package com.tencent.kona.sun.security.ec;

import com.tencent.kona.sun.security.ec.ECOperations;
import com.tencent.kona.sun.security.jca.JCAUtil;
import com.tencent.kona.sun.security.util.ECUtil;
import com.tencent.kona.sun.security.util.SecurityProviderConstants;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.KeyPair;
import java.security.KeyPairGeneratorSpi;
import java.security.Provider;
import java.security.ProviderException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;
import java.util.Optional;

/* loaded from: classes2.dex */
public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
    private static final int KEY_SIZE_MAX = 571;
    private static final int KEY_SIZE_MIN = 112;
    private int keySize;
    private AlgorithmParameterSpec params = null;
    private SecureRandom random;

    public ECKeyPairGenerator() {
        initialize(SecurityProviderConstants.DEF_EC_KEY_SIZE, (SecureRandom) null);
    }

    private void checkKeySize(int i2) throws InvalidParameterException {
        if (i2 < 112) {
            throw new InvalidParameterException("Key size must be at least 112 bits");
        }
        if (i2 > KEY_SIZE_MAX) {
            throw new InvalidParameterException("Key size must be at most 571 bits");
        }
        this.keySize = i2;
    }

    private static void ensureCurveIsSupported(ECParameterSpec eCParameterSpec) throws InvalidAlgorithmParameterException {
        try {
            ECUtil.getECParameters(null).init(eCParameterSpec);
            if (ECOperations.forParameters(eCParameterSpec).isPresent()) {
                return;
            }
            throw new InvalidAlgorithmParameterException("Curve not supported: " + eCParameterSpec.toString());
        } catch (InvalidParameterSpecException unused) {
            throw new InvalidAlgorithmParameterException("Curve not supported: " + eCParameterSpec.toString());
        }
    }

    private Optional<KeyPair> generateKeyPairImpl(SecureRandom secureRandom) throws InvalidKeyException {
        ECParameterSpec eCParameterSpec = (ECParameterSpec) this.params;
        Optional<ECOperations> forParameters = ECOperations.forParameters(eCParameterSpec);
        if (!forParameters.isPresent()) {
            return Optional.empty();
        }
        ECOperations eCOperations = forParameters.get();
        eCOperations.getField();
        byte[] generatePrivateScalar = generatePrivateScalar(secureRandom, eCOperations, ((eCParameterSpec.getOrder().bitLength() + 64) + 7) / 8);
        ECPrivateKeyImpl eCPrivateKeyImpl = new ECPrivateKeyImpl(generatePrivateScalar, eCParameterSpec);
        Arrays.fill(generatePrivateScalar, (byte) 0);
        return Optional.of(new KeyPair(eCPrivateKeyImpl.calculatePublicKey(), eCPrivateKeyImpl));
    }

    private byte[] generatePrivateScalar(SecureRandom secureRandom, ECOperations eCOperations, int i2) {
        byte[] bArr = new byte[i2];
        for (int i3 = 0; i3 < 128; i3++) {
            secureRandom.nextBytes(bArr);
            try {
                return eCOperations.seedToScalar(bArr);
            } catch (ECOperations.IntermediateValueException unused) {
            }
        }
        throw new ProviderException("Unable to produce private key after 128 attempts");
    }

    @Override // java.security.KeyPairGeneratorSpi
    public KeyPair generateKeyPair() {
        if (this.random == null) {
            this.random = JCAUtil.getSecureRandom();
        }
        try {
            Optional<KeyPair> generateKeyPairImpl = generateKeyPairImpl(this.random);
            if (generateKeyPairImpl.isPresent()) {
                return generateKeyPairImpl.get();
            }
            throw new ProviderException("Curve not supported:  " + this.params.toString());
        } catch (Exception e2) {
            throw new ProviderException(e2);
        }
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(int i2, SecureRandom secureRandom) {
        checkKeySize(i2);
        ECParameterSpec eCParameterSpec = ECUtil.getECParameterSpec((Provider) null, i2);
        this.params = eCParameterSpec;
        if (eCParameterSpec != null) {
            this.random = secureRandom;
            return;
        }
        throw new InvalidParameterException("No EC parameters available for key size " + i2 + " bits");
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        ECParameterSpec eCParameterSpec;
        if (algorithmParameterSpec instanceof ECParameterSpec) {
            eCParameterSpec = ECUtil.getECParameterSpec((Provider) null, (ECParameterSpec) algorithmParameterSpec);
            if (eCParameterSpec == null) {
                throw new InvalidAlgorithmParameterException("Curve not supported: " + algorithmParameterSpec);
            }
        } else {
            if (!(algorithmParameterSpec instanceof ECGenParameterSpec)) {
                throw new InvalidAlgorithmParameterException("ECParameterSpec or ECGenParameterSpec required for EC");
            }
            String name = ((ECGenParameterSpec) algorithmParameterSpec).getName();
            eCParameterSpec = ECUtil.getECParameterSpec((Provider) null, name);
            if (eCParameterSpec == null) {
                throw new InvalidAlgorithmParameterException("Unknown curve name: " + name);
            }
        }
        ensureCurveIsSupported(eCParameterSpec);
        this.params = eCParameterSpec;
        this.keySize = eCParameterSpec.getCurve().getField().getFieldSize();
        this.random = secureRandom;
    }
}
