package com.dyadicsec.advapi;

import com.dyadicsec.pkcs11.CKException;
import com.dyadicsec.pkcs11.CKSecretKey;
import java.io.UnsupportedEncodingException;
import java.math.BigDecimal;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.sql.Blob;
import java.sql.Clob;
import java.sql.Date;
import java.sql.SQLException;
import java.sql.Time;
import java.sql.Timestamp;
import java.util.Arrays;
import java.util.Calendar;
import java.util.TimeZone;
import javax.sql.rowset.serial.SerialBlob;
import javax.sql.rowset.serial.SerialClob;

/* loaded from: input_file:ekm-java-provider-2.0.jar:com/dyadicsec/advapi/SDESessionKey.class */
public class SDESessionKey {
    private int purpose;
    CKSecretKey secretKey;
    SDEKey sdeKey;
    private static final int ONEWAY_TOKEN_SIZE = 16;
    private static final int MS_PER_DAY = 86400000;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SDESessionKey(SDEKey sDEKey, int i, CKSecretKey cKSecretKey) {
        this.sdeKey = sDEKey;
        this.purpose = i;
        this.secretKey = cKSecretKey;
    }

    protected void finalize() {
        destroy();
    }

    public void destroy() {
        if (this.secretKey == null) {
            return;
        }
        try {
            this.secretKey.destroy();
        } catch (CKException e) {
        }
        this.secretKey = null;
    }

    public SDEKey getSDEKey() {
        return this.sdeKey;
    }

    public byte[] encryptPRF(byte[] bArr) throws SecurityException {
        if (this.purpose != 0) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return this.secretKey.hmacSha256(bArr);
        } catch (CKException e) {
            throw new SecurityException(e);
        }
    }

    public String encryptPRF(String str) throws SecurityException {
        try {
            return SDEUtils.bytesToStringTP(encryptPRF(str.getBytes("UTF8")));
        } catch (UnsupportedEncodingException e) {
            throw new SecurityException(e);
        }
    }

    private byte[] encryptTypePreserving(byte[] bArr, int i) throws SecurityException {
        if (this.purpose != -1) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        if (bArr.length < 16 && i % 2 != 0 && i != 1) {
            throw new IllegalArgumentException("Byte array input for type preserving encryption cannot be odd and less then 16 bytes");
        }
        try {
            return this.secretKey.encryptSPE(bArr, i);
        } catch (CKException e) {
            throw new SecurityException(e);
        }
    }

    public byte[] encryptTypePreserving(byte[] bArr) throws SecurityException {
        return encryptTypePreserving(bArr, bArr.length * 8);
    }

    private byte[] decryptTypePreserving(byte[] bArr, int i) throws SecurityException {
        if (this.purpose != -1) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        if (bArr.length < 16 && i % 2 != 0 && i != 1) {
            throw new IllegalArgumentException("Byte array input for type preserving decryption cannot be odd and less then 16 bytes");
        }
        try {
            return this.secretKey.decryptSPE(bArr, i);
        } catch (CKException e) {
            throw new SecurityException(e);
        }
    }

    public byte[] decryptTypePreserving(byte[] bArr) throws SecurityException {
        return decryptTypePreserving(bArr, bArr.length * 8);
    }

    public String encryptTypePreserving(String str, boolean z) throws SecurityException {
        if (this.purpose != -7) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return this.secretKey.encryptStringFPE(str, z ? "ISO-10646-UCS-2" : "UTF-16BE");
        } catch (CKException e) {
            throw new SecurityException(e);
        }
    }

    public String decryptTypePreserving(String str, boolean z) throws SecurityException {
        if (this.purpose != -7) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return this.secretKey.decryptStringFPE(str, z ? "ISO-10646-UCS-2" : "UTF-16BE");
        } catch (CKException e) {
            throw new SecurityException(e);
        }
    }

    public String encryptOrderPreserving(String str, int i) throws SecurityException {
        try {
            byte[] bytes = str.getBytes("UTF8");
            return SDEUtils.bytesToStringOP(encryptOPE(SDEUtils.addTailing(bytes, (byte) 0, i - bytes.length)));
        } catch (UnsupportedEncodingException e) {
            throw new SecurityException(e);
        }
    }

    public String decryptOrderPreserving(String str) throws SecurityException {
        try {
            return new String(SDEUtils.removeTailing(decryptOPE(SDEUtils.stringToBytesOP(str)), (byte) 0), "UTF8");
        } catch (UnsupportedEncodingException e) {
            throw new SecurityException(e);
        }
    }

