package org.metastatic.jessie;

import gnu.crypto.cipher.IBlockCipher;
import gnu.crypto.hash.HashFactory;
import gnu.crypto.hash.IMessageDigest;
import gnu.crypto.mode.IMode;
import gnu.crypto.mode.ModeFactory;
import gnu.crypto.pad.WrongPaddingException;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import javax.net.ssl.ManagerFactoryParameters;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.metastatic.callbacks.ConsoleCallbackHandler;
import org.metastatic.jessie.pki.der.DERReader;

/* loaded from: input_file:org/metastatic/jessie/PrivateCredentials.class */
public class PrivateCredentials implements ManagerFactoryParameters {
    public static final String BEGIN_DSA = "-----BEGIN DSA PRIVATE KEY";
    public static final String END_DSA = "-----END DSA PRIVATE KEY";
    public static final String BEGIN_RSA = "-----BEGIN RSA PRIVATE KEY";
    public static final String END_RSA = "-----END RSA PRIVATE KEY";
    private List privateKeys = new LinkedList();
    private List certChains = new LinkedList();

    public void add(InputStream inputStream, InputStream inputStream2) throws CertificateException, InvalidKeyException, InvalidKeySpecException, IOException, NoSuchAlgorithmException, WrongPaddingException {
        String str;
        String str2;
        KeySpec rSAPrivateCrtKeySpec;
        X509Certificate[] x509CertificateArr = (X509Certificate[]) CertificateFactory.getInstance("X.509").generateCertificates(inputStream).toArray(new X509Certificate[0]);
        String readLine = readLine(inputStream2);
        if (readLine.startsWith(BEGIN_DSA)) {
            str = "DSA";
            str2 = END_DSA;
        } else {
            if (!readLine.startsWith(BEGIN_RSA)) {
                throw new IOException("Unknown private key type.");
            }
            str = "RSA";
            str2 = END_RSA;
        }
        boolean z = false;
        String str3 = null;
        String str4 = null;
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            String readLine2 = readLine(inputStream2);
            if (readLine2 == null) {
                throw new EOFException("premature end-of-file");
            }
            if (readLine2.startsWith("Proc-Type: 4,ENCRYPTED")) {
                z = true;
            } else if (readLine2.startsWith("DEK-Info: ")) {
                int indexOf = readLine2.indexOf(44);
                if (indexOf < 0) {
                    str3 = readLine2.substring(10).trim();
                } else {
                    str3 = readLine2.substring(10, indexOf).trim();
                    str4 = readLine2.substring(indexOf + 1).trim();
                }
            } else {
                if (readLine2.startsWith(str2)) {
                    byte[] decode = Base64.decode(stringBuffer.toString());
                    if (z) {
                        decode = decryptKey(decode, str3, toByteArray(str4));
                    }
                    DERReader dERReader = new DERReader(decode);
                    if (dERReader.read().getTag() != 16) {
                        throw new IOException("malformed DER sequence");
                    }
                    dERReader.read();
                    KeyFactory keyFactory = KeyFactory.getInstance(str);
                    if (str.equals("DSA")) {
                        BigInteger bigInteger = (BigInteger) dERReader.read().getValue();
                        BigInteger bigInteger2 = (BigInteger) dERReader.read().getValue();
                        BigInteger bigInteger3 = (BigInteger) dERReader.read().getValue();
                        dERReader.read();
                        rSAPrivateCrtKeySpec = new DSAPrivateKeySpec((BigInteger) dERReader.read().getValue(), bigInteger, bigInteger2, bigInteger3);
                    } else {
                        rSAPrivateCrtKeySpec = new RSAPrivateCrtKeySpec((BigInteger) dERReader.read().getValue(), (BigInteger) dERReader.read().getValue(), (BigInteger) dERReader.read().getValue(), (BigInteger) dERReader.read().getValue(), (BigInteger) dERReader.read().getValue(), (BigInteger) dERReader.read().getValue(), (BigInteger) dERReader.read().getValue(), (BigInteger) dERReader.read().getValue());
                    }
                    this.privateKeys.add(keyFactory.generatePrivate(rSAPrivateCrtKeySpec));
                    this.certChains.add(x509CertificateArr);
                    return;
                }
                if (readLine2.length() > 0) {
                    stringBuffer.append(readLine2);
                    stringBuffer.append(System.getProperty("line.separator"));
                }
            }
        }
    }

    public List getPrivateKeys() {
        if (isDestroyed()) {
            throw new IllegalStateException("this object is destroyed");
        }
        return this.privateKeys;
    }

