package com.amazon.corretto.crypto.provider;

import com.amazon.corretto.crypto.provider.EcUtils;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGeneratorSpi;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Function;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/amazon/corretto/crypto/provider/EcGen.class */
public class EcGen extends KeyPairGeneratorSpi {
    private static final ECGenParameterSpec DEFAULT_SPEC = new ECGenParameterSpec("secp384r1");
    private static final ConcurrentHashMap<EcUtils.ECInfo, ThreadLocal<NativeParams>> PARAM_CACHE = new ConcurrentHashMap<>();
    private static final Function<EcUtils.ECInfo, ThreadLocal<NativeParams>> CACHE_LOADER = eCInfo -> {
        return new ThreadLocal<NativeParams>() { // from class: com.amazon.corretto.crypto.provider.EcGen.1
            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.lang.ThreadLocal
            public NativeParams initialValue() {
                return new NativeParams(EcGen.buildEcParams(EcUtils.ECInfo.this.nid));
            }
        };
    };
    private final AmazonCorrettoCryptoProvider provider_;
    private final KeyFactory keyFactory;
    private ECParameterSpec spec = null;
    private byte[] encodedSpec = null;
    private EcUtils.ECInfo ecInfo = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazon/corretto/crypto/provider/EcGen$NativeParams.class */
    public static final class NativeParams extends NativeResource {
        private NativeParams(long j) {
            super(j, j2 -> {
                EcGen.freeEcParams(j2);
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static native long buildEcParams(int i);

    /* JADX INFO: Access modifiers changed from: private */
    public static native void freeEcParams(long j);

    /* JADX INFO: Access modifiers changed from: private */
    public static native void generateEcKey(long j, long j2, boolean z, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private static native void generateEcKeyFromSpec(byte[] bArr, boolean z, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    EcGen(AmazonCorrettoCryptoProvider amazonCorrettoCryptoProvider) {
        this.provider_ = amazonCorrettoCryptoProvider;
        try {
            this.keyFactory = KeyFactory.getInstance("EC");
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError(e);
        }
    }

    @Override // java.security.KeyPairGeneratorSpi
    public KeyPair generateKeyPair() {
        if (this.spec == null) {
            try {
                initialize(DEFAULT_SPEC, (SecureRandom) null);
            } catch (InvalidAlgorithmParameterException e) {
                throw new RuntimeCryptoException(e);
            }
        }
        byte[] bArr = new byte[128];
        byte[] bArr2 = new byte[128];
        byte[] bArr3 = new byte[128];
        boolean hasExtraCheck = this.provider_.hasExtraCheck(ExtraCheck.KEY_PAIR_GENERATION_CONSISTENCY);
        if (this.encodedSpec != null) {
            generateEcKeyFromSpec(this.encodedSpec, hasExtraCheck, bArr, bArr2, bArr3);
        } else {
            EcUtils.NativeGroup group = this.ecInfo.getGroup();
            NativeParams params = getParams(this.ecInfo);
            group.useVoid(j -> {
                params.useVoid(j -> {
                    generateEcKey(j, j, hasExtraCheck, bArr, bArr2, bArr3);
                });
            });
        }
        ECPoint eCPoint = new ECPoint(new BigInteger(bArr), new BigInteger(bArr2));
        ECPrivateKeySpec eCPrivateKeySpec = new ECPrivateKeySpec(new BigInteger(bArr3), this.spec);
        try {
            return new KeyPair(this.keyFactory.generatePublic(new ECPublicKeySpec(eCPoint, this.spec)), this.keyFactory.generatePrivate(eCPrivateKeySpec));
        } catch (InvalidKeySpecException e2) {
            throw new AssertionError(e2);
        }
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        if (!(algorithmParameterSpec instanceof ECGenParameterSpec)) {
            if (!(algorithmParameterSpec instanceof ECParameterSpec)) {
                throw new InvalidAlgorithmParameterException("Unsupported parameter spec: " + algorithmParameterSpec);
            }
            this.ecInfo = null;
            this.spec = (ECParameterSpec) algorithmParameterSpec;
            this.encodedSpec = encodeSpec(this.spec);
            return;
        }
        ECGenParameterSpec eCGenParameterSpec = (ECGenParameterSpec) algorithmParameterSpec;
        if (eCGenParameterSpec.getName() == null) {
            throw new NullPointerException("Curve name may not be null");
        }
        try {
            this.ecInfo = EcUtils.getSpecByName(eCGenParameterSpec.getName());
            this.spec = this.ecInfo.spec;
            this.encodedSpec = this.ecInfo.nid == 0 ? encodeSpec(this.spec) : null;
        } catch (IllegalArgumentException e) {
            throw new InvalidAlgorithmParameterException("Unknown curve name: " + eCGenParameterSpec.getName(), e);
        }
    }

    private static byte[] encodeSpec(AlgorithmParameterSpec algorithmParameterSpec) {
        try {
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC");
            algorithmParameters.init(algorithmParameterSpec);
            return algorithmParameters.getEncoded();
        } catch (IOException | GeneralSecurityException e) {
            throw new RuntimeCryptoException(e);
        }
    }

    @Override // java.security.KeyPairGeneratorSpi
    public void initialize(int i, SecureRandom secureRandom) throws InvalidParameterException {
        String str;
        try {
            switch (i) {
                case 192:
                    str = "secp192r1";
                    break;
                case 224:
                    str = "secp224r1";
                    break;
                case 256:
                    str = "secp256r1";
                    break;
                case 384:
                    str = "secp384r1";
                    break;
                case 521:
                    str = "secp521r1";
                    break;
                default:
                    throw new InvalidParameterException("No default NIST prime curve for keysize " + i);
            }
            initialize(new ECGenParameterSpec(str), secureRandom);
        } catch (InvalidAlgorithmParameterException e) {
            throw new InvalidParameterException(e.getMessage());
        }
    }

    private static NativeParams getParams(EcUtils.ECInfo eCInfo) {
        return PARAM_CACHE.computeIfAbsent(eCInfo, CACHE_LOADER).get();
    }
}
