package iaik.pkcs.pkcs8;

import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.ASN1Type;
import iaik.asn1.CodingException;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.security.provider.IAIK;
import iaik.security.random.SecRandom;
import iaik.utils.IaikSecurity;
import iaik.utils.InternalErrorException;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;

/* loaded from: input_file:iaik/pkcs/pkcs8/EncryptedPrivateKeyInfo.class */
public class EncryptedPrivateKeyInfo implements ASN1Type, PrivateKey {
    private static final long serialVersionUID = -6227472653361186792L;
    private static final Vector d = new Vector();
    PrivateKey a;
    AlgorithmID b;
    ASN1 c;

    private static final AlgorithmParameterSpec a(AlgorithmID algorithmID, int i, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        int iterationCount;
        AlgorithmParameterSpec algorithmParameterSpec = null;
        if (IaikSecurity.getTryIAIKProviderFirst()) {
            try {
                algorithmParameterSpec = algorithmID.getAlgorithmParameterSpec(IAIK.getInstance());
            } catch (InvalidAlgorithmParameterException e) {
            }
        }
        if (algorithmParameterSpec == null) {
            algorithmParameterSpec = algorithmID.getAlgorithmParameterSpec();
        }
        if (algorithmParameterSpec == null) {
            if (i < 0) {
                i = 2000;
            }
            byte[] bArr = new byte[algorithmID.equals(AlgorithmID.pbes2) ? 32 : 8];
            if (secureRandom == null) {
                secureRandom = SecRandom.getDefault();
            }
            secureRandom.nextBytes(bArr);
            algorithmParameterSpec = new PBEParameterSpec(bArr, i);
        } else if (i > 0 && (algorithmParameterSpec instanceof PBEParameterSpec) && i != (iterationCount = ((PBEParameterSpec) algorithmParameterSpec).getIterationCount())) {
            throw new InvalidAlgorithmParameterException(new StringBuffer().append("iterationCount (").append(i).append(") differs").append(" from algorithm parameters iteration count (").append(iterationCount).append(")!").toString());
        }
        return algorithmParameterSpec;
    }

    private static final Key a(char[] cArr, AlgorithmID algorithmID) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return algorithmID.getSecretKeyFactoryInstance(IAIK.getInstance()).generateSecret(new PBEKeySpec(cArr));
    }

    public EncryptedPrivateKeyInfo(PrivateKey privateKey) {
        this.a = privateKey;
    }

    public EncryptedPrivateKeyInfo(ASN1Object aSN1Object) throws InvalidKeyException {
        try {
            this.c = new ASN1(aSN1Object);
            a();
        } catch (CodingException e) {
            throw new InvalidKeyException(new StringBuffer().append("No PrivateKeyInfo: ").append(e.toString()).toString());
        }
    }

    public EncryptedPrivateKeyInfo(InputStream inputStream) throws InvalidKeyException, IOException {
        try {
            this.c = new ASN1(inputStream);
            a();
        } catch (CodingException e) {
            throw new InvalidKeyException(new StringBuffer().append("No PrivateKeyInfo: ").append(e.toString()).toString());
        }
    }

    public EncryptedPrivateKeyInfo(byte[] bArr) throws InvalidKeyException {
        try {
            this.c = new ASN1(bArr);
            a();
        } catch (CodingException e) {
            throw new InvalidKeyException(new StringBuffer().append("No PrivateKeyInfo: ").append(e.toString()).toString());
        }
    }

