package ksign.jce.provider.pkcs;

import com.ksign.KCaseLogging;
import com.ksign.asn1.ASN1EncodableVector;
import com.ksign.asn1.ASN1InputStream;
import com.ksign.asn1.ASN1ObjectIdentifier;
import com.ksign.asn1.ASN1Sequence;
import com.ksign.asn1.DERInteger;
import com.ksign.asn1.DEROctetString;
import com.ksign.asn1.DERSequence;
import com.ksign.asn1.kisa.KISAObjectIdentifiers;
import com.ksign.asn1.pkcs.EncryptedPrivateKeyInfo;
import com.ksign.asn1.pkcs.EncryptionScheme;
import com.ksign.asn1.pkcs.KeyDerivationFunc;
import com.ksign.asn1.pkcs.PBEParameter;
import com.ksign.asn1.pkcs.PBES2Parameters;
import com.ksign.asn1.pkcs.PBKDF2Params;
import com.ksign.asn1.pkcs.PKCSObjectIdentifiers;
import com.ksign.asn1.pkcs.PrivateKeyInfo;
import com.ksign.asn1.util.ASN1Dump;
import com.ksign.asn1.x509.AlgorithmIdentifier;
import com.ksign.asn1.x9.X9ObjectIdentifiers;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import ksign.jce.crypto.common.PBEParametersGenerator;
import ksign.jce.crypto.digests.SHA1KSignDigest;
import ksign.jce.crypto.engines.ARIACipherEngine;
import ksign.jce.crypto.engines.DESCipherEngine;
import ksign.jce.crypto.engines.DESedeCipherEngine;
import ksign.jce.crypto.engines.SEEDCipherEngine;
import ksign.jce.crypto.generators.PKCS5S1ParametersGenerator;
import ksign.jce.crypto.generators.PKCS5S2ParametersGenerator;
import ksign.jce.crypto.modes.CBCBlockCipher;
import ksign.jce.crypto.paddings.PaddedBufferedBlockCipher;
import ksign.jce.crypto.params.KeyParameterWithIV;

/* loaded from: classes2.dex */
public class PKCS5 {
    private static final ASN1ObjectIdentifier KCDSAtempOID = new ASN1ObjectIdentifier("1.2.410.200004.1.4.12");
    public static final ASN1ObjectIdentifier DESV1 = PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC;
    public static final ASN1ObjectIdentifier DESedeV2 = PKCSObjectIdentifiers.des_EDE3_CBC;
    public static final ASN1ObjectIdentifier SEEDV1 = KISAObjectIdentifiers.seedCBCWithSHA1;
    public static final ASN1ObjectIdentifier SEEDV2 = KISAObjectIdentifiers.seedCBC;
    public static final ASN1ObjectIdentifier ARIACBC = KISAObjectIdentifiers.ariaCBC;

    /* JADX WARN: Removed duplicated region for block: B:11:0x009e A[Catch: Exception -> 0x00e0, TryCatch #0 {Exception -> 0x00e0, blocks: (B:6:0x0075, B:8:0x0099, B:11:0x009e, B:13:0x00a6, B:14:0x00b1, B:17:0x00ac), top: B:5:0x0075 }] */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0099 A[Catch: Exception -> 0x00e0, TryCatch #0 {Exception -> 0x00e0, blocks: (B:6:0x0075, B:8:0x0099, B:11:0x009e, B:13:0x00a6, B:14:0x00b1, B:17:0x00ac), top: B:5:0x0075 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static byte[] DecryptPrivateKeyInfo_PKCS5S1(com.ksign.asn1.pkcs.EncryptedPrivateKeyInfo r11, com.ksign.asn1.ASN1ObjectIdentifier r12, char[] r13) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 249
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ksign.jce.provider.pkcs.PKCS5.DecryptPrivateKeyInfo_PKCS5S1(com.ksign.asn1.pkcs.EncryptedPrivateKeyInfo, com.ksign.asn1.ASN1ObjectIdentifier, char[]):byte[]");
    }