    byte[] encryptOPE(byte[] bArr) throws SecurityException {
        if (this.purpose != -2) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return this.secretKey.encryptOPE(bArr);
        } catch (CKException e) {
            throw new SecurityException(e);
        }
    }

    byte[] decryptOPE(byte[] bArr) throws SecurityException {
        if (this.purpose != -2) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return this.secretKey.decryptOPE(bArr);
        } catch (CKException e) {
            throw new SecurityException(e);
        }
    }

    public long encryptTypePreserving(long j) throws SecurityException {
        return ByteBuffer.wrap(encryptTypePreserving(ByteBuffer.allocate(8).putLong(j).array())).getLong();
    }

    public long decryptTypePreserving(long j) throws SecurityException {
        return ByteBuffer.wrap(decryptTypePreserving(ByteBuffer.allocate(8).putLong(j).array())).getLong();
    }

    public int encryptTypePreserving(int i) throws SecurityException {
        return ByteBuffer.wrap(encryptTypePreserving(ByteBuffer.allocate(4).putInt(i).array())).getInt();
    }

    public int decryptTypePreserving(int i) throws SecurityException {
        return ByteBuffer.wrap(decryptTypePreserving(ByteBuffer.allocate(4).putInt(i).array())).getInt();
    }

    public long encryptOrderPreserving(int i) throws SecurityException {
        return ByteBuffer.wrap(encryptOPE(ByteBuffer.allocate(4).putInt(i).array())).getLong();
    }

    public int decryptOrderPreserving(long j) throws SecurityException {
        return ByteBuffer.wrap(decryptOPE(ByteBuffer.allocate(8).putLong(j).array())).getInt();
    }

    public short encryptTypePreserving(short s) throws SecurityException {
        return ByteBuffer.wrap(encryptTypePreserving(ByteBuffer.allocate(2).putShort(s).array())).getShort();
    }

    public short decryptTypePreserving(short s) throws SecurityException {
        return ByteBuffer.wrap(decryptTypePreserving(ByteBuffer.allocate(2).putShort(s).array())).getShort();
    }

    public long encryptOrderPreserving(short s) throws SecurityException {
        return encryptOrderPreserving((int) s);
    }

    public float encryptTypePreserving(float f) throws SecurityException {
        return ByteBuffer.wrap(encryptTypePreserving(ByteBuffer.allocate(4).putFloat(f).array())).getFloat();
    }

    public float decryptTypePreserving(float f) throws SecurityException {
        return ByteBuffer.wrap(decryptTypePreserving(ByteBuffer.allocate(4).putFloat(f).array())).getFloat();
    }

    public double encryptTypePreserving(double d) throws SecurityException {
        return ByteBuffer.wrap(encryptTypePreserving(ByteBuffer.allocate(8).putDouble(d).array())).getDouble();
    }

    public double decryptTypePreserving(double d) throws SecurityException {
        return ByteBuffer.wrap(decryptTypePreserving(ByteBuffer.allocate(8).putDouble(d).array())).getDouble();
    }

    public Date encryptTypePreserving(Date date) throws SecurityException {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        Calendar calendar2 = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar2.set(1, calendar.get(1));
        calendar2.set(2, calendar.get(2));
        calendar2.set(5, calendar.get(5));
        calendar2.set(14, 0);
        calendar2.set(13, 0);
        calendar2.set(12, 0);
        calendar2.set(11, 0);
        byte[] array = ByteBuffer.allocate(8).putLong(calendar2.getTimeInMillis() / 86400000).array();
        SDEUtils.reverseBytes(array);
        byte[] encryptTypePreserving = encryptTypePreserving(Arrays.copyOf(array, 3), 20);
        SDEUtils.reverseBytes(encryptTypePreserving);
        byte[] bArr = new byte[8];
        System.arraycopy(encryptTypePreserving, 0, bArr, 5, 3);
        return new Date(ByteBuffer.wrap(bArr).getLong() * 86400000);
    }

    public Date decryptTypePreserving(Date date) throws SecurityException {
        byte[] array = ByteBuffer.allocate(8).putLong(date.getTime() / 86400000).array();
        SDEUtils.reverseBytes(array);
        byte[] decryptTypePreserving = decryptTypePreserving(Arrays.copyOf(array, 3), 20);
        SDEUtils.reverseBytes(decryptTypePreserving);
        byte[] bArr = new byte[8];
        System.arraycopy(decryptTypePreserving, 0, bArr, 5, 3);
        long j = ByteBuffer.wrap(bArr).getLong();
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar2.setTimeInMillis(j * 86400000);
        calendar.setTimeInMillis(0L);
        calendar.set(14, calendar2.get(14));
        calendar.set(13, calendar2.get(13));
        calendar.set(12, calendar2.get(12));
        calendar.set(11, calendar2.get(11));
        calendar.set(5, calendar2.get(5));
        calendar.set(2, calendar2.get(2));
        calendar.set(1, calendar2.get(1));
        return new Date(calendar.getTimeInMillis());
    }

