package org.bouncycastle.openssl.test;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.StringReader;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.ECNamedCurveTable;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.path.test.a;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.CertificateTrustBlock;
import org.bouncycastle.openssl.PEMDecryptorProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.PasswordFinder;
import org.bouncycastle.openssl.X509TrustedCertificateBlock;
import org.bouncycastle.openssl.bc.BcPEMDecryptorProvider;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.bouncycastle.operator.InputDecryptorProvider;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.util.test.SimpleTest;

/* loaded from: classes.dex */
public class ParserTest extends SimpleTest {

    /* loaded from: classes.dex */
    public static class Password implements PasswordFinder {
        public char[] password;

        public Password(char[] cArr) {
            this.password = cArr;
        }

        @Override // org.bouncycastle.openssl.PasswordFinder
        public char[] getPassword() {
            return this.password;
        }
    }

    private void checkTrustedCert(X509TrustedCertificateBlock x509TrustedCertificateBlock) {
        CertificateTrustBlock trustBlock = x509TrustedCertificateBlock.getTrustBlock();
        if (!"Fred".equals(trustBlock.getAlias())) {
            fail("alias not found");
        }
        if (trustBlock.getUses().size() != 3) {
            fail("key purpose usages wrong size");
        }
        if (!trustBlock.getUses().contains(KeyPurposeId.id_kp_OCSPSigning)) {
            fail("key purpose use not found");
        }
        if (trustBlock.getProhibitions().size() != 1) {
            fail("key purpose prohibitions wrong size");
        }
        if (trustBlock.getProhibitions().contains(KeyPurposeId.id_kp_clientAuth)) {
            return;
        }
        fail("key purpose prohibition not found");
    }

    private void doDudPasswordTest(String str, int i7, String str2) {
        try {
            PEMDecryptorProvider build = new JcePEMDecryptorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(str.toCharArray());
            PEMParser openPEMResource = openPEMResource("test.pem");
            while (true) {
                Object readObject = openPEMResource.readObject();
                if (readObject == null) {
                    fail("issue not detected: " + i7);
                    return;
                } else if (readObject instanceof PEMEncryptedKeyPair) {
                    ((PEMEncryptedKeyPair) readObject).decryptKeyPair(build);
                }
            }
        } catch (IOException e7) {
            if (e7.getCause() != null && !e7.getCause().getMessage().endsWith(str2)) {
                fail("issue " + i7 + " exception thrown, but wrong message");
                return;
            }
            if (e7.getCause() != null || e7.getMessage().equals(str2)) {
                return;
            }
            e7.printStackTrace();
            fail("issue " + i7 + " exception thrown, but wrong message");
        }
    }

    private void doNoPasswordTest() throws IOException {
        new JcePEMDecryptorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build("".toCharArray());
        PEMParser openPEMResource = openPEMResource("smimenopw.pem");
        PrivateKeyInfo privateKeyInfo = null;
        while (true) {
            Object readObject = openPEMResource.readObject();
            if (readObject == null) {
                break;
            } else {
                privateKeyInfo = (PrivateKeyInfo) readObject;
            }
        }
        if (privateKeyInfo == null) {
            fail("private key not detected");
        }
    }

    private void doOpenSslDsaModesTest(String str) throws IOException {
        doOpenSslDsaTest(String.valueOf(str) + "_cbc");
        doOpenSslDsaTest(String.valueOf(str) + "_cfb");
        doOpenSslDsaTest(String.valueOf(str) + "_ecb");
        doOpenSslDsaTest(String.valueOf(str) + "_ofb");
    }

    private void doOpenSslDsaTest(String str) throws IOException {
        doOpenSslTestFile("dsa/openssl_dsa_" + str + ".pem", DSAPrivateKey.class);
    }

    private void doOpenSslRsaModesTest(String str) throws IOException {
        doOpenSslRsaTest(String.valueOf(str) + "_cbc");
        doOpenSslRsaTest(String.valueOf(str) + "_cfb");
        doOpenSslRsaTest(String.valueOf(str) + "_ecb");
        doOpenSslRsaTest(String.valueOf(str) + "_ofb");
    }

    private void doOpenSslRsaTest(String str) throws IOException {
        doOpenSslTestFile("rsa/openssl_rsa_" + str + ".pem", RSAPrivateKey.class);
    }

    private void doOpenSslTestFile(String str, Class cls) throws IOException {
        keyDecryptTest(str, cls, new JcePEMDecryptorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build("changeit".toCharArray()));
        keyDecryptTest(str, cls, new BcPEMDecryptorProvider("changeit".toCharArray()));
    }

    private void doOpenSslTests(String str) throws IOException {
        doOpenSslDsaModesTest(str);
        doOpenSslRsaModesTest(str);
    }

