package net.netca.pki.encoding.asn1.pki;

import java.math.BigInteger;
import java.util.Arrays;
import net.netca.pki.algorithm.ecc.Curve;
import net.netca.pki.algorithm.ecc.ECCKeyPair;
import net.netca.pki.algorithm.ecc.Point;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.ASN1TypeManager;
import net.netca.pki.encoding.asn1.BitString;
import net.netca.pki.encoding.asn1.Integer;
import net.netca.pki.encoding.asn1.ObjectIdentifier;
import net.netca.pki.encoding.asn1.ObjectIdentifierType;
import net.netca.pki.encoding.asn1.OctetString;
import net.netca.pki.encoding.asn1.Sequence;
import net.netca.pki.encoding.asn1.SequenceType;
import net.netca.pki.encoding.asn1.SetOf;
import net.netca.pki.encoding.asn1.TaggedValue;
import net.netca.pki.u;

/* loaded from: classes.dex */
public final class PrivateKeyInfo {
    private static final SequenceType type = (SequenceType) ASN1TypeManager.getInstance().get("PrivateKeyInfo");
    private Sequence seq;

    public PrivateKeyInfo(int i, AlgorithmIdentifier algorithmIdentifier, byte[] bArr, Attributes attributes) {
        if (algorithmIdentifier == null) {
            throw new u("privateKeyAlgorithm is NULL");
        }
        if (bArr == null) {
            throw new u("privateKey is NULL");
        }
        this.seq = new Sequence(type);
        this.seq.add(new Integer(i));
        this.seq.add(algorithmIdentifier.getASN1Object());
        this.seq.add(new OctetString(bArr));
        if (attributes != null) {
            this.seq.add(new TaggedValue(128, 0, true, attributes.getASN1Object()));
        }
    }

    public PrivateKeyInfo(Sequence sequence) {
        if (!type.match(sequence)) {
            throw new u("bad PrivateKeyInfo");
        }
        this.seq = sequence;
    }

    private PrivateKeyInfo(byte[] bArr) {
        this.seq = (Sequence) ASN1Object.decode(bArr, type);
    }

    public static PrivateKeyInfo NewEC(String str, ECPrivateKey eCPrivateKey) {
        return NewEC(str, eCPrivateKey, null);
    }

    public static PrivateKeyInfo NewEC(String str, ECPrivateKey eCPrivateKey, Attributes attributes) {
        if (str == null && (str = eCPrivateKey.getNamedCurve()) == null) {
            throw new u("no curveOid");
        }
        return new PrivateKeyInfo(0, AlgorithmIdentifier.CreateECCPublicKeyAlgorithmIdentifier(str), eCPrivateKey.getASN1Object().encode(), attributes);
    }

    public static PrivateKeyInfo NewEC(ECPrivateKey eCPrivateKey) {
        return NewEC(null, eCPrivateKey, null);
    }

    public static PrivateKeyInfo NewEC(ECPrivateKey eCPrivateKey, Attributes attributes) {
        return NewEC(null, eCPrivateKey, attributes);
    }

    public static PrivateKeyInfo NewRSA(RSAPrivateKey rSAPrivateKey) {
        return NewRSA(rSAPrivateKey, null);
    }

    public static PrivateKeyInfo NewRSA(RSAPrivateKey rSAPrivateKey, Attributes attributes) {
        return new PrivateKeyInfo(0, AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.RSAEncrypt_OID), rSAPrivateKey.getASN1Object().encode(), attributes);
    }

    private boolean byteArrayEquals(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    public static PrivateKeyInfo decode(byte[] bArr) {
        return new PrivateKeyInfo(bArr);
    }

    public static SequenceType getASN1Type() {
        return type;
    }

    private int getIVLength(String str) {
        if (str.equals(AlgorithmIdentifier.AES128CBCPAD_OID) || str.equals(AlgorithmIdentifier.AES192CBCPAD_OID) || str.equals(AlgorithmIdentifier.AES256CBCPAD_OID)) {
            return 16;
        }
        if (str.equals(AlgorithmIdentifier.DESEDE3CBC_OID)) {
            return 8;
        }
        return (str.equals(AlgorithmIdentifier.SM4CBC_OID) || str.equals(AlgorithmIdentifier.SM1CBC_OID) || str.equals(AlgorithmIdentifier.SSF33CBC_OID)) ? 16 : -1;
    }