    /* JADX WARN: Code restructure failed: missing block: B:33:0x00b6, code lost:
    
        if (r3 == false) goto L30;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static byte[] DecryptPrivateKeyInfo_PKCS5S2(com.ksign.asn1.pkcs.EncryptedPrivateKeyInfo r9, com.ksign.asn1.ASN1ObjectIdentifier r10, char[] r11) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 280
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ksign.jce.provider.pkcs.PKCS5.DecryptPrivateKeyInfo_PKCS5S2(com.ksign.asn1.pkcs.EncryptedPrivateKeyInfo, com.ksign.asn1.ASN1ObjectIdentifier, char[]):byte[]");
    }

    public static void PKCS5Decode(InputStream inputStream, char[] cArr, OutputStream outputStream) throws Exception {
        outputStream.write(getDecryptedPrivateKey(inputStream, cArr));
    }

    public static PrivateKey PKCS5DecodeForPrivateKey(InputStream inputStream, char[] cArr) throws IOException {
        return byteArrayToPrivateKey(getDecryptedPrivateKeyInfo(inputStream, cArr));
    }

    public static PrivateKey PKCS5DecodeForPrivateKey(InputStream inputStream, char[] cArr, String str) throws IOException {
        return PKCS5DecodeForPrivateKey(inputStream, cArr);
    }

    public static void PKCS5DecodeForPrivateKeyInfo(InputStream inputStream, char[] cArr, OutputStream outputStream) throws IOException {
        outputStream.write(getDecryptedPrivateKeyInfo(inputStream, cArr));
    }

    public static void PKCS5S1Encode(ASN1ObjectIdentifier aSN1ObjectIdentifier, char[] cArr, byte[] bArr, int i, byte[] bArr2, OutputStream outputStream) throws IOException {
        PaddedBufferedBlockCipher paddedBufferedBlockCipher;
        int i2 = 128;
        int i3 = 64;
        if (aSN1ObjectIdentifier.equals(DESV1)) {
            paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESCipherEngine()));
            i2 = 64;
        } else {
            if (!aSN1ObjectIdentifier.equals(SEEDV1)) {
                throw new IOException("(KSign) No supported cipher algorithmOID!!!");
            }
            paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SEEDCipherEngine()));
            i3 = 128;
        }
        PKCS5S1ParametersGenerator pKCS5S1ParametersGenerator = new PKCS5S1ParametersGenerator(new SHA1KSignDigest());
        pKCS5S1ParametersGenerator.init(PBEParametersGenerator.PKCS5PassToBytes(cArr), bArr, i);
        paddedBufferedBlockCipher.init(true, pKCS5S1ParametersGenerator.generateDerivedParameters(i2, i3));
        try {
            byte[] bArr3 = new byte[paddedBufferedBlockCipher.getOutputSize(bArr2.length)];
            paddedBufferedBlockCipher.doFinal(bArr3, paddedBufferedBlockCipher.calcBytes(bArr2, 0, bArr2.length, bArr3, 0));
            try {
                outputStream.write(new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(aSN1ObjectIdentifier, new PBEParameter(bArr, i)), bArr3).getEncoded());
            } catch (Exception e) {
                KCaseLogging.print(e);
                throw new IOException("(KSign) PKCS5 : PKCS5S1 Encoding failed.    " + e.toString());
            }
        } catch (Exception e2) {
            KCaseLogging.print(e2);
            throw new IOException("(KSign) PKCS5S1 Encrypted failed.     " + e2.toString());
        }
    }

