package com.ksign.util.encoders;

import com.ksign.wizsign.others.smartchannel.crypt.Crypto;
import java.io.BufferedReader;
import java.io.CharArrayReader;
import java.io.IOException;
import java.math.BigInteger;
import java.security.DigestException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import javak.crypto.BadPaddingException;
import javak.crypto.Cipher;
import javak.crypto.IllegalBlockSizeException;
import javak.crypto.NoSuchPaddingException;
import javak.crypto.SecretKey;
import javak.crypto.SecretKeyFactory;
import javak.crypto.spec.IvParameterSpec;
import javak.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class PEMDecoder {
    public static final int PEM_DSA_PRIVATE_KEY = 2;
    public static final int PEM_EC_PRIVATE_KEY = 3;
    public static final int PEM_RSA_PRIVATE_KEY = 1;

    public static KeyPair decode(PEMStructure pEMStructure, String str) {
        if (isPEMEncrypted(pEMStructure)) {
            if (str == null) {
                throw new IOException("PEM is encrypted, but no password was specified");
            }
            try {
                decryptPEM(pEMStructure, str.getBytes("ISO-8859-1"));
            } catch (Exception e) {
                throw new KeyException("Key decryption Fail");
            }
        }
        if (pEMStructure.pemType != 2) {
            if (pEMStructure.pemType != 1) {
                throw new IOException("PEM problem: it is of unknown type");
            }
            SimpleDERReader simpleDERReader = new SimpleDERReader(pEMStructure.data);
            byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in RSA PRIVATE KEY DER stream.");
            }
            simpleDERReader.resetInput(readSequenceAsByteArray);
            BigInteger readInt = simpleDERReader.readInt();
            if (readInt.compareTo(BigInteger.ZERO) != 0 && readInt.compareTo(BigInteger.ONE) != 0) {
                throw new IOException("Wrong version (" + readInt + ") in RSA PRIVATE KEY DER stream.");
            }
            BigInteger readInt2 = simpleDERReader.readInt();
            BigInteger readInt3 = simpleDERReader.readInt();
            return generateKeyPair("RSA", new RSAPrivateCrtKeySpec(readInt2, readInt3, simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt()), new RSAPublicKeySpec(readInt2, readInt3));
        }
        SimpleDERReader simpleDERReader2 = new SimpleDERReader(pEMStructure.data);
        byte[] readSequenceAsByteArray2 = simpleDERReader2.readSequenceAsByteArray();
        if (simpleDERReader2.available() != 0) {
            throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
        }
        simpleDERReader2.resetInput(readSequenceAsByteArray2);
        BigInteger readInt4 = simpleDERReader2.readInt();
        if (readInt4.compareTo(BigInteger.ZERO) != 0) {
            throw new IOException("Wrong version (" + readInt4 + ") in DSA PRIVATE KEY DER stream.");
        }
        BigInteger readInt5 = simpleDERReader2.readInt();
        BigInteger readInt6 = simpleDERReader2.readInt();
        BigInteger readInt7 = simpleDERReader2.readInt();
        BigInteger readInt8 = simpleDERReader2.readInt();
        BigInteger readInt9 = simpleDERReader2.readInt();
        if (simpleDERReader2.available() != 0) {
            throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
        }
        return generateKeyPair("DSA", new DSAPrivateKeySpec(readInt9, readInt5, readInt6, readInt7), new DSAPublicKeySpec(readInt8, readInt5, readInt6, readInt7));
    }

    public static KeyPair decode(char[] cArr, String str) {
        return decode(parsePEM(cArr), str);
    }

    private static final void decryptPEM(PEMStructure pEMStructure, byte[] bArr) {
        String str;
        if (pEMStructure.dekInfo == null) {
            throw new IOException("Broken PEM, no mode and salt given, but encryption enabled");
        }
        if (pEMStructure.dekInfo.length != 2) {
            throw new IOException("Broken PEM, DEK-Info is incomplete!");
        }
        String str2 = pEMStructure.dekInfo[0];
        byte[] hexToByteArray = hexToByteArray(pEMStructure.dekInfo[1]);
        byte[] bArr2 = new byte[pEMStructure.data.length];
        try {
            if (str2.equals("DES-EDE3-CBC")) {
                str = "DESEDE";
            } else {
                if (!str2.equals("DES-CBC")) {
                    throw new IOException("Cannot decrypt PEM structure, unknown cipher " + str2);
                }
                str = Crypto.ALGORITHM_DES;
            }
            SecretKey secretKey = toSecretKey(generateKeyFromPasswordSaltWithMD5(bArr, hexToByteArray, 24), str);
            Cipher cipher = Cipher.getInstance(String.valueOf(str) + "/CBC/PKCS5Padding", "Ksign");
            cipher.init(2, secretKey, new IvParameterSpec(hexToByteArray));
            bArr2 = cipher.doFinal(pEMStructure.data, 0, pEMStructure.data.length);
        } catch (IllegalStateException e) {
            throw e;
        } catch (InvalidAlgorithmParameterException e2) {
            e2.printStackTrace();
        } catch (InvalidKeyException e3) {
            throw e3;
        } catch (NoSuchAlgorithmException e4) {
            e4.printStackTrace();
        } catch (NoSuchProviderException e5) {
            e5.printStackTrace();
        } catch (BadPaddingException e6) {
            throw e6;
        } catch (IllegalBlockSizeException e7) {
            throw e7;
        } catch (NoSuchPaddingException e8) {
            throw e8;
        }
        pEMStructure.data = bArr2;
        pEMStructure.dekInfo = null;
        pEMStructure.procType = null;
    }

