package org.bouncycastle.tls.crypto.impl.jcajce;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.util.Arrays;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import org.bouncycastle.jcajce.spec.DHExtendedPublicKeySpec;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.crypto.TlsAgreement;
import org.bouncycastle.tls.crypto.TlsCryptoException;
import org.bouncycastle.util.BigIntegers;

/* loaded from: classes4.dex */
public class JceTlsDH implements TlsAgreement {

    /* renamed from: a, reason: collision with root package name */
    public final JceTlsDHDomain f23674a;
    public KeyPair b;

    /* renamed from: c, reason: collision with root package name */
    public DHPublicKey f23675c;

    public JceTlsDH(JceTlsDHDomain jceTlsDHDomain) {
        this.f23674a = jceTlsDHDomain;
    }

    @Override // org.bouncycastle.tls.crypto.TlsAgreement
    public final byte[] a() throws IOException {
        JceTlsDHDomain jceTlsDHDomain = this.f23674a;
        JcaTlsCrypto jcaTlsCrypto = jceTlsDHDomain.f23676a;
        DHParameterSpec dHParameterSpec = jceTlsDHDomain.f23677c;
        try {
            KeyPairGenerator f = jcaTlsCrypto.f23619a.f("DiffieHellman");
            f.initialize(dHParameterSpec, jcaTlsCrypto.b);
            KeyPair generateKeyPair = f.generateKeyPair();
            this.b = generateKeyPair;
            return BigIntegers.b(((DHPublicKey) generateKeyPair.getPublic()).getY(), (dHParameterSpec.getP().bitLength() + 7) / 8);
        } catch (GeneralSecurityException e) {
            throw new TlsCryptoException("unable to create key pair", e);
        }
    }

    @Override // org.bouncycastle.tls.crypto.TlsAgreement
    public final void b(byte[] bArr) throws IOException {
        JceTlsDHDomain jceTlsDHDomain = this.f23674a;
        jceTlsDHDomain.getClass();
        try {
            this.f23675c = (DHPublicKey) jceTlsDHDomain.f23676a.f23619a.e("DiffieHellman").generatePublic(new DHExtendedPublicKeySpec(jceTlsDHDomain.a(bArr), jceTlsDHDomain.f23677c));
        } catch (IOException e) {
            throw e;
        } catch (Exception e9) {
            throw new TlsFatalAlert((short) 40, null, e9);
        }
    }

    @Override // org.bouncycastle.tls.crypto.TlsAgreement
    public final JceTlsSecret c() throws IOException {
        DHPrivateKey dHPrivateKey = (DHPrivateKey) this.b.getPrivate();
        DHPublicKey dHPublicKey = this.f23675c;
        JceTlsDHDomain jceTlsDHDomain = this.f23674a;
        JcaTlsCrypto jcaTlsCrypto = jceTlsDHDomain.f23676a;
        boolean z8 = jceTlsDHDomain.b.f23581c;
        try {
            byte[] b = jcaTlsCrypto.b("DiffieHellman", dHPrivateKey, dHPublicKey);
            if (z8) {
                int bitLength = (dHPrivateKey.getParams().getP().bitLength() + 7) / 8;
                byte[] bArr = new byte[bitLength];
                System.arraycopy(b, 0, bArr, bitLength - b.length, b.length);
                Arrays.fill(b, (byte) 0);
                b = bArr;
            }
            return new JceTlsSecret(jcaTlsCrypto, b);
        } catch (GeneralSecurityException e) {
            throw new TlsCryptoException("cannot calculate secret", e);
        }
    }
}
