package org.bouncycastle.tls.crypto.d0.m;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.util.Arrays;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.crypto.TlsCryptoException;
import org.bouncycastle.tls.q1;

/* loaded from: classes3.dex */
public class i0 implements org.bouncycastle.tls.crypto.l {
    protected final g a;
    protected final org.bouncycastle.tls.crypto.k b;
    protected final DHParameterSpec c;

    public i0(g gVar, org.bouncycastle.tls.crypto.k kVar) {
        this.a = gVar;
        this.b = kVar;
        this.c = i(kVar);
    }

    public static m0 c(g gVar, DHPrivateKey dHPrivateKey, DHPublicKey dHPublicKey, boolean z) throws IOException {
        try {
            byte[] x = gVar.x("DH", dHPrivateKey, dHPublicKey, "TlsPremasterSecret");
            if (z) {
                int j2 = j(dHPrivateKey.getParams());
                byte[] bArr = new byte[j2];
                System.arraycopy(x, 0, bArr, j2 - x.length, x.length);
                Arrays.fill(x, (byte) 0);
                x = bArr;
            }
            return gVar.w(x);
        } catch (GeneralSecurityException e2) {
            throw new TlsCryptoException("cannot calculate secret", e2);
        }
    }

    private static byte[] g(DHParameterSpec dHParameterSpec, boolean z, BigInteger bigInteger) {
        return z ? org.bouncycastle.util.b.a(j(dHParameterSpec), bigInteger) : org.bouncycastle.util.b.b(bigInteger);
    }

    public static DHParameterSpec i(org.bouncycastle.tls.crypto.k kVar) {
        org.bouncycastle.tls.crypto.a b = q1.b(kVar);
        if (b != null) {
            return new DHParameterSpec(b.c(), b.a(), b.b());
        }
        throw new IllegalArgumentException("No DH configuration provided");
    }

    private static int j(DHParameterSpec dHParameterSpec) {
        return (dHParameterSpec.getP().bitLength() + 7) / 8;
    }

    @Override // org.bouncycastle.tls.crypto.l
    public org.bouncycastle.tls.crypto.e a() {
        return new h0(this);
    }

    public m0 b(DHPrivateKey dHPrivateKey, DHPublicKey dHPublicKey) throws IOException {
        return c(this.a, dHPrivateKey, dHPublicKey, this.b.c());
    }

    public BigInteger d(byte[] bArr) throws IOException {
        if (!this.b.c() || j(this.c) == bArr.length) {
            return new BigInteger(1, bArr);
        }
        throw new TlsFatalAlert((short) 47);
    }

    public DHPublicKey e(byte[] bArr) throws IOException {
        try {
            return (DHPublicKey) this.a.Y().i("DH").generatePublic(new DHPublicKeySpec(d(bArr), this.c.getP(), this.c.getG()));
        } catch (IOException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new TlsFatalAlert((short) 40, e3);
        }
    }

    public byte[] f(DHPublicKey dHPublicKey) throws IOException {
        return g(this.c, true, dHPublicKey.getY());
    }

    public KeyPair h() throws IOException {
        try {
            KeyPairGenerator a = this.a.Y().a("DH");
            a.initialize(this.c, this.a.j());
            return a.generateKeyPair();
        } catch (GeneralSecurityException e2) {
            throw new TlsCryptoException("unable to create key pair", e2);
        }
    }
}