    public Time encryptTypePreserving(Time time) throws SecurityException {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(time);
        Calendar calendar2 = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar2.setTimeInMillis(0L);
        calendar2.set(14, 0);
        calendar2.set(13, 0);
        calendar2.set(12, calendar.get(12));
        calendar2.set(11, calendar.get(11));
        byte[] array = ByteBuffer.allocate(8).putLong((calendar2.getTimeInMillis() / 1000) / 60).array();
        SDEUtils.reverseBytes(array);
        byte[] encryptTypePreserving = encryptTypePreserving(Arrays.copyOf(array, 2), 12);
        SDEUtils.reverseBytes(encryptTypePreserving);
        byte[] bArr = new byte[8];
        System.arraycopy(encryptTypePreserving, 0, bArr, 6, 2);
        return new Time(ByteBuffer.wrap(bArr).getLong() * 1000);
    }

    public Time decryptTypePreserving(Time time) throws SecurityException {
        byte[] array = ByteBuffer.allocate(8).putLong(time.getTime() / 1000).array();
        byte[] bArr = new byte[8];
        SDEUtils.reverseBytes(array);
        byte[] decryptTypePreserving = decryptTypePreserving(Arrays.copyOf(array, 2), 12);
        SDEUtils.reverseBytes(decryptTypePreserving);
        byte[] bArr2 = new byte[8];
        System.arraycopy(decryptTypePreserving, 0, bArr2, 6, 2);
        long j = ByteBuffer.wrap(bArr2).getLong();
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar2.setTimeInMillis(j * 1000 * 60);
        calendar.setTimeInMillis(0L);
        calendar.set(14, 0);
        calendar.set(13, 0);
        calendar.set(12, calendar2.get(12));
        calendar.set(11, calendar2.get(11));
        return new Time(calendar.getTime().getTime());
    }

    public Timestamp encryptTypePreserving(Timestamp timestamp) throws SecurityException {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(timestamp);
        Calendar calendar2 = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar2.set(1, calendar.get(1));
        calendar2.set(2, calendar.get(2));
        calendar2.set(5, calendar.get(5));
        calendar2.set(14, calendar.get(14));
        calendar2.set(13, calendar.get(13));
        calendar2.set(12, calendar.get(12));
        calendar2.set(11, calendar.get(11));
        byte[] array = ByteBuffer.allocate(8).putLong(calendar2.getTimeInMillis()).array();
        SDEUtils.reverseBytes(array);
        byte[] encryptTypePreserving = encryptTypePreserving(Arrays.copyOf(array, 6), 46);
        SDEUtils.reverseBytes(encryptTypePreserving);
        byte[] bArr = new byte[8];
        System.arraycopy(encryptTypePreserving, 0, bArr, 2, 6);
        return new Timestamp(ByteBuffer.wrap(bArr).getLong());
    }

    public Timestamp decryptTypePreserving(Timestamp timestamp) throws SecurityException {
        byte[] array = ByteBuffer.allocate(8).putLong(timestamp.getTime()).array();
        SDEUtils.reverseBytes(array);
        byte[] decryptTypePreserving = decryptTypePreserving(Arrays.copyOf(array, 6), 46);
        SDEUtils.reverseBytes(decryptTypePreserving);
        byte[] bArr = new byte[8];
        System.arraycopy(decryptTypePreserving, 0, bArr, 2, 6);
        long j = ByteBuffer.wrap(bArr).getLong();
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar2.setTimeInMillis(j);
        calendar.setTimeInMillis(0L);
        calendar.set(14, calendar2.get(14));
        calendar.set(13, calendar2.get(13));
        calendar.set(12, calendar2.get(12));
        calendar.set(11, calendar2.get(11));
        calendar.set(5, calendar2.get(5));
        calendar.set(2, calendar2.get(2));
        calendar.set(1, calendar2.get(1));
        return new Timestamp(calendar.getTimeInMillis());
    }

    public String encryptOrderPreserving(Timestamp timestamp) throws SecurityException {
        long time = timestamp.getTime();
        int nanos = timestamp.getNanos();
        ByteBuffer allocate = ByteBuffer.allocate(12);
        allocate.putLong(0, time);
        allocate.putInt(8, nanos);
        return SDEUtils.bytesToStringOP(encryptOPE(allocate.array()));
    }

