package sun.security.krb5;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import sun.reflect.ClassFileConstants;
import sun.security.krb5.internal.Krb5;
import sun.security.krb5.internal.ccache.CCacheOutputStream;
import sun.security.krb5.internal.crypto.Aes128;
import sun.security.krb5.internal.crypto.Aes256;
import sun.security.krb5.internal.crypto.ArcFourHmac;
import sun.security.krb5.internal.crypto.Des;
import sun.security.krb5.internal.crypto.Des3;
import sun.security.krb5.internal.crypto.EType;
import sun.security.krb5.internal.ktab.KeyTab;
import sun.security.util.DerInputStream;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;

/* loaded from: classes4.dex */
public class EncryptionKey implements Cloneable {
    private int keyType;
    private byte[] keyValue;
    private Integer kvno;
    public static final EncryptionKey NULL_KEY = new EncryptionKey(new byte[0], 0, (Integer) null);
    private static final boolean DEBUG = Krb5.DEBUG;

    public EncryptionKey(int i, byte[] bArr) {
        this(bArr, i, (Integer) null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptionKey(EncryptionKey encryptionKey) throws KrbCryptoException {
        this.keyValue = (byte[]) encryptionKey.keyValue.clone();
        this.keyType = encryptionKey.keyType;
    }

    public EncryptionKey(DerValue derValue) throws Asn1Exception, IOException {
        if (derValue.getTag() != 48) {
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);
        }
        DerValue derValue2 = derValue.getData().getDerValue();
        if ((derValue2.getTag() & ClassFileConstants.opc_lload_1) != 0) {
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);
        }
        this.keyType = derValue2.getData().getBigInteger().intValue();
        DerValue derValue3 = derValue.getData().getDerValue();
        if ((derValue3.getTag() & ClassFileConstants.opc_lload_1) != 1) {
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);
        }
        this.keyValue = derValue3.getData().getOctetString();
        if (derValue3.getData().available() > 0) {
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);
        }
    }

    public EncryptionKey(byte[] bArr, int i, Integer num) {
        if (bArr == null) {
            throw new IllegalArgumentException("EncryptionKey: Key bytes cannot be null!");
        }
        this.keyValue = new byte[bArr.length];
        System.arraycopy(bArr, 0, this.keyValue, 0, bArr.length);
        this.keyType = i;
        this.kvno = num;
    }

    public EncryptionKey(char[] cArr, String str, String str2) throws KrbCryptoException {
        if (str2 == null || str2.equalsIgnoreCase("DES")) {
            this.keyType = 3;
        } else if (str2.equalsIgnoreCase("DESede")) {
            this.keyType = 16;
        } else if (str2.equalsIgnoreCase("AES128")) {
            this.keyType = 17;
        } else if (str2.equalsIgnoreCase("ArcFourHmac")) {
            this.keyType = 23;
        } else {
            if (!str2.equalsIgnoreCase("AES256")) {
                throw new IllegalArgumentException("Algorithm " + str2 + " not supported");
            }
            this.keyType = 18;
            if (!EType.isSupported(this.keyType)) {
                throw new IllegalArgumentException("Algorithm " + str2 + " not enabled");
            }
        }
        this.keyValue = stringToKey(cArr, str, null, this.keyType);
        this.kvno = null;
    }

    public static EncryptionKey[] acquireSecretKeys(PrincipalName principalName, String str) throws KrbException, IOException {
        if (principalName == null) {
            throw new IllegalArgumentException("Cannot have null pricipal name to look in keytab.");
        }
        KeyTab keyTab = KeyTab.getInstance(str);
        if (keyTab == null) {
            return null;
        }
        return keyTab.readServiceKeys(principalName);
    }

    public static EncryptionKey[] acquireSecretKeys(char[] cArr, String str) throws KrbException {
        return acquireSecretKeys(cArr, str, false, 0, null);
    }

    public static EncryptionKey[] acquireSecretKeys(char[] cArr, String str, boolean z, int i, byte[] bArr) throws KrbException {
        int[] defaults = EType.getDefaults("default_tkt_enctypes");
        if (defaults == null) {
            defaults = EType.getBuiltInDefaults();
        }
        EncryptionKey[] encryptionKeyArr = new EncryptionKey[defaults.length];
        for (int i2 = 0; i2 < defaults.length; i2++) {
            if (EType.isSupported(defaults[i2])) {
                encryptionKeyArr[i2] = new EncryptionKey(stringToKey(cArr, str, (z && defaults[i2] == i) ? bArr : null, defaults[i2]), defaults[i2], (Integer) null);
            } else if (DEBUG) {
                System.out.println("Encryption Type " + EType.toString(defaults[i2]) + " is not supported/enabled");
            }
        }
        return encryptionKeyArr;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static EncryptionKey findKey(int i, Integer num, EncryptionKey[] encryptionKeyArr) throws KrbException {
        if (!EType.isSupported(i)) {
            throw new KrbException("Encryption type " + EType.toString(i) + " is not supported/enabled");
        }
        boolean z = false;
        for (int i2 = 0; i2 < encryptionKeyArr.length; i2++) {
            int eType = encryptionKeyArr[i2].getEType();
            if (EType.isSupported(eType)) {
                Integer keyVersionNumber = encryptionKeyArr[i2].getKeyVersionNumber();
                if (i != eType) {
                    continue;
                } else {
                    if (versionMatches(num, keyVersionNumber)) {
                        return encryptionKeyArr[i2];
                    }
                    z = true;
                }
            }
        }
        if (i == 1 || i == 3) {
            for (int i3 = 0; i3 < encryptionKeyArr.length; i3++) {
                int eType2 = encryptionKeyArr[i3].getEType();
                if (eType2 == 1 || eType2 == 3) {
                    if (versionMatches(num, encryptionKeyArr[i3].getKeyVersionNumber())) {
                        return new EncryptionKey(i, encryptionKeyArr[i3].getBytes());
                    }
                    z = true;
                }
            }
        }
        if (z) {
            throw new KrbException(44);
        }
        return null;
    }

