package w3;

import j9.a;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.SecretKey;
import l4.h;
import l4.j;
import org.json.JSONException;
import org.json.JSONObject;
import t3.i;
import z3.l;
import z3.m;
import z3.n;

/* loaded from: classes.dex */
public class d {

    /* renamed from: a, reason: collision with root package name */
    public static final Object f15608a = new Object();

    public static x3.g a(i iVar, String str, m mVar, l lVar) throws a4.c, NoSuchAlgorithmException, InvalidKeySpecException, InvalidAlgorithmParameterException, InvalidKeyException, p3.c {
        PublicKey publicKey = null;
        long j10 = 0;
        if (!iVar.w(str)) {
            try {
                if (iVar.j(str)) {
                    e4.d h10 = iVar.o().f(str).h();
                    publicKey = h10.d().getPublicKey();
                    j10 = h10.f();
                }
            } catch (a4.a unused) {
                l4.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData no valid domain name set");
            }
            if (publicKey == null) {
                l4.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData missing " + str + " online certificate");
            }
        }
        if (publicKey == null) {
            z3.a b10 = iVar.o().b(str);
            if (b10 != null && b10.a() != null) {
                publicKey = h.b(l4.a.a(b10.a()), a.C0173a.f9625a);
                j10 = b10.b();
            }
            if (publicKey == null) {
                l4.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData missing " + str + " hardcoded public key");
            }
        }
        if (lVar != null && !(lVar instanceof x3.f)) {
            throw new a4.c("Negotiation parameters only support type EciesNegotiationParam");
        }
        x3.g b11 = b(mVar, (x3.f) lVar, publicKey, j10);
        l4.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData negotiate a latest secret key");
        if (mVar.f()) {
            synchronized (f15608a) {
                n s10 = iVar.s(str, mVar.d());
                if (s10 != null && !s10.g() && (s10 instanceof x3.g)) {
                    b11 = (x3.g) s10;
                }
                iVar.I(str, b11);
                l4.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData adopt and save to cryptoCore");
            }
        }
        return b11;
    }

    public static x3.g b(m mVar, x3.f fVar, PublicKey publicKey, long j10) throws NoSuchAlgorithmException, a4.c, InvalidKeyException, InvalidAlgorithmParameterException, p3.c {
        if (publicKey == null) {
            throw new InvalidKeyException("Missing biz public key.");
        }
        if (!publicKey.getAlgorithm().equals(a.C0173a.f9625a)) {
            throw new InvalidKeyException("Current scene only supports EC key, not " + publicKey.getAlgorithm() + ". Please specify the correct biz or biz public key.");
        }
        x3.g gVar = new x3.g();
        j.o(mVar, gVar);
        x3.e eVar = new x3.e();
        gVar.r(f(x3.c.NIST_P, x3.d.HKDF256, publicKey, fVar, mVar.a().b() / 8, eVar));
        gVar.s(eVar);
        gVar.q(j10);
        return gVar;
    }

    public static byte[] c(x3.c cVar, PrivateKey privateKey, PublicKey publicKey) throws InvalidAlgorithmParameterException, p3.c {
        if (cVar == x3.c.NIST_P) {
            return q3.c.a(privateKey, publicKey);
        }
        throw new InvalidAlgorithmParameterException("Unsupported " + cVar);
    }

    public static KeyPair d(x3.c cVar, AlgorithmParameterSpec algorithmParameterSpec) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        if (cVar == x3.c.NIST_P) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(a.C0173a.f9625a);
            keyPairGenerator.initialize(algorithmParameterSpec, new SecureRandom());
            return keyPairGenerator.generateKeyPair();
        }
        throw new InvalidAlgorithmParameterException("Unsupported " + cVar);
    }

    public static byte[] e(byte[] bArr, x3.d dVar, x3.f fVar, int i10, x3.e eVar) throws InvalidAlgorithmParameterException, p3.c {
        boolean z10;
        if (dVar != x3.d.HKDF256) {
            throw new InvalidAlgorithmParameterException("Unsupported " + dVar);
        }
        byte[] bArr2 = null;
        if (fVar != null) {
            bArr2 = fVar.a();
            z10 = fVar.b();
        } else {
            z10 = false;
        }
        byte[] bArr3 = new byte[32];
        if (z10) {
            new SecureRandom().nextBytes(bArr3);
        } else {
            Arrays.fill(bArr3, (byte) 0);
        }
        if (eVar != null) {
            if (z10) {
                eVar.g(bArr3);
            }
            if (bArr2 != null) {
                eVar.f(bArr2);
            }
        }
        byte[] bytes = "".getBytes(StandardCharsets.UTF_8);
        if (bArr2 == null) {
            bArr2 = bytes;
        }
        return q3.e.b(bArr, bArr3, bArr2, i10);
    }

    public static SecretKey f(x3.c cVar, x3.d dVar, PublicKey publicKey, x3.f fVar, int i10, x3.e eVar) throws NoSuchAlgorithmException, a4.c, InvalidAlgorithmParameterException, InvalidKeyException, p3.c {
        if (!(publicKey instanceof ECPublicKey)) {
            throw new InvalidKeyException("Only supports 'ECPublicKey' type, not '" + publicKey.getClass().getName());
        }
        KeyPair d10 = d(cVar, ((ECPublicKey) publicKey).getParams());
        PublicKey publicKey2 = d10.getPublic();
        PrivateKey privateKey = d10.getPrivate();
        if (eVar != null) {
            eVar.h(publicKey2.getEncoded());
        }
        return h.c(e(c(cVar, privateKey, publicKey), dVar, fVar, i10, eVar), "AES");
    }

    public static String g(x3.d dVar, x3.e eVar, z3.d dVar2) throws JSONException, InvalidAlgorithmParameterException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("tmpPublicKey", l4.a.b(eVar.d()));
        if (dVar != x3.d.HKDF256) {
            throw new InvalidAlgorithmParameterException("Unsupported " + dVar);
        }
        if (eVar.c() != null) {
            jSONObject.put("salt", l4.a.b(eVar.c()));
        }
        if (eVar.b() != null) {
            jSONObject.put("info", l4.a.b(eVar.b()));
        }
        jSONObject.put("cipherInfo", new JSONObject(a.a(dVar2)));
        return jSONObject.toString();
    }
}