    public static void PKCS5S2Encode(ASN1ObjectIdentifier aSN1ObjectIdentifier, char[] cArr, byte[] bArr, int i, byte[] bArr2, OutputStream outputStream) throws IOException {
        PaddedBufferedBlockCipher paddedBufferedBlockCipher;
        int i2;
        int i3 = 128;
        if (aSN1ObjectIdentifier.equals(DESedeV2)) {
            paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeCipherEngine()));
            i3 = 192;
            i2 = 64;
        } else {
            if (aSN1ObjectIdentifier.equals(SEEDV2)) {
                KCaseLogging.println("KISAObjectIdentifiers.seedCBC");
                paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SEEDCipherEngine()));
            } else {
                if (!aSN1ObjectIdentifier.equals(ARIACBC)) {
                    throw new IOException("(KSign) No supported cipher algorithmOID!!!");
                }
                KCaseLogging.println("KISAObjectIdentifiers.seedCBC");
                paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new ARIACipherEngine()));
            }
            i2 = 128;
        }
        PKCS5S2ParametersGenerator pKCS5S2ParametersGenerator = new PKCS5S2ParametersGenerator();
        pKCS5S2ParametersGenerator.init(PBEParametersGenerator.PKCS5PassToBytes(cArr), bArr, i);
        KeyParameterWithIV keyParameterWithIV = (KeyParameterWithIV) pKCS5S2ParametersGenerator.generateDerivedParameters(i3, i2);
        byte[] iv = keyParameterWithIV.getIV();
        paddedBufferedBlockCipher.init(true, keyParameterWithIV);
        try {
            byte[] bArr3 = new byte[paddedBufferedBlockCipher.getOutputSize(bArr2.length)];
            paddedBufferedBlockCipher.doFinal(bArr3, paddedBufferedBlockCipher.calcBytes(bArr2, 0, bArr2.length, bArr3, 0));
            try {
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.add(new DEROctetString(bArr));
                aSN1EncodableVector.add(new DERInteger(new BigInteger(Integer.toString(i))));
                aSN1EncodableVector.add(new DERInteger(new BigInteger(Integer.toString(i3 / 8))));
                KeyDerivationFunc keyDerivationFunc = new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(new DERSequence(aSN1EncodableVector)));
                EncryptionScheme encryptionScheme = new EncryptionScheme(aSN1ObjectIdentifier, new DEROctetString(iv));
                ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
                aSN1EncodableVector2.add(keyDerivationFunc);
                aSN1EncodableVector2.add(encryptionScheme);
                outputStream.write(new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, new PBES2Parameters(new DERSequence(aSN1EncodableVector2))), bArr3).getEncoded());
            } catch (Exception e) {
                KCaseLogging.print(e);
                throw new IOException("(KSign) PKCS5 : PKCS5S2 Encoding failed.    " + e.toString());
            }
        } catch (Exception e2) {
            KCaseLogging.print(e2);
            throw new IOException("(KSign) PKCS5S2 Encrypted failed.    " + e2.toString());
        }
    }

    public static PrivateKey byteArrayToPrivateKey(byte[] bArr) throws IOException {
        try {
            KeyFactory keyFactory = getKeyFactory(PrivateKeyInfo.getInstance(bArr).getAlgorithmId());
            PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(bArr);
            PrivateKey generatePrivate = keyFactory.generatePrivate(pKCS8EncodedKeySpec);
            KCaseLogging.println("DEREncodable : \n" + ASN1Dump.dumpAsString(pKCS8EncodedKeySpec));
            return generatePrivate;
        } catch (Exception e) {
            KCaseLogging.print(e);
            throw new IOException(e.getMessage());
        }
    }

