package com.icodici.crypto.rsaoaep;

import com.icodici.crypto.AbstractPrivateKey;
import com.icodici.crypto.AbstractPublicKey;
import com.icodici.crypto.EncryptionError;
import com.icodici.crypto.HashType;
import java.io.IOException;
import java.io.InputStream;
import java.security.SecureRandom;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import net.sergeych.boss.Boss;
import net.sergeych.tools.Hashable;
import org.bouncycastle.crypto.AsymmetricBlockCipher;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.encodings.OAEPEncoding;
import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
import org.bouncycastle.crypto.signers.PSSSigner;
import org.bouncycastle.util.BigIntegers;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:com/icodici/crypto/rsaoaep/RSAOAEPPrivateKey.class */
public class RSAOAEPPrivateKey extends AbstractPrivateKey {
    public static final HashType DEFAULT_OAEP_HASH;
    public static final HashType DEFAULT_MGF1_HASH;
    private static final byte[] DEFAULT_PUBLIC_EXPONENT;
    private static final int DEFAULT_RSA_CERTAINTY = 20;
    State state;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/icodici/crypto/rsaoaep/RSAOAEPPrivateKey$State.class */
    public class State {
        final AsymmetricBlockCipher decryptor;
        final RSAPrivateCrtKeyParameters keyParameters;
        final RSAOAEPPublicKey publicKey;
        final HashType oaepHashType;
        final HashType mgf1HashType;
        final SecureRandom rng;

        State(AsymmetricBlockCipher asymmetricBlockCipher, RSAPrivateCrtKeyParameters rSAPrivateCrtKeyParameters, RSAOAEPPublicKey rSAOAEPPublicKey, HashType hashType, HashType hashType2, SecureRandom secureRandom) {
            this.decryptor = asymmetricBlockCipher;
            this.keyParameters = rSAPrivateCrtKeyParameters;
            this.publicKey = rSAOAEPPublicKey;
            this.oaepHashType = hashType;
            this.mgf1HashType = hashType2;
            this.rng = secureRandom;
        }
    }

    public RSAOAEPPrivateKey() {
    }

    @Override // com.icodici.crypto.AbstractKey
    public String toString() {
        return String.format("RSAOAEPPrivateKey#%s", Integer.valueOf(System.identityHashCode(this)));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RSAOAEPPrivateKey(byte[] bArr, byte[] bArr2, byte[] bArr3, HashType hashType, HashType hashType2, SecureRandom secureRandom) {
        if (!$assertionsDisabled && bArr == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && bArr2 == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && bArr3 == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && hashType == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && hashType2 == null) {
            throw new AssertionError();
        }
        init(bArr, bArr2, bArr3, hashType, hashType2, secureRandom);
    }

    void init(byte[] bArr, byte[] bArr2, byte[] bArr3, HashType hashType, HashType hashType2, SecureRandom secureRandom) {
        RSAKeyPair fromExponents = RSAKeyPair.fromExponents(bArr, bArr2, bArr3);
        RSAPrivateCrtKeyParameters rSAPrivateCrtKeyParameters = new RSAPrivateCrtKeyParameters(BigIntegers.fromUnsignedByteArray(fromExponents.n), BigIntegers.fromUnsignedByteArray(fromExponents.e), BigIntegers.fromUnsignedByteArray(fromExponents.d), BigIntegers.fromUnsignedByteArray(fromExponents.p), BigIntegers.fromUnsignedByteArray(fromExponents.q), BigIntegers.fromUnsignedByteArray(fromExponents.dP), BigIntegers.fromUnsignedByteArray(fromExponents.dQ), BigIntegers.fromUnsignedByteArray(fromExponents.qInv));
        AsymmetricBlockCipher makeDecryptor = makeDecryptor(hashType2);
        RSAOAEPPublicKey rSAOAEPPublicKey = new RSAOAEPPublicKey();
        rSAOAEPPublicKey.init(fromExponents.n, fromExponents.e, hashType, hashType2, secureRandom);
        this.state = new State(makeDecryptor, rSAPrivateCrtKeyParameters, rSAOAEPPublicKey, hashType, hashType2, secureRandom);
        resetDecryptor();
    }

    private AsymmetricBlockCipher makeDecryptor(HashType hashType) {
        return new OAEPEncoding(RSAEngineFactory.make(), new SHA1Digest(), hashType.makeDigest(), new byte[0]);
    }

    void resetDecryptor() {
        if (this.state == null) {
            throw new IllegalStateException();
        }
        this.state.decryptor.init(false, new ParametersWithRandom(this.state.keyParameters, this.state.rng));
    }

    @Override // com.icodici.crypto.AbstractPrivateKey
    public void generate(int i, HashType hashType) {
        generate(i, DEFAULT_PUBLIC_EXPONENT, DEFAULT_RSA_CERTAINTY, DEFAULT_OAEP_HASH, hashType);
    }

    public void generate(int i, byte[] bArr, int i2, HashType hashType, HashType hashType2) {
        RSAKeyPairGenerator rSAKeyPairGenerator = new RSAKeyPairGenerator();
        rSAKeyPairGenerator.init(new RSAKeyGenerationParameters(BigIntegers.fromUnsignedByteArray(bArr), new SecureRandom(), i, i2));
        RSAPrivateCrtKeyParameters rSAPrivateCrtKeyParameters = rSAKeyPairGenerator.generateKeyPair().getPrivate();
        if (hashType2 == null) {
            hashType2 = DEFAULT_MGF1_HASH;
        }
        init(bArr, BigIntegers.asUnsignedByteArray(rSAPrivateCrtKeyParameters.getP()), BigIntegers.asUnsignedByteArray(rSAPrivateCrtKeyParameters.getQ()), hashType, hashType2, new SecureRandom());
    }

