package com.safenetinc.luna.provider.keyagree;

import com.safenetinc.luna.LunaAPI;
import com.safenetinc.luna.LunaCryptokiException;
import com.safenetinc.luna.LunaException;
import com.safenetinc.luna.LunaSession;
import com.safenetinc.luna.LunaSessionManager;
import com.safenetinc.luna.LunaSlotManager;
import com.safenetinc.luna.provider.key.LunaKey;
import com.safenetinc.luna.provider.key.LunaPrivateKeyDh;
import com.safenetinc.luna.provider.key.LunaSecretKey;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;

/* loaded from: input_file:WEB-INF/lib/LunaProvider.jar:com/safenetinc/luna/provider/keyagree/LunaKeyAgreementDh.class */
public class LunaKeyAgreementDh extends LunaKeyAgreement {
    private LunaPrivateKeyDh privateKey;
    private DHPublicKey publicKey;

    @Override // javax.crypto.KeyAgreementSpi
    protected void engineInit(Key key, SecureRandom secureRandom) throws InvalidKeyException {
        if (key instanceof LunaPrivateKeyDh) {
            this.privateKey = (LunaPrivateKeyDh) key;
        } else {
            if (!(key instanceof DHPrivateKey)) {
                throw new InvalidKeyException("Invalid key: " + key.getClass());
            }
            this.privateKey = (LunaPrivateKeyDh) LunaKey.InjectPrivateKey((DHPrivateKey) key);
        }
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected Key engineDoPhase(Key key, boolean z) throws InvalidKeyException, IllegalStateException {
        if (this.privateKey == null) {
            throw new IllegalStateException("Key agreement hasn't been intialized");
        }
        if (!z) {
            throw new IllegalStateException("Only two-party key exchanges are supported");
        }
        if (!(key instanceof DHPublicKey)) {
            throw new InvalidKeyException("Invalid key: " + key.getClass());
        }
        this.publicKey = (DHPublicKey) key;
        return null;
    }

    @Override // javax.crypto.KeyAgreementSpi
    protected SecretKey engineGenerateSecret(String str) throws IllegalStateException, NoSuchAlgorithmException, InvalidKeyException {
        if (this.privateKey == null) {
            throw new IllegalStateException("Key agreement hasn't been intialized");
        }
        if (this.publicKey == null) {
            throw new IllegalStateException("Key agreement hasn't been completed");
        }
        try {
            long GetKeyType = LunaKey.GetKeyType(str);
            LunaSlotManager lunaSlotManager = LunaSlotManager.getInstance();
            LunaAPI lunaAPI = lunaSlotManager.getLunaAPI();
            LunaSession session = LunaSessionManager.getSession(this.privateKey);
            try {
                try {
                    int DeriveKeyDh = lunaAPI.DeriveKeyDh(session.GetSessionHandle(), this.privateKey.GetKeyHandle(), LunaKey.BigIntegerToAttribute(this.publicKey.getY()), GetKeyType, lunaSlotManager.areSecretKeysExtractable(), getKeyLength(GetKeyType));
                    this.publicKey = null;
                    LunaSecretKey lunaSecretKey = new LunaSecretKey(DeriveKeyDh, session.getSlot(), GetKeyType);
                    session.Free();
                    return lunaSecretKey;
                } catch (LunaCryptokiException e) {
                    throw new LunaException("Unable to derive secret key", e);
                }
            } catch (Throwable th) {
                session.Free();
                throw th;
            }
        } catch (LunaException e2) {
            throw new NoSuchAlgorithmException("Algorithm " + str + " is unknown");
        }
    }

    @Override // com.safenetinc.luna.provider.keyagree.LunaKeyAgreement
    protected int getDHKeyLen() {
        return (this.publicKey.getParams().getP().bitLength() + 7) >> 3;
    }
}