    private static byte[] getDecryptedPrivateKey(InputStream inputStream, char[] cArr) throws IOException {
        try {
            try {
                EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = EncryptedPrivateKeyInfo.getInstance(new ASN1InputStream(inputStream).readObject());
                inputStream.close();
                ASN1ObjectIdentifier algorithm = encryptedPrivateKeyInfo.getEncryptionAlgorithm().getAlgorithm();
                boolean z = false;
                if (!algorithm.equals(PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC) && !algorithm.equals(KISAObjectIdentifiers.seedCBCWithSHA1) && !algorithm.equals(KCDSAtempOID) && !algorithm.equals(PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC) && !algorithm.equals(KISAObjectIdentifiers.seedCBC)) {
                    if (!algorithm.equals(PKCSObjectIdentifiers.id_PBES2)) {
                        throw new IOException("(KSign) Not Supported Algorithm name : " + algorithm.toString());
                    }
                    z = true;
                }
                return z ? PrivateKeyInfo.getInstance(DecryptPrivateKeyInfo_PKCS5S2(encryptedPrivateKeyInfo, algorithm, cArr)).getPrivateKey().getEncoded() : PrivateKeyInfo.getInstance(DecryptPrivateKeyInfo_PKCS5S1(encryptedPrivateKeyInfo, algorithm, cArr)).getPrivateKey().getEncoded();
            } catch (Exception e) {
                throw new IOException("(KSign) PKCS5 Decoding failed. : " + e.toString());
            }
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x0073 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:9:0x006e  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static byte[] getDecryptedPrivateKeyInfo(java.io.InputStream r5, char[] r6) throws java.io.IOException {
        /*
            com.ksign.asn1.ASN1InputStream r0 = new com.ksign.asn1.ASN1InputStream
            r0.<init>(r5)
            com.ksign.asn1.DERObject r0 = r0.readObject()     // Catch: java.lang.Throwable -> La5 java.lang.Exception -> La7
            com.ksign.asn1.pkcs.EncryptedPrivateKeyInfo r0 = com.ksign.asn1.pkcs.EncryptedPrivateKeyInfo.getInstance(r0)     // Catch: java.lang.Throwable -> La5 java.lang.Exception -> La7
            r5.close()
            com.ksign.asn1.x509.AlgorithmIdentifier r5 = r0.getEncryptionAlgorithm()
            com.ksign.asn1.ASN1ObjectIdentifier r5 = r5.getAlgorithm()
            com.ksign.asn1.ASN1ObjectIdentifier r1 = com.ksign.asn1.pkcs.PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC
            boolean r1 = r5.equals(r1)
            r2 = 1
            r3 = 0
            if (r1 == 0) goto L25
        L22:
            r1 = 0
        L23:
            r4 = 0
            goto L6c
        L25:
            com.ksign.asn1.ASN1ObjectIdentifier r1 = com.ksign.asn1.pkcs.PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC
            boolean r1 = r5.equals(r1)
            if (r1 == 0) goto L2e
            goto L22
        L2e:
            com.ksign.asn1.ASN1ObjectIdentifier r1 = com.ksign.asn1.kisa.KISAObjectIdentifiers.seedCBCWithSHA1
            boolean r1 = r5.equals(r1)
            if (r1 != 0) goto L22
            com.ksign.asn1.ASN1ObjectIdentifier r1 = ksign.jce.provider.pkcs.PKCS5.KCDSAtempOID
            boolean r1 = r5.equals(r1)
            if (r1 == 0) goto L3f
            goto L22
        L3f:
            com.ksign.asn1.ASN1ObjectIdentifier r1 = com.ksign.asn1.kisa.KISAObjectIdentifiers.seedCBC
            boolean r1 = r5.equals(r1)
            if (r1 == 0) goto L4a
            r1 = 0
            r4 = 1
            goto L6c
        L4a:
            com.ksign.asn1.ASN1ObjectIdentifier r1 = com.ksign.asn1.pkcs.PKCSObjectIdentifiers.id_PBES2
            boolean r1 = r5.equals(r1)
            if (r1 == 0) goto L54
            r1 = 1
            goto L23
        L54:
            java.io.IOException r6 = new java.io.IOException
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            java.lang.String r1 = "(KSign) Not Supported Algorithm name : "
            r0.<init>(r1)
            java.lang.String r5 = r5.toString()
            r0.append(r5)
            java.lang.String r5 = r0.toString()
            r6.<init>(r5)
            throw r6
        L6c:
            if (r1 == 0) goto L73
            byte[] r5 = DecryptPrivateKeyInfo_PKCS5S2(r0, r5, r6)
            goto L8b
        L73:
            byte[] r5 = DecryptPrivateKeyInfo_PKCS5S1(r0, r5, r6)     // Catch: java.lang.Exception -> L8c
            if (r4 == 0) goto L8b
            com.ksign.asn1.pkcs.PrivateKeyInfo.getInstance(r5)     // Catch: java.lang.Exception -> L8c
            int r6 = r5.length     // Catch: java.lang.Exception -> L8c
            int r6 = r6 - r2
            r6 = r5[r6]     // Catch: java.lang.Exception -> L8c
            int r0 = r5.length     // Catch: java.lang.Exception -> L8c
            int r0 = r0 - r6
            byte[] r6 = new byte[r0]     // Catch: java.lang.Exception -> L8c
            int r1 = r5.length     // Catch: java.lang.Exception -> L8c
            if (r1 <= r0) goto L8b
            java.lang.System.arraycopy(r5, r3, r6, r3, r0)     // Catch: java.lang.Exception -> L8c
            r5 = r6
        L8b:
            return r5
        L8c:
            r5 = move-exception
            java.io.IOException r6 = new java.io.IOException
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            java.lang.String r1 = "(KSign) PKCS5S1 Decoding failed. : "
            r0.<init>(r1)
            java.lang.String r5 = r5.toString()
            r0.append(r5)
            java.lang.String r5 = r0.toString()
            r6.<init>(r5)
            throw r6
        La5:
            r6 = move-exception
            goto Lc3
        La7:
            r6 = move-exception
            com.ksign.KCaseLogging.print(r6)     // Catch: java.lang.Throwable -> La5
            java.io.IOException r0 = new java.io.IOException     // Catch: java.lang.Throwable -> La5
            java.lang.StringBuilder r1 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> La5
            java.lang.String r2 = "(KSign) PKCS5 Decoding failed. : "
            r1.<init>(r2)     // Catch: java.lang.Throwable -> La5
            java.lang.String r6 = r6.toString()     // Catch: java.lang.Throwable -> La5
            r1.append(r6)     // Catch: java.lang.Throwable -> La5
            java.lang.String r6 = r1.toString()     // Catch: java.lang.Throwable -> La5
            r0.<init>(r6)     // Catch: java.lang.Throwable -> La5
            throw r0     // Catch: java.lang.Throwable -> La5
        Lc3:
            r5.close()
            throw r6
        */
        throw new UnsupportedOperationException("Method not decompiled: ksign.jce.provider.pkcs.PKCS5.getDecryptedPrivateKeyInfo(java.io.InputStream, char[]):byte[]");
    }

