package signgate.crypto.pkcs;

import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.util.Vector;
import signgate.crypto.asn1.Asn1;
import signgate.crypto.asn1.Asn1Exception;
import signgate.crypto.asn1.Integer;
import signgate.crypto.asn1.OctetString;
import signgate.crypto.asn1.Sequence;
import signgate.crypto.util.RandomUtil;
import signgate.crypto.x509.AlgorithmId;
import signgate.javax.crypto.Cipher;
import signgate.javax.crypto.SecretKeyFactory;
import signgate.javax.crypto.spec.IvParameterSpec;
import signgate.javax.crypto.spec.PBEParameterSpec;
import signgate.javax.crypto.spec.SecretKeySpec;
import signgate.provider.ec.eckeys.ECPrivateKey;
import signgate.provider.ec.ecparameters.spec.ECParameterSpec;
import signgate.provider.kcdsa.KCDSAPrivateKey;
import signgate.provider.oid.OID;
import signgate.provider.pbe.PBEKey;
import signgate.provider.pbe.PBEKeyDerivation;
import signgate.provider.rsa.RSAPrivateCrtKey;

/* loaded from: input_file:signgate/crypto/pkcs/PKCS8EncryptedPrivateKey.class */
public class PKCS8EncryptedPrivateKey {
    private EncryptedPrivateKeyInfo epki;
    private PrivateKey priv;
    private byte[] randomNum;
    private byte[] tempencoded;
    private int ITERATION_COUNT;
    private int SALT_LENGTH;
    private Mac hMac;
    static Class class$signgate$javax$crypto$spec$PBEParameterSpec;

    public PKCS8EncryptedPrivateKey(PrivateKey privateKey) {
        this.epki = null;
        this.priv = null;
        this.tempencoded = null;
        this.ITERATION_COUNT = 1024;
        this.SALT_LENGTH = 8;
        this.hMac = new HMac(new SHA1Digest());
        this.priv = privateKey;
    }

    public PKCS8EncryptedPrivateKey(byte[] bArr) throws Asn1Exception {
        this.epki = null;
        this.priv = null;
        this.tempencoded = null;
        this.ITERATION_COUNT = 1024;
        this.SALT_LENGTH = 8;
        this.hMac = new HMac(new SHA1Digest());
        this.tempencoded = bArr;
        ((Sequence) Asn1.decode(bArr)).getComponents();
        try {
            this.epki = new EncryptedPrivateKeyInfo(bArr);
        } catch (ClassCastException e) {
            e.printStackTrace();
        }
    }

    public void encrypt(String str) {
        encrypt(str.getBytes(), new PKCS5KeyDerivation());
    }

    public void encrypt(byte[] bArr) {
        encrypt(bArr, new PKCS5KeyDerivation());
    }

    public void encrypt(byte[] bArr, PBEKeyDerivation pBEKeyDerivation) {
        AlgorithmParameters algorithmParameters;
        Cipher cipher;
        try {
            byte[] genRand = RandomUtil.genRand();
            byte[] bArr2 = new byte[this.SALT_LENGTH];
            System.arraycopy(genRand, 0, bArr2, 0, this.SALT_LENGTH);
            PBEKey pBEKey = new PBEKey(bArr);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr2, this.ITERATION_COUNT);
            if (pBEKeyDerivation instanceof PKCS5KeyDerivation) {
                algorithmParameters = AlgorithmParameters.getInstance("PBEwithSHA1andSEED-CBC", "SignGATE");
                cipher = Cipher.getInstance("PBEwithSHA1andSEED-CBC2", "SignGATE");
            } else {
                if (!(pBEKeyDerivation instanceof PKCS12KeyDerivation)) {
                    throw new Exception("Unsupported PBEKeyDerivation style");
                }
                algorithmParameters = AlgorithmParameters.getInstance("PBEwithSHAand3-KeyTripleDES-CBC", "SignGATE");
                cipher = Cipher.getInstance("PBEwithSHAand3-KeyTripleDES-CBC", "SignGATE");
            }
            int length = 16 - (this.priv.getEncoded().length % 16);
            byte[] bArr3 = new byte[this.priv.getEncoded().length + length];
            System.arraycopy(this.priv.getEncoded(), 0, bArr3, 0, this.priv.getEncoded().length);
            for (int i = 0; i < length; i++) {
                bArr3[this.priv.getEncoded().length + i] = (byte) length;
            }
            algorithmParameters.init(pBEParameterSpec);
            cipher.init(1, pBEKey, pBEParameterSpec);
            this.epki = new EncryptedPrivateKeyInfo(new AlgorithmId(OID.pbeWithSHA1AndSEED_CBC, algorithmParameters), cipher.doFinal(bArr3));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public void decrypt(String str) throws InvalidKeySpecException, Exception {
        decrypt(str.getBytes());
    }