    private void keyDecryptTest(String str, Class cls, PEMDecryptorProvider pEMDecryptorProvider) throws IOException {
        Object readObject = openPEMResource(a.a("data/", str)).readObject();
        if (readObject == null || (!(readObject instanceof PEMKeyPair) && !(readObject instanceof PEMEncryptedKeyPair))) {
            fail("Didn't find OpenSSL key");
        }
        if (cls.isInstance(new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getKeyPair(readObject instanceof PEMEncryptedKeyPair ? ((PEMEncryptedKeyPair) readObject).decryptKeyPair(pEMDecryptorProvider) : (PEMKeyPair) readObject).getPrivate())) {
            return;
        }
        fail("Returned key not of correct type");
    }

    private void keyPairTest(String str, KeyPair keyPair) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new OutputStreamWriter(byteArrayOutputStream));
        jcaPEMWriter.writeObject(keyPair.getPublic());
        jcaPEMWriter.close();
        SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(new PEMParser(new InputStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))).readObject());
        JcaPEMKeyConverter provider = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
        if (!provider.getPublicKey(subjectPublicKeyInfo).equals(keyPair.getPublic())) {
            fail("Failed public key read: " + str);
        }
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        JcaPEMWriter jcaPEMWriter2 = new JcaPEMWriter(new OutputStreamWriter(byteArrayOutputStream2));
        jcaPEMWriter2.writeObject(keyPair.getPrivate());
        jcaPEMWriter2.close();
        KeyPair keyPair2 = provider.getKeyPair((PEMKeyPair) new PEMParser(new InputStreamReader(new ByteArrayInputStream(byteArrayOutputStream2.toByteArray()))).readObject());
        if (!keyPair2.getPrivate().equals(keyPair.getPrivate())) {
            fail("Failed private key read: " + str);
        }
        if (keyPair2.getPublic().equals(keyPair.getPublic())) {
            return;
        }
        fail("Failed private key public read: " + str);
    }

    public static void main(String[] strArr) {
        Security.addProvider(new BouncyCastleProvider());
        SimpleTest.runTest(new ParserTest());
    }

    private PEMParser openPEMResource(String str) {
        return new PEMParser(new BufferedReader(new InputStreamReader(getClass().getResourceAsStream(str))));
    }

    @Override // org.bouncycastle.util.test.SimpleTest, org.bouncycastle.util.test.Test
    public String getName() {
        return "PEMParserTest";
    }

