package org.spongycastle.tls.crypto.impl.jcajce;

import HeartSutra.C1618br0;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.interfaces.RSAPublicKey;
import java.util.Hashtable;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import org.spongycastle.jcajce.util.DefaultJcaJceHelper;
import org.spongycastle.jcajce.util.JcaJceHelper;
import org.spongycastle.tls.HashAlgorithm;
import org.spongycastle.tls.MACAlgorithm;
import org.spongycastle.tls.ProtocolVersion;
import org.spongycastle.tls.SignatureAndHashAlgorithm;
import org.spongycastle.tls.TlsException;
import org.spongycastle.tls.TlsFatalAlert;
import org.spongycastle.tls.TlsUtils;
import org.spongycastle.tls.crypto.TlsCertificate;
import org.spongycastle.tls.crypto.TlsCipher;
import org.spongycastle.tls.crypto.TlsCryptoParameters;
import org.spongycastle.tls.crypto.TlsDHConfig;
import org.spongycastle.tls.crypto.TlsDHDomain;
import org.spongycastle.tls.crypto.TlsECConfig;
import org.spongycastle.tls.crypto.TlsECDomain;
import org.spongycastle.tls.crypto.TlsHash;
import org.spongycastle.tls.crypto.TlsNonceGenerator;
import org.spongycastle.tls.crypto.TlsSRP6Client;
import org.spongycastle.tls.crypto.TlsSRP6Server;
import org.spongycastle.tls.crypto.TlsSRP6VerifierGenerator;
import org.spongycastle.tls.crypto.TlsSRPConfig;
import org.spongycastle.tls.crypto.TlsSecret;
import org.spongycastle.tls.crypto.impl.AbstractTlsCrypto;
import org.spongycastle.tls.crypto.impl.TlsAEADCipher;
import org.spongycastle.tls.crypto.impl.TlsBlockCipher;
import org.spongycastle.tls.crypto.impl.TlsBlockCipherImpl;
import org.spongycastle.tls.crypto.impl.TlsEncryptor;
import org.spongycastle.tls.crypto.impl.TlsNullCipher;
import org.spongycastle.tls.crypto.impl.jcajce.srp.SRP6Client;
import org.spongycastle.tls.crypto.impl.jcajce.srp.SRP6Server;
import org.spongycastle.util.Arrays;

/* loaded from: classes2.dex */
public class JcaTlsCrypto extends AbstractTlsCrypto {
    public final JcaJceHelper a;
    public final SecureRandom b;
    public final SecureRandom c;

    /* renamed from: org.spongycastle.tls.crypto.impl.jcajce.JcaTlsCrypto$3, reason: invalid class name */
    /* loaded from: classes2.dex */
    class AnonymousClass3 implements TlsSRP6VerifierGenerator {
    }

    public JcaTlsCrypto(DefaultJcaJceHelper defaultJcaJceHelper, SecureRandom secureRandom, SecureRandom secureRandom2) {
        new Hashtable();
        this.a = defaultJcaJceHelper;
        this.b = secureRandom;
        this.c = secureRandom2;
    }

