package sun.security.ec.ed;

import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactorySpi;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.interfaces.EdECKey;
import java.security.interfaces.EdECPrivateKey;
import java.security.interfaces.EdECPublicKey;
import java.security.spec.EdECPrivateKeySpec;
import java.security.spec.EdECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.NamedParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.function.Function;

/* loaded from: input_file:com/kohlschutter/jdk/home/modules/jdk.crypto.ec/sun/security/ec/ed/EdDSAKeyFactory.class */
public class EdDSAKeyFactory extends KeyFactorySpi {
    private EdDSAParameters lockedParams;

    /* loaded from: input_file:com/kohlschutter/jdk/home/modules/jdk.crypto.ec/sun/security/ec/ed/EdDSAKeyFactory$Ed25519.class */
    public static class Ed25519 extends EdDSAKeyFactory {
        public Ed25519() {
            super(NamedParameterSpec.ED25519);
        }
    }

    /* loaded from: input_file:com/kohlschutter/jdk/home/modules/jdk.crypto.ec/sun/security/ec/ed/EdDSAKeyFactory$Ed448.class */
    public static class Ed448 extends EdDSAKeyFactory {
        public Ed448() {
            super(NamedParameterSpec.ED448);
        }
    }

    public EdDSAKeyFactory() {
        this.lockedParams = null;
    }

    protected EdDSAKeyFactory(NamedParameterSpec namedParameterSpec) {
        this.lockedParams = null;
        this.lockedParams = EdDSAParameters.get(ProviderException::new, namedParameterSpec);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // java.security.KeyFactorySpi
    public Key engineTranslateKey(Key key) throws InvalidKeyException {
        if (key == null) {
            throw new InvalidKeyException("Key must not be null");
        }
        if (key instanceof EdECKey) {
            EdECKey edECKey = (EdECKey) key;
            EdDSAParameters edDSAParameters = EdDSAParameters.get(InvalidKeyException::new, edECKey.getParams());
            checkLockedParams(InvalidKeyException::new, edDSAParameters);
            if (edECKey instanceof EdECPublicKey) {
                return new EdDSAPublicKeyImpl(edDSAParameters, ((EdECPublicKey) edECKey).getPoint());
            }
            if (edECKey instanceof EdECPrivateKey) {
                return new EdDSAPrivateKeyImpl(edDSAParameters, ((EdECPrivateKey) edECKey).getBytes().orElseThrow(() -> {
                    return new InvalidKeyException("No private key data");
                }));
            }
            throw new InvalidKeyException("Unsupported EdECKey subclass");
        }
        if ((key instanceof PublicKey) && key.getFormat().equals(XMLX509Certificate.JCA_CERT_ID)) {
            EdDSAPublicKeyImpl edDSAPublicKeyImpl = new EdDSAPublicKeyImpl(key.getEncoded());
            checkLockedParams(InvalidKeyException::new, edDSAPublicKeyImpl.getParams());
            return edDSAPublicKeyImpl;
        }
        if (!(key instanceof PrivateKey) || !key.getFormat().equals("PKCS#8")) {
            throw new InvalidKeyException("Unsupported key type or format");
        }
        byte[] encoded = key.getEncoded();
        try {
            EdDSAPrivateKeyImpl edDSAPrivateKeyImpl = new EdDSAPrivateKeyImpl(encoded);
            checkLockedParams(InvalidKeyException::new, edDSAPrivateKeyImpl.getParams());
            Arrays.fill(encoded, (byte) 0);
            return edDSAPrivateKeyImpl;
        } catch (Throwable th) {
            Arrays.fill(encoded, (byte) 0);
            throw th;
        }
    }

    private <T extends Throwable> void checkLockedParams(Function<String, T> function, NamedParameterSpec namedParameterSpec) throws Throwable {
        checkLockedParams(function, EdDSAParameters.get(function, namedParameterSpec));
    }

    private <T extends Throwable> void checkLockedParams(Function<String, T> function, EdDSAParameters edDSAParameters) throws Throwable {
        if (this.lockedParams != null && this.lockedParams != edDSAParameters) {
            throw function.apply("Parameters must be " + this.lockedParams.getName());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // java.security.KeyFactorySpi
    public PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException {
        try {
            return generatePublicImpl(keySpec);
        } catch (InvalidKeyException e) {
            throw new InvalidKeySpecException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // java.security.KeyFactorySpi
    public PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
        try {
            return generatePrivateImpl(keySpec);
        } catch (InvalidKeyException e) {
            throw new InvalidKeySpecException(e);
        }
    }

