package com.tencent.kona.sun.security.ec;

import com.tencent.kona.crypto.CryptoInsts;
import com.tencent.kona.crypto.spec.RFC5915EncodedKeySpec;
import com.tencent.kona.jdk.internal.misc.SharedSecretsUtil;
import com.tencent.kona.sun.security.util.ArrayUtil;
import com.tencent.kona.sun.security.util.CurveDB;
import com.tencent.kona.sun.security.util.DerOutputStream;
import com.tencent.kona.sun.security.util.DerValue;
import com.tencent.kona.sun.security.util.ECParameters;
import com.tencent.kona.sun.security.util.ECUtil;
import com.tencent.kona.sun.security.util.Oid;
import com.tencent.kona.sun.security.x509.AlgorithmId;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectStreamException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyRep;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.interfaces.ECPrivateKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;

/* loaded from: classes2.dex */
public final class RFC5915Key implements ECPrivateKey {
    private static final int V1 = 1;
    private AlgorithmId algid;
    private byte[] arrayS;
    private byte[] encodedKey;
    private byte[] key;
    private ECParameterSpec params;
    private ECPoint pubPoint;

    /* renamed from: s, reason: collision with root package name */
    private BigInteger f17792s;

    RFC5915Key(BigInteger bigInteger, ECPoint eCPoint, ECParameterSpec eCParameterSpec) throws InvalidKeyException {
        this.f17792s = bigInteger;
        this.params = eCParameterSpec;
        this.pubPoint = eCPoint;
        makeEncoding(bigInteger);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RFC5915Key(byte[] bArr) throws InvalidKeyException {
        decode(new ByteArrayInputStream(bArr));
        parseKeyBits();
    }

    RFC5915Key(byte[] bArr, ECPoint eCPoint, ECParameterSpec eCParameterSpec) throws InvalidKeyException {
        this.arrayS = (byte[]) bArr.clone();
        this.params = eCParameterSpec;
        this.pubPoint = eCPoint;
        makeEncoding(bArr);
    }

    private void decode(InputStream inputStream) throws InvalidKeyException {
        DerValue derValue;
        DerValue derValue2 = null;
        try {
            try {
                derValue = new DerValue(inputStream);
            } catch (IOException e2) {
                e = e2;
            }
        } catch (Throwable th) {
            th = th;
        }
        try {
            if (derValue.tag != 48) {
                throw new InvalidKeyException("invalid key format");
            }
            int integer = derValue.data.getInteger();
            if (integer != 1) {
                throw new InvalidKeyException("unknown version: " + integer);
            }
            this.key = derValue.data.getOctetString();
            if (derValue.data.available() == 0) {
                derValue.clear();
                return;
            }
            DerValue derValue3 = derValue.data.getDerValue();
            if (derValue3.isContextSpecific((byte) 0)) {
                AlgorithmId algorithmId = new AlgorithmId(AlgorithmId.EC_oid, derValue3.data.getDerValue());
                this.algid = algorithmId;
                AlgorithmParameters parameters = algorithmId.getParameters();
                if (parameters == null) {
                    throw new InvalidKeyException("EC domain parameters must be encoded in the algorithm identifier");
                }
                try {
                    this.params = (ECParameterSpec) parameters.getParameterSpec(ECParameterSpec.class);
                    if (derValue.data.available() == 0) {
                        derValue.clear();
                        return;
                    }
                    derValue3 = derValue.data.getDerValue();
                } catch (InvalidParameterSpecException e3) {
                    throw new InvalidKeyException("Invalid EC private key", e3);
                }
            }
            if (derValue3.isContextSpecific((byte) 1)) {
                this.pubPoint = ECUtil.decodePoint(derValue3.data.getUnalignedBitString().toByteArray(), this.params.getCurve());
                if (derValue.data.available() == 0) {
                    derValue.clear();
                    return;
                }
            }
            throw new InvalidKeyException("Extra bytes");
        } catch (IOException e4) {
            e = e4;
            derValue2 = derValue;
            throw new InvalidKeyException("IOException : " + e.getMessage());
        } catch (Throwable th2) {
            th = th2;
            derValue2 = derValue;
            if (derValue2 != null) {
                derValue2.clear();
            }
            throw th;
        }
    }

    private synchronized byte[] getEncodedInternal() {
        if (this.encodedKey == null) {
            DerOutputStream derOutputStream = new DerOutputStream();
            derOutputStream.putInteger(1);
            derOutputStream.putOctetString(this.key);
            if (this.algid != null) {
                DerOutputStream derOutputStream2 = new DerOutputStream();
                derOutputStream2.putOID(Oid.of(CurveDB.lookup(this.params).getObjectId()));
                derOutputStream.write(DerValue.createTag(Byte.MIN_VALUE, true, (byte) 0), derOutputStream2);
            }
            if (this.pubPoint != null) {
                DerOutputStream derOutputStream3 = new DerOutputStream();
                derOutputStream3.putBitString(ECUtil.encodePoint(this.pubPoint, this.params.getCurve()));
                derOutputStream.write(DerValue.createTag(Byte.MIN_VALUE, true, (byte) 1), derOutputStream3);
            }
            DerValue wrap = DerValue.wrap((byte) 48, derOutputStream);
            this.encodedKey = wrap.toByteArray();
            wrap.clear();
        }
        return this.encodedKey;
    }

