package org.globus.gsi;

import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.io.Reader;
import java.io.Writer;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.util.StringTokenizer;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.globus.util.Base64;
import org.globus.util.PEMUtils;
import org.globus.util.Util;

/* loaded from: input_file:org/globus/gsi/OpenSSLKey.class */
public abstract class OpenSSLKey {
    public static final String HEADER = "-----BEGIN RSA PRIVATE KEY-----";
    private String keyAlg;
    private boolean isEncrypted;
    private byte[] encodedKey;
    private PrivateKey intKey;
    private IvParameterSpec iv;
    private String encAlgStr;
    private String encAlg;
    private int keyLength;
    private int ivLength;
    private byte[] keyData;

    public OpenSSLKey(InputStream inputStream) throws IOException, GeneralSecurityException {
        this.keyAlg = null;
        this.isEncrypted = false;
        this.encodedKey = null;
        this.intKey = null;
        this.iv = null;
        this.encAlgStr = null;
        this.encAlg = null;
        this.keyLength = -1;
        this.ivLength = -1;
        this.keyData = null;
        readPEM(new InputStreamReader(inputStream));
    }

    public OpenSSLKey(String str) throws IOException, GeneralSecurityException {
        this.keyAlg = null;
        this.isEncrypted = false;
        this.encodedKey = null;
        this.intKey = null;
        this.iv = null;
        this.encAlgStr = null;
        this.encAlg = null;
        this.keyLength = -1;
        this.ivLength = -1;
        this.keyData = null;
        FileReader fileReader = null;
        try {
            fileReader = new FileReader(str);
            readPEM(fileReader);
            if (fileReader != null) {
                fileReader.close();
            }
        } catch (Throwable th) {
            if (fileReader != null) {
                fileReader.close();
            }
            throw th;
        }
    }

    public OpenSSLKey(PrivateKey privateKey) {
        this.keyAlg = null;
        this.isEncrypted = false;
        this.encodedKey = null;
        this.intKey = null;
        this.iv = null;
        this.encAlgStr = null;
        this.encAlg = null;
        this.keyLength = -1;
        this.ivLength = -1;
        this.keyData = null;
        this.intKey = privateKey;
        this.isEncrypted = false;
        this.keyData = getEncoded(privateKey);
        this.encodedKey = null;
    }

    public OpenSSLKey(String str, byte[] bArr) throws GeneralSecurityException {
        this.keyAlg = null;
        this.isEncrypted = false;
        this.encodedKey = null;
        this.intKey = null;
        this.iv = null;
        this.encAlgStr = null;
        this.encAlg = null;
        this.keyLength = -1;
        this.ivLength = -1;
        this.keyData = null;
        if (bArr == null) {
            throw new IllegalArgumentException("data == null");
        }
        this.keyData = bArr;
        this.isEncrypted = false;
        this.intKey = getKey(str, bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] getEncoded() {
        return this.keyData;
    }

    private void readPEM(Reader reader) throws IOException, GeneralSecurityException {
        String readLine;
        BufferedReader bufferedReader = new BufferedReader(reader);
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            } else if (readLine.indexOf("PRIVATE KEY") != -1) {
                this.keyAlg = getKeyAlgorithm(readLine);
                break;
            }
        }
        if (readLine == null) {
            throw new InvalidKeyException("PRIVATE KEY section not found.");
        }
        if (this.keyAlg == null) {
            throw new InvalidKeyException("Algorithm not supported.");
        }
        String readLine2 = bufferedReader.readLine();
        if (readLine2.startsWith("Proc-Type: 4,ENCRYPTED")) {
            this.isEncrypted = true;
            parseEncryptionInfo(bufferedReader.readLine());
            bufferedReader.readLine();
        } else {
            this.isEncrypted = false;
            stringBuffer.append(readLine2);
        }
        while (true) {
            String readLine3 = bufferedReader.readLine();
            if (readLine3 == null || readLine3.startsWith("-----END")) {
                break;
            } else {
                stringBuffer.append(readLine3);
            }
        }
        this.encodedKey = stringBuffer.toString().getBytes();
        if (isEncrypted()) {
            this.keyData = null;
        } else {
            this.keyData = Base64.decode(this.encodedKey);
            this.intKey = getKey(this.keyAlg, this.keyData);
        }
    }

    public boolean isEncrypted() {
        return this.isEncrypted;
    }

    public void decrypt(String str) throws GeneralSecurityException, InvalidKeyException {
        decrypt(str.getBytes());
    }

    public void decrypt(byte[] bArr) throws GeneralSecurityException, InvalidKeyException {
        if (isEncrypted()) {
            byte[] decode = Base64.decode(this.encodedKey);
            SecretKeySpec secretKey = getSecretKey(bArr, this.iv.getIV());
            Cipher cipher = getCipher();
            cipher.init(2, secretKey, this.iv);
            byte[] doFinal = cipher.doFinal(decode);
            this.intKey = getKey(this.keyAlg, doFinal);
            this.keyData = doFinal;
            this.isEncrypted = false;
            this.encodedKey = null;
        }
    }

    public void encrypt(String str) throws GeneralSecurityException {
        encrypt(str.getBytes());
    }

    public void encrypt(byte[] bArr) throws GeneralSecurityException {
        if (isEncrypted()) {
            return;
        }
        if (this.encAlg == null) {
            setEncryptionAlgorithm("DES-EDE3-CBC");
        }
        if (this.iv == null) {
            this.iv = generateIV();
        }
        SecretKeySpec secretKey = getSecretKey(bArr, this.iv.getIV());
        Cipher cipher = getCipher();
        cipher.init(1, secretKey, this.iv);
        this.keyData = cipher.doFinal(getEncoded(this.intKey));
        this.isEncrypted = true;
        this.encodedKey = null;
    }

