package io.netty.incubator.codec.hpke.bouncycastle;

import io.netty.incubator.codec.hpke.AEAD;
import io.netty.incubator.codec.hpke.AEADContext;
import io.netty.incubator.codec.hpke.AsymmetricCipherKeyPair;
import io.netty.incubator.codec.hpke.AsymmetricKeyParameter;
import io.netty.incubator.codec.hpke.HPKERecipientContext;
import io.netty.incubator.codec.hpke.HPKESenderContext;
import io.netty.incubator.codec.hpke.KDF;
import io.netty.incubator.codec.hpke.KEM;
import io.netty.incubator.codec.hpke.OHttpCryptoProvider;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.crypto.hpke.HPKE;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.X25519PrivateKeyParameters;
import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
import org.bouncycastle.crypto.params.X448PublicKeyParameters;
import org.bouncycastle.math.ec.custom.sec.SecP256R1Curve;
import org.bouncycastle.math.ec.custom.sec.SecP384R1Curve;
import org.bouncycastle.math.ec.custom.sec.SecP521R1Curve;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleOHttpCryptoProvider.class */
public final class BouncyCastleOHttpCryptoProvider implements OHttpCryptoProvider {
    public static final BouncyCastleOHttpCryptoProvider INSTANCE = new BouncyCastleOHttpCryptoProvider();
    private final SecureRandom random = new SecureRandom();
    private static final byte MODE_BASE = 0;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.netty.incubator.codec.hpke.bouncycastle.BouncyCastleOHttpCryptoProvider$1, reason: invalid class name */
    /* loaded from: input_file:io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleOHttpCryptoProvider$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$netty$incubator$codec$hpke$KEM;
        static final /* synthetic */ int[] $SwitchMap$io$netty$incubator$codec$hpke$AEAD;
        static final /* synthetic */ int[] $SwitchMap$io$netty$incubator$codec$hpke$KDF = new int[KDF.values().length];

        static {
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$KDF[KDF.HKDF_SHA256.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$KDF[KDF.HKDF_SHA384.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$KDF[KDF.HKDF_SHA512.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            $SwitchMap$io$netty$incubator$codec$hpke$AEAD = new int[AEAD.values().length];
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$AEAD[AEAD.AES_GCM128.ordinal()] = 1;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$AEAD[AEAD.AES_GCM256.ordinal()] = 2;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$AEAD[AEAD.CHACHA20_POLY1305.ordinal()] = 3;
            } catch (NoSuchFieldError e6) {
            }
            $SwitchMap$io$netty$incubator$codec$hpke$KEM = new int[KEM.values().length];
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$KEM[KEM.P256_SHA256.ordinal()] = 1;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$KEM[KEM.P384_SHA348.ordinal()] = 2;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$KEM[KEM.P521_SHA512.ordinal()] = 3;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$KEM[KEM.X25519_SHA256.ordinal()] = 4;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$io$netty$incubator$codec$hpke$KEM[KEM.X448_SHA512.ordinal()] = 5;
            } catch (NoSuchFieldError e11) {
            }
        }
    }

    private BouncyCastleOHttpCryptoProvider() {
    }

    public AEADContext setupAEAD(AEAD aead, byte[] bArr, byte[] bArr2) {
        return new BouncyCastleAEADCryptoContext(new org.bouncycastle.crypto.hpke.AEAD(aead.id(), bArr, bArr2));
    }

    private static BouncyCastleAsymmetricKeyParameter castOrThrow(AsymmetricKeyParameter asymmetricKeyParameter) {
        if (asymmetricKeyParameter instanceof BouncyCastleAsymmetricKeyParameter) {
            return (BouncyCastleAsymmetricKeyParameter) asymmetricKeyParameter;
        }
        throw new IllegalArgumentException("param must be of type " + BouncyCastleAsymmetricKeyParameter.class + ": " + asymmetricKeyParameter);
    }

