package oracle.security.crypto.core;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.core.math.BigInt;
import oracle.security.crypto.fips.FIPS_140_2;
import oracle.security.crypto.provider.TransitionMode;
import oracle.security.crypto.util.CryptoUtils;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;
import oracle.security.crypto.util.Utils;
import org.apache.commons.lang3.CharEncoding;

/* loaded from: input_file:oracle/security/crypto/core/PKCS12PBE.class */
public final class PKCS12PBE extends PBE {
    public static final int SHA_128RC4 = 1;
    public static final int SHA_40RC4 = 2;
    public static final int SHA_3_3DES_CBC = 3;
    public static final int SHA_2_3DES_CBC = 4;
    public static final int SHA_128RC2_CBC = 5;
    public static final int SHA_40RC2_CBC = 6;
    private int d;
    private int e = 1;
    private static final long f = 4294967297L;

    @Override // oracle.security.crypto.core.PBE
    public void initialize(AlgorithmIdentifier algorithmIdentifier) throws AlgorithmIdentifierException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        if (algorithmIdentifier instanceof PBEAlgorithmIdentifier) {
            this.a = (PBEAlgorithmIdentifier) algorithmIdentifier;
        } else {
            try {
                this.a = new PBEAlgorithmIdentifier(Utils.toStream(algorithmIdentifier));
            } catch (IOException e) {
                throw new AlgorithmIdentifierException(e.toString());
            }
        }
        ASN1ObjectID oid = this.a.getOID();
        this.b = AlgID.sha_1;
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithSHAAnd128BitRC4)) {
            this.c = AlgID.RC4;
            this.d = 16;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithSHAAnd40BitRC4)) {
            this.c = AlgID.RC4;
            this.d = 5;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithSHAAnd3_KeyTripleDES_CBC)) {
            this.c = AlgID.DES_EDE3_CBC;
            this.d = 24;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithSHAAnd2_KeyTripleDES_CBC)) {
            this.c = AlgID.DES_EDE3_CBC;
            this.d = 16;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithSHAAnd128BitRC2_CBC)) {
            this.c = AlgID.RC2_CBC;
            this.d = 16;
        } else if (oid.equals(PBEAlgorithmIdentifier.pbeWithSHAAnd40BitRC2_CBC)) {
            this.c = AlgID.RC2_CBC;
            this.d = 5;
        } else {
            if (!oid.equals(PBEAlgorithmIdentifier.id_PBES2)) {
                throw new AlgorithmIdentifierException("Unknown algorithm identifier: " + algorithmIdentifier);
            }
            this.c = this.a.getEncryptionScheme();
            this.d = this.a.getKeyLength();
            this.b = this.a.getPseudorandomFunc();
            this.e = 2;
        }
    }

    @Override // oracle.security.crypto.core.PBE
    public void initialize(int i, byte[] bArr, int i2) throws AlgorithmIdentifierException {
        initialize(new PBEAlgorithmIdentifier(new ASN1ObjectID(PBEAlgorithmIdentifier.pkcs12PBEids, i), bArr, i2));
    }

    @Override // oracle.security.crypto.core.PBE
    public void initialize(int i) throws AlgorithmIdentifierException {
        initialize(new PBEAlgorithmIdentifier(new ASN1ObjectID(PBEAlgorithmIdentifier.pkcs12PBEids, i)));
    }

    @Override // oracle.security.crypto.core.PBE
    public byte[] encrypt(String str, byte[] bArr) throws CipherException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        return this.e == 1 ? a(str, bArr, true) : a(str, bArr);
    }

    private byte[] a(String str, byte[] bArr) throws CipherException {
        byte[] bytes;
        try {
            bytes = str.getBytes(CharEncoding.US_ASCII);
        } catch (UnsupportedEncodingException e) {
            bytes = str.getBytes();
        }
        byte[] a = a(bytes, bArr, true);
        Utils.setArray(bytes, (byte) 0);
        return a;
    }