    @Override // org.bouncycastle.util.test.SimpleTest
    public void performTest() throws Exception {
        PEMParser openPEMResource = openPEMResource("test.pem");
        while (true) {
            Object readObject = openPEMResource.readObject();
            if (readObject == null) {
                break;
            } else {
                boolean z6 = readObject instanceof KeyPair;
            }
        }
        PEMParser openPEMResource2 = openPEMResource("extratest.pem");
        while (true) {
            Object readObject2 = openPEMResource2.readObject();
            if (readObject2 == null) {
                break;
            } else if (!(readObject2 instanceof X509CertificateHolder)) {
                fail("wrong object found");
            }
        }
        ContentInfo contentInfo = (ContentInfo) openPEMResource("pkcs7.pem").readObject();
        ASN1ObjectIdentifier contentType = contentInfo.getContentType();
        ASN1ObjectIdentifier aSN1ObjectIdentifier = CMSObjectIdentifiers.envelopedData;
        if (!contentType.equals(aSN1ObjectIdentifier)) {
            fail("failed envelopedData check");
        }
        PEMParser openPEMResource3 = openPEMResource("eckey.pem");
        if (ECNamedCurveTable.getByOID((ASN1ObjectIdentifier) openPEMResource3.readObject()) == null) {
            fail("ecSpec not found for named curve");
        }
        KeyPair keyPair = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getKeyPair((PEMKeyPair) openPEMResource3.readObject());
        Signature signature = Signature.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
        signature.initSign(keyPair.getPrivate());
        byte[] bArr = {97, 98, 99};
        signature.update(bArr);
        byte[] sign = signature.sign();
        signature.initVerify(keyPair.getPublic());
        signature.update(bArr);
        if (!signature.verify(sign)) {
            fail("EC verification failed");
        }
        if (!keyPair.getPublic().getAlgorithm().equals("ECDSA")) {
            fail("wrong algorithm name on public got: " + keyPair.getPublic().getAlgorithm());
        }
        if (!keyPair.getPrivate().getAlgorithm().equals("ECDSA")) {
            fail("wrong algorithm name on private");
        }
        PEMParser openPEMResource4 = openPEMResource("ecexpparam.pem");
        KeyPair keyPair2 = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getKeyPair((PEMKeyPair) openPEMResource4.readObject());
        Signature signature2 = Signature.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
        signature2.initSign(keyPair2.getPrivate());
        byte[] bArr2 = {97, 98, 99};
        signature2.update(bArr2);
        byte[] sign2 = signature2.sign();
        signature2.initVerify(keyPair2.getPublic());
        signature2.update(bArr2);
        if (!signature2.verify(sign2)) {
            fail("EC verification failed");
        }
        if (!keyPair2.getPublic().getAlgorithm().equals("ECDSA")) {
            fail("wrong algorithm name on public got: " + keyPair2.getPublic().getAlgorithm());
        }
        if (!keyPair2.getPrivate().getAlgorithm().equals("ECDSA")) {
            fail("wrong algorithm name on private");
        }
        keyPairTest("RSA", KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME).generateKeyPair());
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA", BouncyCastleProvider.PROVIDER_NAME);
        keyPairGenerator.initialize(512, new SecureRandom());
        keyPairTest("DSA", keyPairGenerator.generateKeyPair());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new OutputStreamWriter(byteArrayOutputStream));
        jcaPEMWriter.writeObject(contentInfo);
        jcaPEMWriter.close();
        if (!((ContentInfo) new PEMParser(new InputStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))).readObject()).getContentType().equals(aSN1ObjectIdentifier)) {
            fail("failed envelopedData recode check");
        }
        doOpenSslDsaTest("unencrypted");
        doOpenSslRsaTest("unencrypted");
        doOpenSslTests("aes128");
        doOpenSslTests("aes192");
        doOpenSslTests("aes256");
        doOpenSslTests("blowfish");
        doOpenSslTests("des1");
        doOpenSslTests("des2");
        doOpenSslTests("des3");
        doOpenSslTests("rc2_128");
        doOpenSslDsaTest("rc2_40_cbc");
        doOpenSslRsaTest("rc2_40_cbc");
        doOpenSslDsaTest("rc2_64_cbc");
        doOpenSslRsaTest("rc2_64_cbc");
        doDudPasswordTest("7fd98", 0, "corrupted stream - out of bounds length found");
        doDudPasswordTest("ef677", 1, "corrupted stream - out of bounds length found");
        doDudPasswordTest("800ce", 2, "unknown tag 26 encountered");
        doDudPasswordTest("b6cd8", 3, "DEF length 81 object truncated by 56");
        doDudPasswordTest("28ce09", 4, "DEF length 110 object truncated by 28");
        doDudPasswordTest("2ac3b9", 5, "DER length more than 4 bytes: 11");
        doDudPasswordTest("2cba96", 6, "DEF length 100 object truncated by 35");
        doDudPasswordTest("2e3354", 7, "DEF length 42 object truncated by 9");
        doDudPasswordTest("2f4142", 8, "DER length more than 4 bytes: 14");
        doDudPasswordTest("2fe9bb", 9, "DER length more than 4 bytes: 65");
        doDudPasswordTest("3ee7a8", 10, "DER length more than 4 bytes: 57");
        doDudPasswordTest("41af75", 11, "unknown tag 16 encountered");
        doDudPasswordTest("1704a5", 12, "corrupted stream detected");
        doDudPasswordTest("1c5822", 13, "Extra data detected in stream");
        doDudPasswordTest("5a3d16", 14, "corrupted stream detected");
        doDudPasswordTest("8d0c97", 15, "corrupted stream detected");
        doDudPasswordTest("bc0daf", 16, "corrupted stream detected");
        doDudPasswordTest("aaf9c4d", 17, "corrupted stream - out of bounds length found");
        doNoPasswordTest();
        InputDecryptorProvider build = new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build("password".toCharArray());
        PKCS8EncryptedPrivateKeyInfo pKCS8EncryptedPrivateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) openPEMResource("enckey.pem").readObject();
        JcaPEMKeyConverter provider = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
        if (!((RSAPrivateCrtKey) provider.getPrivateKey(pKCS8EncryptedPrivateKeyInfo.decryptPrivateKeyInfo(build))).getPublicExponent().equals(new BigInteger("10001", 16))) {
            fail("decryption of private key data check failed");
        }
        PEMParser openPEMResource5 = openPEMResource("pkcs8test.pem");
        while (true) {
            Object readObject3 = openPEMResource5.readObject();
            if (readObject3 == null) {
                X509TrustedCertificateBlock x509TrustedCertificateBlock = (X509TrustedCertificateBlock) openPEMResource("trusted_cert.pem").readObject();
                checkTrustedCert(x509TrustedCertificateBlock);
                StringWriter stringWriter = new StringWriter();
                JcaPEMWriter jcaPEMWriter2 = new JcaPEMWriter(stringWriter);
                jcaPEMWriter2.writeObject(x509TrustedCertificateBlock);
                jcaPEMWriter2.close();
                checkTrustedCert((X509TrustedCertificateBlock) new PEMParser(new StringReader(stringWriter.toString())).readObject());
                return;
            }
            if (!(readObject3 instanceof PrivateKeyInfo ? (RSAPrivateCrtKey) provider.getPrivateKey(PrivateKeyInfo.getInstance(readObject3)) : (RSAPrivateCrtKey) provider.getPrivateKey(((PKCS8EncryptedPrivateKeyInfo) readObject3).decryptPrivateKeyInfo(build))).getPublicExponent().equals(new BigInteger("10001", 16))) {
                fail("decryption of private key data check failed");
            }
        }
    }
}
