package eu.ssp_europe.sds.crypto;

import eu.ssp_europe.sds.crypto.model.EncryptedDataContainer;
import eu.ssp_europe.sds.crypto.model.PlainDataContainer;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.StringWriter;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.crypto.InvalidCipherTextException;
import org.spongycastle.crypto.engines.AESFastEngine;
import org.spongycastle.crypto.modes.GCMBlockCipher;
import org.spongycastle.crypto.params.AEADParameters;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.openssl.PEMException;
import org.spongycastle.openssl.PEMParser;
import org.spongycastle.openssl.PKCS8Generator;
import org.spongycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.spongycastle.openssl.jcajce.JcaPEMWriter;
import org.spongycastle.openssl.jcajce.JcaPKCS8Generator;
import org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.spongycastle.pkcs.PKCSException;
import org.spongycastle.util.io.pem.PemObjectGenerator;

/* loaded from: classes.dex */
public class Crypto implements CryptoIF {
    static {
        Security.insertProviderAt(new BouncyCastleProvider(), 1);
    }

    private Cipher initFileKeyCipher(int i, Key key) throws CryptoException {
        try {
            Cipher cipher = Cipher.getInstance(CryptoIF.FILE_KEY_ENCRYPTION_ALGORITHM);
            cipher.init(i, key, new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
            return cipher;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new CryptoException(e);
        }
    }

    private ByteArrayOutputStream process(GCMBlockCipher gCMBlockCipher, ByteArrayInputStream byteArrayInputStream, boolean z) throws IOException, CryptoException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[16];
            byte[] bArr2 = new byte[32];
            while (true) {
                int read = byteArrayInputStream.read(bArr);
                if (read == -1) {
                    break;
                }
                byteArrayOutputStream.write(bArr2, 0, gCMBlockCipher.processBytes(bArr, 0, read, bArr2, 0));
            }
            if (z) {
                byteArrayOutputStream.write(bArr2, 0, gCMBlockCipher.doFinal(bArr2, 0));
            }
            byteArrayOutputStream.flush();
            return byteArrayOutputStream;
        } catch (IllegalStateException | InvalidCipherTextException e) {
            throw new CryptoException(e);
        }
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public PlainDataContainer decryptFile(GCMBlockCipher gCMBlockCipher, EncryptedDataContainer encryptedDataContainer, boolean z) throws CryptoException, IOException {
        byte[] content;
        if (z) {
            byte[] content2 = encryptedDataContainer.getContent();
            byte[] tag = encryptedDataContainer.getTag();
            content = new byte[content2.length + tag.length];
            System.arraycopy(content2, 0, content, 0, content2.length);
            System.arraycopy(tag, 0, content, content2.length, tag.length);
        } else {
            content = encryptedDataContainer.getContent();
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(content);
        ByteArrayOutputStream process = process(gCMBlockCipher, byteArrayInputStream, z);
        PlainDataContainer plainDataContainer = new PlainDataContainer(process.toByteArray());
        process.close();
        byteArrayInputStream.close();
        return plainDataContainer;
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public byte[] decryptFileKey(String str, PrivateKey privateKey) throws CryptoException {
        try {
            return initFileKeyCipher(2, privateKey).doFinal(CryptoUtils.stringToByteArray(str));
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            throw new CryptoException(e);
        }
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public PrivateKey decryptPrivateKey(String str, String str2) throws CryptoException, IOException {
        try {
            Object readObject = new PEMParser(new InputStreamReader(new ByteArrayInputStream(str.getBytes()))).readObject();
            JcaPEMKeyConverter provider = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
            if (readObject instanceof PKCS8EncryptedPrivateKeyInfo) {
                return provider.getPrivateKey(((PKCS8EncryptedPrivateKeyInfo) readObject).decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(str2.toCharArray())));
            }
            throw new InvalidKeyException("Provided PrivateKey string is no of type PKCS8EncryptedPrivateKeyInfo");
        } catch (InvalidKeyException | PEMException | OperatorCreationException | PKCSException e) {
            throw new CryptoException(e);
        }
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public EncryptedDataContainer encryptFile(GCMBlockCipher gCMBlockCipher, PlainDataContainer plainDataContainer, boolean z) throws CryptoException, IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(plainDataContainer.getContent());
        ByteArrayOutputStream process = process(gCMBlockCipher, byteArrayInputStream, z);
        byte[] byteArray = process.toByteArray();
        process.close();
        byteArrayInputStream.close();
        if (!z) {
            return new EncryptedDataContainer(byteArray);
        }
        byte[] bArr = new byte[byteArray.length - 16];
        byte[] bArr2 = new byte[16];
        System.arraycopy(byteArray, 0, bArr, 0, bArr.length);
        System.arraycopy(byteArray, bArr.length, bArr2, 0, bArr2.length);
        return new EncryptedDataContainer(bArr, bArr2);
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public String encryptFileKey(byte[] bArr, PublicKey publicKey) throws CryptoException {
        try {
            return CryptoUtils.byteArrayToString(initFileKeyCipher(1, publicKey).doFinal(bArr));
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            throw new CryptoException(e);
        }
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public String encryptPrivateKey(PrivateKey privateKey, String str) throws IOException, CryptoException {
        try {
            JceOpenSSLPKCS8EncryptorBuilder jceOpenSSLPKCS8EncryptorBuilder = new JceOpenSSLPKCS8EncryptorBuilder(PKCS8Generator.AES_256_CBC);
            jceOpenSSLPKCS8EncryptorBuilder.setIterationCount(10000);
            jceOpenSSLPKCS8EncryptorBuilder.setPasssword(str.toCharArray());
            JcaPKCS8Generator jcaPKCS8Generator = new JcaPKCS8Generator(privateKey, jceOpenSSLPKCS8EncryptorBuilder.build());
            StringWriter stringWriter = new StringWriter();
            JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
            jcaPEMWriter.writeObject((PemObjectGenerator) jcaPKCS8Generator);
            jcaPEMWriter.close();
            return stringWriter.toString();
        } catch (OperatorCreationException e) {
            throw new CryptoException(e);
        }
    }

