package defpackage;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.util.Arrays;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.crypto.TlsCryptoException;
import org.bouncycastle.tls.crypto.a;
import org.bouncycastle.tls.crypto.e;
import org.bouncycastle.tls.crypto.k;
import org.bouncycastle.tls.crypto.l;
import org.bouncycastle.tls.m1;
import org.bouncycastle.util.b;

/* loaded from: classes4.dex */
public class nd1 implements l {
    protected final nc1 a;
    protected final k b;
    protected final DHParameterSpec c;

    public nd1(nc1 nc1Var, k kVar) {
        this.a = nc1Var;
        this.b = kVar;
        this.c = a(kVar);
    }

    private static int a(DHParameterSpec dHParameterSpec) {
        return (dHParameterSpec.getP().bitLength() + 7) / 8;
    }

    public static DHParameterSpec a(k kVar) {
        a a = m1.a(kVar);
        if (a != null) {
            return new DHParameterSpec(a.c(), a.a(), a.b());
        }
        throw new IllegalArgumentException("No DH configuration provided");
    }

    public static rd1 a(nc1 nc1Var, DHPrivateKey dHPrivateKey, DHPublicKey dHPublicKey, boolean z) {
        try {
            byte[] a = nc1Var.a("DH", dHPrivateKey, dHPublicKey, "TlsPremasterSecret");
            if (z) {
                int a2 = a(dHPrivateKey.getParams());
                byte[] bArr = new byte[a2];
                System.arraycopy(a, 0, bArr, a2 - a.length, a.length);
                Arrays.fill(a, (byte) 0);
                a = bArr;
            }
            return nc1Var.d(a);
        } catch (GeneralSecurityException e) {
            throw new TlsCryptoException("cannot calculate secret", e);
        }
    }

    private static byte[] a(DHParameterSpec dHParameterSpec, boolean z, BigInteger bigInteger) {
        return z ? b.a(a(dHParameterSpec), bigInteger) : b.a(bigInteger);
    }

    public BigInteger a(byte[] bArr) {
        if (!this.b.c() || a(this.c) == bArr.length) {
            return new BigInteger(1, bArr);
        }
        throw new TlsFatalAlert((short) 47);
    }

    @Override // org.bouncycastle.tls.crypto.l
    public e a() {
        return new md1(this);
    }

    public rd1 a(DHPrivateKey dHPrivateKey, DHPublicKey dHPublicKey) {
        return a(this.a, dHPrivateKey, dHPublicKey, this.b.c());
    }

    public byte[] a(DHPublicKey dHPublicKey) {
        return a(this.c, true, dHPublicKey.getY());
    }

    public KeyPair b() {
        try {
            KeyPairGenerator a = this.a.h().a("DH");
            a.initialize(this.c, this.a.e());
            return a.generateKeyPair();
        } catch (GeneralSecurityException e) {
            throw new TlsCryptoException("unable to create key pair", e);
        }
    }

    public DHPublicKey b(byte[] bArr) {
        try {
            return (DHPublicKey) this.a.h().i("DH").generatePublic(new DHPublicKeySpec(a(bArr), this.c.getP(), this.c.getG()));
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new TlsFatalAlert((short) 40, e2);
        }
    }
}
