOriginatorPublicKey(aSN1Object);
        }
        return originatorPublicKey;
    }

    @Override // iaik.cms.IaikProvider, iaik.cms.SecurityProvider
    public void checkDomainParameters(PrivateKey privateKey, PublicKey publicKey) throws IllegalArgumentException {
        try {
            ECKey translateKey = ECKeyFactory.translateKey(privateKey);
            ECKey translateKey2 = ECKeyFactory.translateKey(publicKey);
            ECParameterSpec params = translateKey.getParams();
            ECParameterSpec params2 = translateKey2.getParams();
            if (params == null || params2 == null || params.equals(params2)) {
            } else {
                throw new IllegalArgumentException("Different domain parameters for ECDH!");
            }
        } catch (Throwable th) {
            super.checkDomainParameters(privateKey, publicKey);
        }
    }

    @Override // iaik.cms.IaikProvider, iaik.cms.SecurityProvider
    public SecretKey createSharedKeyEncryptionKey(AlgorithmID algorithmID, PrivateKey privateKey, PublicKey publicKey, AlgorithmID algorithmID2, int i, byte[] bArr, String str) throws NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException {
        iaik.security.ec.common.ECPublicKey eCPublicKey;
        SecretKey generateSecret;
        if (algorithmID.equals(CMSAlgorithmID.dhSinglePass_stdDH_sha1kdf_scheme) || algorithmID.equals(CMSAlgorithmID.dhSinglePass_cofactorDH_sha1kdf_scheme) || algorithmID.equals(CMSAlgorithmID.dhSinglePass_stdDH_sha256kdf_scheme) || algorithmID.equals(CMSAlgorithmID.dhSinglePass_stdDH_sha384kdf_scheme) || algorithmID.equals(ecka_eg_X963KDF_SHA256) || algorithmID.equals(ecka_eg_X963KDF_SHA384) || algorithmID.equals(ecka_eg_X963KDF_SHA512)) {
            ECPrivateKey eCPrivateKey = (ECPrivateKey) ECKeyFactory.translateKey(privateKey);
            ECParameterSpec params = eCPrivateKey.getParams();
            if (publicKey instanceof a) {
                try {
                    eCPublicKey = new iaik.security.ec.common.ECPublicKey(params, params.getCurve().decodePoint(((a) publicKey).a()));
                } catch (DecodingException e) {
                    throw new InvalidKeyException("Error decoding ECPoint: " + e.toString(), e);
                }
            } else {
                if (!(publicKey instanceof ECPublicKey)) {
                    throw new InvalidKeyException("Not an ECPublicKey!");
                }
                eCPublicKey = (iaik.security.ec.common.ECPublicKey) ECKeyFactory.translateKey(publicKey);
            }
            AlgorithmID algorithmID3 = algorithmID.equals(CMSAlgorithmID.dhSinglePass_stdDH_sha384kdf_scheme) ? AlgorithmID.sha384 : algorithmID.equals(CMSAlgorithmID.dhSinglePass_stdDH_sha256kdf_scheme) ? AlgorithmID.sha256 : algorithmID.equals(ecka_eg_X963KDF_SHA256) ? AlgorithmID.sha256 : algorithmID.equals(ecka_eg_X963KDF_SHA384) ? AlgorithmID.sha384 : algorithmID.equals(ecka_eg_X963KDF_SHA512) ? AlgorithmID.sha512 : AlgorithmID.sha1;
            byte[] bArr2 = null;
            if (!algorithmID.equals(ecka_eg_X963KDF_SHA256) && !algorithmID.equals(ecka_eg_X963KDF_SHA384) && !algorithmID.equals(ecka_eg_X963KDF_SHA512)) {
                bArr2 = a(algorithmID2, bArr, i);
            }
            ECDHParameterSpec eCDHParameterSpec = new ECDHParameterSpec(params, new X963KDFParameterSpec(algorithmID3, i, bArr2));
            KeyAgreement keyAgreementInstance = algorithmID.getKeyAgreementInstance("IAIK ECCelerate");
            if (keyAgreementInstance == null) {
                keyAgreementInstance = algorithmID.getKeyAgreementInstance();
            }
            keyAgreementInstance.init(eCPrivateKey, eCDHParameterSpec);
            keyAgreementInstance.doPhase(eCPublicKey, true);
            generateSecret = keyAgreementInstance.generateSecret(str);
        } else {
            generateSecret = super.createSharedKeyEncryptionKey(algorithmID, privateKey, publicKey, algorithmID2, i, bArr, str);
        }
        return generateSecret;
    }

    private static byte[] a(AlgorithmID algorithmID, byte[] bArr, int i) {
        AlgorithmID algorithmID2;
        if (algorithmID == null) {
            throw new NullPointerException("Cannot create SharedInfo. Key encryption algorithm must not be null.");
        }
        if (i < 0) {
            throw new IllegalArgumentException("Cannot create SharedInfo. Kek length must not be negative.");
        }
        SEQUENCE sequence = new SEQUENCE();
        ASN1Object parameter = algorithmID.getParameter();
        if (parameter == null || !parameter.isA(ASN.NULL)) {
            algorithmID2 = (AlgorithmID) algorithmID.clone();
            algorithmID2.setParameter(new NULL());
        } else {
            algorithmID2 = algorithmID;
        }
        sequence.addComponent(algorithmID2.toASN1Object());
        if (bArr != null) {
            sequence.addComponent(new CON_SPEC(0, new OCTET_STRING(bArr)));
        }
        byte[] bArr2 = new byte[4];
        CryptoUtils.spreadIntsToBytes(new int[]{i}, 0, bArr2, 0, 1);
        sequence.addComponent(new CON_SPEC(2, new OCTET_STRING(bArr2)));
        return DerCoder.encode(sequence);
    }
}