    @Override // iaik.asn1.ASN1Type
    public void decode(ASN1Object aSN1Object) throws CodingException {
        this.c = new ASN1(aSN1Object);
        try {
            a();
        } catch (InvalidKeyException e) {
            throw new CodingException(e.toString());
        }
    }

    private void a() throws InvalidKeyException {
        try {
            this.b = new AlgorithmID(this.c.getComponentAt(0));
        } catch (CodingException e) {
            throw new InvalidKeyException(e.toString());
        }
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        if (this.c == null) {
            throw new IOException("Private key not encrypted yet.");
        }
        objectOutputStream.write(getEncoded());
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException {
        try {
            this.c = new ASN1(objectInputStream);
            a();
        } catch (CodingException e) {
            throw new IOException(new StringBuffer().append("Unable to restore PrivateKeyInfo: ").append(e.toString()).toString());
        } catch (InvalidKeyException e2) {
            throw new IOException(new StringBuffer().append("Unable to restore PrivateKeyInfo: ").append(e2.toString()).toString());
        }
    }

    public void encrypt(char[] cArr, String str) throws NoSuchAlgorithmException {
        encrypt(cArr, str, SecRandom.getDefault());
    }

    public void encrypt(char[] cArr, String str, SecureRandom secureRandom) throws NoSuchAlgorithmException {
        AlgorithmID algorithmID = AlgorithmID.getAlgorithmID(str);
        if (algorithmID == null && d.contains(str)) {
            algorithmID = AlgorithmID.pbes2;
        }
        if (algorithmID == null) {
            throw new NoSuchAlgorithmException(new StringBuffer().append("Algorithm ").append(str).append(" not supported!").toString());
        }
        a(cArr, algorithmID, str, secureRandom, null);
    }

    public void encrypt(String str, AlgorithmID algorithmID, SecureRandom secureRandom) throws NoSuchAlgorithmException {
        encrypt(str.toCharArray(), algorithmID, secureRandom);
    }

    public void encrypt(char[] cArr, AlgorithmID algorithmID, SecureRandom secureRandom) throws NoSuchAlgorithmException {
        try {
            a(cArr, algorithmID, algorithmID.getImplementationName(), secureRandom, a(algorithmID, -1, secureRandom));
        } catch (InvalidAlgorithmParameterException e) {
            throw new IllegalArgumentException(new StringBuffer().append("Invalid algorithm parameters: ").append(e.toString()).toString());
        }
    }

    public void encrypt(char[] cArr, AlgorithmID algorithmID, SecureRandom secureRandom, int i) throws NoSuchAlgorithmException {
        if (i <= 0) {
            throw new IllegalArgumentException("iterationCount must not be negative!");
        }
        try {
            a(cArr, algorithmID, algorithmID.getImplementationName(), secureRandom, a(algorithmID, i, secureRandom));
        } catch (InvalidAlgorithmParameterException e) {
            throw new IllegalArgumentException(new StringBuffer().append("Invalid algorithm parameters: ").append(e.toString()).toString());
        }
    }

    private void a(char[] cArr, AlgorithmID algorithmID, String str, SecureRandom secureRandom, AlgorithmParameterSpec algorithmParameterSpec) throws NoSuchAlgorithmException {
        if (this.a == null) {
            if (this.c == null) {
                throw new NullPointerException("Nothing to encrypt. Private key not set!");
            }
            return;
        }
        this.b = (AlgorithmID) algorithmID.clone();
        try {
            Cipher cipher = null;
            if (IaikSecurity.getTryIAIKProviderFirst()) {
                try {
                    cipher = IaikSecurity.getCipherInstance(str, IAIK.getInstance());
                } catch (Exception e) {
                }
            }
            if (cipher == null) {
                cipher = Cipher.getInstance(str);
            }
            cipher.init(1, a(cArr, this.b), algorithmParameterSpec, secureRandom);
            byte[] doFinal = cipher.doFinal(this.a.getEncoded());
            this.b.setAlgorithmParameters(cipher.getParameters());
            SEQUENCE sequence = new SEQUENCE();
            sequence.addComponent(this.b.toASN1Object());
            sequence.addComponent(new OCTET_STRING(doFinal));
            this.c = new ASN1(sequence);
            this.a = null;
        } catch (Exception e2) {
            throw new InternalErrorException(e2);
        }
    }

    public PrivateKey decrypt(String str) throws NoSuchAlgorithmException, GeneralSecurityException {
        return decrypt(str.toCharArray());
    }

