package oracle.security.xmlsec.keys;

import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.KeyAgreement;
import javax.crypto.interfaces.DHPublicKey;
import oracle.security.crypto.util.Utils;
import oracle.security.xmlsec.dsig.XSAlgorithmIdentifier;
import oracle.security.xmlsec.enc.OriginatorKeyInfo;
import oracle.security.xmlsec.enc.XECipherException;
import oracle.security.xmlsec.enc.XEEncryptionMethod;
import oracle.security.xmlsec.enc.XESchemaException;
import oracle.security.xmlsec.util.URIManager;
import oracle.security.xmlsec.util.XMLURI;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:oracle/security/xmlsec/keys/DHAgreementMethod.class */
public class DHAgreementMethod extends AgreementMethod {
    public DHAgreementMethod(Element element) throws DOMException {
        super(element);
    }

    public DHAgreementMethod(Element element, String str) throws DOMException {
        super(element, str);
    }

    public DHAgreementMethod(Document document) throws DOMException {
        super(document, XMLURI.alg_dh);
    }

    @Override // oracle.security.xmlsec.keys.AgreementMethod
    public void setAlgorithm(String str) {
        if (!str.equals(XMLURI.alg_dh)) {
            throw new IllegalArgumentException("Unknown Diffie-Hellman key agreement algorithm: " + str);
        }
        setAttribute("Algorithm", XMLURI.alg_dh);
    }

    @Override // oracle.security.xmlsec.keys.KeyInfoData
    public String getType() {
        return XMLURI.alg_dh;
    }

    @Override // oracle.security.xmlsec.keys.AgreementMethod
    public byte[] generateKeyMaterial(XEEncryptionMethod xEEncryptionMethod, PrivateKey privateKey, PublicKey publicKey) throws XESchemaException, XECipherException {
        byte[] bArr;
        try {
            KeyAgreement keyAgreement = KeyAgreement.getInstance("DiffieHellman");
            keyAgreement.init(privateKey);
            keyAgreement.doPhase(publicKey, true);
            byte[] generateSecret = keyAgreement.generateSecret();
            if (generateSecret[0] == 0) {
                bArr = new byte[generateSecret.length - 1];
                System.arraycopy(generateSecret, 1, bArr, 0, bArr.length);
            } else {
                bArr = generateSecret;
            }
            int keySize = xEEncryptionMethod.keySize();
            XSAlgorithmIdentifier digestMethod = getDigestMethod();
            if (digestMethod == null) {
                throw new XESchemaException("DigestMethod is not specified in this AgreementMethod element");
            }
            String algorithm = digestMethod.getAlgorithm();
            int i = keySize / 8;
            byte[] bArr2 = new byte[i];
            int i2 = 1;
            String algorithm2 = xEEncryptionMethod.getAlgorithm();
            byte[] kANonce = getKANonce();
            try {
                MessageDigest messageDigest = MessageDigest.getInstance(URIManager.getURIManager().getJCEAlgorithm(algorithm));
                int digestLength = messageDigest.getDigestLength();
                int i3 = 0;
                while (i3 < i) {
                    messageDigest.update(bArr);
                    messageDigest.update(Utils.toUTF8(Utils.toHexString(new byte[]{(byte) i2}).toUpperCase()));
                    messageDigest.update(algorithm2.getBytes());
                    if (kANonce != null) {
                        messageDigest.update(kANonce);
                    }
                    messageDigest.update(Utils.toUTF8(Integer.toString(keySize)));
                    System.arraycopy(messageDigest.digest(), 0, bArr2, i3, i3 < i - digestLength ? digestLength : i - i3);
                    i3 += digestLength;
                    i2++;
                }
                return bArr2;
            } catch (NoSuchAlgorithmException e) {
                throw new XECipherException(e);
            }
        } catch (InvalidKeyException e2) {
            IllegalArgumentException illegalArgumentException = new IllegalArgumentException("Key is not a DiffieHellman key");
            illegalArgumentException.initCause(e2);
            throw illegalArgumentException;
        } catch (NoSuchAlgorithmException e3) {
            IllegalArgumentException illegalArgumentException2 = new IllegalArgumentException("JCE provider doesn't support DH");
            illegalArgumentException2.initCause(e3);
            throw illegalArgumentException2;
        }
    }

    @Override // oracle.security.xmlsec.keys.AgreementMethod
    public KeyPair setToDefaultParameters(KeyPair keyPair, PublicKey publicKey, String str) throws XECipherException {
        if (keyPair == null) {
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DiffieHellman");
                keyPairGenerator.initialize(((DHPublicKey) publicKey).getParams());
                keyPair = keyPairGenerator.generateKeyPair();
            } catch (InvalidAlgorithmParameterException e) {
                throw new XECipherException(e);
            } catch (NoSuchAlgorithmException e2) {
                throw new XECipherException(e2);
            }
        }
        setDigestMethod(XMLURI.alg_sha1);
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        setKANonce(bArr);
        DHKeyValue dHKeyValue = new DHKeyValue(getOwnerDocument(), (DHPublicKey) keyPair.getPublic());
        OriginatorKeyInfo originatorKeyInfo = new OriginatorKeyInfo(getOwnerDocument());
        originatorKeyInfo.addKeyInfoData(new KeyValue(getOwnerDocument(), dHKeyValue));
        setOriginatorKeyInfo(originatorKeyInfo);
        return keyPair;
    }
}