    public static String x(short s) {
        switch (s) {
            case 1:
                return "MD5";
            case 2:
                return "SHA-1";
            case 3:
                return "SHA-224";
            case 4:
                return "SHA-256";
            case 5:
                return "SHA-384";
            case 6:
                return "SHA-512";
            default:
                throw new IllegalArgumentException("unknown HashAlgorithm: " + HashAlgorithm.a(s));
        }
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final SecureRandom a() {
        return this.b;
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final boolean b(int i) {
        JcaJceHelper jcaJceHelper = this.a;
        switch (i) {
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
                return false;
            case 7:
            case 8:
            case 9:
            case 12:
            case 13:
            case 14:
            case 22:
            case 23:
            default:
                return true;
            case 10:
            case 11:
                jcaJceHelper.d("AES/GCM/NoPadding");
                break;
            case 15:
            case 16:
            case 17:
            case 18:
                jcaJceHelper.d("AES/CCM/NoPadding");
                break;
            case 19:
            case 20:
                jcaJceHelper.d("CAMELLIA/GCM/NoPadding");
                break;
            case C1618br0.zzm /* 21 */:
                jcaJceHelper.d("ChaCha7539");
                jcaJceHelper.b("Poly1305");
                break;
            case 24:
            case 25:
                jcaJceHelper.d("ARIA/GCM/NoPadding");
                break;
        }
        return true;
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final boolean c() {
        try {
            w();
            return true;
        } catch (GeneralSecurityException unused) {
            return false;
        }
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsHash d(short s) {
        try {
            return new JcaTlsHash(this.a.h(x(s)));
        } catch (GeneralSecurityException e) {
            throw new IllegalArgumentException("unable to create message digest:" + e.getMessage(), e);
        }
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsDHDomain e(TlsDHConfig tlsDHConfig) {
        return new JceTlsDHDomain(this, tlsDHConfig);
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsSRP6Server f(TlsSRPConfig tlsSRPConfig, BigInteger bigInteger) {
        final SRP6Server sRP6Server = new SRP6Server();
        BigInteger[] a = tlsSRPConfig.a();
        BigInteger bigInteger2 = a[0];
        BigInteger bigInteger3 = a[1];
        TlsHash d = d((short) 2);
        sRP6Server.a = bigInteger2;
        sRP6Server.b = bigInteger3;
        sRP6Server.c = bigInteger;
        sRP6Server.d = this.b;
        sRP6Server.e = d;
        return new TlsSRP6Server() { // from class: org.spongycastle.tls.crypto.impl.jcajce.JcaTlsCrypto.2
            @Override // org.spongycastle.tls.crypto.TlsSRP6Server
            public final BigInteger a(BigInteger bigInteger4) {
                try {
                    return SRP6Server.this.a(bigInteger4);
                } catch (IllegalArgumentException e) {
                    throw new TlsFatalAlert((short) 47, e);
                }
            }

            @Override // org.spongycastle.tls.crypto.TlsSRP6Server
            public final BigInteger b() {
                return SRP6Server.this.b();
            }
        };
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsCertificate g(byte[] bArr) {
        return new JcaTlsCertificate(this, bArr);
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsSecret h(ProtocolVersion protocolVersion) {
        byte[] bArr = new byte[48];
        this.b.nextBytes(bArr);
        TlsUtils.I(protocolVersion, bArr, 0);
        return new JceTlsSecret(this, bArr);
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsECDomain i(TlsECConfig tlsECConfig) {
        return new JceTlsECDomain(this, tlsECConfig);
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsSRP6Client j(TlsSRPConfig tlsSRPConfig) {
        final SRP6Client sRP6Client = new SRP6Client();
        BigInteger[] a = tlsSRPConfig.a();
        BigInteger bigInteger = a[0];
        BigInteger bigInteger2 = a[1];
        TlsHash d = d((short) 2);
        sRP6Client.a = bigInteger;
        sRP6Client.b = bigInteger2;
        sRP6Client.h = d;
        sRP6Client.i = this.b;
        return new TlsSRP6Client() { // from class: org.spongycastle.tls.crypto.impl.jcajce.JcaTlsCrypto.1
            @Override // org.spongycastle.tls.crypto.TlsSRP6Client
            public final BigInteger a(BigInteger bigInteger3) {
                try {
                    return SRP6Client.this.a(bigInteger3);
                } catch (IllegalArgumentException e) {
                    throw new TlsFatalAlert((short) 47, e);
                }
            }

            @Override // org.spongycastle.tls.crypto.TlsSRP6Client
            public final BigInteger b(byte[] bArr, byte[] bArr2, byte[] bArr3) {
                return SRP6Client.this.b(bArr, bArr2, bArr3);
            }
        };
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final boolean k() {
        return !(Security.getProvider("SunMSCAPI") != null);
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsSecret l(byte[] bArr) {
        return new JceTlsSecret(this, Arrays.d(bArr));
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final TlsNonceGenerator n(byte[] bArr) {
        return new JcaNonceGenerator(this.c, bArr);
    }

