package ru.CryptoPro.ssl;

import java.io.IOException;
import java.security.AlgorithmConstraints;
import java.security.CryptoPrimitive;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPublicKeySpec;
import java.util.EnumSet;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.net.ssl.SSLHandshakeException;

/* loaded from: classes5.dex */
final class cl_25 {
    private PrivateKey a;
    private ECPublicKey b;

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_25(String str, SecureRandom secureRandom) {
        try {
            KeyPairGenerator e = cl_73.e("EC");
            e.initialize(new ECGenParameterSpec(str), secureRandom);
            KeyPair generateKeyPair = e.generateKeyPair();
            this.a = generateKeyPair.getPrivate();
            this.b = (ECPublicKey) generateKeyPair.getPublic();
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException("Could not generate DH keypair", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_25(PrivateKey privateKey, PublicKey publicKey) {
        this.a = privateKey;
        this.b = (ECPublicKey) publicKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public cl_25(ECParameterSpec eCParameterSpec, SecureRandom secureRandom) {
        try {
            KeyPairGenerator e = cl_73.e("EC");
            e.initialize(eCParameterSpec, secureRandom);
            KeyPair generateKeyPair = e.generateKeyPair();
            this.a = generateKeyPair.getPrivate();
            this.b = (ECPublicKey) generateKeyPair.getPublic();
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException("Could not generate DH keypair", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PublicKey a() {
        return this.b;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey a(PublicKey publicKey) throws SSLHandshakeException {
        try {
            KeyAgreement f = cl_73.f("ECDH");
            f.init(this.a);
            f.doPhase(publicKey, true);
            return f.generateSecret("TlsPremasterSecret");
        } catch (GeneralSecurityException e) {
            throw ((SSLHandshakeException) new SSLHandshakeException("Could not generate secret").initCause(e));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecretKey a(byte[] bArr) throws SSLHandshakeException {
        try {
            ECParameterSpec params = this.b.getParams();
            return a(cl_73.h("EC").generatePublic(new ECPublicKeySpec(cl_73.a(bArr, params.getCurve()), params)));
        } catch (IOException | GeneralSecurityException e) {
            throw ((SSLHandshakeException) new SSLHandshakeException("Could not generate secret").initCause(e));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(AlgorithmConstraints algorithmConstraints, byte[] bArr) throws SSLHandshakeException {
        try {
            ECParameterSpec params = this.b.getParams();
            if (algorithmConstraints.permits(EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), (ECPublicKey) cl_73.h("EC").generatePublic(new ECPublicKeySpec(cl_73.a(bArr, params.getCurve()), params)))) {
            } else {
                throw new SSLHandshakeException("ECPublicKey does not comply to algorithm constraints");
            }
        } catch (IOException | GeneralSecurityException e) {
            throw ((SSLHandshakeException) new SSLHandshakeException("Could not generate ECPublicKey").initCause(e));
        }
    }
}