    public Timestamp decryptOrderPreservingTS(String str) throws SecurityException {
        ByteBuffer wrap = ByteBuffer.wrap(decryptOPE(SDEUtils.stringToBytesOP(str)));
        long j = wrap.getLong(0);
        int i = wrap.getInt(8);
        Timestamp timestamp = new Timestamp(j);
        timestamp.setNanos(i);
        return timestamp;
    }

    public boolean encryptTypePreserving(boolean z) throws SecurityException {
        byte[] bArr = new byte[1];
        bArr[0] = z ? (byte) 1 : (byte) 0;
        return encryptTypePreserving(bArr, 1)[0] != 0;
    }

    public boolean decryptTypePreserving(boolean z) throws SecurityException {
        byte[] bArr = new byte[1];
        bArr[0] = z ? (byte) 1 : (byte) 0;
        return decryptTypePreserving(bArr, 1)[0] != 0;
    }

    public Blob encryptTypePreserving(Blob blob) throws SecurityException {
        try {
            return new SerialBlob(encryptTypePreserving(blob.getBytes(1L, (int) blob.length())));
        } catch (SQLException e) {
            throw new SecurityException(e);
        }
    }

    public Blob decryptTypePreserving(Blob blob) throws SecurityException {
        try {
            return new SerialBlob(decryptTypePreserving(blob.getBytes(1L, (int) blob.length())));
        } catch (SQLException e) {
            throw new SecurityException(e);
        }
    }

    public Clob encryptTypePreserving(Clob clob) throws SecurityException {
        try {
            return new SerialClob(encryptTypePreserving(clob.getSubString(1L, (int) clob.length()), true).toCharArray());
        } catch (SQLException e) {
            throw new SecurityException(e);
        }
    }

    public Clob decryptTypePreserving(Clob clob) throws SecurityException {
        try {
            return new SerialClob(decryptTypePreserving(clob.getSubString(1L, (int) clob.length()), true).toCharArray());
        } catch (SQLException e) {
            throw new SecurityException(e);
        }
    }

    public BigDecimal encryptTypePreserving(BigDecimal bigDecimal) throws SecurityException {
        byte[] addLeading;
        try {
            int scale = bigDecimal.scale();
            BigInteger unscaledValue = bigDecimal.unscaledValue();
            boolean z = unscaledValue.signum() == -1;
            byte[] byteArray = unscaledValue.abs().toByteArray();
            int length = byteArray.length;
            if (length <= 12) {
                addLeading = SDEUtils.addLeading(byteArray, (byte) 0, 12 - length);
            } else {
                if (length != 13 || byteArray[0] != 0) {
                    throw new IllegalArgumentException("Value encryption is not supported");
                }
                byte[] bArr = new byte[12];
                System.arraycopy(byteArray, 1, bArr, 0, 12);
                addLeading = bArr;
            }
            BigInteger bigInteger = new BigInteger(SDEUtils.addLeading(encryptTypePreserving(addLeading), (byte) 0, 1));
            if (z) {
                bigInteger = bigInteger.negate();
            }
            return new BigDecimal(bigInteger, scale);
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    public BigDecimal decryptTypePreserving(BigDecimal bigDecimal) throws SecurityException {
        byte[] addLeading;
        try {
            int scale = bigDecimal.scale();
            BigInteger unscaledValue = bigDecimal.unscaledValue();
            boolean z = unscaledValue.signum() == -1;
            byte[] byteArray = unscaledValue.abs().toByteArray();
            int length = byteArray.length;
            if (length <= 12) {
                addLeading = SDEUtils.addLeading(byteArray, (byte) 0, 12 - length);
            } else {
                if (length != 13 || byteArray[0] != 0) {
                    throw new IllegalArgumentException("Value encryption is not supported");
                }
                byte[] bArr = new byte[12];
                System.arraycopy(byteArray, 1, bArr, 0, 12);
                addLeading = bArr;
            }
            BigInteger bigInteger = new BigInteger(SDEUtils.addLeading(decryptTypePreserving(addLeading), (byte) 0, 1));
            if (z) {
                bigInteger = bigInteger.negate();
            }
            return new BigDecimal(bigInteger, scale);
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    public String encryptEMailAddress(String str, int i) throws SecurityException {
        if (this.purpose != -3) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return new String(this.secretKey.encryptFPE(1, null, i, str.getBytes("UTF-8")), "UTF-8");
        } catch (CKException e) {
            throw new SecurityException(e);
        } catch (UnsupportedEncodingException e2) {
            throw new SecurityException(e2);
        }
    }

