package code.ponfee.commons.jce.security;

import code.ponfee.commons.jce.Providers;
import code.ponfee.commons.jce.symmetric.Algorithm;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.commons.lang3.tuple.Pair;

/* loaded from: input_file:code/ponfee/commons/jce/security/DHKeyExchanger.class */
public final class DHKeyExchanger {
    private static final String ALGORITHM = "DH";

    public static Pair<DHPublicKey, DHPrivateKey> initPartAKey() {
        return initPartAKey(1024);
    }

    public static Pair<DHPublicKey, DHPrivateKey> initPartAKey(int i) {
        KeyPairGenerator keyPairGenerator = Providers.getKeyPairGenerator(ALGORITHM);
        keyPairGenerator.initialize(i);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        return ImmutablePair.of((DHPublicKey) generateKeyPair.getPublic(), (DHPrivateKey) generateKeyPair.getPrivate());
    }

    public static Pair<DHPublicKey, DHPrivateKey> initPartBKey(byte[] bArr) {
        return initPartBKey(decodePublicKey(bArr));
    }

    public static Pair<DHPublicKey, DHPrivateKey> initPartBKey(DHPublicKey dHPublicKey) {
        KeyPairGenerator keyPairGenerator = Providers.getKeyPairGenerator(dHPublicKey.getAlgorithm());
        try {
            keyPairGenerator.initialize(dHPublicKey.getParams());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            return ImmutablePair.of((DHPublicKey) generateKeyPair.getPublic(), (DHPrivateKey) generateKeyPair.getPrivate());
        } catch (InvalidAlgorithmParameterException e) {
            throw new SecurityException(e);
        }
    }

    public static byte[] encode(DHPublicKey dHPublicKey) {
        return dHPublicKey.getEncoded();
    }

    public static byte[] encode(DHPrivateKey dHPrivateKey) {
        return dHPrivateKey.getEncoded();
    }

    public static DHPrivateKey decodePrivateKey(byte[] bArr) {
        try {
            return (DHPrivateKey) Providers.getKeyFactory(ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (InvalidKeySpecException e) {
            throw new SecurityException(e);
        }
    }

    public static DHPublicKey decodePublicKey(byte[] bArr) {
        try {
            return (DHPublicKey) Providers.getKeyFactory(ALGORITHM).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (InvalidKeySpecException e) {
            throw new SecurityException(e);
        }
    }

    public static SecretKey genSecretKey(byte[] bArr, byte[] bArr2) {
        return genSecretKey(decodePrivateKey(bArr), decodePublicKey(bArr2));
    }

    public static SecretKey genSecretKey(DHPrivateKey dHPrivateKey, DHPublicKey dHPublicKey) {
        KeyAgreement keyAgreement = Providers.getKeyAgreement(dHPublicKey.getAlgorithm());
        try {
            keyAgreement.init(dHPrivateKey);
            keyAgreement.doPhase(dHPublicKey, true);
            return keyAgreement.generateSecret(Algorithm.DESede.name());
        } catch (IllegalStateException | InvalidKeyException | NoSuchAlgorithmException e) {
            throw new SecurityException(e);
        }
    }

    public static byte[] encrypt(byte[] bArr, SecretKey secretKey) {
        Cipher cipher = Providers.getCipher(secretKey.getAlgorithm());
        try {
            cipher.init(1, secretKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    public static byte[] decrypt(byte[] bArr, SecretKey secretKey) {
        Cipher cipher = Providers.getCipher(secretKey.getAlgorithm());
        try {
            cipher.init(2, secretKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }
}