    @Override // com.icodici.crypto.AbstractPrivateKey
    public boolean isInitialized() {
        return this.state != null;
    }

    @Override // com.icodici.crypto.AbstractPrivateKey
    public int getBitStrength() throws IllegalStateException {
        if (this.state == null) {
            throw new IllegalStateException();
        }
        return this.state.keyParameters.getModulus().bitLength();
    }

    @Override // com.icodici.crypto.AbstractPrivateKey, com.icodici.crypto.AbstractKey
    public AbstractPublicKey getPublicKey() throws IllegalStateException {
        if (this.state == null) {
            throw new IllegalStateException();
        }
        return this.state.publicKey;
    }

    @Override // com.icodici.crypto.AbstractPrivateKey
    public boolean canDecrypt() {
        return isInitialized();
    }

    @Override // com.icodici.crypto.AbstractPrivateKey, com.icodici.crypto.AbstractKey
    public byte[] decrypt(byte[] bArr) throws EncryptionError {
        if (this.state == null) {
            throw new IllegalStateException();
        }
        try {
            return this.state.decryptor.processBlock(bArr, 0, bArr.length);
        } catch (InvalidCipherTextException e) {
            throw new EncryptionError("decrypt failed", e);
        }
    }

    @Override // com.icodici.crypto.AbstractPrivateKey
    public byte[] sign(InputStream inputStream, HashType hashType, byte[] bArr) throws IllegalStateException, IOException {
        if (this.state == null) {
            throw new IllegalStateException();
        }
        Digest makeDigest = hashType.makeDigest();
        PSSSigner pSSSigner = bArr == null ? new PSSSigner(RSAEngineFactory.make(), makeDigest, this.state.mgf1HashType.makeDigest(), getMaxSaltLength(getBitStrength(), makeDigest.getDigestSize())) : new PSSSigner(RSAEngineFactory.make(), makeDigest, this.state.mgf1HashType.makeDigest(), bArr);
        pSSSigner.init(true, new ParametersWithRandom(this.state.keyParameters, this.state.rng));
        boolean z = false;
        while (!z) {
            int available = inputStream.available();
            if (available <= 0) {
                z = true;
            } else {
                byte[] bArr2 = new byte[available];
                int read = inputStream.read(bArr2);
                if (read <= 0) {
                    z = true;
                } else {
                    pSSSigner.update(bArr2, 0, read);
                }
            }
        }
        try {
            return pSSSigner.generateSignature();
        } catch (CryptoException e) {
            throw new IOException(String.format("Cannot sign data: %s", e.toString()));
        }
    }

    public Map<String, Object> toHash() throws IllegalStateException {
        if (this.state == null) {
            throw new IllegalStateException();
        }
        return Collections.unmodifiableMap(new HashMap<String, Object>() { // from class: com.icodici.crypto.rsaoaep.RSAOAEPPrivateKey.1
            {
                put("e", BigIntegers.asUnsignedByteArray(RSAOAEPPrivateKey.this.state.keyParameters.getPublicExponent()));
                put("p", BigIntegers.asUnsignedByteArray(RSAOAEPPrivateKey.this.state.keyParameters.getP()));
                put("q", BigIntegers.asUnsignedByteArray(RSAOAEPPrivateKey.this.state.keyParameters.getQ()));
                if (RSAOAEPPrivateKey.this.state.mgf1HashType.equals(RSAOAEPPrivateKey.DEFAULT_MGF1_HASH)) {
                    return;
                }
                put("mgf1Hash", RSAOAEPPrivateKey.this.state.mgf1HashType.getAlgorithmName());
            }
        });
    }

    public void updateFromHash(Map<String, Object> map) throws Hashable.Error {
        if (map == null) {
            throw new Hashable.Error("hash is null");
        }
        try {
            byte[] bArr = (byte[]) map.get("e");
            if (bArr == null) {
                throw new Hashable.Error("e is not available");
            }
            byte[] bArr2 = (byte[]) map.get("p");
            if (bArr2 == null) {
                throw new Hashable.Error("p is not available");
            }
            byte[] bArr3 = (byte[]) map.get("q");
            if (bArr3 == null) {
                throw new Hashable.Error("q is not available");
            }
            String str = (String) map.getOrDefault("mgf1Hash", DEFAULT_MGF1_HASH.getAlgorithmName());
            HashType byAlgorithmName = HashType.getByAlgorithmName(str);
            if (byAlgorithmName == null) {
                throw new Hashable.Error(String.format("MGF1 Hash %s is not available", str));
            }
            init(bArr, bArr2, bArr3, DEFAULT_OAEP_HASH, byAlgorithmName, this.state == null ? new SecureRandom() : this.state.rng);
        } catch (Exception e) {
            this.state = null;
            throw new Hashable.Error(String.format("Incorrect data for private key: %s", e.toString()));
        }
    }

    @Override // com.icodici.crypto.AbstractKey
    public byte[] pack() {
        Map<String, Object> hash = toHash();
        return Boss.dumpToArray(new Object[]{0, hash.get("e"), hash.get("p"), hash.get("q")}, new Object[0]);
    }

    int getMaxBlockSize() {
        return ((getBitStrength() / 8) - 2) - (2 * this.state.oaepHashType.makeDigest().getDigestSize());
    }

    static {
        $assertionsDisabled = !RSAOAEPPrivateKey.class.desiredAssertionStatus();
        DEFAULT_OAEP_HASH = HashType.SHA1;
        DEFAULT_MGF1_HASH = HashType.SHA1;
        DEFAULT_PUBLIC_EXPONENT = Hex.decode("010001");
    }
}