    private static BouncyCastleAsymmetricCipherKeyPair castOrThrow(AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        if (asymmetricCipherKeyPair instanceof BouncyCastleAsymmetricCipherKeyPair) {
            return (BouncyCastleAsymmetricCipherKeyPair) asymmetricCipherKeyPair;
        }
        throw new IllegalArgumentException("pair must be of type " + BouncyCastleAsymmetricCipherKeyPair.class + ": " + asymmetricCipherKeyPair);
    }

    public HPKESenderContext setupHPKEBaseS(KEM kem, KDF kdf, AEAD aead, AsymmetricKeyParameter asymmetricKeyParameter, byte[] bArr, AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        HPKE hpke = new HPKE((byte) 0, kem.id(), kdf.id(), aead.id());
        return new BouncyCastleHPKESenderContext(asymmetricCipherKeyPair == null ? hpke.setupBaseS(castOrThrow(asymmetricKeyParameter).param, bArr) : hpke.setupBaseS(castOrThrow(asymmetricKeyParameter).param, bArr, castOrThrow(asymmetricCipherKeyPair).pair));
    }

    public HPKERecipientContext setupHPKEBaseR(KEM kem, KDF kdf, AEAD aead, byte[] bArr, AsymmetricCipherKeyPair asymmetricCipherKeyPair, byte[] bArr2) {
        return new BouncyCastleHPKERecipientContext(new HPKE((byte) 0, kem.id(), kdf.id(), aead.id()).setupBaseR(bArr, castOrThrow(asymmetricCipherKeyPair).pair, bArr2));
    }

    public AsymmetricCipherKeyPair deserializePrivateKey(KEM kem, byte[] bArr, byte[] bArr2) {
        return new BouncyCastleAsymmetricCipherKeyPair(deserializePrivateKeyBouncyCastle(kem, bArr, bArr2));
    }

    private static org.bouncycastle.crypto.AsymmetricCipherKeyPair deserializePrivateKeyBouncyCastle(KEM kem, byte[] bArr, byte[] bArr2) {
        ECPublicKeyParameters deserializePublicKeyBouncyCastle = deserializePublicKeyBouncyCastle(kem, bArr2);
        switch (AnonymousClass1.$SwitchMap$io$netty$incubator$codec$hpke$KEM[kem.ordinal()]) {
            case 1:
            case 2:
            case 3:
                return new org.bouncycastle.crypto.AsymmetricCipherKeyPair(deserializePublicKeyBouncyCastle, new ECPrivateKeyParameters(new BigInteger(1, bArr), deserializePublicKeyBouncyCastle.getParameters()));
            case 4:
                return new org.bouncycastle.crypto.AsymmetricCipherKeyPair(deserializePublicKeyBouncyCastle, new X25519PrivateKeyParameters(bArr));
            case 5:
                return new org.bouncycastle.crypto.AsymmetricCipherKeyPair(deserializePublicKeyBouncyCastle, new X448PrivateKeyParameters(bArr));
            default:
                throw new IllegalArgumentException("invalid kem: " + kem);
        }
    }

    public AsymmetricKeyParameter deserializePublicKey(KEM kem, byte[] bArr) {
        return new BouncyCastleAsymmetricKeyParameter(deserializePublicKeyBouncyCastle(kem, bArr));
    }

    private static org.bouncycastle.crypto.params.AsymmetricKeyParameter deserializePublicKeyBouncyCastle(KEM kem, byte[] bArr) {
        switch (AnonymousClass1.$SwitchMap$io$netty$incubator$codec$hpke$KEM[kem.ordinal()]) {
            case 1:
            case 2:
            case 3:
                ECDomainParameters ecDomainParameters = ecDomainParameters(kem);
                return new ECPublicKeyParameters(ecDomainParameters.getCurve().decodePoint(bArr), ecDomainParameters);
            case 4:
                return new X25519PublicKeyParameters(bArr);
            case 5:
                return new X448PublicKeyParameters(bArr);
            default:
                throw new IllegalArgumentException("invalid kem: " + kem);
        }
    }

