package com.dstc.security.keymanage;

import com.dstc.security.asn1.Asn1;
import com.dstc.security.asn1.Asn1Exception;
import com.dstc.security.asn1.Integer;
import com.dstc.security.common.PrivateKeyInfo;
import com.dstc.security.util.Base64InputStream;
import com.dstc.security.util.Base64OutputStream;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.Iterator;
import java.util.StringTokenizer;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/dstc/security/keymanage/SSLeayEncryptedPrivateKey.class */
public class SSLeayEncryptedPrivateKey {
    private static final byte[] HEADER = "-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: DES-EDE3-CBC,".getBytes();
    private static final byte[] FOOTER = "\n-----END RSA PRIVATE KEY-----".getBytes();
    private String keyAlg;
    private IvParameterSpec iv;
    private Cipher ciph;
    private String encAlg;
    private byte[] encodedKey;
    private PrivateKey priv;
    private SecureRandom rand;

    public SSLeayEncryptedPrivateKey(InputStream inputStream) throws SSLeayException, IOException {
        this.encAlg = "DESede";
        this.rand = null;
        decode(inputStream);
    }

    public SSLeayEncryptedPrivateKey(SecureRandom secureRandom, PrivateKey privateKey) throws SSLeayException {
        this.encAlg = "DESede";
        this.rand = null;
        if (!(privateKey instanceof RSAPrivateCrtKey)) {
            throw new SSLeayException("Only RSA CRT Private Key supported");
        }
        this.rand = secureRandom;
        this.priv = privateKey;
    }

    public SSLeayEncryptedPrivateKey(byte[] bArr) throws SSLeayException {
        this.encAlg = "DESede";
        this.rand = null;
        try {
            decode(new ByteArrayInputStream(bArr));
        } catch (IOException unused) {
            throw new SSLeayException("Unexpected error");
        }
    }

    private static KeySpec asn1ToPriv(byte[] bArr) throws Asn1Exception {
        try {
            Iterator components = Asn1.getAsn1(bArr).components();
            if (((Integer) components.next()).getInt() != 0) {
                throw new Asn1Exception("Bad asn1 encoding");
            }
            return new RSAPrivateCrtKeySpec(((Integer) components.next()).getBigInteger(), ((Integer) components.next()).getBigInteger(), ((Integer) components.next()).getBigInteger(), ((Integer) components.next()).getBigInteger(), ((Integer) components.next()).getBigInteger(), ((Integer) components.next()).getBigInteger(), ((Integer) components.next()).getBigInteger(), ((Integer) components.next()).getBigInteger());
        } catch (ClassCastException e) {
            throw new Asn1Exception(new StringBuffer("Bad asn1 encoding: ").append(e.getMessage()).toString());
        }
    }

    private void checkAlg(String str) throws SSLeayException {
        if (!str.startsWith("-----BEGIN")) {
            throw new SSLeayException("Not an SSLeay protected private key");
        }
        if (str.indexOf("RSA") == -1) {
            throw new SSLeayException("Only RSA keys supported");
        }
        this.keyAlg = "RSA";
    }

    private void checkEncrypted(String str) throws SSLeayException {
        try {
            StringTokenizer stringTokenizer = new StringTokenizer(str.substring(10), ",", false);
            if (!stringTokenizer.nextToken().equals("DES-EDE3-CBC")) {
                throw new SSLeayException("Only DESede encryption supported");
            }
            this.encAlg = "DESede";
            this.ciph = Cipher.getInstance(new StringBuffer(String.valueOf(this.encAlg)).append("/CBC/PKCS5Padding").toString());
            retrieveIV(stringTokenizer.nextToken());
        } catch (Exception e) {
            throw new SSLeayException(new StringBuffer("Unexpected error: ").append(e.getMessage()).toString());
        }
    }

    private void decode(InputStream inputStream) throws IOException, SSLeayException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        StringBuffer stringBuffer = new StringBuffer();
        checkAlg(bufferedReader.readLine());
        if (!bufferedReader.readLine().startsWith("Proc-Type: 4,ENCRYPTED")) {
            throw new SSLeayException("Not an encrypted private key");
        }
        checkEncrypted(bufferedReader.readLine());
        bufferedReader.readLine();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine.startsWith("-----END")) {
                break;
            } else {
                stringBuffer.append(readLine).append("\n");
            }
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (true) {
            String readLine2 = bufferedReader.readLine();
            if (readLine2 == null) {
                new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                this.encodedKey = stringBuffer.toString().getBytes();
                return;
            }
            byteArrayOutputStream.write(new StringBuffer(String.valueOf(readLine2)).append("\n").toString().getBytes());
        }
    }