    @Override // oracle.security.crypto.core.PBE
    public byte[] decrypt(String str, byte[] bArr) throws CipherException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        return this.e == 1 ? a(str, bArr, false) : b(str, bArr);
    }

    private byte[] b(String str, byte[] bArr) throws CipherException {
        byte[] bytes;
        byte[] a;
        boolean z = false;
        try {
            bytes = str.getBytes(CharEncoding.US_ASCII);
        } catch (UnsupportedEncodingException e) {
            bytes = str.getBytes();
            z = true;
        }
        try {
            a = a(bytes, bArr, false);
        } catch (Exception e2) {
            if (z) {
                if (e2 instanceof CipherException) {
                    throw ((CipherException) e2);
                }
                throw new CipherException(e2.toString());
            }
            Utils.setArray(bytes, (byte) 0);
            bytes = str.getBytes();
            a = a(bytes, bArr, false);
        }
        Utils.setArray(bytes, (byte) 0);
        return a;
    }

    @Override // oracle.security.crypto.core.PBE
    public byte[] encryptPrivateKey(String str, PrivateKey privateKey) throws CipherException {
        if (privateKey instanceof PrivateKeyPKCS8) {
            throw new CipherException("Cannot encrypt encrypted key");
        }
        return encrypt(str, c.a(privateKey));
    }

    @Override // oracle.security.crypto.core.PBE
    public PrivateKey decryptPrivateKey(String str, byte[] bArr) throws CipherException, IOException {
        byte[] decrypt = decrypt(str, bArr);
        PrivateKey inputPrivateKey = CryptoUtils.inputPrivateKey(new UnsyncByteArrayInputStream(decrypt));
        Utils.setArray(decrypt, (byte) 0);
        return inputPrivateKey;
    }

    @Override // oracle.security.crypto.core.PBE
    public byte[] encryptSymmetricKey(String str, SymmetricKey symmetricKey) throws CipherException {
        return encrypt(str, symmetricKey.e());
    }

    @Override // oracle.security.crypto.core.PBE
    public SymmetricKey decryptSymmetricKey(String str, byte[] bArr) throws CipherException {
        byte[] decrypt = decrypt(str, bArr);
        SymmetricKey symmetricKey = new SymmetricKey(decrypt);
        Utils.setArray(decrypt, (byte) 0);
        return symmetricKey;
    }

    private byte[] a(String str, byte[] bArr, boolean z) throws CipherException {
        Cipher cipher;
        byte[] encrypt;
        try {
            SymmetricKey a = a(str);
            Cipher cipher2 = null;
            try {
                if (this.c.getOID().equals(AlgID.RC4.getOID())) {
                    cipher = Cipher.getInstance(a.getAlgID(), a);
                    encrypt = z ? cipher.encrypt(bArr) : cipher.decrypt(bArr);
                } else {
                    cipher = Cipher.getInstance(a.getAlgID(), a, Padding.PKCS5);
                    encrypt = z ? ((BlockCipher) cipher).encrypt(bArr, 0, bArr.length, true) : ((BlockCipher) cipher).decrypt(bArr, 0, bArr.length, true);
                }
                if (cipher != null) {
                    cipher.erase();
                }
                if (a != null) {
                    a.erase();
                }
                return encrypt;
            } catch (Throwable th) {
                if (0 != 0) {
                    cipher2.erase();
                }
                if (a != null) {
                    a.erase();
                }
                throw th;
            }
        } catch (AlgorithmIdentifierException e) {
            throw new CipherException(e.toString());
        } catch (InvalidKeyException e2) {
            throw new CipherException(e2.toString());
        }
    }

    private byte[] a(byte[] bArr, byte[] bArr2, boolean z) throws CipherException {
        SymmetricKey a = a(bArr);
        Cipher cipher = null;
        try {
            try {
                try {
                    Cipher cipher2 = Cipher.getInstance(this.c, a, Padding.PKCS5);
                    byte[] encrypt = z ? ((BlockCipher) cipher2).encrypt(bArr2, 0, bArr2.length, true) : ((BlockCipher) cipher2).decrypt(bArr2, 0, bArr2.length, true);
                    if (cipher2 != null) {
                        cipher2.erase();
                    }
                    if (a != null) {
                        a.erase();
                    }
                    return encrypt;
                } catch (AlgorithmIdentifierException e) {
                    throw new CipherException(e.toString());
                }
            } catch (InvalidKeyException e2) {
                throw new CipherException(e2.toString());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                cipher.erase();
            }
            if (a != null) {
                a.erase();
            }
            throw th;
        }
    }