    private static KeyFactory getKeyFactory(AlgorithmIdentifier algorithmIdentifier) throws NoSuchAlgorithmException, NoSuchProviderException {
        if (algorithmIdentifier.getAlgorithm().equals(PKCSObjectIdentifiers.rsaEncryption)) {
            return KeyFactory.getInstance("RSA", "Ksign");
        }
        if (algorithmIdentifier.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) {
            return KeyFactory.getInstance("DSA", "Ksign");
        }
        if (!algorithmIdentifier.getAlgorithm().equals(KISAObjectIdentifiers.kcdsa) && !algorithmIdentifier.getAlgorithm().equals(KISAObjectIdentifiers.kcdsa1)) {
            if (algorithmIdentifier.getAlgorithm().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
                return KeyFactory.getInstance("ECDSA", "Ksign");
            }
            throw new RuntimeException("(KSign) algorithm identifier in key not recognised");
        }
        return KeyFactory.getInstance(com.dreamsecurity.jcaos.asn1.x509.AlgorithmIdentifier.NAME_KCDSA1, "Ksign");
    }

    public static byte[] privateKeyInfoDecodeValue(byte[] bArr) throws IOException {
        try {
            return new PrivateKeyInfo(ASN1Sequence.getInstance(bArr)).getPrivateKey().getEncoded();
        } catch (Exception e) {
            KCaseLogging.print(e);
            throw new IOException("(KSign) PKCS5 : privateKeyInfo Decode Error");
        }
    }

    public static byte[] privateKeyInfoEncodeValue(byte[] bArr) throws IOException {
        try {
            return new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, null), ASN1Sequence.getInstance(bArr)).getEncoded();
        } catch (Exception e) {
            KCaseLogging.print(e);
            throw new IOException("(KSign) PKCS5 : privateKeyInfo Encoding Error");
        }
    }
}
