package com.metabit.custom.safe.iip;

import com.metabit.custom.safe.iip.shared.AlgorithmSpec;
import com.metabit.custom.safe.iip.shared.CryptoFactory;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.DestroyFailedException;

/* loaded from: input_file:com/metabit/custom/safe/iip/ECDHEWithIntegrityPadding.class */
public class ECDHEWithIntegrityPadding implements AsymmetricEncryptionWithIIP {
    private final CryptoFactory cf;
    private final AlgorithmSpec algorithmSpec;
    private SecureRandom rng = new SecureRandom();
    private KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
    private SymmetricEncryptionWithIntegrityPadding symmetricEncryption;

    public ECDHEWithIntegrityPadding(CryptoFactory cryptoFactory, AlgorithmSpec algorithmSpec) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        this.cf = cryptoFactory;
        this.algorithmSpec = algorithmSpec;
        this.symmetricEncryption = new SymmetricEncryptionWithIntegrityPadding(cryptoFactory.getCipherFromCipherSpec(algorithmSpec), cryptoFactory);
    }

    SecretKey createEphemeralAESKey(PublicKey publicKey, PrivateKey privateKey, byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
        this.keyAgreement.init(privateKey);
        this.keyAgreement.doPhase(publicKey, true);
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(bArr);
        messageDigest.update(this.keyAgreement.generateSecret());
        return SecretKeyFactory.getInstance("AES").generateSecret(new SecretKeySpec(messageDigest.digest(), "AES"));
    }

    SecretKey createEphemeralAESKey(PublicKey[] publicKeyArr, PrivateKey privateKey, byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
        this.keyAgreement.init(privateKey);
        for (PublicKey publicKey : publicKeyArr) {
            this.keyAgreement.doPhase(publicKey, true);
        }
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(bArr);
        messageDigest.update(this.keyAgreement.generateSecret());
        return SecretKeyFactory.getInstance("AES").generateSecret(new SecretKeySpec(messageDigest.digest(), "AES"));
    }

    @Override // com.metabit.custom.safe.iip.AsymmetricEncryptionWithIIP
    public byte[] padEncryptAndPackage(byte[] bArr, PublicKey publicKey, PrivateKey privateKey, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, DestroyFailedException, InvalidKeySpecException {
        return this.symmetricEncryption.padAndEncrypt(bArr, createEphemeralAESKey(publicKey, privateKey, bArr2));
    }

    @Override // com.metabit.custom.safe.iip.AsymmetricEncryptionWithIIP
    public byte[] padEncryptAndPackage(byte[] bArr, PublicKey[] publicKeyArr, PrivateKey privateKey, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        return this.symmetricEncryption.padAndEncrypt(bArr, createEphemeralAESKey(publicKeyArr, privateKey, bArr2));
    }

    @Override // com.metabit.custom.safe.iip.AsymmetricEncryptionWithIIP
    public byte[] decryptAndVerify(byte[] bArr, PublicKey publicKey, PrivateKey privateKey, byte[] bArr2, byte[] bArr3) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return this.symmetricEncryption.decryptAndCheck(bArr, createEphemeralAESKey(publicKey, privateKey, bArr2), bArr3);
    }

    @Override // com.metabit.custom.safe.iip.AsymmetricEncryptionWithIIP
    public byte[] getSymmetricIV() {
        return this.symmetricEncryption.getIV();
    }
}
