package com.icodici.crypto;

import com.icodici.crypto.digest.Sha1;
import com.icodici.crypto.digest.Sha256;
import com.icodici.crypto.digest.Sha512;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Arrays;
import net.sergeych.boss.Boss;
import net.sergeych.utils.Base64;

/* loaded from: input_file:com/icodici/crypto/KeyInfo.class */
public class KeyInfo {
    private byte[] salt;
    private byte[] tag;
    private int rounds;
    private Algorythm algorythm;
    private PRF prf;
    private int keyLength;

    /* loaded from: input_file:com/icodici/crypto/KeyInfo$Algorythm.class */
    public enum Algorythm {
        UNKNOWN,
        RSAPublic,
        RSAPrivate,
        AES256
    }

    /* loaded from: input_file:com/icodici/crypto/KeyInfo$PRF.class */
    public enum PRF {
        None,
        HMAC_SHA1,
        HMAC_SHA256,
        HMAC_SHA512
    }

    public byte[] getSalt() {
        return this.salt;
    }

    public boolean matchType(KeyInfo keyInfo) {
        if (this.keyLength != keyInfo.keyLength) {
            return false;
        }
        if (keyInfo.algorythm != this.algorythm || this.algorythm == Algorythm.RSAPublic) {
            return this.algorythm == Algorythm.RSAPrivate && keyInfo.algorythm == Algorythm.RSAPublic;
        }
        return true;
    }

    public boolean matchType(AbstractKey abstractKey) {
        return matchType(abstractKey.info());
    }

    public boolean matchTag(KeyInfo keyInfo) {
        return (this.tag == null || keyInfo.tag == null || !Arrays.equals(this.tag, keyInfo.tag)) ? false : true;
    }

    public void setTag(byte[] bArr) {
        this.tag = bArr;
    }

    public String getBase64Tag() {
        return Base64.encodeCompactString(getTag());
    }

    public boolean isPassword() {
        return this.prf != PRF.None;
    }

    public KeyInfo(Algorythm algorythm, byte[] bArr, int i) {
        this.tag = null;
        this.rounds = 0;
        this.prf = PRF.None;
        this.algorythm = algorythm;
        this.tag = bArr;
        this.keyLength = i;
        checkSanity();
    }

    public KeyInfo(Algorythm algorythm, byte[] bArr) {
        this.tag = null;
        this.rounds = 0;
        this.prf = PRF.None;
        this.algorythm = algorythm;
        this.tag = bArr;
        this.keyLength = this.keyLength;
        if (algorythm != Algorythm.RSAPrivate && algorythm != Algorythm.RSAPublic) {
            throw new IllegalArgumentException("this algorythm requires block size");
        }
        checkSanity();
    }

    public KeyInfo(PRF prf, int i, byte[] bArr, byte[] bArr2) {
        this.tag = null;
        this.rounds = 0;
        this.prf = PRF.None;
        this.algorythm = Algorythm.AES256;
        this.tag = bArr2;
        this.prf = prf;
        this.rounds = i;
        this.salt = bArr;
        checkSanity();
    }

    private void checkSanity() {
        switch (this.algorythm) {
            case RSAPrivate:
            case RSAPublic:
                if (isPassword()) {
                    throw new IllegalArgumentException("RSA keys can't be password-derived");
                }
                break;
            case AES256:
                this.keyLength = 32;
                break;
        }
        if (isPassword()) {
            if (this.rounds < 100) {
                throw new IllegalArgumentException("should be more than 1000 rounds for PRF");
            }
            if (this.keyLength < 16) {
                throw new IllegalArgumentException("key should be at least 16 bytes for PRF");
            }
            if (this.salt == null) {
                this.salt = "attesta".getBytes();
            }
        }
    }

    public KeyInfo(byte[] bArr) throws IOException {
        this.tag = null;
        this.rounds = 0;
        this.prf = PRF.None;
        Boss.Reader reader = new Boss.Reader(bArr);
        this.algorythm = Algorythm.values()[reader.readInt()];
        this.tag = reader.readBinary();
        this.prf = PRF.values()[reader.readInt()];
        this.keyLength = reader.readInt();
        if (isPassword()) {
            if (reader.readInt() != 0) {
                throw new IllegalArgumentException("unknown PBKDF type");
            }
            this.rounds = reader.readInt();
        }
        checkSanity();
    }

    public byte[] getTag() {
        return this.tag;
    }

    public int getRounds() {
        return this.rounds;
    }

    public Algorythm getAlgorythm() {
        return this.algorythm;
    }

    public PRF getPRF() {
        return this.prf;
    }

    public int getKeyLength() {
        return this.keyLength;
    }

    public byte[] pack() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Boss.Writer writer = new Boss.Writer(byteArrayOutputStream);
        try {
            writer.write(new Object[]{Integer.valueOf(this.algorythm.ordinal()), this.tag, Integer.valueOf(this.prf.ordinal()), Integer.valueOf(this.keyLength)});
            if (isPassword()) {
                writer.write(new Object[]{0, Integer.valueOf(this.rounds)});
            }
            writer.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new RuntimeException("unexpected IO exception", e);
        }
    }

    public SymmetricKey derivePassword(String str) {
        Class cls;
        if (!isPassword()) {
            throw new IllegalStateException("not the PRF keyInfo");
        }
        switch (this.prf) {
            case HMAC_SHA1:
                cls = Sha1.class;
                break;
            case HMAC_SHA256:
                cls = Sha256.class;
                break;
            case HMAC_SHA512:
                cls = Sha512.class;
                break;
            default:
                throw new IllegalArgumentException("unknown hash scheme for pbkdf2");
        }
        return new SymmetricKey(PBKDF2.derive(cls, str, this.salt, this.rounds, this.keyLength), this);
    }

    public AbstractKey unpackKey(byte[] bArr) throws EncryptionError {
        switch (this.algorythm) {
            case RSAPrivate:
                return new PrivateKey(bArr, this);
            case RSAPublic:
                return new PublicKey(bArr, this);
            case AES256:
                return new SymmetricKey(bArr, this);
            default:
                throw new EncryptionError("can't unpack key: " + this);
        }
    }

    public String toString() {
        Object[] objArr = new Object[3];
        objArr[0] = this.algorythm;
        objArr[1] = this.prf;
        objArr[2] = this.tag == null ? "null" : Base64.encodeCompactString(this.tag);
        return String.format("Key(%s,%s,%s)", objArr);
    }
}