    public void decrypt(byte[] bArr) throws InvalidKeySpecException, Exception {
        Cipher cipher;
        PBEParameterSpec pBEParameterSpec;
        Class cls;
        if (this.epki.getEncryptionAlgorithm().getOid().equals(OID.PBES2)) {
            if (!this.epki.getEncryptionAlgorithm().getOid().equals(OID.PBES2)) {
                throw new Exception("Unknown private key type. please check private key file.");
            }
            try {
                byte[] generateDerivedKey = generateDerivedKey(16, bArr);
                AlgorithmIdPBES2 algorithmIdPBES2 = this.epki.getAlgorithmIdPBES2();
                Cipher cipher2 = Cipher.getInstance("SEED/CBC/PKCS5Padding");
                cipher2.init(2, SecretKeyFactory.getInstance("SEED", "SignGATE").generateSecret(new SecretKeySpec(generateDerivedKey, "SEED")), new IvParameterSpec(algorithmIdPBES2.getIV()));
                PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo(cipher2.doFinal(algorithmIdPBES2.getEncryptedKey()));
                this.randomNum = privateKeyInfo.getRandom();
                String oid2 = privateKeyInfo.getAlgorithmId().getOid2();
                if (oid2 == null || !oid2.equals(OID.c2pnb163v1)) {
                    this.priv = new RSAPrivateCrtKey(privateKeyInfo.getEncodedKey());
                } else if (oid2.equals(OID.c2pnb163v1)) {
                    ECParameterSpec eCParameterSpec = new ECParameterSpec(new int[]{1, 2, 840, 10045, 3, 0, 1});
                    Vector components = ((Sequence) Asn1.decode(new OctetString(privateKeyInfo.getEncodedKey()).getContents())).getComponents();
                    ((Integer) components.elementAt(0)).getInt();
                    BigInteger bigInteger = new BigInteger(((OctetString) components.elementAt(1)).getContents());
                    this.priv = new ECPrivateKey(bigInteger, eCParameterSpec);
                }
                return;
            } catch (Exception e) {
                e.printStackTrace();
                throw new Exception("private key decoding failed. please check password.");
            }
        }
        try {
            byte[] encryptedKey = this.epki.getEncryptedKey();
            AlgorithmId encryptionAlgorithm = this.epki.getEncryptionAlgorithm();
            if (encryptionAlgorithm.getOid().equals(OID.pbeWithSHA1AndSEED_CBC)) {
                cipher = Cipher.getInstance("PBEwithSHA1andSEED-CBC2", "SignGATE");
            } else if (encryptionAlgorithm.getOid().equals(OID.pbeWithMD5AndDES_CBC)) {
                cipher = Cipher.getInstance("PBEwithMD5andDES-CBC", "SignGATE");
            } else if (encryptionAlgorithm.getOid().equals(OID.pbeWithSHA1AndDESede_CBC)) {
                cipher = Cipher.getInstance("PBEwithSHAandDESede-CBC", "SignGATE");
            } else if (encryptionAlgorithm.getOid().equals(OID.seed_cbc)) {
                cipher = Cipher.getInstance("PBEwithSHA1andSEED-CBC", "SignGATE");
            } else {
                if (!encryptionAlgorithm.getOid().equals("1.2.410.200004.1.4.2")) {
                    throw new InvalidKeySpecException("Unknown encryption algorithm!!");
                }
                cipher = Cipher.getInstance("PBEwithSHA1andSEED-CBC", "SignGATE");
            }
            try {
                AlgorithmParameters params = encryptionAlgorithm.getParams();
                if (class$signgate$javax$crypto$spec$PBEParameterSpec == null) {
                    cls = class$("signgate.javax.crypto.spec.PBEParameterSpec");
                    class$signgate$javax$crypto$spec$PBEParameterSpec = cls;
                } else {
                    cls = class$signgate$javax$crypto$spec$PBEParameterSpec;
                }
                pBEParameterSpec = (PBEParameterSpec) params.getParameterSpec(cls);
            } catch (Exception e2) {
                try {
                    Sequence sequence = (Sequence) Asn1.decode(encryptionAlgorithm.getp());
                    pBEParameterSpec = new PBEParameterSpec(((OctetString) sequence.getComponents().elementAt(0)).getContents(), ((Integer) sequence.getComponents().elementAt(1)).getInt());
                } catch (Exception e3) {
                    Sequence sequence2 = (Sequence) encryptionAlgorithm.getComponents().elementAt(1);
                    pBEParameterSpec = new PBEParameterSpec(((OctetString) sequence2.getComponents().elementAt(0)).getContents(), ((Integer) sequence2.getComponents().elementAt(1)).getInt());
                }
            }
            cipher.init(2, new PBEKey(bArr), pBEParameterSpec);
            byte[] doFinal = cipher.doFinal(encryptedKey);
            PrivateKeyInfo privateKeyInfo2 = new PrivateKeyInfo(doFinal);
            this.randomNum = privateKeyInfo2.getRandom();
            try {
                this.priv = new RSAPrivateCrtKey(privateKeyInfo2.getEncodedKey());
            } catch (Exception e4) {
                this.priv = new KCDSAPrivateKey(doFinal);
            }
        } catch (Exception e5) {
            throw new Exception("private key decoding failed. please check password.");
        }
    }

