package ch.rgw.crypt;

import ch.rgw.crypt.Cryptologist;
import ch.rgw.tools.ExHandler;
import ch.rgw.tools.Result;
import ch.rgw.tools.TimeTool;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:ch/rgw/crypt/JCECrypter.class */
public class JCECrypter implements Cryptologist {
    private static final String KEY_ALGO = "AES";
    private static final String SIGNATURE_ALGO = "SHA512withRSA";
    private static final String SYMM_CIPHER_ALGO = "Blowfish";
    private static final String RSA_ALGO = "RSA/ECB/PKCS1Padding";
    public static short VERSION = 258;
    public static short MAGIC = -4130;
    public static short KEY_MARKER = 16;
    public static short IV_MARKER = 32;
    public static short DATA_MARKER = 48;
    protected JCEKeyManager km;
    protected String userKey;
    protected char[] pwd;

    public JCECrypter(String str, char[] cArr, String str2, char[] cArr2) throws Exception {
        this(cArr, str2, cArr2);
        if (str == null) {
            str = String.valueOf(System.getProperty("user.home")) + File.separator + ".JCECrypter";
            if (cArr == null) {
                cArr = "JCECrypterDefault".toCharArray();
            }
        }
        this.km = new JCEKeyManager(str, null, cArr);
        if (!this.km.load(true)) {
            this.km = null;
        } else {
            if (this.km.existsPrivate(str2)) {
                return;
            }
            KeyPair generateKeys = this.km.generateKeys();
            this.km.addKeyPair(generateKeys.getPrivate(), this.km.generateCertificate(generateKeys.getPublic(), generateKeys.getPrivate(), this.userKey, this.userKey, null, null), this.pwd);
            this.km.save();
        }
    }

    protected JCECrypter(char[] cArr, String str, char[] cArr2) {
        this.userKey = str;
        this.pwd = cArr2;
    }

    protected void finalize() throws Throwable {
        if (this.pwd != null) {
            for (int i = 0; i < this.pwd.length; i++) {
                this.pwd[i] = 0;
            }
        }
        super.finalize();
    }

    @Override // ch.rgw.crypt.Cryptologist
    public Result<byte[]> decrypt(byte[] bArr) {
        try {
            PrivateKey privateKey = this.km.getPrivateKey(this.userKey, this.pwd);
            Cipher cipher = Cipher.getInstance(RSA_ALGO);
            cipher.init(2, privateKey);
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
            if (dataInputStream.readShort() != MAGIC) {
                return new Result<>(Result.SEVERITY.ERROR, 1, "Bad data format while trying to decrypt", null, true);
            }
            dataInputStream.readShort();
            if (dataInputStream.readShort() != KEY_MARKER) {
                return new Result<>(Result.SEVERITY.ERROR, 2, "unexpected block marker", null, true);
            }
            byte[] bArr2 = new byte[dataInputStream.readInt()];
            dataInputStream.readFully(bArr2);
            SecretKeySpec secretKeySpec = new SecretKeySpec(cipher.doFinal(bArr2), SYMM_CIPHER_ALGO);
            Cipher cipher2 = Cipher.getInstance(SYMM_CIPHER_ALGO);
            cipher2.init(2, secretKeySpec);
            if (dataInputStream.readShort() != DATA_MARKER) {
                return new Result<>(Result.SEVERITY.ERROR, 4, "unexpected block marker", null, true);
            }
            byte[] bArr3 = new byte[dataInputStream.readInt()];
            dataInputStream.readFully(bArr3);
            return new Result<>(cipher2.doFinal(bArr3));
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public void decrypt(InputStream inputStream, OutputStream outputStream) throws CryptologistException {
        try {
            PrivateKey privateKey = this.km.getPrivateKey(this.userKey, this.pwd);
            Cipher cipher = Cipher.getInstance(RSA_ALGO);
            cipher.init(2, privateKey);
            DataInputStream dataInputStream = new DataInputStream(inputStream);
            if (dataInputStream.readShort() != MAGIC) {
                throw new CryptologistException("Bad data format while trying to decrypt", 4);
            }
            dataInputStream.readShort();
            if (dataInputStream.readShort() != KEY_MARKER) {
                throw new CryptologistException("unexpected block marker", 4);
            }
            byte[] bArr = new byte[dataInputStream.readInt()];
            dataInputStream.readFully(bArr);
            SecretKeySpec secretKeySpec = new SecretKeySpec(cipher.doFinal(bArr), SYMM_CIPHER_ALGO);
            Cipher cipher2 = Cipher.getInstance(SYMM_CIPHER_ALGO);
            cipher2.init(2, secretKeySpec);
            while (dataInputStream.available() > 1) {
                if (dataInputStream.readShort() != DATA_MARKER) {
                    throw new CryptologistException("unexpected block marker", 4);
                }
                byte[] bArr2 = new byte[dataInputStream.readInt()];
                dataInputStream.readFully(bArr2);
                outputStream.write(cipher2.doFinal(bArr2));
            }
            outputStream.flush();
        } catch (Exception e) {
            throw new CryptologistException("Error while decoding " + e.getMessage(), 3);
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public void encrypt(InputStream inputStream, OutputStream outputStream, String str) throws CryptologistException {
        int read;
        try {
            PublicKey publicKey = this.km.getPublicKey(str);
            Cipher cipher = Cipher.getInstance(SYMM_CIPHER_ALGO);
            byte[] generateBlowfishKey = generateBlowfishKey();
            cipher.init(1, new SecretKeySpec(generateBlowfishKey, SYMM_CIPHER_ALGO));
            Cipher cipher2 = Cipher.getInstance(RSA_ALGO);
            cipher2.init(1, publicKey);
            DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
            dataOutputStream.writeShort(MAGIC);
            dataOutputStream.writeShort(VERSION);
            writeBlock(dataOutputStream, cipher2.doFinal(generateBlowfishKey), KEY_MARKER);
            byte[] bArr = new byte[65535];
            while (true) {
                read = inputStream.read(bArr);
                if (read != 65535) {
                    break;
                } else {
                    writeBlock(dataOutputStream, cipher.doFinal(bArr), DATA_MARKER);
                }
            }
            if (read > 0) {
                writeBlock(dataOutputStream, cipher.doFinal(bArr, 0, read), DATA_MARKER);
            }
            dataOutputStream.flush();
        } catch (Exception e) {
            throw new CryptologistException("Encryption failed: " + e.getMessage(), 9);
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public byte[] encrypt(byte[] bArr, String str) {
        try {
            PublicKey publicKey = this.km.getPublicKey(str);
            Cipher cipher = Cipher.getInstance(SYMM_CIPHER_ALGO);
            byte[] generateBlowfishKey = generateBlowfishKey();
            cipher.init(1, new SecretKeySpec(generateBlowfishKey, SYMM_CIPHER_ALGO));
            Cipher cipher2 = Cipher.getInstance(RSA_ALGO);
            cipher2.init(1, publicKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
            dataOutputStream.writeShort(MAGIC);
            dataOutputStream.writeShort(VERSION);
            writeBlock(dataOutputStream, cipher2.doFinal(generateBlowfishKey), KEY_MARKER);
            writeBlock(dataOutputStream, cipher.doFinal(bArr), DATA_MARKER);
            dataOutputStream.flush();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    private void writeBlock(DataOutputStream dataOutputStream, byte[] bArr, int i) throws Exception {
        dataOutputStream.writeShort(i);
        dataOutputStream.writeInt(bArr.length);
        dataOutputStream.write(bArr);
        for (int i2 = 0; i2 < bArr.length; i2++) {
            bArr[i2] = 0;
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public byte[] sign(byte[] bArr) {
        try {
            Signature signature = Signature.getInstance(SIGNATURE_ALGO);
            signature.initSign(this.km.getPrivateKey(this.userKey, this.pwd), new SecureRandom());
            signature.update(bArr);
            return signature.sign();
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public Cryptologist.VERIFY_RESULT verify(byte[] bArr, byte[] bArr2, String str) {
        try {
            Signature signature = Signature.getInstance(SIGNATURE_ALGO);
            PublicKey publicKey = this.km.getPublicKey(str);
            if (publicKey == null) {
                return Cryptologist.VERIFY_RESULT.SIGNER_UNKNOWN;
            }
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(bArr2) ? Cryptologist.VERIFY_RESULT.OK : Cryptologist.VERIFY_RESULT.BAD_SIGNATURE;
        } catch (Exception e) {
            ExHandler.handle(e);
            return Cryptologist.VERIFY_RESULT.INTERNAL_ERROR;
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public boolean hasCertificateOf(String str) {
        return this.km.existsCertificate(str);
    }