    public List getCertChains() {
        return this.certChains;
    }

    public void destroy() {
        this.privateKeys.clear();
        this.privateKeys = null;
    }

    public boolean isDestroyed() {
        return this.privateKeys == null;
    }

    private String readLine(InputStream inputStream) throws IOException {
        boolean equals = System.getProperty("line.separator").equals("\r");
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            int read = inputStream.read();
            if (read == -1) {
                if (stringBuffer.length() <= 0) {
                    return null;
                }
            } else if (read == 13) {
                if (equals) {
                    break;
                }
            } else {
                if (read == 10) {
                    break;
                }
                stringBuffer.append((char) read);
            }
        }
        return stringBuffer.toString();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r11v3, types: [gnu.crypto.mode.IMode] */
    private byte[] decryptKey(byte[] bArr, String str, byte[] bArr2) throws IOException, InvalidKeyException, WrongPaddingException {
        IMode iMode;
        byte[] bArr3 = new byte[bArr.length];
        if (str.equals("DES-EDE3-CBC")) {
            ?? modeFactory = ModeFactory.getInstance("CBC", "TripleDES", 8);
            HashMap hashMap = new HashMap();
            hashMap.put(IBlockCipher.KEY_MATERIAL, deriveKey(bArr2, 24));
            hashMap.put(IMode.IV, bArr2);
            hashMap.put(IMode.STATE, new Integer(2));
            modeFactory.init(hashMap);
            iMode = modeFactory;
        } else {
            if (!str.equals("DES-CBC")) {
                throw new IllegalArgumentException("unknown cipher: " + str);
            }
            IMode modeFactory2 = ModeFactory.getInstance("CBC", "DES", 8);
            HashMap hashMap2 = new HashMap();
            hashMap2.put(IBlockCipher.KEY_MATERIAL, deriveKey(bArr2, 8));
            hashMap2.put(IMode.IV, bArr2);
            hashMap2.put(IMode.STATE, new Integer(2));
            modeFactory2.init(hashMap2);
            iMode = modeFactory2;
        }
        for (int i = 0; i < bArr.length; i += 8) {
            iMode.update(bArr, i, bArr3, i);
        }
        byte b = bArr3[bArr3.length - 1];
        if (b < 1 || b > 8) {
            throw new WrongPaddingException();
        }
        for (int length = bArr3.length - b; length < bArr3.length; length++) {
            if (bArr3[length] != b) {
                throw new WrongPaddingException();
            }
        }
        byte[] bArr4 = new byte[bArr3.length - b];
        System.arraycopy(bArr3, 0, bArr4, 0, bArr4.length);
        return bArr4;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v34, types: [javax.security.auth.callback.CallbackHandler] */
    private byte[] deriveKey(byte[] bArr, int i) throws IOException {
        ConsoleCallbackHandler consoleCallbackHandler = new ConsoleCallbackHandler();
        try {
            consoleCallbackHandler = (CallbackHandler) Class.forName(Security.getProperty("jessie.password.handler")).newInstance();
        } catch (Exception e) {
        }
        PasswordCallback passwordCallback = new PasswordCallback("Enter PEM passphrase: ", false);
        try {
            consoleCallbackHandler.handle(new Callback[]{passwordCallback});
            char[] password = passwordCallback.getPassword();
            IMessageDigest hashFactory = HashFactory.getInstance("MD5");
            byte[] bArr2 = new byte[i];
            int i2 = 0;
            while (i2 < i) {
                for (char c : password) {
                    hashFactory.update((byte) c);
                }
                hashFactory.update(bArr, 0, bArr.length);
                byte[] digest = hashFactory.digest();
                int min = Math.min(digest.length, i - i2);
                System.arraycopy(digest, 0, bArr2, i2, min);
                i2 += min;
                if (i2 >= i) {
                    break;
                }
                hashFactory.reset();
                hashFactory.update(digest, 0, digest.length);
            }
            passwordCallback.clearPassword();
            return bArr2;
        } catch (UnsupportedCallbackException e2) {
            throw new IOException("specified handler cannot handle passwords");
        }
    }

    private byte[] toByteArray(String str) {
        String lowerCase = str.toLowerCase();
        byte[] bArr = new byte[lowerCase.length() / 2];
        int i = 0;
        for (int i2 = 0; i2 < bArr.length; i2++) {
            int i3 = i;
            int i4 = i + 1;
            i = i4 + 1;
            bArr[i2] = (byte) ((Character.digit(lowerCase.charAt(i3), 16) << 4) | Character.digit(lowerCase.charAt(i4), 16));
        }
        return bArr;
    }
}