    public void setEncryptionAlgorithm(String str) throws GeneralSecurityException {
        setAlgorithmSettings(str);
    }

    public PrivateKey getPrivateKey() {
        return this.intKey;
    }

    public void writeTo(OutputStream outputStream) throws IOException {
        outputStream.write(toPEM().getBytes());
    }

    public void writeTo(Writer writer) throws IOException {
        writer.write(toPEM());
    }

    public void writeTo(String str) throws IOException {
        PrintWriter printWriter = null;
        try {
            printWriter = new PrintWriter(new FileOutputStream(str));
            Util.setFilePermissions(str, 600);
            printWriter.write(toPEM());
            if (printWriter != null) {
                printWriter.close();
            }
        } catch (Throwable th) {
            if (printWriter != null) {
                printWriter.close();
            }
            throw th;
        }
    }

    protected abstract byte[] getEncoded(PrivateKey privateKey);

    protected abstract PrivateKey getKey(String str, byte[] bArr) throws GeneralSecurityException;

    protected String getProvider() {
        return null;
    }

    private Cipher getCipher() throws GeneralSecurityException {
        String provider = getProvider();
        return provider == null ? Cipher.getInstance(new StringBuffer().append(this.encAlg).append("/CBC/PKCS5Padding").toString()) : Cipher.getInstance(new StringBuffer().append(this.encAlg).append("/CBC/PKCS5Padding").toString(), provider);
    }

    private String getKeyAlgorithm(String str) {
        if (str.indexOf("RSA") != -1) {
            return "RSA";
        }
        if (str.indexOf("DSA") != -1) {
            return "DSA";
        }
        return null;
    }

    private void parseEncryptionInfo(String str) throws GeneralSecurityException {
        StringTokenizer stringTokenizer = new StringTokenizer(str.substring(10), ",", false);
        setAlgorithmSettings(stringTokenizer.nextToken());
        setIV(stringTokenizer.nextToken());
    }

    private void setAlgorithmSettings(String str) throws GeneralSecurityException {
        if (str.equals("DES-EDE3-CBC")) {
            this.encAlg = "DESede";
            this.keyLength = 24;
            this.ivLength = 8;
        } else if (str.equals("AES-128-CBC")) {
            this.encAlg = "AES";
            this.keyLength = 16;
            this.ivLength = 16;
        } else if (str.equals("AES-192-CBC")) {
            this.encAlg = "AES";
            this.keyLength = 24;
            this.ivLength = 16;
        } else if (str.equals("AES-256-CBC")) {
            this.encAlg = "AES";
            this.keyLength = 32;
            this.ivLength = 16;
        } else {
            if (!str.equals("DES-CBC")) {
                throw new GeneralSecurityException(new StringBuffer().append("Unsupported encryption: ").append(str).toString());
            }
            this.encAlg = "DES";
            this.keyLength = 8;
            this.ivLength = 8;
        }
        this.encAlgStr = str;
    }

    private void setIV(String str) throws GeneralSecurityException {
        int length = str.length() / 2;
        if (length != this.ivLength) {
            throw new GeneralSecurityException(new StringBuffer().append("Expected IV length of ").append(this.ivLength).append(" but got ").append(length).toString());
        }
        byte[] bArr = new byte[length];
        for (int i = 0; i < length; i++) {
            bArr[i] = (byte) Integer.parseInt(str.substring(i * 2, (i * 2) + 2), 16);
        }
        this.iv = new IvParameterSpec(bArr);
    }

    private IvParameterSpec generateIV() {
        byte[] bArr = new byte[this.ivLength];
        new SecureRandom().nextBytes(bArr);
        return new IvParameterSpec(bArr);
    }

    private SecretKeySpec getSecretKey(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        byte[] bArr3 = new byte[this.keyLength];
        int i = 0;
        int i2 = this.keyLength;
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        while (true) {
            messageDigest.update(bArr);
            messageDigest.update(bArr2, 0, 8);
            byte[] digest = messageDigest.digest();
            int length = i2 > digest.length ? digest.length : i2;
            System.arraycopy(digest, 0, bArr3, i, length);
            i += length;
            i2 = bArr3.length - i;
            if (i2 == 0) {
                return new SecretKeySpec(bArr3, this.encAlg);
            }
            messageDigest.reset();
            messageDigest.update(digest);
        }
    }

    private String toPEM() {
        byte[] encode = this.keyData == null ? this.encodedKey : Base64.encode(this.keyData);
        String str = HEADER;
        if (isEncrypted()) {
            StringBuffer stringBuffer = new StringBuffer(str);
            stringBuffer.append(PEMUtils.lineSep);
            stringBuffer.append("Proc-Type: 4,ENCRYPTED");
            stringBuffer.append(PEMUtils.lineSep);
            stringBuffer.append("DEK-Info: ").append(this.encAlgStr);
            stringBuffer.append(",").append(PEMUtils.toHex(this.iv.getIV()));
            stringBuffer.append(PEMUtils.lineSep);
            str = stringBuffer.toString();
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            PEMUtils.writeBase64(byteArrayOutputStream, str, encode, "-----END RSA PRIVATE KEY-----");
            return new String(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new RuntimeException(new StringBuffer().append("Unexpected error: ").append(e.getMessage()).toString());
        }
    }
}
