package com.rsa.cryptoj.o;

import com.rsa.crypto.AlgorithmStrings;
import com.rsa.crypto.CryptoModule;
import com.rsa.crypto.DHPrivateKey;
import com.rsa.crypto.DHPublicKey;
import com.rsa.crypto.DomainParams;
import com.rsa.crypto.ECParams;
import com.rsa.crypto.ECPrivateKey;
import com.rsa.crypto.ECPublicKey;
import com.rsa.crypto.Key;
import com.rsa.crypto.KeyAgreement;
import com.rsa.crypto.PQGParams;
import com.rsa.crypto.PrivateKey;
import com.rsa.crypto.PublicKey;
import com.rsa.crypto.SecureRandom;
import com.rsa.cryptoj.o.du;
import java.io.Serializable;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.List;
import javax.crypto.KeyAgreementSpi;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactorySpi;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public abstract class ko extends KeyAgreementSpi implements Serializable {

    /* renamed from: c, reason: collision with root package name */
    private static final String f2193c = "TlsPremasterSecret";

    /* renamed from: d, reason: collision with root package name */
    private static final String f2194d = "Cannot build a secret key of algorithm ";

    /* renamed from: a, reason: collision with root package name */
    protected final KeyAgreement f2195a;

    /* renamed from: b, reason: collision with root package name */
    protected DomainParams f2196b;
    private final CryptoModule e;
    private final ch f;
    private final List<cc> g;
    private SecureRandom h;
    private Key i;

    public ko(String str, ch chVar, List<cc> list) {
        CryptoModule[] cryptoModuleArr = new CryptoModule[1];
        this.f2195a = Cdo.g(str, chVar, list, cryptoModuleArr);
        this.e = cryptoModuleArr[0];
        this.f = chVar;
        this.g = list;
    }

    private DomainParams b(Key key) {
        if (key instanceof PrivateKey) {
            if (key instanceof DHPrivateKey) {
                return ((DHPrivateKey) key).getParams();
            }
            if (key instanceof ECPrivateKey) {
                return ((ECPrivateKey) key).getParams();
            }
            return null;
        }
        if (!(key instanceof PublicKey)) {
            return null;
        }
        if (key instanceof DHPublicKey) {
            return ((DHPublicKey) key).getParams();
        }
        if (key instanceof ECPublicKey) {
            return ((ECPublicKey) key).getParams();
        }
        return null;
    }

    PrivateKey a(java.security.PrivateKey privateKey) {
        this.i = ks.a(privateKey, a(), this.e);
        Key key = this.i;
        return key == null ? ((fq) privateKey).b() : (PrivateKey) key;
    }

    PublicKey a(Key key) {
        return (PublicKey) key;
    }

    PublicKey a(java.security.PublicKey publicKey) {
        this.i = ks.a(publicKey, a(), this.e);
        Key key = this.i;
        return key == null ? ((fr) publicKey).b() : (PublicKey) key;
    }

    abstract String a();

    abstract void a(DomainParams domainParams, boolean z);

    abstract void a(AlgorithmParameterSpec algorithmParameterSpec, PrivateKey privateKey);

    protected boolean a(DomainParams domainParams, DomainParams domainParams2) {
        if ((domainParams instanceof PQGParams) && (domainParams2 instanceof PQGParams)) {
            return cz.a((PQGParams) domainParams, (PQGParams) domainParams2);
        }
        if ((domainParams instanceof ECParams) && (domainParams2 instanceof ECParams)) {
            return cz.a((ECParams) domainParams, (ECParams) domainParams2);
        }
        return false;
    }