    private static byte[] a(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, byte[] bArr2, int i, int i2) throws InvalidKeyException {
        SymmetricKey symmetricKey = new SymmetricKey(bArr);
        try {
            try {
                MAC mac = MAC.getInstance(algorithmIdentifier, symmetricKey);
                if (symmetricKey != null) {
                    symmetricKey.erase();
                }
                int digestLength = mac.getDigestLength();
                if ((i2 & 65535) > f * digestLength) {
                    throw new InvalidKeyException("Derived key too long");
                }
                int i3 = ((i2 + digestLength) - 1) / digestLength;
                byte[] bArr3 = new byte[i2];
                for (int i4 = 1; i4 <= i3; i4++) {
                    a(mac, bArr2, i, i4, bArr3, (i4 - 1) * digestLength);
                }
                return bArr3;
            } catch (AlgorithmIdentifierException e) {
                throw new InvalidKeyException(e.toString());
            }
        } catch (Throwable th) {
            if (symmetricKey != null) {
                symmetricKey.erase();
            }
            throw th;
        }
    }

    private static void a(MAC mac, byte[] bArr, int i, int i2, byte[] bArr2, int i3) {
        byte[] bArr3 = new byte[mac.getDigestLength()];
        mac.init();
        mac.update(bArr);
        mac.update(Utils.wordToBytes(i2));
        mac.computeCurrent();
        byte[] digestBits = mac.getDigestBits();
        System.arraycopy(digestBits, 0, bArr3, 0, digestBits.length);
        for (int i4 = 2; i4 <= i; i4++) {
            mac.init();
            mac.update(digestBits);
            mac.computeCurrent();
            digestBits = mac.getDigestBits();
            a(bArr3, 0, digestBits, 0, digestBits.length);
        }
        System.arraycopy(bArr3, 0, bArr2, i3, Math.min(bArr3.length, bArr2.length - i3));
    }

    private static void a(byte[] bArr, int i, byte[] bArr2, int i2, int i3) {
        byte[] bArr3 = new byte[i3];
        byte[] bArr4 = new byte[i3];
        System.arraycopy(bArr, i, bArr3, 0, i3);
        System.arraycopy(bArr2, i2, bArr4, 0, i3);
        byte[] bArr5 = new byte[i3];
        for (int i4 = 0; i4 < i3; i4++) {
            bArr5[i4] = (byte) (bArr3[i4] ^ bArr4[i4]);
        }
        System.arraycopy(bArr5, 0, bArr, i, i3);
    }

    private SymmetricKey a(byte[] bArr) throws CipherException {
        try {
            byte[] a = a(this.b, bArr, this.a.getSalt(), this.a.getIterationCount(), this.a.getKeyLength());
            SymmetricKey symmetricKey = new SymmetricKey(a, this.c);
            Utils.setArray(a, (byte) 0);
            return symmetricKey;
        } catch (InvalidKeyException e) {
            throw new CipherException(e.toString());
        }
    }

    private SymmetricKey a(String str) throws CipherException {
        SymmetricKey symmetricKey;
        byte[] a = a(this.b, str, this.a.getSalt(), this.a.getIterationCount(), (byte) 1, this.d);
        if (this.c.getOID().equals(AlgID.RC4.getOID())) {
            symmetricKey = new SymmetricKey(a, AlgID.RC4);
        } else {
            byte[] a2 = a(this.b, str, this.a.getSalt(), this.a.getIterationCount(), (byte) 2, 8);
            if (this.c.getOID().equals(AlgID.RC2_CBC.getOID())) {
                new SymmetricKey(a, new RC2AlgorithmIdentifier(a2, this.d * 8));
            }
            if (this.a.getOID().equals(PBEAlgorithmIdentifier.pbeWithSHAAnd2_KeyTripleDES_CBC)) {
                byte[] bArr = new byte[24];
                System.arraycopy(a, 0, bArr, 0, 16);
                System.arraycopy(a, 0, bArr, 16, 8);
                Utils.setArray(a, (byte) 0);
                a = bArr;
            }
            symmetricKey = new SymmetricKey(a, new CBCAlgorithmIdentifier(this.c.getOID(), a2));
        }
        Utils.setArray(a, (byte) 0);
        return symmetricKey;
    }

