package cn.com.bouncycastle.tls.crypto.impl.bc;

import cn.com.bouncycastle.jcajce.util.BCJcaJceHelper;
import cn.com.bouncycastle.jcajce.util.JcaJceHelper;
import cn.com.bouncycastle.tls.crypto.TlsCrypto;
import cn.com.bouncycastle.tls.crypto.TlsCryptoProvider;
import com.hundsun.khylib.ca.CertificateHandle;
import java.security.DigestException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.SecureRandomSpi;
import java.security.Security;
import java.security.cert.CertificateFactory;

/* loaded from: classes2.dex */
public class BcTlsCryptoProvider implements TlsCryptoProvider {
    private BCJcaJceHelper helper = new BCJcaJceHelper();

    /* loaded from: classes2.dex */
    private static class NonceEntropySource extends SecureRandom {

        /* loaded from: classes2.dex */
        private static class NonceEntropySourceSpi extends SecureRandomSpi {
            private final MessageDigest digest;
            private final byte[] seed;
            private final SecureRandom source;
            private final byte[] state;

            NonceEntropySourceSpi(SecureRandom secureRandom, MessageDigest messageDigest) {
                this.source = secureRandom;
                this.digest = messageDigest;
                byte[] generateSeed = secureRandom.generateSeed(messageDigest.getDigestLength());
                this.seed = generateSeed;
                this.state = new byte[generateSeed.length];
            }

            private void runDigest(byte[] bArr, byte[] bArr2, byte[] bArr3) {
                this.digest.update(bArr);
                this.digest.update(bArr2);
                try {
                    this.digest.digest(bArr3, 0, bArr3.length);
                } catch (DigestException e) {
                    throw new IllegalStateException("unable to generate nonce data: " + e.getMessage(), e);
                }
            }

            @Override // java.security.SecureRandomSpi
            protected byte[] engineGenerateSeed(int i) {
                return this.source.generateSeed(i);
            }

            @Override // java.security.SecureRandomSpi
            protected void engineNextBytes(byte[] bArr) {
                synchronized (this.digest) {
                    int length = this.state.length;
                    int i = 0;
                    while (i != bArr.length) {
                        byte[] bArr2 = this.state;
                        if (length == bArr2.length) {
                            this.source.nextBytes(bArr2);
                            byte[] bArr3 = this.seed;
                            byte[] bArr4 = this.state;
                            runDigest(bArr3, bArr4, bArr4);
                            length = 0;
                        }
                        bArr[i] = this.state[length];
                        i++;
                        length++;
                    }
                }
            }

            @Override // java.security.SecureRandomSpi
            protected void engineSetSeed(byte[] bArr) {
                synchronized (this.digest) {
                    byte[] bArr2 = this.seed;
                    runDigest(bArr2, bArr, bArr2);
                }
            }
        }

        NonceEntropySource(JcaJceHelper jcaJceHelper, SecureRandom secureRandom) throws GeneralSecurityException {
            super(new NonceEntropySourceSpi(secureRandom, MessageDigest.getInstance("SHA-512")), secureRandom.getProvider());
        }
    }

    @Override // cn.com.bouncycastle.tls.crypto.TlsCryptoProvider
    public TlsCrypto create(SecureRandom secureRandom) {
        if (secureRandom == null) {
            try {
                secureRandom = System.getProperty("java.vm.name").equalsIgnoreCase("Dalvik") ? new SecureRandom() : SecureRandom.getInstance("DEFAULT", this.helper.createDigest("SHA-512").getProvider());
            } catch (GeneralSecurityException e) {
                throw new IllegalStateException("unable to create TlsCrypto: " + e.getMessage(), e);
            }
        }
        return create(secureRandom, new NonceEntropySource(this.helper, secureRandom));
    }

    @Override // cn.com.bouncycastle.tls.crypto.TlsCryptoProvider
    public TlsCrypto create(SecureRandom secureRandom, SecureRandom secureRandom2) {
        return new BcTlsCrypto(this.helper, secureRandom2);
    }

    @Override // cn.com.bouncycastle.tls.crypto.TlsCryptoProvider
    public JcaJceHelper getHelper() {
        return this.helper;
    }

    public Provider getPkixProvider() {
        try {
            return Security.getProvider("IBMCertPath") != null ? Security.getProvider("IBMCertPath") : System.getProperty("java.vm.name").equalsIgnoreCase("Dalvik") ? CertificateFactory.getInstance(CertificateHandle.X509).getProvider() : this.helper.createCertificateFactory(CertificateHandle.X509).getProvider();
        } catch (GeneralSecurityException unused) {
            throw new IllegalStateException("unable to find CertificateFactory");
        }
    }
}