    public byte[] generateFileKey() {
        return CryptoUtils.generateSecureRandomByteArray(32);
    }

    public byte[] generateIV() {
        return CryptoUtils.generateSecureRandomByteArray(12);
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public KeyPair generateKeyPair(int i) throws CryptoException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(i);
            return keyPairGenerator.generateKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new CryptoException(e);
        }
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public PublicKey getPublicKeyFromString(String str) throws CryptoException, IOException {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes());
            PEMParser pEMParser = new PEMParser(new InputStreamReader(byteArrayInputStream));
            Object readObject = pEMParser.readObject();
            pEMParser.close();
            byteArrayInputStream.close();
            JcaPEMKeyConverter provider = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
            if (readObject instanceof SubjectPublicKeyInfo) {
                return provider.getPublicKey((SubjectPublicKeyInfo) readObject);
            }
            throw new InvalidKeyException("String does not contain a PublicKey");
        } catch (InvalidKeyException e) {
            throw new CryptoException(e);
        }
    }

    @Override // eu.ssp_europe.sds.crypto.CryptoIF
    public String getStringFromPublicKey(PublicKey publicKey) throws IOException {
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        jcaPEMWriter.writeObject(publicKey);
        jcaPEMWriter.close();
        return stringWriter.toString();
    }

    public GCMBlockCipher initFileCipher(boolean z, byte[] bArr, byte[] bArr2) {
        AEADParameters aEADParameters = new AEADParameters(new KeyParameter(bArr), 128, bArr2);
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESFastEngine());
        gCMBlockCipher.init(z, aEADParameters);
        return gCMBlockCipher;
    }
}