    private PublicKey generatePublicImpl(KeySpec keySpec) throws InvalidKeyException, InvalidKeySpecException {
        if (keySpec instanceof X509EncodedKeySpec) {
            EdDSAPublicKeyImpl edDSAPublicKeyImpl = new EdDSAPublicKeyImpl(((X509EncodedKeySpec) keySpec).getEncoded());
            checkLockedParams(InvalidKeySpecException::new, edDSAPublicKeyImpl.getParams());
            return edDSAPublicKeyImpl;
        }
        if (!(keySpec instanceof EdECPublicKeySpec)) {
            throw new InvalidKeySpecException("Only X509EncodedKeySpec and EdECPublicKeySpec are supported");
        }
        EdECPublicKeySpec edECPublicKeySpec = (EdECPublicKeySpec) keySpec;
        EdDSAParameters edDSAParameters = EdDSAParameters.get(InvalidKeySpecException::new, edECPublicKeySpec.getParams());
        checkLockedParams(InvalidKeySpecException::new, edDSAParameters);
        return new EdDSAPublicKeyImpl(edDSAParameters, edECPublicKeySpec.getPoint());
    }

    private PrivateKey generatePrivateImpl(KeySpec keySpec) throws InvalidKeyException, InvalidKeySpecException {
        if (keySpec instanceof PKCS8EncodedKeySpec) {
            byte[] encoded = ((PKCS8EncodedKeySpec) keySpec).getEncoded();
            try {
                EdDSAPrivateKeyImpl edDSAPrivateKeyImpl = new EdDSAPrivateKeyImpl(encoded);
                checkLockedParams(InvalidKeySpecException::new, edDSAPrivateKeyImpl.getParams());
                Arrays.fill(encoded, (byte) 0);
                return edDSAPrivateKeyImpl;
            } catch (Throwable th) {
                Arrays.fill(encoded, (byte) 0);
                throw th;
            }
        }
        if (!(keySpec instanceof EdECPrivateKeySpec)) {
            throw new InvalidKeySpecException("Only PKCS8EncodedKeySpec and EdECPrivateKeySpec supported");
        }
        EdECPrivateKeySpec edECPrivateKeySpec = (EdECPrivateKeySpec) keySpec;
        EdDSAParameters edDSAParameters = EdDSAParameters.get(InvalidKeySpecException::new, edECPrivateKeySpec.getParams());
        checkLockedParams(InvalidKeySpecException::new, edDSAParameters);
        byte[] bytes = edECPrivateKeySpec.getBytes();
        try {
            EdDSAPrivateKeyImpl edDSAPrivateKeyImpl2 = new EdDSAPrivateKeyImpl(edDSAParameters, bytes);
            Arrays.fill(bytes, (byte) 0);
            return edDSAPrivateKeyImpl2;
        } catch (Throwable th2) {
            Arrays.fill(bytes, (byte) 0);
            throw th2;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // java.security.KeyFactorySpi
    public <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> cls) throws InvalidKeySpecException {
        if (key instanceof EdECPublicKey) {
            checkLockedParams(InvalidKeySpecException::new, ((EdECPublicKey) key).getParams());
            if (cls.isAssignableFrom(X509EncodedKeySpec.class)) {
                if (key.getFormat().equals(XMLX509Certificate.JCA_CERT_ID)) {
                    return cls.cast(new X509EncodedKeySpec(key.getEncoded()));
                }
                throw new InvalidKeySpecException("Format is not X.509");
            }
            if (!cls.isAssignableFrom(EdECPublicKeySpec.class)) {
                throw new InvalidKeySpecException("KeySpec must be X509EncodedKeySpec or EdECPublicKeySpec");
            }
            EdECPublicKey edECPublicKey = (EdECPublicKey) key;
            return cls.cast(new EdECPublicKeySpec(edECPublicKey.getParams(), edECPublicKey.getPoint()));
        }
        if (!(key instanceof EdECPrivateKey)) {
            throw new InvalidKeySpecException("Unsupported key type");
        }
        checkLockedParams(InvalidKeySpecException::new, ((EdECPrivateKey) key).getParams());
        if (cls.isAssignableFrom(PKCS8EncodedKeySpec.class)) {
            if (!key.getFormat().equals("PKCS#8")) {
                throw new InvalidKeySpecException("Format is not PKCS#8");
            }
            byte[] encoded = key.getEncoded();
            try {
                T cast = cls.cast(new PKCS8EncodedKeySpec(encoded));
                Arrays.fill(encoded, (byte) 0);
                return cast;
            } catch (Throwable th) {
                Arrays.fill(encoded, (byte) 0);
                throw th;
            }
        }
        if (!cls.isAssignableFrom(EdECPrivateKeySpec.class)) {
            throw new InvalidKeySpecException("KeySpec must be PKCS8EncodedKeySpec or EdECPrivateKeySpec");
        }
        EdECPrivateKey edECPrivateKey = (EdECPrivateKey) key;
        byte[] orElseThrow = edECPrivateKey.getBytes().orElseThrow(() -> {
            return new InvalidKeySpecException("No private key value");
        });
        try {
            T cast2 = cls.cast(new EdECPrivateKeySpec(edECPrivateKey.getParams(), orElseThrow));
            Arrays.fill(orElseThrow, (byte) 0);
            return cast2;
        } catch (Throwable th2) {
            Arrays.fill(orElseThrow, (byte) 0);
            throw th2;
        }
    }
}