    public PrivateKey decrypt(char[] cArr) throws NoSuchAlgorithmException, GeneralSecurityException {
        AlgorithmParameterSpec algorithmParameterSpec = null;
        if (IaikSecurity.getTryIAIKProviderFirst()) {
            try {
                algorithmParameterSpec = this.b.getAlgorithmParameterSpec(IAIK.getInstance());
            } catch (InvalidAlgorithmParameterException e) {
            }
        }
        if (algorithmParameterSpec == null) {
            algorithmParameterSpec = this.b.getAlgorithmParameterSpec();
        }
        Cipher cipher = null;
        if (IaikSecurity.getTryIAIKProviderFirst()) {
            try {
                cipher = this.b.getCipherInstance(IAIK.getInstance());
            } catch (NoSuchAlgorithmException e2) {
            }
        }
        if (cipher == null) {
            cipher = this.b.getCipherInstance();
        }
        try {
            cipher.init(2, a(cArr, this.b), algorithmParameterSpec);
            this.a = PrivateKeyInfo.getPrivateKey(cipher.doFinal((byte[]) this.c.getComponentAt(1).getValue()));
            return this.a;
        } catch (Exception e3) {
            throw new GeneralSecurityException(this, new StringBuffer().append("Error decrypting private key: ").append(e3.toString()).toString(), e3) { // from class: iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.1
                private static final long serialVersionUID = -712183313106196366L;
                private final Exception a;
                private final EncryptedPrivateKeyInfo b;

                {
                    this.b = this;
                    this.a = e3;
                }

                @Override // java.lang.Throwable
                public Throwable getCause() {
                    return this.a;
                }
            };
        }
    }

    public PrivateKey getPrivateKeyInfo() {
        return this.a;
    }

    public AlgorithmID getEncryptionAlgorithm() {
        AlgorithmID algorithmID = this.b;
        if (algorithmID != null) {
            algorithmID = (AlgorithmID) algorithmID.clone();
        }
        return algorithmID;
    }

    @Override // iaik.asn1.ASN1Type
    public ASN1Object toASN1Object() {
        return this.c.toASN1Object();
    }

    @Override // java.security.Key
    public byte[] getEncoded() {
        return this.c.toByteArray();
    }

    @Override // java.security.Key
    public String getAlgorithm() {
        return "ENCRYPTED";
    }

    @Override // java.security.Key
    public String getFormat() {
        return "PKCS#8";
    }

    public void writeTo(OutputStream outputStream) throws IOException {
        this.c.writeTo(outputStream);
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.b != null) {
            stringBuffer.append(new StringBuffer().append("Private key is encrypted with algorithm: ").append(this.b.getName()).toString());
        } else {
            stringBuffer.append(new StringBuffer().append(this.a.getAlgorithm()).append(" private key is not encrypted yet.").toString());
        }
        return stringBuffer.toString();
    }

    static {
        d.add("PBES2");
        d.add("1.2.840.113549.1.5.13");
        d.add("PBES2WithHmacSHA1AndAES");
        d.add("PBES2WithHmacSHA1AndAES128");
        d.add("PBEWithHmacSHA1AndAES");
        d.add("PBEWithHmacSHA1AndAES128");
        d.add("PBES2WithHmacSHA256AndAES");
        d.add("PBES2WithHmacSHA256AndAES128");
        d.add("PBEWithHmacSHA256AndAES");
        d.add("PBEWithHmacSHA256AndAES128");
        d.add("PBES2WithHmacSHA256AndAES256");
        d.add("PBEWithHmacSHA256AndAES256");
        d.add("PBES2WithHmacSHA384AndAES192");
        d.add("PBEWithHmacSHA384AndAES192");
        d.add("PBES2WithHmacSHA512AndAES256");
        d.add("PBEWithHmacSHA512AndAES256");
        d.add("PBES2WithHmacSHA1AndDESede");
        d.add("PBEWithHmacSHA1AndDESede");
        d.add("PBES2WithHmacSHA1AndTripleDES");
        d.add("PBEWithHmacSHA1AndTripleDES");
    }
}
