package org.xxdc.oss.example.transport;

import java.io.IOException;
import java.lang.System;
import java.lang.invoke.MethodHandles;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.KEM;
import javax.crypto.SecretKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
import org.bouncycastle.pqc.jcajce.spec.KyberParameterSpec;
import org.xxdc.oss.example.security.KyberKEMProvider;

/* loaded from: input_file:org/xxdc/oss/example/transport/SecureBouncyCastleKyberClient.class */
public final class SecureBouncyCastleKyberClient extends SecureDuplexMessageHandler {
    private static final System.Logger log = System.getLogger(MethodHandles.lookup().lookupClass().getName());

    private void registerSecurityProviders() {
        Security.addProvider(new BouncyCastleProvider());
        Security.addProvider(new BouncyCastlePQCProvider());
        Security.addProvider(new KyberKEMProvider());
    }

    public SecureBouncyCastleKyberClient(DuplexMessageHandler duplexMessageHandler) {
        super(duplexMessageHandler);
        registerSecurityProviders();
    }

    @Override // org.xxdc.oss.example.transport.SecureDuplexMessageHandler, org.xxdc.oss.example.transport.MessageHandler
    public void init() throws IOException {
        try {
            this.handler.init();
            log.log(System.Logger.Level.DEBUG, "Initializing secure channel for {0}. Exchanging shared key...", new Object[]{getClass().getSimpleName()});
            this.sharedKey = exchangeSharedKey();
            this.initialized = true;
            log.log(System.Logger.Level.DEBUG, "Secure connection for {0} established with {1} shared key.", new Object[]{getClass().getSimpleName(), this.sharedKey.getAlgorithm()});
        } catch (IOException | ClassNotFoundException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new IllegalArgumentException("Invalid security configuration/exchange: " + e.getMessage(), e);
        }
    }

    @Override // org.xxdc.oss.example.transport.SecureDuplexMessageHandler
    protected SecretKey exchangeSharedKey() throws NoSuchAlgorithmException, NoSuchProviderException, ClassNotFoundException, IOException, InvalidAlgorithmParameterException, InvalidKeyException {
        KEM.Encapsulated encapsulate = KEM.getInstance("Kyber", "BCPQC.KEM").newEncapsulator(retrieveKey(), KyberParameterSpec.kyber1024, (SecureRandom) null).encapsulate();
        this.handler.sendBytes(encapsulate.encapsulation());
        this.handler.sendBytes(encapsulate.params());
        return encapsulate.key();
    }

    private PublicKey retrieveKey() throws ClassNotFoundException, IOException {
        return (PublicKey) this.handler.receiveObject();
    }
}