    private byte[] generateDerivedKey(int i, byte[] bArr) {
        AlgorithmIdPBES2 algorithmIdPBES2 = this.epki.getAlgorithmIdPBES2();
        byte[] salt = algorithmIdPBES2.getSalt();
        int iterationCount = algorithmIdPBES2.getIterationCount();
        int macSize = this.hMac.getMacSize();
        int i2 = ((i + macSize) - 1) / macSize;
        byte[] bArr2 = new byte[4];
        byte[] bArr3 = new byte[i2 * macSize];
        for (int i3 = 1; i3 <= i2; i3++) {
            intToOctet(bArr2, i3);
            F(bArr, salt, iterationCount, bArr2, bArr3, (i3 - 1) * macSize);
        }
        byte[] bArr4 = new byte[i];
        System.arraycopy(bArr3, 0, bArr4, 0, i);
        return bArr4;
    }

    private void intToOctet(byte[] bArr, int i) {
        bArr[0] = (byte) (i >>> 24);
        bArr[1] = (byte) (i >>> 16);
        bArr[2] = (byte) (i >>> 8);
        bArr[3] = (byte) i;
    }

    private void F(byte[] bArr, byte[] bArr2, int i, byte[] bArr3, byte[] bArr4, int i2) {
        byte[] bArr5 = new byte[this.hMac.getMacSize()];
        this.hMac.init(bArr);
        if (bArr2 != null) {
            this.hMac.update(bArr2, 0, bArr2.length);
        }
        this.hMac.update(bArr3, 0, bArr3.length);
        this.hMac.doFinal(bArr5, 0);
        System.arraycopy(bArr5, 0, bArr4, i2, bArr5.length);
        for (int i3 = 1; i3 != i; i3++) {
            this.hMac.init(bArr);
            this.hMac.update(bArr5, 0, bArr5.length);
            this.hMac.doFinal(bArr5, 0);
            for (int i4 = 0; i4 != bArr5.length; i4++) {
                int i5 = i2 + i4;
                bArr4[i5] = (byte) (bArr4[i5] ^ bArr5[i4]);
            }
        }
    }

    public void decrypt(String str, PBEKeyDerivation pBEKeyDerivation) throws InvalidKeySpecException, Exception {
        if (pBEKeyDerivation instanceof PKCS5KeyDerivation) {
            decrypt(str.getBytes());
            return;
        }
        if (!(pBEKeyDerivation instanceof PKCS12KeyDerivation)) {
            throw new IllegalArgumentException("Unsupported PBEKeyDerivation");
        }
        try {
            byte[] bytes = str.getBytes("UnicodeBigUnmarked");
            byte[] bArr = new byte[bytes.length + 2];
            System.arraycopy(bytes, 0, bArr, 0, bytes.length);
            bArr[bytes.length] = 0;
            bArr[bytes.length + 1] = 0;
            decrypt(bArr);
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
    }

    public byte[] getEncoded() {
        return this.epki.encode();
    }

    public PrivateKey getPrivateKey() {
        return this.priv;
    }

    public byte[] getRandom() {
        return this.randomNum;
    }

    public String getKeyEncAlgorithm() {
        return this.epki.getEncryptionAlgorithm().getOid();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