    void b() {
        du.a.a(this.f2195a);
        du.a.a(this.i);
    }

    @Override // javax.crypto.KeyAgreementSpi
    public java.security.Key engineDoPhase(java.security.Key key, boolean z) {
        if (!(key instanceof java.security.PublicKey)) {
            throw new InvalidKeyException("The given key was not an instance of PublicKey.");
        }
        try {
            PublicKey a2 = a((java.security.PublicKey) key);
            if (this.f2196b == null) {
                this.f2196b = b(a2);
            }
            if (!a(this.f2196b, b(a2))) {
                if (!(key instanceof fr) || ((fr) key).b() != a2) {
                    a2.clearSensitiveData();
                }
                throw new InvalidKeyException("Given key does not match initialized key");
            }
            if (this.e.getDeviceType().equalsIgnoreCase(cc.f1797a.toString()) && !a2.isValid(this.h)) {
                throw new InvalidKeyException("Given key is not valid");
            }
            try {
                PublicKey a3 = a(this.f2195a.doPhase(a2, z));
                if (a3 == null) {
                    return null;
                }
                return fj.a(a(), a3, this.e);
            } finally {
                du.a.a(this.i);
            }
        } catch (com.rsa.crypto.InvalidKeyException e) {
            throw new InvalidKeyException(e.getMessage());
        }
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected int engineGenerateSecret(byte[] bArr, int i) {
        byte[] engineGenerateSecret = engineGenerateSecret();
        if (bArr.length - i < engineGenerateSecret.length) {
            throw new ShortBufferException("buffer too small");
        }
        System.arraycopy(engineGenerateSecret, 0, bArr, i, engineGenerateSecret.length);
        du.a.a(engineGenerateSecret);
        return engineGenerateSecret.length;
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected SecretKey engineGenerateSecret(String str) {
        KeySpec secretKeySpec;
        SecretKeyFactorySpi nwVar;
        if (str == null) {
            throw new NoSuchAlgorithmException("null algorithm");
        }
        byte[] engineGenerateSecret = engineGenerateSecret();
        int i = 16;
        if (str.equalsIgnoreCase(AlgorithmStrings.AES)) {
            if (engineGenerateSecret.length >= 32) {
                i = 32;
            } else if (engineGenerateSecret.length >= 24) {
                i = 24;
            } else if (engineGenerateSecret.length < 16) {
                throw new InvalidKeyException("Cannot build a secret key of algorithm AES");
            }
            secretKeySpec = new SecretKeySpec(engineGenerateSecret, 0, i, AlgorithmStrings.AES);
            nwVar = new nt(this.f, this.g, null);
        } else if (str.equalsIgnoreCase(AlgorithmStrings.DES)) {
            secretKeySpec = new DESKeySpec(engineGenerateSecret);
            nwVar = new nx(this.f, this.g);
        } else if (str.equalsIgnoreCase(AlgorithmStrings.DESEDE) || str.equalsIgnoreCase("TripleDES")) {
            if (engineGenerateSecret.length >= 24) {
                i = 24;
            } else if (engineGenerateSecret.length < 16) {
                if (engineGenerateSecret.length < 8) {
                    throw new InvalidKeyException("Cannot build a secret key of algorithm DESede");
                }
                i = 8;
            }
            secretKeySpec = new SecretKeySpec(engineGenerateSecret, 0, i, AlgorithmStrings.DESEDE);
            nwVar = new nw(this.f, this.g);
        } else if (str.equalsIgnoreCase(AlgorithmStrings.RC2)) {
            secretKeySpec = new SecretKeySpec(engineGenerateSecret, AlgorithmStrings.RC2);
            nwVar = new of(this.f, this.g);
        } else if (str.equalsIgnoreCase(AlgorithmStrings.RC4)) {
            secretKeySpec = new SecretKeySpec(engineGenerateSecret, AlgorithmStrings.RC4);
            nwVar = new og(this.f, this.g);
        } else {
            if (!str.equalsIgnoreCase(AlgorithmStrings.RC5)) {
                if (str.equalsIgnoreCase(f2193c)) {
                    return new SecretKeySpec(engineGenerateSecret, f2193c);
                }
                throw new NoSuchAlgorithmException(b.a.a.a.a.a(f2194d, str));
            }
            secretKeySpec = new SecretKeySpec(engineGenerateSecret, AlgorithmStrings.RC5);
            nwVar = new oh(this.f, this.g);
        }
        try {
            return nwVar.engineGenerateSecret(secretKeySpec);
        } catch (InvalidKeySpecException unused) {
            throw new InvalidKeyException(b.a.a.a.a.a(f2194d, str));
        }
    }

    @Override // javax.crypto.KeyAgreementSpi
    public byte[] engineGenerateSecret() {
        try {
            return this.f2195a.getSecret();
        } catch (com.rsa.crypto.InvalidKeyException e) {
            throw new IllegalStateException(e.getMessage());
        }
    }

    @Override // javax.crypto.KeyAgreementSpi
    public void engineInit(java.security.Key key, java.security.SecureRandom secureRandom) {
        try {
            engineInit(key, null, secureRandom);
        } catch (InvalidAlgorithmParameterException e) {
            throw new InvalidKeyException(e.getMessage());
        }
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected void engineInit(java.security.Key key, AlgorithmParameterSpec algorithmParameterSpec, java.security.SecureRandom secureRandom) {
        if (algorithmParameterSpec instanceof oo) {
            b();
            return;
        }
        if (!(key instanceof java.security.PrivateKey)) {
            throw new InvalidKeyException("The given key was not an instance of PrivateKey.");
        }
        du.a.a(this.i);
        PrivateKey a2 = a((java.security.PrivateKey) key);
        this.h = dd.a(secureRandom, this.f);
        try {
            a(algorithmParameterSpec, a2);
            this.f2196b = b(a2);
            a(this.f2196b, this.f.e());
            this.f2195a.init(a2);
        } catch (com.rsa.crypto.InvalidKeyException e) {
            du.a.a(this.i);
            throw new InvalidKeyException(e.getMessage());
        }
    }
}
