package code.ponfee.commons.jce.security;

import code.ponfee.commons.jce.Providers;
import code.ponfee.commons.jce.symmetric.Algorithm;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.commons.lang3.tuple.Pair;

/* loaded from: input_file:code/ponfee/commons/jce/security/ECDHKeyExchanger.class */
public final class ECDHKeyExchanger {
    private static final String ALGORITHM = "ECDH";

    public static Pair<ECPublicKey, ECPrivateKey> initPartAKey() {
        return initPartAKey(256);
    }

    public static Pair<ECPublicKey, ECPrivateKey> initPartAKey(int i) {
        KeyPairGenerator keyPairGenerator = Providers.getKeyPairGenerator(ALGORITHM);
        keyPairGenerator.initialize(i);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        return ImmutablePair.of((ECPublicKey) generateKeyPair.getPublic(), (ECPrivateKey) generateKeyPair.getPrivate());
    }

    public static Pair<ECPublicKey, ECPrivateKey> initPartBKey(byte[] bArr) {
        return initPartBKey(decodePublicKey(bArr));
    }

    public static Pair<ECPublicKey, ECPrivateKey> initPartBKey(ECPublicKey eCPublicKey) {
        KeyPairGenerator keyPairGenerator = Providers.getKeyPairGenerator(eCPublicKey.getAlgorithm());
        try {
            keyPairGenerator.initialize(eCPublicKey.getParams());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            return ImmutablePair.of((ECPublicKey) generateKeyPair.getPublic(), (ECPrivateKey) generateKeyPair.getPrivate());
        } catch (InvalidAlgorithmParameterException e) {
            throw new SecurityException(e);
        }
    }

    public static byte[] encode(ECPublicKey eCPublicKey) {
        return eCPublicKey.getEncoded();
    }

    public static byte[] encode(ECPrivateKey eCPrivateKey) {
        return eCPrivateKey.getEncoded();
    }

    public static ECPrivateKey decodePrivateKey(byte[] bArr) {
        try {
            return (ECPrivateKey) Providers.getKeyFactory(ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (InvalidKeySpecException e) {
            throw new SecurityException(e);
        }
    }

    public static ECPublicKey decodePublicKey(byte[] bArr) {
        try {
            return (ECPublicKey) Providers.getKeyFactory(ALGORITHM).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (InvalidKeySpecException e) {
            throw new SecurityException(e);
        }
    }

    public static SecretKey genSecretKey(byte[] bArr, byte[] bArr2) {
        return genSecretKey(decodePrivateKey(bArr), decodePublicKey(bArr2));
    }

    public static SecretKey genSecretKey(ECPrivateKey eCPrivateKey, ECPublicKey eCPublicKey) {
        KeyAgreement keyAgreement = Providers.getKeyAgreement(eCPublicKey.getAlgorithm());
        try {
            keyAgreement.init(eCPrivateKey);
            keyAgreement.doPhase(eCPublicKey, true);
            return keyAgreement.generateSecret(Algorithm.DESede.name());
        } catch (IllegalStateException | InvalidKeyException | NoSuchAlgorithmException e) {
            throw new SecurityException(e);
        }
    }

    public static byte[] encrypt(byte[] bArr, SecretKey secretKey) {
        Cipher cipher = Providers.getCipher(secretKey.getAlgorithm());
        try {
            cipher.init(1, secretKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    public static byte[] decrypt(byte[] bArr, SecretKey secretKey) {
        Cipher cipher = Providers.getCipher(secretKey.getAlgorithm());
        try {
            cipher.init(2, secretKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }
}