    public static EncryptionKey findKey(int i, EncryptionKey[] encryptionKeyArr) throws KrbException {
        return findKey(i, null, encryptionKeyArr);
    }

    public static EncryptionKey parse(DerInputStream derInputStream, byte b, boolean z) throws Asn1Exception, IOException {
        if (z && (((byte) derInputStream.peekByte()) & ClassFileConstants.opc_lload_1) != b) {
            return null;
        }
        DerValue derValue = derInputStream.getDerValue();
        if (b == (derValue.getTag() & ClassFileConstants.opc_lload_1)) {
            return new EncryptionKey(derValue.getData().getDerValue());
        }
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    }

    private static byte[] stringToKey(char[] cArr, String str, byte[] bArr, int i) throws KrbCryptoException {
        char[] charArray = str.toCharArray();
        char[] cArr2 = new char[cArr.length + charArray.length];
        System.arraycopy(cArr, 0, cArr2, 0, cArr.length);
        System.arraycopy(charArray, 0, cArr2, cArr.length, charArray.length);
        Arrays.fill(charArray, '0');
        try {
            try {
                if (i == 1 || i == 3) {
                    byte[] string_to_key_bytes = Des.string_to_key_bytes(cArr2);
                    Arrays.fill(cArr2, '0');
                    return string_to_key_bytes;
                }
                if (i == 23) {
                    byte[] stringToKey = ArcFourHmac.stringToKey(cArr);
                    Arrays.fill(cArr2, '0');
                    return stringToKey;
                }
                switch (i) {
                    case 16:
                        byte[] stringToKey2 = Des3.stringToKey(cArr2);
                        Arrays.fill(cArr2, '0');
                        return stringToKey2;
                    case 17:
                        byte[] stringToKey3 = Aes128.stringToKey(cArr, str, bArr);
                        Arrays.fill(cArr2, '0');
                        return stringToKey3;
                    case 18:
                        byte[] stringToKey4 = Aes256.stringToKey(cArr, str, bArr);
                        Arrays.fill(cArr2, '0');
                        return stringToKey4;
                    default:
                        throw new IllegalArgumentException("encryption type " + EType.toString(i) + " not supported");
                }
            } catch (GeneralSecurityException e) {
                KrbCryptoException krbCryptoException = new KrbCryptoException(e.getMessage());
                krbCryptoException.initCause(e);
                throw krbCryptoException;
            }
        } catch (Throwable th) {
            Arrays.fill(cArr2, '0');
            throw th;
        }
    }

    private static boolean versionMatches(Integer num, Integer num2) {
        if (num == null || num.intValue() == 0 || num2 == null || num2.intValue() == 0) {
            return true;
        }
        return num.equals(num2);
    }

    public synchronized byte[] asn1Encode() throws Asn1Exception, IOException {
        DerOutputStream derOutputStream;
        DerOutputStream derOutputStream2 = new DerOutputStream();
        DerOutputStream derOutputStream3 = new DerOutputStream();
        derOutputStream3.putInteger(this.keyType);
        derOutputStream2.write(DerValue.createTag(Byte.MIN_VALUE, true, (byte) 0), derOutputStream3);
        DerOutputStream derOutputStream4 = new DerOutputStream();
        derOutputStream4.putOctetString(this.keyValue);
        derOutputStream2.write(DerValue.createTag(Byte.MIN_VALUE, true, (byte) 1), derOutputStream4);
        derOutputStream = new DerOutputStream();
        derOutputStream.write((byte) 48, derOutputStream2);
        return derOutputStream.toByteArray();
    }

    public synchronized Object clone() {
        return new EncryptionKey(this.keyValue, this.keyType, this.kvno);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public synchronized void destroy() {
        if (this.keyValue != null) {
            for (int i = 0; i < this.keyValue.length; i++) {
                this.keyValue[i] = 0;
            }
        }
    }

    public final byte[] getBytes() {
        return this.keyValue;
    }

    public synchronized int getEType() {
        return this.keyType;
    }

    public final Integer getKeyVersionNumber() {
        return this.kvno;
    }

    public String toString() {
        String str;
        StringBuilder sb = new StringBuilder();
        sb.append("EncryptionKey: keyType=");
        sb.append(this.keyType);
        sb.append(" kvno=");
        sb.append((Object) this.kvno);
        sb.append(" keyValue (hex dump)=");
        byte[] bArr = this.keyValue;
        if (bArr == null || bArr.length == 0) {
            str = " Empty Key";
        } else {
            str = '\n' + Krb5.hexDumper.encode(this.keyValue) + '\n';
        }
        sb.append(str);
        return new String(sb.toString());
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public synchronized void writeKey(CCacheOutputStream cCacheOutputStream) throws IOException {
        cCacheOutputStream.write16(this.keyType);
        cCacheOutputStream.write16(this.keyType);
        cCacheOutputStream.write32(this.keyValue.length);
        for (int i = 0; i < this.keyValue.length; i++) {
            cCacheOutputStream.write8(this.keyValue[i]);
        }
    }
}