    private static ECDomainParameters ecDomainParameters(KEM kem) {
        switch (AnonymousClass1.$SwitchMap$io$netty$incubator$codec$hpke$KEM[kem.ordinal()]) {
            case 1:
                SecP256R1Curve secP256R1Curve = new SecP256R1Curve();
                return new ECDomainParameters(secP256R1Curve, secP256R1Curve.createPoint(new BigInteger(1, Hex.decode("6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296")), new BigInteger(1, Hex.decode("4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"))), secP256R1Curve.getOrder(), secP256R1Curve.getCofactor(), Hex.decode("c49d360886e704936a6678e1139d26b7819f7e90"));
            case 2:
                SecP384R1Curve secP384R1Curve = new SecP384R1Curve();
                return new ECDomainParameters(secP384R1Curve, secP384R1Curve.createPoint(new BigInteger(1, Hex.decode("aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7")), new BigInteger(1, Hex.decode("3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f"))), secP384R1Curve.getOrder(), secP384R1Curve.getCofactor(), Hex.decode("a335926aa319a27a1d00896a6773a4827acdac73"));
            case 3:
                SecP521R1Curve secP521R1Curve = new SecP521R1Curve();
                return new ECDomainParameters(secP521R1Curve, secP521R1Curve.createPoint(new BigInteger("c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", 16), new BigInteger("11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", 16)), secP521R1Curve.getOrder(), secP521R1Curve.getCofactor(), Hex.decode("d09e8800291cb85396cc6717393284aaa0da64ba"));
            default:
                throw new IllegalArgumentException("invalid kem: " + kem);
        }
    }

    public AsymmetricCipherKeyPair newRandomPrivateKey(KEM kem) {
        return new BouncyCastleAsymmetricCipherKeyPair(newRandomPair(kem, this.random));
    }

    private static org.bouncycastle.crypto.AsymmetricCipherKeyPair newRandomPair(KEM kem, SecureRandom secureRandom) {
        switch (AnonymousClass1.$SwitchMap$io$netty$incubator$codec$hpke$KEM[kem.ordinal()]) {
            case 4:
                X25519PrivateKeyParameters x25519PrivateKeyParameters = new X25519PrivateKeyParameters(secureRandom);
                return new org.bouncycastle.crypto.AsymmetricCipherKeyPair(x25519PrivateKeyParameters.generatePublicKey(), x25519PrivateKeyParameters);
            case 5:
                X448PrivateKeyParameters x448PrivateKeyParameters = new X448PrivateKeyParameters(secureRandom);
                return new org.bouncycastle.crypto.AsymmetricCipherKeyPair(x448PrivateKeyParameters.generatePublicKey(), x448PrivateKeyParameters);
            default:
                throw new UnsupportedOperationException("Can't generate random key for kem: " + kem);
        }
    }

    public boolean isSupported(AEAD aead) {
        if (aead == null) {
            return false;
        }
        switch (AnonymousClass1.$SwitchMap$io$netty$incubator$codec$hpke$AEAD[aead.ordinal()]) {
            case 1:
            case 2:
            case 3:
                return true;
            default:
                return false;
        }
    }

    public boolean isSupported(KEM kem) {
        if (kem == null) {
            return false;
        }
        switch (AnonymousClass1.$SwitchMap$io$netty$incubator$codec$hpke$KEM[kem.ordinal()]) {
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
                return true;
            default:
                return false;
        }
    }

    public boolean isSupported(KDF kdf) {
        if (kdf == null) {
            return false;
        }
        switch (AnonymousClass1.$SwitchMap$io$netty$incubator$codec$hpke$KDF[kdf.ordinal()]) {
            case 1:
            case 2:
            case 3:
                return true;
            default:
                return false;
        }
    }
}
