package com.citrix.cck.jce;

import com.citrix.cck.CCK;
import com.citrix.cck.Debug;
import com.citrix.cck.core.asn1.ASN1ObjectIdentifier;
import com.citrix.cck.core.asn1.DERObjectIdentifier;
import com.citrix.cck.core.asn1.bc.BCObjectIdentifiers;
import com.citrix.cck.core.asn1.pkcs.PKCS12PBEParams;
import com.citrix.cck.core.asn1.pkcs.PKCSObjectIdentifiers;
import com.citrix.cck.core.asn1.pkcs.PrivateKeyInfo;
import com.citrix.cck.core.asn1.x509.AlgorithmIdentifier;
import com.citrix.cck.core.jcajce.provider.symmetric.util.BCPBEKey;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.CipherSpi;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class OpenSSLPbeCipher extends CipherSpi {
    private static final byte[] EMPTY_BYTES = new byte[0];
    private static int instanceCounter;
    private ByteArrayOutputStream buffer;
    private boolean encrypting;
    private AlgorithmIdentifier myAlg;
    private int myInstance;
    private byte[] myKey;
    private ASN1ObjectIdentifier myOid;
    private int opmode;

    /* loaded from: classes.dex */
    public static class DoPBE_SHA1_3DES extends OpenSSLPbeCipher {
        public static final ASN1ObjectIdentifier myOID = PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC;

        public DoPBE_SHA1_3DES() {
            super(myOID);
        }
    }

    /* loaded from: classes.dex */
    public static class DoPBE_SHA1_RC2_128 extends OpenSSLPbeCipher {
        public static final ASN1ObjectIdentifier myOID = PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC;

        public DoPBE_SHA1_RC2_128() {
            super(myOID);
        }
    }

    /* loaded from: classes.dex */
    public static class DoPBE_SHA1_RC2_40 extends OpenSSLPbeCipher {
        public static final ASN1ObjectIdentifier myOID = PKCSObjectIdentifiers.pbewithSHAAnd40BitRC2_CBC;

        public DoPBE_SHA1_RC2_40() {
            super(myOID);
        }
    }

    /* loaded from: classes.dex */
    public static class DoPBE_SHA256_AES256 extends OpenSSLPbeCipher {
        public static final ASN1ObjectIdentifier myOID = BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc;

        public DoPBE_SHA256_AES256() {
            super(myOID);
        }
    }

    protected OpenSSLPbeCipher(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        synchronized (OpenSSLPbeCipher.class) {
            int i10 = instanceCounter + 1;
            instanceCounter = i10;
            this.myInstance = i10;
        }
        this.myOid = aSN1ObjectIdentifier;
        this.buffer = new ByteArrayOutputStream(8192);
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher()", new Object[0]);
        }
    }

    private Key createWrappedKey(byte[] bArr, String str, int i10) throws InvalidKeyException {
        if (i10 == 3) {
            return new SecretKeySpec(bArr, str);
        }
        if (!str.equals("") || i10 != 2) {
            try {
                KeyFactory keyFactory = CitrixProvider.getKeyFactory(str);
                if (i10 == 1) {
                    return keyFactory.generatePublic(new X509EncodedKeySpec(bArr));
                }
                if (i10 == 2) {
                    return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr));
                }
                throw new InvalidKeyException("Unknown key type " + i10);
            } catch (NoSuchAlgorithmException unused) {
                throw new RuntimeException(String.format("Could not get key factory (%s)", str));
            } catch (InvalidKeySpecException e10) {
                throw new InvalidKeyException("Unknown key type " + e10.getMessage());
            }
        }
        PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(bArr);
        if (privateKeyInfo == null) {
            throw new InvalidKeyException("Invalid key encoding!");
        }
        try {
            PrivateKey privateKey = CitrixProvider.getPrivateKey(privateKeyInfo);
            if (privateKey != null) {
                return privateKey;
            }
            throw new InvalidKeyException("algorithm " + privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm() + " not supported!");
        } catch (IOException e11) {
            throw new InvalidKeyException("IOException while getting key: " + e11.getMessage());
        }
    }

    private byte[] getAlg() {
        try {
            return this.myAlg.getEncoded();
        } catch (IOException e10) {
            Debug.loge("IOException thrown while attempting to get AlgorithmIdentifier encoding: " + e10.getMessage());
            throw new RuntimeException("OpenSSLPbeCipher: " + e10.getMessage());
        }
    }

    private String getOperation() {
        int i10 = this.opmode;
        return i10 != 1 ? i10 != 2 ? i10 != 3 ? i10 != 4 ? String.format("invalid (%s)", Integer.valueOf(i10)) : "unwrap" : "wrap" : "decrypt" : "encrypt";
    }

