package com.sankuai.meituan.tte;

import com.sankuai.meituan.tte.KeyAgreementAlg;
import com.sankuai.meituan.tte.TTE;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.ECKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import javax.crypto.KeyAgreement;

/* loaded from: classes5.dex */
class KeyAgreementAlgECDH implements KeyAgreementAlg {
    private static final String CURVE_NAME = "secp256r1";
    private static final int KEY_LEN = 16;
    private final byte[] signaturePublicKey;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes5.dex */
    public class Session implements KeyAgreementAlg.Session {
        private final KeyPair keyPair;

        public Session() throws GeneralSecurityException {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(new ECGenParameterSpec(KeyAgreementAlgECDH.CURVE_NAME));
            this.keyPair = keyPairGenerator.generateKeyPair();
        }

        @Override // java.lang.AutoCloseable
        public void close() throws Exception {
        }

        @Override // com.sankuai.meituan.tte.KeyAgreementAlg.Session
        public byte[] generateSecret(byte[] bArr) throws IllegalStateException {
            try {
                PublicKey decodePublicKey = ECUtil.decodePublicKey(bArr, ((ECKey) this.keyPair.getPrivate()).getParams());
                KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
                keyAgreement.init(this.keyPair.getPrivate());
                keyAgreement.doPhase(decodePublicKey, true);
                return Hkdf.computeHkdf("HmacSha256", keyAgreement.generateSecret(), "tte.tempDK".getBytes(), null, 16);
            } catch (Throwable th) {
                throw new IllegalStateException("ecdh key agreement error", th);
            }
        }

        @Override // com.sankuai.meituan.tte.KeyAgreementAlg.Session
        public byte[] getPublicKey() {
            return ECUtil.encodePublicKey((ECPublicKey) this.keyPair.getPublic());
        }
    }

    public KeyAgreementAlgECDH(byte[] bArr) {
        this.signaturePublicKey = bArr;
    }

    public static KeyAgreementAlgECDH getInstance(TTE.Env env) {
        return new KeyAgreementAlgECDH(TTE.Env.PROD == env ? Util.base64Decode("BLsK/E2JrJppyq15CPr4XYOmnZnClLWeUmpoffJFAVFJRZ3Bv5mNjejH+x4ebktFb9ojmWlX8bb44PBFaTy2pmU=") : Util.base64Decode("BEs9LHk22O9/8TPTR3dgPcEqU/2J8/QO8bxl82NRSMGxxhQgnAKxzUIL6IOsdwgXTxlHNIe0ylJ/CazdXg2LG4U="));
    }

    @Override // com.sankuai.meituan.tte.KeyAgreementAlg
    public byte[] decrypt(byte[] bArr, byte[] bArr2) throws Exception {
        return TTE.DataCipher.AES_GCM.getCipher().decrypt(bArr, bArr2);
    }

    @Override // com.sankuai.meituan.tte.KeyAgreementAlg
    public String name() {
        return "ECDH";
    }

    @Override // com.sankuai.meituan.tte.KeyAgreementAlg
    public Session newSession() throws Exception {
        return new Session();
    }

    @Override // com.sankuai.meituan.tte.KeyAgreementAlg
    public boolean verifySignature(byte[] bArr, byte[] bArr2) throws Exception {
        PublicKey decodePublicKey = ECUtil.decodePublicKey(this.signaturePublicKey, CURVE_NAME);
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initVerify(decodePublicKey);
        signature.update(bArr);
        return signature.verify(bArr2);
    }
}
