package com.isnetworks.provider.pki;

import com.isnetworks.provider.asn1.AsnInteger;
import com.isnetworks.provider.asn1.DecodeException;
import com.isnetworks.provider.asn1.EncodeException;
import com.isnetworks.provider.asn1.pkcs12.PKCS12PBEParams;
import com.isnetworks.provider.asn1.pkcs8.EncryptedPrivateKeyInfo;
import com.isnetworks.provider.asn1.pkcs8.PrivateKeyInfo;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;

/* loaded from: input_file:com/isnetworks/provider/pki/EncryptedPrivateKeyInfoWrapper.class */
public class EncryptedPrivateKeyInfoWrapper {
    private EncryptedPrivateKeyInfo mEPKI;
    private static final int DEFAULT_ITERATION_COUNT = 2000;
    private static final String DEFAULT_PBE_ALGORITHM = "PBEWithSHA1AndTripleDES";

    public EncryptedPrivateKeyInfoWrapper(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) {
        this.mEPKI = encryptedPrivateKeyInfo;
    }

    public EncryptedPrivateKeyInfoWrapper(PrivateKey privateKey, char[] cArr) throws PKIException {
        this.mEPKI = new EncryptedPrivateKeyInfo("encryptedPrivateKeyInfo");
        if (!privateKey.getAlgorithm().equals("RSA")) {
            throw new IllegalArgumentException("Only RSA keys are currently supported");
        }
        try {
            SecretKey generateSecret = SecretKeyFactory.getInstance(DEFAULT_PBE_ALGORITHM).generateSecret(new PBEKeySpec(cArr));
            byte[] bArr = new byte[8];
            new SecureRandom().nextBytes(bArr);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, DEFAULT_ITERATION_COUNT);
            Cipher cipher = Cipher.getInstance("PBEWithSHA1AndTripleDES/CBC/PKCS5Padding");
            cipher.init(1, generateSecret, pBEParameterSpec);
            PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo("privateKeyInfo");
            privateKeyInfo.decode(privateKey.getEncoded());
            byte[] doFinal = cipher.doFinal(privateKeyInfo.encode());
            PKCS12PBEParams pKCS12PBEParams = new PKCS12PBEParams("pkcs12PBEParams");
            pKCS12PBEParams.getSalt().setValue(bArr);
            pKCS12PBEParams.getIterations().setValue(AsnInteger.makeValue(DEFAULT_ITERATION_COUNT));
            this.mEPKI.getEncryptionAlgorithm().getParameters().setActual(pKCS12PBEParams);
            this.mEPKI.getEncryptionAlgorithm().getAlgorithm().copy(AlgorithmMapperKojak.getAlgorithmId(DEFAULT_PBE_ALGORITHM));
            this.mEPKI.getEncryptedData().setValue(doFinal);
        } catch (DecodeException e) {
            throw new PKIException("Can't decode encoded bytes of PrivateKey", e);
        } catch (EncodeException e2) {
            throw new PKIException("Can't encode PrivateKeyInfo", e2);
        } catch (InvalidAlgorithmParameterException e3) {
            throw new PKIException("Cipher doesn't like PBEParameterSpec", e3);
        } catch (InvalidKeyException e4) {
            throw new PKIException("Cipher doesn't like the key from the SecretKeyFactory", e4);
        } catch (NoSuchAlgorithmException e5) {
            throw new PKIException("Can't find PBE algorithm", e5);
        } catch (InvalidKeySpecException e6) {
            throw new PKIException("SecretKeyFactory doesn't like the PBEKeySpec", e6);
        } catch (BadPaddingException e7) {
            throw new PKIException("Problem with padding, this shouldn't be happening on encrypt", e7);
        } catch (IllegalBlockSizeException e8) {
            throw new PKIException("Wrong block size", e8);
        } catch (NoSuchPaddingException e9) {
            throw new PKIException("Can't find PKCS5Padding", e9);
        }
    }

    public PrivateKey getPrivateKey(char[] cArr) throws PKIException {
        try {
            String javaAlgorithm = AlgorithmMapperKojak.getJavaAlgorithm(this.mEPKI.getEncryptionAlgorithm());
            SecretKey generateSecret = SecretKeyFactory.getInstance(javaAlgorithm).generateSecret(new PBEKeySpec(cArr));
            PKCS12PBEParams pKCS12PBEParams = (PKCS12PBEParams) this.mEPKI.getEncryptionAlgorithm().getParameters().getActual();
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec((byte[]) pKCS12PBEParams.getSalt().getValue(), pKCS12PBEParams.getIterations().getIntValue());
            Cipher cipher = Cipher.getInstance(new StringBuffer().append(javaAlgorithm).append("/CBC/PKCS5Padding").toString());
            cipher.init(2, generateSecret, pBEParameterSpec);
            byte[] doFinal = cipher.doFinal((byte[]) this.mEPKI.getEncryptedData().getValue());
            PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo("privateKeyInfo");
            privateKeyInfo.decode(doFinal);
            return KeyFactory.getInstance(AlgorithmMapperKojak.getJavaAlgorithm(privateKeyInfo.getPrivateKeyAlgorithm())).generatePrivate(new PKCS8EncodedKeySpec(doFinal));
        } catch (DecodeException e) {
            throw new PKIException("Unable to ASN.1 decode plaintext, the password is most likely incorrect", e);
        } catch (InvalidAlgorithmParameterException e2) {
            throw new PKIException("Cipher not happy with PBEParameterSpec", e2);
        } catch (InvalidKeyException e3) {
            throw new PKIException("Cipher not happy with PBE key", e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new PKIException("Unable to find algorithm", e4);
        } catch (InvalidKeySpecException e5) {
            throw new PKIException("KeySpec invalid", e5);
        } catch (BadPaddingException e6) {
            throw new PKIException("Encrypted data not padded correctly, the password is most likely incorrect", e6);
        } catch (IllegalBlockSizeException e7) {
            throw new PKIException("Encrypted data not of multiple of block length", e7);
        } catch (NoSuchPaddingException e8) {
            throw new PKIException("Can't find PKCS5Padding", e8);
        }
    }

    public EncryptedPrivateKeyInfo getEncryptedPrivateKeyInfo() {
        return this.mEPKI;
    }
}