    private int getKeyLength(String str) {
        if (str.equals(AlgorithmIdentifier.AES128CBCPAD_OID)) {
            return 16;
        }
        if (str.equals(AlgorithmIdentifier.AES192CBCPAD_OID)) {
            return 24;
        }
        if (str.equals(AlgorithmIdentifier.AES256CBCPAD_OID)) {
            return 32;
        }
        if (str.equals(AlgorithmIdentifier.DESEDE3CBC_OID)) {
            return 24;
        }
        return (str.equals(AlgorithmIdentifier.SM4CBC_OID) || str.equals(AlgorithmIdentifier.SM1CBC_OID) || str.equals(AlgorithmIdentifier.SSF33CBC_OID)) ? 16 : -1;
    }

    private AlgorithmIdentifier getPkcs5Prf(String str) {
        String str2;
        if (str.equals(AlgorithmIdentifier.SHA1_OID)) {
            str2 = AlgorithmIdentifier.PKCS5_HMAC_SHA1_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA224_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA224_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA256_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA256_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA384_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA384_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA512_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA512_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA512_224_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA512_224_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA512_256_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA512_256_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA3_224_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA3_224_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA3_256_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA3_256_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA3_384_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA3_384_OID;
        } else if (str.equals(AlgorithmIdentifier.SHA3_512_OID)) {
            str2 = AlgorithmIdentifier.HMAC_SHA3_512_OID;
        } else {
            if (!str.equals(AlgorithmIdentifier.SM3_OID)) {
                throw new u("unsupport algo:" + str);
            }
            str2 = AlgorithmIdentifier.HMAC_SM3_OID;
        }
        return AlgorithmIdentifier.CreateAlgorithmIdentifierNullParam(str2);
    }

    public Sequence getASN1Object() {
        return this.seq;
    }

    public byte[] getPrivateKey() {
        return ((OctetString) this.seq.get(2)).getValue();
    }

    public AlgorithmIdentifier getPrivateKeyAlgorithm() {
        return new AlgorithmIdentifier((Sequence) this.seq.get(1));
    }

    public ECCKeyPair getSM2KeyPair() {
        ECPrivateKey decode = ECPrivateKey.decode(getPrivateKey());
        String namedCurve = decode.getNamedCurve();
        if (namedCurve != null && !namedCurve.equals(AlgorithmIdentifier.SM2Curve_OID)) {
            throw new u("not sm2 private key");
        }
        BigInteger privateKey = decode.getPrivateKey();
        byte[] publicKey = decode.getPublicKey();
        if (publicKey == null) {
            ECCKeyPair eCCKeyPair = new ECCKeyPair(privateKey);
            if (eCCKeyPair.check()) {
                return eCCKeyPair;
            }
            throw new u("bad sm2 keypair");
        }
        if (publicKey.length != 65) {
            throw new u("bad sm2 public key length");
        }
        if (publicKey[0] != 4) {
            throw new u("bad sm2 public key");
        }
        byte[] bArr = new byte[32];
        byte[] bArr2 = new byte[32];
        System.arraycopy(publicKey, 1, bArr, 0, 32);
        System.arraycopy(publicKey, 33, bArr2, 0, 32);
        ECCKeyPair eCCKeyPair2 = new ECCKeyPair(privateKey, new net.netca.pki.algorithm.ecc.ECCPublicKey(new Point(Curve.getSM2Curve(), new BigInteger(1, bArr), new BigInteger(1, bArr2))));
        if (eCCKeyPair2.check()) {
            return eCCKeyPair2;
        }
        throw new u("bad sm2 keypair");
    }

    public int getVersion() {
        return ((Integer) this.seq.get(0)).getIntegerValue();
    }

    public Attributes getattributes() {
        if (this.seq.size() == 3) {
            return null;
        }
        return new Attributes((SetOf) ((TaggedValue) this.seq.get(3)).getInnerValue());
    }

    public boolean isSM2() {
        ASN1Object param;
        try {
            AlgorithmIdentifier privateKeyAlgorithm = getPrivateKeyAlgorithm();
            if (privateKeyAlgorithm.getOid().equals(AlgorithmIdentifier.ECPubKey_OID) && (param = privateKeyAlgorithm.getParam()) != null) {
                return ((ObjectIdentifier) param.to(ObjectIdentifierType.getInstance())).getString().equals(AlgorithmIdentifier.SM2Curve_OID);
            }
            return false;
        } catch (u unused) {
            return false;
        }
    }

