package oracle.security.crypto.core;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.fips.FIPS_140_2;
import oracle.security.crypto.util.CryptoUtils;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:BOOT-INF/lib/osdt_core-11.2.0.4.jar:oracle/security/crypto/core/PKCS5PBE.class */
public final class PKCS5PBE extends PBE {
    private static final long d = 4294967297L;
    public static final int MD2_DES = 1;
    public static final int MD2_RC2 = 4;
    public static final int MD5_DES = 3;
    public static final int MD5_RC2 = 6;
    public static final int SHA1_DES = 10;
    public static final int SHA1_RC2 = 11;
    private int e;

    @Override // oracle.security.crypto.core.PBE
    public void initialize(AlgorithmIdentifier algorithmIdentifier) throws AlgorithmIdentifierException {
        FIPS_140_2.assertReadyState();
        if (algorithmIdentifier instanceof PBEAlgorithmIdentifier) {
            this.a = (PBEAlgorithmIdentifier) algorithmIdentifier;
        } else {
            try {
                this.a = new PBEAlgorithmIdentifier(Utils.toStream(algorithmIdentifier));
            } catch (IOException e) {
                throw new AlgorithmIdentifierException(e.toString());
            }
        }
        ASN1ObjectID oid = this.a.getOID();
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithMD2AndDES_CBC)) {
            this.b = AlgID.md2;
            this.c = AlgID.desCBC;
            this.e = 1;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithMD2AndRC2_CBC)) {
            this.b = AlgID.md2;
            this.c = AlgID.RC2_CBC;
            this.e = 1;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithMD5AndDES_CBC)) {
            this.b = AlgID.md5;
            this.c = AlgID.desCBC;
            this.e = 1;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithMD5AndRC2_CBC)) {
            this.b = AlgID.md5;
            this.c = AlgID.RC2_CBC;
            this.e = 1;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithSHA1AndDES_CBC)) {
            this.b = AlgID.sha_1;
            this.c = AlgID.desCBC;
            this.e = 1;
            return;
        }
        if (oid.equals(PBEAlgorithmIdentifier.pbeWithSHA1AndRC2_CBC)) {
            this.b = AlgID.sha_1;
            this.c = AlgID.RC2_CBC;
            this.e = 1;
        } else {
            if (!oid.equals(PBEAlgorithmIdentifier.id_PBES2)) {
                throw new AlgorithmIdentifierException(new StringBuffer().append("Unknown algorithm identifier: ").append(algorithmIdentifier).toString());
            }
            if (this.a.getPseudorandomFunc().getOID().equals(AlgID.hmacWithSHA1.getOID()) || this.a.getPseudorandomFunc().getOID().equals(AlgID.hmacSHA.getOID())) {
                this.b = AlgID.sha_1;
            } else {
                if (!this.a.getPseudorandomFunc().getOID().equals(AlgID.hmacMD5.getOID())) {
                    throw new AlgorithmIdentifierException("Unknown key derivation algorithm identifier");
                }
                this.b = AlgID.md5;
            }
            this.c = this.a.getEncryptionScheme();
            this.e = 2;
        }
    }

    @Override // oracle.security.crypto.core.PBE
    public void initialize(int i, byte[] bArr, int i2) throws AlgorithmIdentifierException {
        initialize(new PBEAlgorithmIdentifier(new ASN1ObjectID(PBEAlgorithmIdentifier.pkcs5, i), bArr, i2));
    }

    @Override // oracle.security.crypto.core.PBE
    public void initialize(int i) throws AlgorithmIdentifierException {
        initialize(new PBEAlgorithmIdentifier(new ASN1ObjectID(PBEAlgorithmIdentifier.pkcs5, i)));
    }

    @Override // oracle.security.crypto.core.PBE
    public byte[] encrypt(String str, byte[] bArr) throws CipherException {
        byte[] bytes;
        FIPS_140_2.assertReadyState();
        try {
            bytes = str.getBytes("US-ASCII");
        } catch (UnsupportedEncodingException e) {
            bytes = str.getBytes();
        }
        byte[] a = this.e == 1 ? a(bytes, bArr, true) : b(bytes, bArr, true);
        Utils.setArray(bytes, (byte) 0);
        return a;
    }