    public static byte[] createPKCS12MacKey(AlgorithmIdentifier algorithmIdentifier, String str, byte[] bArr, int i, int i2) throws CipherException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        return a(algorithmIdentifier, str, bArr, i, (byte) 3, i2);
    }

    private static byte[] a(AlgorithmIdentifier algorithmIdentifier, String str, byte[] bArr, int i, byte b, int i2) throws CipherException {
        if (str == null) {
            throw new CipherException("Password not set");
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(algorithmIdentifier);
            int digestLength = messageDigest.getDigestLength();
            int blockSize = messageDigest.blockSize();
            byte[] bArr2 = new byte[blockSize];
            Utils.setArray(bArr2, b);
            byte[] unicodeToBytes = Utils.unicodeToBytes(str);
            byte[] bArr3 = new byte[unicodeToBytes.length + 2];
            System.arraycopy(unicodeToBytes, 0, bArr3, 0, unicodeToBytes.length);
            int length = bArr3.length - 2;
            bArr3[bArr3.length - 1] = 0;
            bArr3[length] = 0;
            int length2 = bArr.length == 0 ? 0 : (((bArr.length - 1) / blockSize) + 1) * blockSize;
            byte[] bArr4 = new byte[length2 + (bArr3.length == 0 ? 0 : (((bArr3.length - 1) / blockSize) + 1) * blockSize)];
            int i3 = 0;
            while (true) {
                int i4 = i3;
                if (i4 >= length2) {
                    break;
                }
                System.arraycopy(bArr, 0, bArr4, i4, Math.min(length2 - i4, bArr.length));
                i3 = i4 + bArr.length;
            }
            int length3 = bArr4.length;
            for (int i5 = length2; i5 < length3; i5 += bArr3.length) {
                System.arraycopy(bArr3, 0, bArr4, i5, Math.min(bArr4.length - i5, bArr3.length));
            }
            Utils.setArray(bArr3, (byte) 0);
            Utils.setArray(unicodeToBytes, (byte) 0);
            byte[] bArr5 = new byte[i2];
            int i6 = 0;
            while (true) {
                int i7 = i6;
                if (i7 >= i2) {
                    Utils.setArray(messageDigest.a(), (byte) 0);
                    return bArr5;
                }
                messageDigest.init();
                messageDigest.update(bArr2);
                messageDigest.update(bArr4);
                messageDigest.computeCurrent();
                int i8 = i - 1;
                for (int i9 = 0; i9 < i8; i9++) {
                    messageDigest.init();
                    messageDigest.update(messageDigest.a());
                    messageDigest.computeCurrent();
                }
                byte[] bArr6 = new byte[blockSize];
                int i10 = 0;
                while (true) {
                    int i11 = i10;
                    if (i11 >= blockSize) {
                        break;
                    }
                    System.arraycopy(messageDigest.a(), 0, bArr6, i11, Math.min(blockSize - i11, digestLength));
                    i10 = i11 + digestLength;
                }
                BigInt add = new BigInt(1, bArr6).add(BigInt.ONE);
                BigInt subtract = BigInt.ONE.shiftLeft(blockSize * 8).subtract(BigInt.ONE);
                int length4 = bArr4.length;
                for (int i12 = 0; i12 < length4; i12 += blockSize) {
                    byte[] bArr7 = new byte[blockSize];
                    System.arraycopy(bArr4, i12, bArr7, 0, blockSize);
                    Utils.toByteArray(new BigInt(1, bArr7).add(add).and(subtract), bArr4, i12, blockSize);
                }
                System.arraycopy(messageDigest.a(), 0, bArr5, i7, Math.min(i2 - i7, digestLength));
                i6 = i7 + digestLength;
            }
        } catch (AlgorithmIdentifierException e) {
            throw new CipherException(e.toString());
        }
    }
}
