package cn.teleinfo.idhub.sdk.utils;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.Reader;
import java.io.StringReader;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;

/* loaded from: input_file:cn/teleinfo/idhub/sdk/utils/KeyConverter.class */
public abstract class KeyConverter {
    private static Pattern firstLinePattern = Pattern.compile("^\\s*-----BEGIN (.*) KEY-----\\s*$");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:cn/teleinfo/idhub/sdk/utils/KeyConverter$BytesAndKeyType.class */
    public static class BytesAndKeyType {
        byte[] bytes;
        String keyType;

        public BytesAndKeyType(byte[] bArr, String str) {
            this.bytes = bArr;
            this.keyType = str;
        }
    }

    private static BytesAndKeyType readPemFile(Reader reader) {
        BufferedReader bufferedReader = reader instanceof BufferedReader ? (BufferedReader) reader : new BufferedReader(reader);
        StringBuilder sb = new StringBuilder();
        String str = null;
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    bufferedReader.close();
                    return new BytesAndKeyType(Base64.getDecoder().decode(sb.toString()), str);
                }
                String trim = readLine.trim();
                if (!trim.isEmpty()) {
                    if (str == null) {
                        Matcher matcher = firstLinePattern.matcher(trim);
                        str = matcher.matches() ? matcher.group(1) : "";
                    }
                    if (!trim.startsWith("-----")) {
                        sb.append(trim);
                    }
                }
            } catch (IOException e) {
                throw new AssertionError(e);
            }
        }
    }

    public static String toX509Pem(PublicKey publicKey) {
        StringBuilder sb = new StringBuilder();
        sb.append("-----BEGIN PUBLIC KEY-----\r\n");
        byte[] encode = Base64.getMimeEncoder().encode(publicKey.getEncoded());
        for (byte b : encode) {
            sb.append((char) b);
        }
        if (encode[encode.length - 1] != 10) {
            sb.append("\r\n");
        }
        sb.append("-----END PUBLIC KEY-----\r\n");
        return sb.toString();
    }

    public static PublicKey publicKeyFromBytes(byte[] bArr) throws Exception {
        try {
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(bArr);
            try {
                return KeyFactory.getInstance(EncryptionUtils.KEY_ALGORITHM).generatePublic(x509EncodedKeySpec);
            } catch (InvalidKeySpecException e) {
                return KeyFactory.getInstance("DSA").generatePublic(x509EncodedKeySpec);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new AssertionError(e2);
        } catch (InvalidKeySpecException e3) {
            throw new Exception("Neither RSA nor DSA public key generator can parse", e3);
        }
    }

    public static PublicKey fromX509Pem(String str) throws Exception {
        BytesAndKeyType readPemFile = readPemFile(new StringReader(str));
        if ("PUBLIC".equals(readPemFile.keyType)) {
            return publicKeyFromBytes(readPemFile.bytes);
        }
        throw new Exception("Expected -----BEGIN PUBLIC KEY-----");
    }

    public static String toPkcs8UnencryptedPem(PrivateKey privateKey) {
        StringBuilder sb = new StringBuilder();
        sb.append("-----BEGIN PRIVATE KEY-----\r\n");
        byte[] encode = Base64.getMimeEncoder().encode(privateKey.getEncoded());
        for (byte b : encode) {
            sb.append((char) b);
        }
        if (encode[encode.length - 1] != 10) {
            sb.append("\r\n");
        }
        sb.append("-----END PRIVATE KEY-----\r\n");
        return sb.toString();
    }

    public static String toPkcs8EncryptedPem(PrivateKey privateKey, String str) {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        try {
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, 10000);
            SecretKey generateSecret = SecretKeyFactory.getInstance("PBEWithSHA1AndDESede").generateSecret(new PBEKeySpec(str.toCharArray()));
            Cipher cipher = Cipher.getInstance("PBEWithSHA1AndDESede");
            cipher.init(1, generateSecret, pBEParameterSpec);
            byte[] doFinal = cipher.doFinal(privateKey.getEncoded());
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("PBEWithSHA1AndDESede");
            algorithmParameters.init(pBEParameterSpec);
            byte[] encoded = new EncryptedPrivateKeyInfo(algorithmParameters, doFinal).getEncoded();
            StringBuilder sb = new StringBuilder();
            sb.append("-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n");
            byte[] encode = Base64.getMimeEncoder().encode(encoded);
            for (byte b : encode) {
                sb.append((char) b);
            }
            if (encode[encode.length - 1] != 10) {
                sb.append("\r\n");
            }
            sb.append("-----END ENCRYPTED PRIVATE KEY-----\r\n");
            return sb.toString();
        } catch (Exception e) {
            throw new AssertionError(e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [java.security.spec.KeySpec] */
    public static PrivateKey privateKeyFromBytes(byte[] bArr, boolean z, String str) throws Exception {
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec;
        if (!z) {
            pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(bArr);
        } else {
            if (str == null) {
                throw new Exception("Encrypted key, passphrase required");
            }
            try {
                pKCS8EncodedKeySpec = keySpecFromEncryptedBytes(bArr, str);
            } catch (Exception e) {
                throw new Exception("Unable to decrypt private key", e);
            }
        }
        try {
            try {
                return KeyFactory.getInstance(EncryptionUtils.KEY_ALGORITHM).generatePrivate(pKCS8EncodedKeySpec);
            } catch (InvalidKeySpecException e2) {
                return KeyFactory.getInstance("DSA").generatePrivate(pKCS8EncodedKeySpec);
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new AssertionError(e3);
        } catch (InvalidKeySpecException e4) {
            throw new Exception("Neither RSA nor DSA private key generator can parse", e4);
        }
    }

    public static PrivateKey fromPkcs8Pem(String str) throws Exception {
        return fromPkcs8Pem(str, null);
    }

    public static PrivateKey fromPkcs8Pem(String str, String str2) throws Exception {
        BytesAndKeyType readPemFile = readPemFile(new StringReader(str));
        boolean equals = "ENCRYPTED PRIVATE".equals(readPemFile.keyType);
        if (equals || "PRIVATE".equals(readPemFile.keyType)) {
            return privateKeyFromBytes(readPemFile.bytes, equals, str2);
        }
        throw new Exception("Expected -----BEGIN [ENCRYPTED] PRIVATE KEY-----");
    }

    private static KeySpec keySpecFromEncryptedBytes(byte[] bArr, String str) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidKeyException, InvalidAlgorithmParameterException {
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(bArr);
        Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
        cipher.init(2, SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(str.toCharArray())), encryptedPrivateKeyInfo.getAlgParameters());
        return encryptedPrivateKeyInfo.getKeySpec(cipher);
    }
}
