package com.ibm.security.util;

import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.interfaces.DSAKey;
import java.security.interfaces.ECKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAKey;
import java.security.spec.ECFieldFp;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.security.spec.KeySpec;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;

/* loaded from: input_file:jre/lib/ibmpkcs.jar:com/ibm/security/util/KeyUtil.class */
public final class KeyUtil {
    public static final int getKeySize(Key key) {
        int i = -1;
        if (key instanceof Length) {
            try {
                i = ((Length) key).length();
            } catch (UnsupportedOperationException e) {
            }
            if (i >= 0) {
                return i;
            }
        }
        if (key instanceof SecretKey) {
            SecretKey secretKey = (SecretKey) key;
            if ("RAW".equals(secretKey.getFormat()) && secretKey.getEncoded() != null) {
                i = secretKey.getEncoded().length * 8;
            }
        } else if (key instanceof RSAKey) {
            try {
                i = ((RSAKey) key).getModulus().bitLength();
            } catch (UnsupportedOperationException e2) {
            }
        } else if (key instanceof ECKey) {
            i = ((ECKey) key).getParams().getOrder().bitLength();
        } else if (key instanceof DSAKey) {
            i = ((DSAKey) key).getParams().getP().bitLength();
        } else if (key instanceof DHKey) {
            i = ((DHKey) key).getParams().getP().bitLength();
        }
        return i;
    }

    public static final void validate(Key key) throws InvalidKeyException {
        if (key == null) {
            throw new NullPointerException("The key to be validated cannot be null");
        }
        if (key instanceof DHPublicKey) {
            validateDHPublicKey((DHPublicKey) key);
        }
        if (key instanceof ECPublicKey) {
            validateECPublicKey((ECPublicKey) key);
        }
    }

    public static final void validate(KeySpec keySpec) throws InvalidKeyException {
        if (keySpec == null) {
            throw new NullPointerException("The key spec to be validated cannot be null");
        }
        if (keySpec instanceof DHPublicKeySpec) {
            validateDHPublicKey((DHPublicKeySpec) keySpec);
        }
        if (keySpec instanceof ECPublicKeySpec) {
            validateECPublicKey((ECPublicKeySpec) keySpec);
        }
    }

    private static void validateDHPublicKey(DHPublicKey dHPublicKey) throws InvalidKeyException {
        DHParameterSpec params = dHPublicKey.getParams();
        validateDHPublicKey(params.getP(), params.getG(), dHPublicKey.getY());
    }

    private static void validateDHPublicKey(DHPublicKeySpec dHPublicKeySpec) throws InvalidKeyException {
        validateDHPublicKey(dHPublicKeySpec.getP(), dHPublicKeySpec.getG(), dHPublicKeySpec.getY());
    }

    private static void validateDHPublicKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3) throws InvalidKeyException {
        BigInteger bigInteger4 = BigInteger.ONE;
        BigInteger subtract = bigInteger.subtract(BigInteger.ONE);
        if (bigInteger3.compareTo(bigInteger4) <= 0) {
            throw new InvalidKeyException("Diffie-Hellman public key is too small");
        }
        if (bigInteger3.compareTo(subtract) >= 0) {
            throw new InvalidKeyException("Diffie-Hellman public key is too large");
        }
        if (bigInteger.remainder(bigInteger3).equals(BigInteger.ZERO)) {
            throw new InvalidKeyException("Invalid Diffie-Hellman parameters");
        }
    }

    private static void validateECPublicKey(ECPublicKey eCPublicKey) throws InvalidKeyException {
        EllipticCurve curve = eCPublicKey.getParams().getCurve();
        BigInteger p = ((ECFieldFp) curve.getField()).getP();
        BigInteger a = curve.getA();
        BigInteger b = curve.getB();
        ECPoint w = eCPublicKey.getW();
        validateECPublicKey(p, a, b, w.getAffineX(), w.getAffineY());
    }

    private static void validateECPublicKey(ECPublicKeySpec eCPublicKeySpec) throws InvalidKeyException {
        EllipticCurve curve = eCPublicKeySpec.getParams().getCurve();
        BigInteger p = ((ECFieldFp) curve.getField()).getP();
        BigInteger a = curve.getA();
        BigInteger b = curve.getB();
        ECPoint w = eCPublicKeySpec.getW();
        validateECPublicKey(p, a, b, w.getAffineX(), w.getAffineY());
    }

    private static void validateECPublicKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5) throws InvalidKeyException {
        if (bigInteger4 == null || bigInteger5 == null) {
            throw new InvalidKeyException("EC public key is infinity point");
        }
        if (bigInteger4.compareTo(BigInteger.ZERO) <= -1 || bigInteger4.compareTo(bigInteger) != -1 || bigInteger5.compareTo(BigInteger.ZERO) <= -1 || bigInteger5.compareTo(bigInteger) != -1) {
            throw new InvalidKeyException("EC public key has an incorrect ECPoint");
        }
        if (!bigInteger5.multiply(bigInteger5).mod(bigInteger).equals(bigInteger4.multiply(bigInteger4).multiply(bigInteger4).add(bigInteger2.multiply(bigInteger4)).add(bigInteger3).mod(bigInteger))) {
            throw new InvalidKeyException("EC public key is not on the elliptic curve");
        }
    }

    public static byte[] trimZeroes(byte[] bArr) {
        int i = 0;
        while (i < bArr.length - 1 && bArr[i] == 0) {
            i++;
        }
        if (i == 0) {
            return bArr;
        }
        byte[] bArr2 = new byte[bArr.length - i];
        System.arraycopy(bArr, i, bArr2, 0, bArr2.length);
        return bArr2;
    }
}