    @Override // oracle.security.crypto.core.PBE
    public byte[] decrypt(String str, byte[] bArr) throws CipherException {
        byte[] bytes;
        byte[] a;
        FIPS_140_2.assertReadyState();
        boolean z = false;
        try {
            bytes = str.getBytes("US-ASCII");
        } catch (UnsupportedEncodingException e) {
            bytes = str.getBytes();
            z = true;
        }
        try {
            a = this.e == 1 ? a(bytes, bArr, false) : b(bytes, bArr, false);
        } catch (Exception e2) {
            if (z) {
                if (e2 instanceof CipherException) {
                    throw ((CipherException) e2);
                }
                throw new CipherException(e2.toString());
            }
            Utils.setArray(bytes, (byte) 0);
            bytes = str.getBytes();
            a = this.e == 1 ? a(bytes, bArr, false) : b(bytes, bArr, false);
        }
        Utils.setArray(bytes, (byte) 0);
        return a;
    }

    @Override // oracle.security.crypto.core.PBE
    public byte[] encryptPrivateKey(String str, PrivateKey privateKey) throws CipherException {
        if (privateKey instanceof PrivateKeyPKCS8) {
            throw new CipherException("Cannot encrypt encrypted key");
        }
        return encrypt(str, c.a(privateKey));
    }

    @Override // oracle.security.crypto.core.PBE
    public PrivateKey decryptPrivateKey(String str, byte[] bArr) throws CipherException, IOException {
        PrivateKey inputPrivateKey;
        byte[] bArr2 = null;
        try {
            bArr2 = decrypt(str, bArr);
            inputPrivateKey = CryptoUtils.inputPrivateKey(new UnsyncByteArrayInputStream(bArr2));
        } catch (Exception e) {
            if (bArr2 != null) {
                Utils.setArray(bArr2, (byte) 0);
            }
            byte[] bytes = str.getBytes();
            bArr2 = this.e == 1 ? a(bytes, bArr, false) : b(bytes, bArr, false);
            Utils.setArray(bytes, (byte) 0);
            inputPrivateKey = CryptoUtils.inputPrivateKey(new UnsyncByteArrayInputStream(bArr2));
        }
        Utils.setArray(bArr2, (byte) 0);
        return inputPrivateKey;
    }

    @Override // oracle.security.crypto.core.PBE
    public byte[] encryptSymmetricKey(String str, SymmetricKey symmetricKey) throws CipherException {
        return encrypt(str, symmetricKey.e());
    }

    @Override // oracle.security.crypto.core.PBE
    public SymmetricKey decryptSymmetricKey(String str, byte[] bArr) throws CipherException {
        byte[] decrypt = decrypt(str, bArr);
        SymmetricKey symmetricKey = new SymmetricKey(decrypt);
        Utils.setArray(decrypt, (byte) 0);
        return symmetricKey;
    }

    private byte[] a(byte[] bArr, byte[] bArr2, boolean z) throws CipherException {
        SymmetricKey a = a(bArr);
        Cipher cipher = null;
        try {
            try {
                try {
                    Cipher cipher2 = Cipher.getInstance(a.getAlgID(), a, Padding.PKCS5);
                    byte[] encrypt = z ? ((BlockCipher) cipher2).encrypt(bArr2, 0, bArr2.length, true) : ((BlockCipher) cipher2).decrypt(bArr2, 0, bArr2.length, true);
                    if (cipher2 != null) {
                        cipher2.erase();
                    }
                    if (a != null) {
                        a.erase();
                    }
                    return encrypt;
                } catch (AlgorithmIdentifierException e) {
                    throw new CipherException(e.toString());
                }
            } catch (InvalidKeyException e2) {
                throw new CipherException(e2.toString());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                cipher.erase();
            }
            if (a != null) {
                a.erase();
            }
            throw th;
        }
    }

    private byte[] b(byte[] bArr, byte[] bArr2, boolean z) throws CipherException {
        SymmetricKey b = b(bArr);
        Cipher cipher = null;
        try {
            try {
                try {
                    Cipher cipher2 = Cipher.getInstance(this.c, b, Padding.PKCS5);
                    byte[] encrypt = z ? ((BlockCipher) cipher2).encrypt(bArr2, 0, bArr2.length, true) : ((BlockCipher) cipher2).decrypt(bArr2, 0, bArr2.length, true);
                    if (cipher2 != null) {
                        cipher2.erase();
                    }
                    if (b != null) {
                        b.erase();
                    }
                    return encrypt;
                } catch (AlgorithmIdentifierException e) {
                    throw new CipherException(e.toString());
                }
            } catch (InvalidKeyException e2) {
                throw new CipherException(e2.toString());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                cipher.erase();
            }
            if (b != null) {
                b.erase();
            }
            throw th;
        }
    }