    public boolean match(SubjectPublicKeyInfo subjectPublicKeyInfo) {
        ASN1Object param;
        AlgorithmIdentifier privateKeyAlgorithm = getPrivateKeyAlgorithm();
        String oid = privateKeyAlgorithm.getOid();
        AlgorithmIdentifier algorithm = subjectPublicKeyInfo.getAlgorithm();
        String oid2 = algorithm.getOid();
        if (oid.equals(AlgorithmIdentifier.RSAEncrypt_OID)) {
            if (!oid2.equals(AlgorithmIdentifier.RSAEncrypt_OID) && !oid2.equals(AlgorithmIdentifier.RSAES_OAEP_OID) && !oid2.equals(AlgorithmIdentifier.RSASSA_PSS_OID)) {
                return false;
            }
            RSAPrivateKey decode = RSAPrivateKey.decode(getPrivateKey());
            RSAPublicKey rSAPublicKey = (RSAPublicKey) subjectPublicKeyInfo.getPublicKey();
            return decode.getModulus().equals(rSAPublicKey.getModulus()) && decode.getPublicExponent().equals(rSAPublicKey.getPublicExponent());
        }
        if (!oid.equals(AlgorithmIdentifier.ECPubKey_OID)) {
            return false;
        }
        if ((!oid2.equals(AlgorithmIdentifier.ECPubKey_OID) && !oid2.equals(AlgorithmIdentifier.ECMQV_OID) && !oid2.equals(AlgorithmIdentifier.ECDH_OID)) || (param = privateKeyAlgorithm.getParam()) == null) {
            return false;
        }
        String string = ((ObjectIdentifier) param.to(ObjectIdentifierType.getInstance())).getString();
        ASN1Object param2 = algorithm.getParam();
        if (param2 == null || !string.equals(((ObjectIdentifier) param2.to(ObjectIdentifierType.getInstance())).getString())) {
            return false;
        }
        ECPrivateKey decode2 = ECPrivateKey.decode(getPrivateKey());
        BitString subjectPublicKey = subjectPublicKeyInfo.getSubjectPublicKey();
        if (subjectPublicKey.getUnusedBits() != 0) {
            return false;
        }
        byte[] value = subjectPublicKey.getValue();
        BigInteger privateKey = decode2.getPrivateKey();
        Curve curve = Curve.getCurve(string);
        if (curve == null) {
            return false;
        }
        int bits = (curve.getBits() + 7) / 8;
        if (value.length != (bits * 2) + 1 || value[0] != 4) {
            return false;
        }
        byte[] bArr = new byte[bits];
        byte[] bArr2 = new byte[bits];
        System.arraycopy(value, 1, bArr, 0, bits);
        System.arraycopy(value, bits + 1, bArr2, 0, bits);
        if (!new ECCKeyPair(privateKey, new net.netca.pki.algorithm.ecc.ECCPublicKey(new Point(curve, new BigInteger(1, bArr), new BigInteger(1, bArr2)))).check()) {
            return false;
        }
        byte[] publicKey = decode2.getPublicKey();
        if (publicKey != null) {
            return byteArrayEquals(value, publicKey);
        }
        return true;
    }

    public boolean match(X509Certificate x509Certificate) {
        return match(x509Certificate.getSubjectPublicKeyInfo());
    }

    public EncryptedPrivateKeyInfo pkcs5Encrypt(byte[] bArr, String str, int i, int i2, IKDF ikdf, String str2, SymEncrypter symEncrypter, SecureRandomGenerator secureRandomGenerator) {
        byte[] generate = secureRandomGenerator.generate(i2);
        int keyLength = getKeyLength(str2);
        if (keyLength < 0) {
            throw new u("unsupport enc algo:" + str2);
        }
        byte[] generate2 = secureRandomGenerator.generate(getIVLength(str2));
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(AlgorithmIdentifier.PBKDF2, new PBKDF2Params(generate, i, getPkcs5Prf(str)).getASN1Object());
        byte[] kdf = ikdf.kdf(algorithmIdentifier, bArr, null, keyLength);
        byte[] encode = getASN1Object().encode();
        AlgorithmIdentifier algorithmIdentifier2 = new AlgorithmIdentifier(str2, new OctetString(generate2));
        byte[] cipher = symEncrypter.cipher(true, kdf, algorithmIdentifier2, encode, 0, encode.length);
        Arrays.fill(encode, (byte) 0);
        Arrays.fill(kdf, (byte) 0);
        return new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(AlgorithmIdentifier.PBES2, new PBES2Params(algorithmIdentifier, algorithmIdentifier2).getASN1Object()), cipher);
    }
}