    private void makeEncoding(BigInteger bigInteger) throws InvalidKeyException {
        this.algid = new AlgorithmId(AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(this.params));
        byte[] byteArray = bigInteger.toByteArray();
        byte[] bArr = new byte[(this.params.getOrder().bitLength() + 7) / 8];
        this.key = bArr;
        System.arraycopy(byteArray, Math.max(byteArray.length - bArr.length, 0), this.key, Math.max(this.key.length - byteArray.length, 0), Math.min(byteArray.length, this.key.length));
        Arrays.fill(byteArray, (byte) 0);
    }

    private void makeEncoding(byte[] bArr) throws InvalidKeyException {
        this.algid = new AlgorithmId(AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(this.params));
        byte[] bArr2 = (byte[]) bArr.clone();
        this.key = bArr2;
        ArrayUtil.reverse(bArr2);
    }

    static PrivateKey parseKey(byte[] bArr) throws IOException {
        try {
            RFC5915Key rFC5915Key = new RFC5915Key(bArr);
            RFC5915EncodedKeySpec rFC5915EncodedKeySpec = new RFC5915EncodedKeySpec(rFC5915Key.getEncodedInternal());
            try {
                PrivateKey generatePrivate = CryptoInsts.getKeyFactory("EC").generatePrivate(rFC5915EncodedKeySpec);
                if (generatePrivate != rFC5915Key) {
                    rFC5915Key.clear();
                }
                SharedSecretsUtil.secSpecClearEncodedKeySpec(rFC5915EncodedKeySpec);
                return generatePrivate;
            } catch (NoSuchAlgorithmException | InvalidKeySpecException unused) {
                SharedSecretsUtil.secSpecClearEncodedKeySpec(rFC5915EncodedKeySpec);
                return rFC5915Key;
            } catch (Throwable th) {
                rFC5915Key.clear();
                SharedSecretsUtil.secSpecClearEncodedKeySpec(rFC5915EncodedKeySpec);
                throw th;
            }
        } catch (InvalidKeyException e2) {
            throw new IOException("corrupt private key", e2);
        }
    }

    private void parseKeyBits() throws InvalidKeyException {
        byte[] bArr = (byte[]) this.key.clone();
        ArrayUtil.reverse(bArr);
        this.arrayS = bArr;
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException {
        try {
            decode(objectInputStream);
        } catch (InvalidKeyException e2) {
            throw new IOException("deserialized key is invalid: " + e2.getMessage());
        }
    }

    private Object writeReplace() throws ObjectStreamException {
        return new KeyRep(KeyRep.Type.PRIVATE, getAlgorithm(), getFormat(), getEncodedInternal());
    }

    public void clear() {
        byte[] bArr = this.encodedKey;
        if (bArr != null) {
            Arrays.fill(bArr, (byte) 0);
        }
        Arrays.fill(this.key, (byte) 0);
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj instanceof RFC5915Key) {
            return MessageDigest.isEqual(getEncodedInternal(), ((RFC5915Key) obj).getEncodedInternal());
        }
        if (!(obj instanceof Key)) {
            return false;
        }
        byte[] encoded = ((Key) obj).getEncoded();
        try {
            return MessageDigest.isEqual(getEncodedInternal(), encoded);
        } finally {
            if (encoded != null) {
                Arrays.fill(encoded, (byte) 0);
            }
        }
    }

    @Override // java.security.Key
    public String getAlgorithm() {
        return "EC";
    }

    public byte[] getArrayS() {
        if (this.arrayS == null) {
            this.arrayS = ECUtil.sArray(getS(), this.params);
        }
        return (byte[]) this.arrayS.clone();
    }

    @Override // java.security.Key
    public byte[] getEncoded() {
        return (byte[]) getEncodedInternal().clone();
    }

    @Override // java.security.Key
    public String getFormat() {
        return "RFC5915";
    }

    @Override // java.security.interfaces.ECKey
    public ECParameterSpec getParams() {
        return this.params;
    }

    @Override // java.security.interfaces.ECPrivateKey
    public BigInteger getS() {
        if (this.f17792s == null) {
            byte[] bArr = (byte[]) this.arrayS.clone();
            ArrayUtil.reverse(bArr);
            this.f17792s = new BigInteger(1, bArr);
            Arrays.fill(bArr, (byte) 0);
        }
        return this.f17792s;
    }

    public int hashCode() {
        return Arrays.hashCode(getEncodedInternal());
    }
}