    @Override // org.spongycastle.tls.crypto.TlsCrypto
    public final boolean o(SignatureAndHashAlgorithm signatureAndHashAlgorithm) {
        return signatureAndHashAlgorithm.a != 3 || Security.getProvider("SunMSCAPI") == null;
    }

    @Override // org.spongycastle.tls.crypto.impl.AbstractTlsCrypto
    public final TlsCipher p(TlsCryptoParameters tlsCryptoParameters, int i, int i2) {
        try {
            if (i == 0) {
                return new TlsNullCipher(tlsCryptoParameters, v(i2), v(i2));
            }
            if (i == 103) {
                return new TlsAEADCipher(tlsCryptoParameters, r("AES/OCB/NoPadding", "AES", true), r("AES/OCB/NoPadding", "AES", false), 16, 12, 2);
            }
            if (i == 104) {
                return new TlsAEADCipher(tlsCryptoParameters, r("AES/OCB/NoPadding", "AES", true), r("AES/OCB/NoPadding", "AES", false), 32, 12, 2);
            }
            switch (i) {
                case 7:
                    return new TlsBlockCipher(this, tlsCryptoParameters, s(tlsCryptoParameters, "DESede", true), s(tlsCryptoParameters, "DESede", false), v(i2), v(i2), 24);
                case 8:
                    return new TlsBlockCipher(this, tlsCryptoParameters, s(tlsCryptoParameters, "AES", true), s(tlsCryptoParameters, "AES", false), v(i2), v(i2), 16);
                case 9:
                    return new TlsBlockCipher(this, tlsCryptoParameters, s(tlsCryptoParameters, "AES", true), s(tlsCryptoParameters, "AES", false), v(i2), v(i2), 32);
                case 10:
                    return new TlsAEADCipher(tlsCryptoParameters, r("AES/GCM/NoPadding", "AES", true), r("AES/GCM/NoPadding", "AES", false), 16, 16, 1);
                case 11:
                    return new TlsAEADCipher(tlsCryptoParameters, r("AES/GCM/NoPadding", "AES", true), r("AES/GCM/NoPadding", "AES", false), 32, 16, 1);
                case 12:
                    return new TlsBlockCipher(this, tlsCryptoParameters, s(tlsCryptoParameters, "Camellia", true), s(tlsCryptoParameters, "Camellia", false), v(i2), v(i2), 16);
                case 13:
                    return new TlsBlockCipher(this, tlsCryptoParameters, s(tlsCryptoParameters, "Camellia", true), s(tlsCryptoParameters, "Camellia", false), v(i2), v(i2), 32);
                case 14:
                    return new TlsBlockCipher(this, tlsCryptoParameters, s(tlsCryptoParameters, "SEED", true), s(tlsCryptoParameters, "SEED", false), v(i2), v(i2), 16);
                case 15:
                    return t(tlsCryptoParameters, 16, 16);
                case 16:
                    return t(tlsCryptoParameters, 16, 8);
                case 17:
                    return t(tlsCryptoParameters, 32, 16);
                case 18:
                    return t(tlsCryptoParameters, 32, 8);
                case 19:
                    return new TlsAEADCipher(tlsCryptoParameters, r("Camellia/GCM/NoPadding", "Camellia", true), r("Camellia/GCM/NoPadding", "Camellia", false), 16, 16, 1);
                case 20:
                    return new TlsAEADCipher(tlsCryptoParameters, r("Camellia/GCM/NoPadding", "Camellia", true), r("Camellia/GCM/NoPadding", "Camellia", false), 32, 16, 1);
                case C1618br0.zzm /* 21 */:
                    JcaJceHelper jcaJceHelper = this.a;
                    return new TlsAEADCipher(tlsCryptoParameters, new JceChaCha20Poly1305(jcaJceHelper, true), new JceChaCha20Poly1305(jcaJceHelper, false), 32, 16, 2);
                case 22:
                    return new TlsBlockCipher(this, tlsCryptoParameters, s(tlsCryptoParameters, "ARIA", true), s(tlsCryptoParameters, "ARIA", false), v(i2), v(i2), 16);
                case 23:
                    return new TlsBlockCipher(this, tlsCryptoParameters, s(tlsCryptoParameters, "ARIA", true), s(tlsCryptoParameters, "ARIA", false), v(i2), v(i2), 32);
                case 24:
                    return new TlsAEADCipher(tlsCryptoParameters, r("ARIA/GCM/NoPadding", "ARIA", true), r("ARIA/GCM/NoPadding", "ARIA", false), 16, 16, 1);
                case 25:
                    return new TlsAEADCipher(tlsCryptoParameters, r("ARIA/GCM/NoPadding", "ARIA", true), r("ARIA/GCM/NoPadding", "ARIA", false), 32, 16, 1);
                default:
                    throw new TlsFatalAlert((short) 80, null);
            }
        } catch (GeneralSecurityException e) {
            throw new TlsException("cannot create cipher: " + e.getMessage(), e);
        }
    }