    private SymmetricKey a(byte[] bArr) throws CipherException {
        try {
            byte[] a = a(this.b, bArr, this.a.getSalt(), this.a.getIterationCount(), 16);
            byte[] bArr2 = new byte[8];
            System.arraycopy(a, 0, bArr2, 0, 8);
            byte[] bArr3 = new byte[8];
            System.arraycopy(a, 8, bArr3, 0, 8);
            Utils.setArray(a, (byte) 0);
            SymmetricKey symmetricKey = new SymmetricKey(bArr2, this.c.getOID().equals(AlgID.RC2_CBC.getOID()) ? new RC2AlgorithmIdentifier(bArr3, 64) : !this.c.getOID().equals(AlgID.RC4.getOID()) ? new CBCAlgorithmIdentifier(this.c.getOID(), bArr3) : AlgID.RC4);
            Utils.setArray(bArr2, (byte) 0);
            return symmetricKey;
        } catch (InvalidKeyException e) {
            throw new CipherException(e.toString());
        }
    }

    private SymmetricKey b(byte[] bArr) throws CipherException {
        try {
            byte[] b = b(this.b, bArr, this.a.getSalt(), this.a.getIterationCount(), this.a.getKeyLength());
            SymmetricKey symmetricKey = new SymmetricKey(b, this.c);
            Utils.setArray(b, (byte) 0);
            return symmetricKey;
        } catch (InvalidKeyException e) {
            throw new CipherException(e.toString());
        }
    }

    private static byte[] a(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, byte[] bArr2, int i, int i2) throws InvalidKeyException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(algorithmIdentifier);
            if (i2 > messageDigest.getDigestLength()) {
                throw new InvalidKeyException("Derived key too long");
            }
            messageDigest.init();
            messageDigest.update(bArr);
            messageDigest.update(bArr2);
            messageDigest.computeCurrent();
            byte[] a = messageDigest.a();
            for (int i3 = 1; i3 < i; i3++) {
                messageDigest.init();
                messageDigest.update(a);
                messageDigest.computeCurrent();
                a = messageDigest.a();
            }
            if (a.length == i2) {
                return a;
            }
            byte[] bArr3 = new byte[i2];
            System.arraycopy(a, 0, bArr3, 0, i2);
            Utils.setArray(a, (byte) 0);
            return bArr3;
        } catch (AlgorithmIdentifierException e) {
            throw new InvalidKeyException(e.toString());
        }
    }

    private static byte[] b(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, byte[] bArr2, int i, int i2) throws InvalidKeyException {
        SymmetricKey symmetricKey = new SymmetricKey(bArr);
        try {
            try {
                MAC mac = MAC.getInstance(algorithmIdentifier, symmetricKey);
                if (symmetricKey != null) {
                    symmetricKey.erase();
                }
                int digestLength = mac.getDigestLength();
                if ((i2 & 65535) > d * digestLength) {
                    throw new InvalidKeyException("Derived key too long");
                }
                int i3 = i2 / digestLength;
                byte[] bArr3 = new byte[i2];
                for (int i4 = 1; i4 < i3 + 1; i4++) {
                    byte[] a = a(mac, bArr2, i, i4);
                    System.arraycopy(a, 0, bArr3, (i4 - 1) * digestLength, digestLength);
                    Utils.setArray(a, (byte) 0);
                }
                if (i2 > i3 * digestLength) {
                    byte[] a2 = a(mac, bArr2, i, i3 + 1);
                    System.arraycopy(a2, 0, bArr3, i3 * digestLength, i2 - (i3 * digestLength));
                    Utils.setArray(a2, (byte) 0);
                }
                mac.erase();
                return bArr3;
            } catch (AlgorithmIdentifierException e) {
                throw new InvalidKeyException(e.toString());
            }
        } catch (Throwable th) {
            if (symmetricKey != null) {
                symmetricKey.erase();
            }
            throw th;
        }
    }

    private static byte[] a(MAC mac, byte[] bArr, int i, int i2) {
        mac.init();
        mac.update(bArr);
        mac.update(Utils.wordToBytes(i2));
        mac.computeCurrent();
        byte[] digestBits = mac.getDigestBits();
        byte[] bArr2 = digestBits;
        for (int i3 = 1; i3 < i; i3++) {
            mac.init();
            mac.update(bArr2);
            mac.computeCurrent();
            bArr2 = mac.getDigestBits();
            for (int i4 = 0; i4 < digestBits.length; i4++) {
                digestBits[i4] = (byte) (((digestBits[i4] & 255) ^ (bArr2[i4] & 255)) & 255);
            }
            Utils.setArray(bArr2, (byte) 0);
            Utils.setArray(mac.a(), (byte) 0);
        }
        return digestBits;
    }
}
