package org.eclipse.californium.scandium.dtls;

import java.net.InetSocketAddress;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.util.Arrays;
import org.eclipse.californium.elements.util.DatagramReader;
import org.eclipse.californium.elements.util.DatagramWriter;
import org.eclipse.californium.elements.util.StandardCharsets;
import org.eclipse.californium.elements.util.StringUtil;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.eclipse.californium.scandium.dtls.cipher.ECDHECryptography;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/californium/scandium/dtls/EcdhPskServerKeyExchange.class */
public final class EcdhPskServerKeyExchange extends ServerKeyExchange {
    private static final Logger LOGGER = LoggerFactory.getLogger(EcdhPskServerKeyExchange.class.getCanonicalName());
    private static final int IDENTITY_HINT_LENGTH_BITS = 16;
    private static final String MSG_UNKNOWN_CURVE_TYPE = "Unknown curve type [{}]";
    private static final int CURVE_TYPE_BITS = 8;
    private static final int NAMED_CURVE_BITS = 16;
    private static final int PUBLIC_LENGTH_BITS = 8;
    private static final String KEYPAIR_GENERATOR_INSTANCE = "EC";
    private byte[] hintEncoded;
    private String hint;
    private static final int EXPLICIT_PRIME = 1;
    private static final int EXPLICIT_CHAR2 = 2;
    private static final int NAMED_CURVE = 3;
    private ECPublicKey publicKey;
    private ECPoint point;
    private byte[] pointEncoded;
    private final int curveId;
    private int curveType;

    public EcdhPskServerKeyExchange(String str, ECDHECryptography eCDHECryptography, Random random, Random random2, int i, InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
        this.publicKey = null;
        this.point = null;
        this.pointEncoded = null;
        this.curveType = 3;
        if (eCDHECryptography == null) {
            throw new NullPointerException("ECDHECryptography class object cannot be null");
        }
        if (random == null || random2 == null) {
            throw new NullPointerException("nonce cannot be null");
        }
        if (str != null) {
            this.hint = str;
        } else {
            this.hint = "";
        }
        this.hintEncoded = this.hint.getBytes(StandardCharsets.UTF_8);
        this.curveId = i;
        this.publicKey = eCDHECryptography.getPublicKey();
        ECParameterSpec params = this.publicKey.getParams();
        this.point = this.publicKey.getW();
        this.pointEncoded = ECDHECryptography.encodePoint(this.point, params.getCurve());
    }

    public EcdhPskServerKeyExchange(ECDHECryptography eCDHECryptography, Random random, Random random2, int i, InetSocketAddress inetSocketAddress) {
        this(null, eCDHECryptography, random, random2, i, inetSocketAddress);
    }

    private EcdhPskServerKeyExchange(byte[] bArr, int i, byte[] bArr2, InetSocketAddress inetSocketAddress) throws HandshakeException {
        super(inetSocketAddress);
        this.publicKey = null;
        this.point = null;
        this.pointEncoded = null;
        this.curveType = 3;
        this.curveId = i;
        this.hintEncoded = bArr;
        this.hint = new String(this.hintEncoded, StandardCharsets.UTF_8);
        if (bArr2 == null) {
            throw new NullPointerException("ephemeral public key cannot be null");
        }
        this.pointEncoded = Arrays.copyOf(bArr2, bArr2.length);
        ECDHECryptography.SupportedGroup fromId = ECDHECryptography.SupportedGroup.fromId(i);
        if (fromId == null || !fromId.isUsable()) {
            throw new HandshakeException(String.format("Server used unsupported elliptic curve (%d) for ECDH", Integer.valueOf(i)), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, inetSocketAddress));
        }
        try {
            this.point = ECDHECryptography.decodePoint(bArr2, fromId.getEcParams().getCurve());
            this.publicKey = (ECPublicKey) KeyFactory.getInstance(KEYPAIR_GENERATOR_INSTANCE).generatePublic(new ECPublicKeySpec(this.point, fromId.getEcParams()));
        } catch (GeneralSecurityException e) {
            LOGGER.debug("Cannot re-create server's public key from params", e);
            throw new HandshakeException(String.format("Cannot re-create server's public key from params: %s", e.getMessage()), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.INTERNAL_ERROR, inetSocketAddress));
        }
    }

    @Override // org.eclipse.californium.scandium.dtls.HandshakeMessage
    public byte[] fragmentToByteArray() {
        DatagramWriter datagramWriter = new DatagramWriter();
        datagramWriter.write(this.hintEncoded.length, 16);
        datagramWriter.writeBytes(this.hintEncoded);
        switch (this.curveType) {
            case 1:
            case 2:
                break;
            case 3:
                writeNamedCurve(datagramWriter);
                break;
            default:
                LOGGER.warn(MSG_UNKNOWN_CURVE_TYPE, Integer.valueOf(this.curveType));
                break;
        }
        return datagramWriter.toByteArray();
    }

    private void writeNamedCurve(DatagramWriter datagramWriter) {
        datagramWriter.write(3, 8);
        datagramWriter.write(this.curveId, 16);
        datagramWriter.write(this.pointEncoded.length, 8);
        datagramWriter.writeBytes(this.pointEncoded);
    }

    public static HandshakeMessage fromByteArray(byte[] bArr, InetSocketAddress inetSocketAddress) throws HandshakeException {
        if (bArr == null) {
            throw new NullPointerException("byte array cannot be null");
        }
        if (inetSocketAddress == null) {
            throw new NullPointerException("peer address cannot be null");
        }
        DatagramReader datagramReader = new DatagramReader(bArr);
        byte[] readBytes = datagramReader.readBytes(datagramReader.read(16));
        int read = datagramReader.read(8);
        switch (read) {
            case 3:
                return new EcdhPskServerKeyExchange(readBytes, datagramReader.read(16), datagramReader.readBytes(datagramReader.read(8)), inetSocketAddress);
            default:
                throw new HandshakeException(String.format("Curve type [%s] received in ServerKeyExchange message from peer [%s] is unsupported", Integer.valueOf(read), inetSocketAddress), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, inetSocketAddress));
        }
    }

    @Override // org.eclipse.californium.scandium.dtls.HandshakeMessage
    public int getMessageLength() {
        int i = 0;
        switch (this.curveType) {
            case 1:
            case 2:
                break;
            case 3:
                i = 6 + this.hintEncoded.length + this.pointEncoded.length;
                break;
            default:
                LOGGER.warn(MSG_UNKNOWN_CURVE_TYPE, Integer.valueOf(this.curveType));
                break;
        }
        return i;
    }

    public ECPublicKey getPublicKey() {
        return this.publicKey;
    }

    public int getCurveId() {
        return this.curveId;
    }

    public String getHint() {
        return this.hint;
    }

    @Override // org.eclipse.californium.scandium.dtls.HandshakeMessage
    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append(super.toString());
        if (this.hint.equals("")) {
            sb.append("\t\tPSK Identity Hint: ").append("psk hint not present");
        } else {
            sb.append("\t\tPSK Identity Hint: ").append(this.hint);
        }
        sb.append("\t\tEC Diffie-Hellman public key: ");
        sb.append(getPublicKey().toString());
        sb.append(StringUtil.lineSeparator());
        return sb.toString();
    }
}