    private static byte[] generateKeyFromPasswordSaltWithMD5(byte[] bArr, byte[] bArr2, int i) {
        if (bArr2.length < 8) {
            throw new IllegalArgumentException("Salt needs to be at least 8 bytes for key generation.");
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            byte[] bArr3 = new byte[i];
            byte[] bArr4 = new byte[messageDigest.getDigestLength()];
            while (true) {
                messageDigest.update(bArr, 0, bArr.length);
                messageDigest.update(bArr2, 0, 8);
                int length = i < bArr4.length ? i : bArr4.length;
                try {
                    messageDigest.digest(bArr4, 0, bArr4.length);
                    System.arraycopy(bArr4, 0, bArr3, bArr3.length - i, length);
                    i -= length;
                    if (i == 0) {
                        return bArr3;
                    }
                    messageDigest.update(bArr4, 0, bArr4.length);
                } catch (DigestException e) {
                    IOException iOException = new IOException("could not digest password");
                    iOException.initCause(e);
                    throw iOException;
                }
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalArgumentException("VM does not support MD5", e2);
        }
    }

    private static KeyPair generateKeyPair(String str, KeySpec keySpec, KeySpec keySpec2) {
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(str);
            return new KeyPair(keyFactory.generatePublic(keySpec2), keyFactory.generatePrivate(keySpec));
        } catch (NoSuchAlgorithmException e) {
            IOException iOException = new IOException();
            iOException.initCause(e);
            throw iOException;
        } catch (InvalidKeySpecException e2) {
            IOException iOException2 = new IOException("invalid keyspec");
            iOException2.initCause(e2);
            throw iOException2;
        }
    }

    private static byte[] hexToByteArray(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null argument");
        }
        if (str.length() % 2 != 0) {
            throw new IllegalArgumentException("Uneven string length in hex encoding.");
        }
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) ((hexToInt(str.charAt(i * 2)) * 16) + hexToInt(str.charAt((i * 2) + 1)));
        }
        return bArr;
    }

    private static final int hexToInt(char c) {
        if (c >= 'a' && c <= 'f') {
            return (c - 'a') + 10;
        }
        if (c >= 'A' && c <= 'F') {
            return (c - 'A') + 10;
        }
        if (c < '0' || c > '9') {
            throw new IllegalArgumentException("Need hex char");
        }
        return c - '0';
    }

    public static final boolean isPEMEncrypted(PEMStructure pEMStructure) {
        if (pEMStructure.procType == null) {
            return false;
        }
        if (pEMStructure.procType.length != 2) {
            throw new IOException("Unknown Proc-Type field.");
        }
        if ("4".equals(pEMStructure.procType[0])) {
            return "ENCRYPTED".equals(pEMStructure.procType[1]);
        }
        throw new IOException("Unknown Proc-Type field (" + pEMStructure.procType[0] + ")");
    }

    public static final PEMStructure parsePEM(char[] cArr) {
        String str;
        PEMStructure pEMStructure = new PEMStructure();
        BufferedReader bufferedReader = new BufferedReader(new CharArrayReader(cArr));
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("Invalid PEM structure, '-----BEGIN...' missing");
            }
            String trim = readLine.trim();
            if (trim.startsWith("-----BEGIN DSA PRIVATE KEY-----")) {
                str = "-----END DSA PRIVATE KEY-----";
                pEMStructure.pemType = 2;
                break;
            }
            if (trim.startsWith("-----BEGIN RSA PRIVATE KEY-----")) {
                str = "-----END RSA PRIVATE KEY-----";
                pEMStructure.pemType = 1;
                break;
            }
            if (trim.startsWith("-----BEGIN EC PRIVATE KEY-----")) {
                str = "-----END EC PRIVATE KEY-----";
                pEMStructure.pemType = 3;
                break;
            }
        }
        while (true) {
            String readLine2 = bufferedReader.readLine();
            if (readLine2 == null) {
                throw new IOException("Invalid PEM structure, " + str + " missing");
            }
            String trim2 = readLine2.trim();
            int indexOf = trim2.indexOf(58);
            if (indexOf == -1) {
                StringBuffer stringBuffer = new StringBuffer();
                while (trim2 != null) {
                    String trim3 = trim2.trim();
                    if (trim3.startsWith(str)) {
                        char[] cArr2 = new char[stringBuffer.length()];
                        stringBuffer.getChars(0, cArr2.length, cArr2, 0);
                        pEMStructure.data = ksign.jce.util.Base64.decode(new String(cArr2));
                        if (pEMStructure.data.length == 0) {
                            throw new IOException("Invalid PEM structure, no data available");
                        }
                        return pEMStructure;
                    }
                    stringBuffer.append(trim3);
                    trim2 = bufferedReader.readLine();
                }
                throw new IOException("Invalid PEM structure, " + str + " missing");
            }
            String substring = trim2.substring(0, indexOf + 1);
            String[] split = trim2.substring(indexOf + 1).split(",");
            for (int i = 0; i < split.length; i++) {
                split[i] = split[i].trim();
            }
            if ("Proc-Type:".equals(substring)) {
                pEMStructure.procType = split;
            } else if ("DEK-Info:".equals(substring)) {
                pEMStructure.dekInfo = split;
            }
        }
    }

    private static byte[] removePadding(byte[] bArr, int i) {
        int i2 = bArr[bArr.length - 1] & 255;
        if (i2 < 1 || i2 > i) {
            throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?");
        }
        for (int i3 = 2; i3 <= i2; i3++) {
            if (bArr[bArr.length - i3] != i2) {
                throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?");
            }
        }
        byte[] bArr2 = new byte[bArr.length - i2];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length - i2);
        return bArr2;
    }

    private static SecretKey toSecretKey(byte[] bArr, String str) {
        try {
            return SecretKeyFactory.getInstance(str, "Ksign").generateSecret(new SecretKeySpec(bArr, str));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
}