    public String decryptEMailAddress(String str) throws SecurityException {
        if (this.purpose != -3) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return new String(this.secretKey.decryptFPE(1, null, str.getBytes("UTF-8")), "UTF-8");
        } catch (CKException e) {
            throw new SecurityException(e);
        } catch (UnsupportedEncodingException e2) {
            throw new SecurityException(e2);
        }
    }

    public String encryptCreditCard(String str) throws SecurityException {
        if (this.purpose != -4) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            byte[] encryptFPE = this.secretKey.encryptFPE(2, null, 0, str.getBytes("UTF-8"));
            if (encryptFPE == null) {
                throw new SecurityException("encryptCreditCard failed");
            }
            return new String(encryptFPE, "UTF-8");
        } catch (CKException e) {
            throw new SecurityException(e);
        } catch (UnsupportedEncodingException e2) {
            throw new SecurityException(e2);
        }
    }

    public String encryptCreditCard(String str, String str2) throws SecurityException {
        if (this.purpose != -4) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            byte[] encryptFPE = this.secretKey.encryptFPE(2, str2.toCharArray(), 0, str.getBytes("UTF-8"));
            if (encryptFPE == null) {
                throw new SecurityException("encryptCreditCard failed");
            }
            return new String(encryptFPE, "UTF-8");
        } catch (CKException e) {
            throw new SecurityException(e);
        } catch (UnsupportedEncodingException e2) {
            throw new SecurityException(e2);
        }
    }

    public String decryptCreditCard(String str) throws SecurityException {
        if (this.purpose != -4) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return new String(this.secretKey.decryptFPE(2, null, str.getBytes("UTF-8")), "UTF-8");
        } catch (CKException e) {
            throw new SecurityException(e);
        } catch (UnsupportedEncodingException e2) {
            throw new SecurityException(e2);
        }
    }

    public String decryptCreditCard(String str, String str2) throws SecurityException {
        if (this.purpose != -4) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        try {
            return new String(this.secretKey.decryptFPE(2, str2.toCharArray(), str.getBytes("UTF-8")), "UTF-8");
        } catch (CKException e) {
            throw new SecurityException(e);
        } catch (UnsupportedEncodingException e2) {
            throw new SecurityException(e2);
        }
    }

    public String encryptUSPhone(String str, String str2) throws SecurityException {
        char[] charArray;
        if (this.purpose != -5) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        if (str2 == null) {
            charArray = null;
        } else {
            try {
                charArray = str2.toCharArray();
            } catch (CKException e) {
                throw new SecurityException(e);
            } catch (UnsupportedEncodingException e2) {
                throw new SecurityException(e2);
            }
        }
        return new String(this.secretKey.encryptFPE(3, charArray, 0, str.getBytes("UTF-8")), "UTF-8");
    }

    public String decryptUSPhone(String str, String str2) throws SecurityException {
        char[] charArray;
        if (this.purpose != -5) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        if (str2 == null) {
            charArray = null;
        } else {
            try {
                charArray = str2.toCharArray();
            } catch (CKException e) {
                throw new SecurityException(e);
            } catch (UnsupportedEncodingException e2) {
                throw new SecurityException(e2);
            }
        }
        return new String(this.secretKey.decryptFPE(3, charArray, str.getBytes("UTF-8")), "UTF-8");
    }

    public String encryptSSN(String str, String str2) throws SecurityException {
        char[] charArray;
        if (this.purpose != -6) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        if (str2 == null) {
            charArray = null;
        } else {
            try {
                charArray = str2.toCharArray();
            } catch (CKException e) {
                throw new SecurityException(e);
            } catch (UnsupportedEncodingException e2) {
                throw new SecurityException(e2);
            }
        }
        return new String(this.secretKey.encryptFPE(4, charArray, 0, str.getBytes("UTF-8")), "UTF-8");
    }

    public String decryptSSN(String str, String str2) throws SecurityException {
        char[] charArray;
        if (this.purpose != -6) {
            throw new IllegalArgumentException("Invalid purpose");
        }
        if (str2 == null) {
            charArray = null;
        } else {
            try {
                charArray = str2.toCharArray();
            } catch (CKException e) {
                throw new SecurityException(e);
            } catch (UnsupportedEncodingException e2) {
                throw new SecurityException(e2);
            }
        }
        return new String(this.secretKey.decryptFPE(4, charArray, str.getBytes("UTF-8")), "UTF-8");
    }
}
