package p0;

import e1.h;
import e1.j;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import javax.crypto.SecretKey;
import m0.i;
import org.json.JSONObject;
import s0.l;
import s0.m;
import s0.n;

/* compiled from: EciesDigitalEnvelopeUtil.java */
/* loaded from: classes.dex */
public class d {

    /* renamed from: a, reason: collision with root package name */
    private static final Object f18651a = new Object();

    /* JADX INFO: Access modifiers changed from: package-private */
    public static q0.g a(i iVar, String str, m mVar, l lVar) {
        PublicKey publicKey = null;
        long j10 = 0;
        if (!iVar.x(str)) {
            try {
                if (iVar.j(str)) {
                    x0.c h10 = iVar.p().f(str).h();
                    publicKey = h10.d().getPublicKey();
                    j10 = h10.f();
                }
            } catch (t0.a unused) {
                e1.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData no valid domain name set");
            }
            if (publicKey == null) {
                e1.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData missing " + str + " online certificate");
            }
        }
        if (publicKey == null) {
            s0.a b10 = iVar.p().b(str);
            if (b10 != null && b10.a() != null) {
                publicKey = h.b(e1.a.a(b10.a()), "EC");
                j10 = b10.b();
            }
            if (publicKey == null) {
                e1.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData missing " + str + " hardcoded public key");
            }
        }
        if (lVar != null && !(lVar instanceof q0.f)) {
            throw new t0.c("Negotiation parameters only support type EciesNegotiationParam");
        }
        q0.g b11 = b(mVar, (q0.f) lVar, publicKey, j10);
        e1.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData negotiate a latest secret key");
        if (mVar.f()) {
            synchronized (f18651a) {
                n t10 = iVar.t(str, mVar.d());
                if (t10 != null && !t10.g() && (t10 instanceof q0.g)) {
                    b11 = (q0.g) t10;
                }
                iVar.K(str, b11);
                e1.i.a("EciesDigitalEnvelopeUtil", "createAndSaveSceneData adopt and save to cryptoCore");
            }
        }
        return b11;
    }

    private static q0.g b(m mVar, q0.f fVar, PublicKey publicKey, long j10) {
        if (publicKey == null) {
            throw new InvalidKeyException("Missing biz public key.");
        }
        if (!publicKey.getAlgorithm().equals("EC")) {
            throw new InvalidKeyException("Current scene only supports EC key, not " + publicKey.getAlgorithm() + ". Please specify the correct biz or biz public key.");
        }
        q0.g gVar = new q0.g();
        j.o(mVar, gVar);
        q0.e eVar = new q0.e();
        gVar.r(f(q0.c.NIST_P, q0.d.HKDF256, publicKey, fVar, mVar.a().c() / 8, eVar));
        gVar.s(eVar);
        gVar.q(j10);
        return gVar;
    }

    private static byte[] c(q0.c cVar, PrivateKey privateKey, PublicKey publicKey) {
        if (cVar == q0.c.NIST_P) {
            return j0.c.a(privateKey, publicKey);
        }
        throw new InvalidAlgorithmParameterException("Unsupported " + cVar);
    }

    private static KeyPair d(q0.c cVar, AlgorithmParameterSpec algorithmParameterSpec) {
        if (cVar == q0.c.NIST_P) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(algorithmParameterSpec, new SecureRandom());
            return keyPairGenerator.generateKeyPair();
        }
        throw new InvalidAlgorithmParameterException("Unsupported " + cVar);
    }

    private static byte[] e(byte[] bArr, q0.d dVar, q0.f fVar, int i10, q0.e eVar) {
        byte[] bArr2;
        boolean z7;
        if (dVar != q0.d.HKDF256) {
            throw new InvalidAlgorithmParameterException("Unsupported " + dVar);
        }
        if (fVar != null) {
            bArr2 = fVar.a();
            z7 = fVar.b();
        } else {
            bArr2 = null;
            z7 = false;
        }
        byte[] bArr3 = new byte[32];
        if (z7) {
            new SecureRandom().nextBytes(bArr3);
        } else {
            Arrays.fill(bArr3, (byte) 0);
        }
        if (eVar != null) {
            if (z7) {
                eVar.g(bArr3);
            }
            if (bArr2 != null) {
                eVar.f(bArr2);
            }
        }
        byte[] bytes = "".getBytes(StandardCharsets.UTF_8);
        if (bArr2 == null) {
            bArr2 = bytes;
        }
        return j0.e.b(bArr, bArr3, bArr2, i10);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecretKey f(q0.c cVar, q0.d dVar, PublicKey publicKey, q0.f fVar, int i10, q0.e eVar) {
        if (!(publicKey instanceof ECPublicKey)) {
            throw new InvalidKeyException("Only supports 'ECPublicKey' type, not '" + publicKey.getClass().getName());
        }
        KeyPair d10 = d(cVar, ((ECPublicKey) publicKey).getParams());
        PublicKey publicKey2 = d10.getPublic();
        PrivateKey privateKey = d10.getPrivate();
        if (eVar != null) {
            eVar.h(publicKey2.getEncoded());
        }
        return h.c(e(c(cVar, privateKey, publicKey), dVar, fVar, i10, eVar), "AES");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String g(q0.d dVar, q0.e eVar, s0.d dVar2) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("tmpPublicKey", e1.a.b(eVar.d()));
        if (dVar != q0.d.HKDF256) {
            throw new InvalidAlgorithmParameterException("Unsupported " + dVar);
        }
        if (eVar.c() != null) {
            jSONObject.put("salt", e1.a.b(eVar.c()));
        }
        if (eVar.b() != null) {
            jSONObject.put("info", e1.a.b(eVar.b()));
        }
        jSONObject.put("cipherInfo", new JSONObject(a.a(dVar2)));
        return jSONObject.toString();
    }
}