    public void decrypt(char[] cArr) throws SSLeayException {
        try {
            Base64InputStream base64InputStream = new Base64InputStream(new ByteArrayInputStream(this.encodedKey));
            byte[] bArr = new byte[128];
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            while (true) {
                int read = base64InputStream.read(bArr);
                if (read == -1) {
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    this.ciph.init(2, passToKey(cArr), this.iv);
                    this.priv = KeyFactory.getInstance("RSA").generatePrivate(asn1ToPriv(this.ciph.doFinal(byteArray)));
                    return;
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } catch (NoSuchAlgorithmException e) {
            throw new SSLeayException(new StringBuffer("Provider error: ").append(e.getMessage()).toString());
        } catch (BadPaddingException unused) {
            throw new SSLeayException("Bad password");
        } catch (Exception e2) {
            throw new SSLeayException(new StringBuffer("Unexpected error: ").append(e2.getMessage()).toString());
        }
    }

    public void encrypt(char[] cArr) throws SSLeayException {
        try {
            byte[] encodedKey = new PrivateKeyInfo(this.priv.getEncoded()).getEncodedKey();
            this.ciph = Cipher.getInstance(new StringBuffer(String.valueOf(this.encAlg)).append("/CBC/PKCS5Padding").toString());
            byte[] bArr = new byte[8];
            if (this.rand == null) {
                this.rand = new SecureRandom();
            }
            this.rand.nextBytes(bArr);
            this.iv = new IvParameterSpec(bArr);
            this.ciph.init(1, passToKey(cArr), this.iv);
            byte[] doFinal = this.ciph.doFinal(encodedKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            Base64OutputStream base64OutputStream = new Base64OutputStream(0, 15, byteArrayOutputStream);
            base64OutputStream.write(doFinal);
            base64OutputStream.flush();
            base64OutputStream.close();
            this.encodedKey = byteArrayOutputStream.toByteArray();
        } catch (Asn1Exception e) {
            throw new SSLeayException(new StringBuffer("Unexpected error: ").append(e.getMessage()).toString());
        } catch (IOException e2) {
            throw new SSLeayException(new StringBuffer("Unexpected error: ").append(e2.getMessage()).toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new SSLeayException(new StringBuffer("Provider error: ").append(e3.getMessage()).toString());
        } catch (Exception e4) {
            throw new SSLeayException(new StringBuffer("Unexpected error: ").append(e4.getMessage()).toString());
        }
    }

    public byte[] getEncoded() throws SSLeayException {
        if (this.encodedKey == null) {
            throw new SSLeayException("Private key not yet encrypted");
        }
        byte[] bytes = ivToString().getBytes();
        byte[] bArr = new byte[HEADER.length + bytes.length + FOOTER.length + this.encodedKey.length];
        System.arraycopy(HEADER, 0, bArr, 0, HEADER.length);
        System.arraycopy(bytes, 0, bArr, HEADER.length, bytes.length);
        System.arraycopy(this.encodedKey, 0, bArr, HEADER.length + bytes.length, this.encodedKey.length);
        System.arraycopy(FOOTER, 0, bArr, HEADER.length + this.encodedKey.length + bytes.length, FOOTER.length);
        return bArr;
    }

    public PrivateKey getPrivateKey() throws SSLeayException {
        if (this.priv == null) {
            throw new SSLeayException("Private key not yet decrypted");
        }
        return this.priv;
    }

    private static final String hexDigit(byte b) {
        char[] cArr = new char[2];
        char c = (char) ((b >> 4) & 15);
        cArr[0] = c > '\t' ? (char) ((c - '\n') + 97) : (char) (c + '0');
        char c2 = (char) (b & 15);
        cArr[1] = c2 > '\t' ? (char) ((c2 - '\n') + 97) : (char) (c2 + '0');
        return new String(cArr);
    }

    private String ivToString() {
        byte[] iv = this.iv.getIV();
        StringBuffer stringBuffer = new StringBuffer();
        for (byte b : iv) {
            stringBuffer.append(hexDigit(b));
        }
        stringBuffer.append("\n\n");
        return stringBuffer.toString();
    }

    private SecretKey passToKey(char[] cArr) throws SSLeayException {
        try {
            byte[] bArr = new byte[24];
            byte[] bytes = new String(cArr).getBytes();
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(bytes);
            messageDigest.update(this.iv.getIV());
            byte[] digest = messageDigest.digest();
            System.arraycopy(digest, 0, bArr, 0, 16);
            messageDigest.update(digest);
            messageDigest.update(bytes);
            messageDigest.update(this.iv.getIV());
            System.arraycopy(messageDigest.digest(), 0, bArr, 16, 8);
            return new SecretKeySpec(bArr, this.encAlg);
        } catch (NoSuchAlgorithmException e) {
            throw new SSLeayException(new StringBuffer("Provider error: ").append(e.getMessage()).toString());
        }
    }

    private void retrieveIV(String str) {
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) Integer.parseInt(str.substring(i * 2, (i * 2) + 2), 16);
        }
        this.iv = new IvParameterSpec(bArr);
    }
}