    @Override // javax.crypto.CipherSpi
    protected int engineDoFinal(byte[] bArr, int i10, int i11, byte[] bArr2, int i12) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineDoFinal2(input " + bArr + ", ofs=" + i10 + " len=" + i11 + ", output " + bArr2 + ", oofs=" + i12 + ")", new Object[0]);
        }
        if (bArr != null && i11 > 0) {
            this.buffer.write(bArr, i10, i11);
        }
        byte[] cipherWrapUnwrap = NativeCrypto.cipherWrapUnwrap(getAlg(), this.buffer.toByteArray(), this.myKey, this.encrypting);
        this.buffer.reset();
        if (cipherWrapUnwrap == null) {
            return 0;
        }
        if (bArr2 == null || cipherWrapUnwrap.length + i12 > bArr2.length) {
            throw new ShortBufferException("Invalid output buffer, null or too short to store result!");
        }
        System.arraycopy(cipherWrapUnwrap, 0, bArr2, i12, cipherWrapUnwrap.length);
        return cipherWrapUnwrap.length;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineDoFinal(byte[] bArr, int i10, int i11) throws IllegalBlockSizeException, BadPaddingException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineDoFinal1(input " + bArr + ", ofs=" + i10 + " len=" + i11 + ")", new Object[0]);
        }
        if (bArr != null && i11 > 0) {
            this.buffer.write(bArr, i10, i11);
        }
        byte[] cipherWrapUnwrap = NativeCrypto.cipherWrapUnwrap(getAlg(), this.buffer.toByteArray(), this.myKey, this.encrypting);
        this.buffer.reset();
        return cipherWrapUnwrap;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetBlockSize() {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineGetBlockSize()", new Object[0]);
        }
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineGetIV() {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineGetIV()", new Object[0]);
        }
        return EMPTY_BYTES;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetKeySize(Key key) throws InvalidKeyException {
        int length = key.getEncoded().length;
        if (!(key instanceof BCPBEKey)) {
            length *= 8;
        }
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineGetKeySize(%s) returns %d bytes", key.getClass().getSimpleName(), Integer.valueOf(length));
        }
        return length;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetOutputSize(int i10) {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineGetOutputSize(%d)", Integer.valueOf(i10));
        }
        return this.buffer.size() + 1024;
    }

    @Override // javax.crypto.CipherSpi
    protected AlgorithmParameters engineGetParameters() {
        if (!CCK.isDebugEnabled()) {
            return null;
        }
        Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineGetParameters()", new Object[0]);
        return null;
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i10, Key key, AlgorithmParameters algorithmParameters, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineInit(opmode:%i, key:%s, ...)", Integer.valueOf(i10), key.getClass().getSimpleName());
        }
        this.opmode = i10;
        try {
            engineInit(i10, key, algorithmParameters.getParameterSpec(PBEParameterSpec.class), secureRandom);
        } catch (InvalidParameterSpecException e10) {
            Debug.logw("OpenSSLPbeCipher throw 3>");
            throw new InvalidAlgorithmParameterException(e10);
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i10, Key key, SecureRandom secureRandom) throws InvalidKeyException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineInit(opmode:%i, key:%s, random:?)", Integer.valueOf(i10), key.getClass().getSimpleName());
        }
        this.opmode = i10;
        throw new InvalidKeyException("Not implemented by Citrix JCE! Algorithm is needed");
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i10, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineInit(key:%s, algo:%s, spec:%s)", key.getClass().getSimpleName(), key.getAlgorithm(), algorithmParameterSpec.getClass().getSimpleName());
        }
        this.opmode = i10;
        if (i10 == 1 || i10 == 3) {
            this.encrypting = true;
        } else {
            if (i10 != 2 && i10 != 4) {
                Debug.logw("OpenSSLPbeCipher throw 1> " + i10);
                throw new InvalidParameterException("Unsupported opmode " + i10);
            }
            this.encrypting = false;
        }
        this.myKey = key.getEncoded();
        PBEParameterSpec pBEParameterSpec = (PBEParameterSpec) algorithmParameterSpec;
        this.myAlg = new AlgorithmIdentifier(new DERObjectIdentifier(this.myOid.toString()), new PKCS12PBEParams(pBEParameterSpec.getSalt(), pBEParameterSpec.getIterationCount()).toASN1Object());
        this.buffer.reset();
    }

    @Override // javax.crypto.CipherSpi
    protected void engineSetMode(String str) throws NoSuchAlgorithmException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineSetMode(%s)", str);
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineSetPadding(String str) throws NoSuchPaddingException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineSetPadding(%s)", str);
        }
    }

    @Override // javax.crypto.CipherSpi
    protected Key engineUnwrap(byte[] bArr, String str, int i10) throws InvalidKeyException, NoSuchAlgorithmException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineUnwrap(len:%d, algo:%s, type:%d)", Integer.valueOf(bArr.length), str, Integer.valueOf(i10));
        }
        try {
            return createWrappedKey(engineDoFinal(bArr, 0, bArr.length), str, i10);
        } catch (BadPaddingException | IllegalBlockSizeException e10) {
            throw new InvalidKeyException(e10);
        }
    }

    @Override // javax.crypto.CipherSpi
    protected int engineUpdate(byte[] bArr, int i10, int i11, byte[] bArr2, int i12) throws ShortBufferException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineUpdate2(input " + bArr + ", iofs=" + i10 + " len=" + i11 + ", output " + bArr2 + ", oofs=" + i12 + ")", new Object[0]);
        }
        if (bArr != null && i11 > 0) {
            this.buffer.write(bArr, i10, i11);
        }
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineUpdate(byte[] bArr, int i10, int i11) {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineUpdate1(input " + bArr + ", ofs=" + i10 + " len=" + i11 + ")", new Object[0]);
        }
        if (bArr != null && i11 > 0) {
            this.buffer.write(bArr, i10, i11);
        }
        return EMPTY_BYTES;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException {
        if (CCK.isDebugEnabled()) {
            Debug.youCalled(this.myInstance, "OpenSSLPbeCipher.engineWrap(algo:%s)", key.getAlgorithm());
        }
        byte[] encoded = key.getEncoded();
        try {
            return engineDoFinal(encoded, 0, encoded.length);
        } catch (BadPaddingException e10) {
            throw new InvalidKeyException(e10);
        }
    }
}