    @Override // ch.rgw.crypt.Cryptologist
    public boolean hasKeyOf(String str) {
        return this.km.existsPrivate(str);
    }

    @Override // ch.rgw.crypt.Cryptologist
    public boolean addCertificate(X509Certificate x509Certificate) {
        if (this.km.addCertificate(x509Certificate)) {
            return this.km.save();
        }
        return false;
    }

    @Override // ch.rgw.crypt.Cryptologist
    public boolean addCertificate(byte[] bArr) {
        try {
            return addCertificate((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr)));
        } catch (CertificateException e) {
            ExHandler.handle(e);
            return false;
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public KeyPair generateKeys(String str, char[] cArr, TimeTool timeTool, TimeTool timeTool2) {
        KeyPair generateKeys = this.km.generateKeys();
        if (str != null) {
            try {
                this.km.addKeyPair(generateKeys.getPrivate(), generateCertificate(generateKeys.getPublic(), str, timeTool, timeTool2), cArr);
                this.km.save();
            } catch (Exception e) {
                ExHandler.handle(e);
                return null;
            }
        }
        return generateKeys;
    }

    @Override // ch.rgw.crypt.Cryptologist
    public X509Certificate generateCertificate(PublicKey publicKey, String str, TimeTool timeTool, TimeTool timeTool2) {
        try {
            return this.km.generateCertificate(publicKey, this.km.getPrivateKey(this.userKey, this.pwd), this.userKey, str, timeTool, timeTool2);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public String getUser() {
        return this.userKey;
    }

    private byte[] generateBlowfishKey() {
        try {
            return KeyGenerator.getInstance(SYMM_CIPHER_ALGO).generateKey().getEncoded();
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    private Key generateAESKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_ALGO);
            keyGenerator.init(128, this.km.getRandom());
            return keyGenerator.generateKey();
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public X509Certificate getCertificate(String str) {
        return this.km.getCertificate(str);
    }

    @Override // ch.rgw.crypt.Cryptologist
    public byte[] getCertificateEncoded(String str) throws CryptologistException {
        X509Certificate certificate = getCertificate(str);
        if (certificate == null) {
            return null;
        }
        try {
            return certificate.getEncoded();
        } catch (CertificateEncodingException e) {
            throw new CryptologistException("Could not encode certificate", 8);
        }
    }

    @Override // ch.rgw.crypt.Cryptologist
    public boolean isFunctional() {
        return true;
    }

    @Override // ch.rgw.crypt.Cryptologist
    public boolean removeCertificate(String str) {
        return this.km.removeKey(str);
    }
}