    @Override // org.spongycastle.tls.crypto.impl.AbstractTlsCrypto
    public final TlsEncryptor q(TlsCertificate tlsCertificate) {
        JcaTlsCertificate e = JcaTlsCertificate.e(this, tlsCertificate);
        e.h(32);
        final RSAPublicKey f = e.f();
        return new TlsEncryptor() { // from class: org.spongycastle.tls.crypto.impl.jcajce.JcaTlsCrypto.4
            @Override // org.spongycastle.tls.crypto.impl.TlsEncryptor
            public final byte[] a(int i, byte[] bArr) {
                RSAPublicKey rSAPublicKey = f;
                JcaTlsCrypto jcaTlsCrypto = JcaTlsCrypto.this;
                try {
                    Cipher w = jcaTlsCrypto.w();
                    SecureRandom secureRandom = jcaTlsCrypto.b;
                    try {
                        w.init(3, rSAPublicKey, secureRandom);
                        return w.wrap(new SecretKeySpec(bArr, 0, i, "TLS"));
                    } catch (Exception unused) {
                        w.init(1, rSAPublicKey, secureRandom);
                        return w.doFinal(bArr, 0, i);
                    }
                } catch (GeneralSecurityException e2) {
                    throw new TlsFatalAlert((short) 80, e2);
                }
            }
        };
    }

    public final JceAEADCipherImpl r(String str, String str2, boolean z) {
        return new JceAEADCipherImpl(this.a.d(str), str2, z);
    }

    public final TlsBlockCipherImpl s(TlsCryptoParameters tlsCryptoParameters, String str, boolean z) {
        String concat = str.concat("/CBC/NoPadding");
        boolean h = ProtocolVersion.e.h(tlsCryptoParameters.a.a().c());
        JcaJceHelper jcaJceHelper = this.a;
        return h ? new JceBlockCipherImpl(jcaJceHelper.d(concat), str, z) : new JceBlockCipherWithCBCImplicitIVImpl(jcaJceHelper.d(concat), str, z);
    }

    public final TlsAEADCipher t(TlsCryptoParameters tlsCryptoParameters, int i, int i2) {
        return new TlsAEADCipher(tlsCryptoParameters, r("AES/CCM/NoPadding", "AES", true), r("AES/CCM/NoPadding", "AES", false), i, i2, 1);
    }

    public final JceTlsHMAC u(String str) {
        try {
            return new JceTlsHMAC(this.a.b(str), str);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("cannot create HMAC: ".concat(str), e);
        }
    }

    public final JceTlsHMAC v(int i) {
        if (i == 0) {
            return null;
        }
        if (i == 1) {
            return u("HmacMD5");
        }
        if (i == 2) {
            return u("HmacSHA1");
        }
        if (i == 3) {
            return u("HmacSHA256");
        }
        if (i == 4) {
            return u("HmacSHA384");
        }
        if (i == 5) {
            return u("HmacSHA512");
        }
        throw new IllegalArgumentException("unknown MACAlgorithm: " + MACAlgorithm.a(i));
    }

    public final Cipher w() {
        JcaJceHelper jcaJceHelper = this.a;
        try {
            return jcaJceHelper.d("RSA/NONE/PKCS1Padding");
        } catch (GeneralSecurityException unused) {
            return jcaJceHelper.d("RSA/ECB/PKCS1Padding");
        }
    }
}
