package com.union.parser;

import com.union.utils.Base64;
import com.union.utils.Checker;
import com.union.utils.Hex;
import com.union.utils.UnionUtil;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/union/parser/OpenSSLASNParser.class */
public final class OpenSSLASNParser implements PrivateKeyParser {
    public static final String FLAG_START = "-----BEGIN RSA PRIVATE KEY-----";
    public static final String FLAG_END = "-----END RSA PRIVATE KEY-----";
    private final byte[] encode;
    private String alg = PrivateKeyParser.algorithm;

    /* loaded from: input_file:com/union/parser/OpenSSLASNParser$Parser.class */
    public static class Parser {
        private String encryptAlgorithm;
        private int keySize;
        private byte[] salt;
        private byte[] cipherText;

        public Parser(InputStream inputStream) {
            Checker.checkNotNull(inputStream, " API :: stream must not be null.");
            try {
                try {
                    parseText(new String(UnionUtil.readfully(inputStream)));
                } finally {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                    }
                }
            } catch (Exception e2) {
                throw new IllegalArgumentException(" API :: read key information from stream failed.", e2);
            }
        }

        public Parser(String str) {
            Checker.checkNotNull(str, " API :: text must not be null.");
            parseText(str);
        }

        public Parser(byte[] bArr, byte[] bArr2, String str) {
            this.cipherText = (byte[]) Checker.checkNotNull(bArr, " API :: cipherText must not be null.");
            this.salt = (byte[]) Checker.checkNotNull(bArr2, " API :: salt must not be null.");
            this.encryptAlgorithm = (String) Checker.checkNotNull(str, " API :: algorithm must not be null.");
        }

        void parseText(String str) {
            String trim = str.replace("-----BEGIN RSA PRIVATE KEY-----", "").trim();
            int indexOf = trim.indexOf("\n");
            String substring = trim.substring(0, indexOf);
            Checker.checkArgument(substring.startsWith(PKCS1CipherParser.IS_PKCS1), " API :: unknown flag " + substring);
            int i = indexOf + 1;
            int indexOf2 = trim.indexOf("\n", i);
            String substring2 = trim.substring(i, indexOf2);
            Checker.checkArgument(substring2.startsWith("DEK-Info:"), " API :: unknown flag " + substring2);
            this.cipherText = Base64.getDecoder().decode(trim.substring(indexOf2 + 1).replace("\n", "").replace("\r", "").replaceAll("-----END RSA PRIVATE KEY-----", "").trim());
            int indexOf3 = substring2.indexOf(":") + 1;
            int indexOf4 = substring2.indexOf(",", indexOf3);
            String trim2 = substring2.substring(indexOf3, indexOf4).trim();
            Checker.checkArgument("DES-EDE3-CBC".equals(trim2), " API :: unsupport encrypt Algorithm " + trim2);
            this.encryptAlgorithm = "DESede/CBC/PKCS5Padding";
            this.keySize = 24;
            this.salt = Hex.decode(substring2.substring(indexOf4 + 1).trim());
        }

        byte[] KDF(byte[] bArr) {
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                byte[] bArr2 = new byte[this.keySize];
                for (int i = 0; i < this.keySize; i += messageDigest.getDigestLength()) {
                    messageDigest.update(bArr, 0, bArr.length);
                    messageDigest.update(this.salt, 0, this.salt.length);
                    byte[] digest = messageDigest.digest();
                    messageDigest.reset();
                    messageDigest.update(digest, 0, digest.length);
                    System.arraycopy(digest, 0, bArr2, i, this.keySize > i + digest.length ? digest.length : this.keySize - i);
                }
                Arrays.fill(bArr, (byte) 0);
                return bArr2;
            } catch (Exception e) {
                throw new IllegalStateException(" API :: KDF generate Key failed.", e);
            }
        }

        byte[] fixRSAKey(byte[] bArr) {
            StringBuilder sb = new StringBuilder();
            sb.append(Hex.encode(bArr));
            int length = bArr.length;
            StringBuilder sb2 = new StringBuilder(Integer.toHexString(length).toUpperCase(Locale.ROOT));
            while (sb2.length() < 4) {
                sb2.insert(0, "0");
            }
            sb.insert(0, sb2.toString());
            if (length <= 127) {
                sb.insert(0, "01");
            } else if (length > 256) {
                sb.insert(0, "82");
            } else {
                sb.insert(0, "81");
            }
            sb.insert(0, "020100300D06092A864886F70D010101050004");
            int length2 = sb.toString().length() / 2;
            StringBuilder sb3 = new StringBuilder(Integer.toHexString(length2).toUpperCase(Locale.ROOT));
            while (sb3.length() < 4) {
                sb3.insert(0, "0");
            }
            sb.insert(0, sb3.toString());
            if (length2 <= 127) {
                sb.insert(0, "3001");
            } else if (length2 > 256) {
                sb.insert(0, "3082");
            } else {
                sb.insert(0, "3081");
            }
            return Hex.decode(sb.toString());
        }

        public OpenSSLASNParser parse(byte[] bArr) {
            try {
                Cipher cipher = Cipher.getInstance(this.encryptAlgorithm);
                SecretKeySpec secretKeySpec = new SecretKeySpec(KDF(bArr), "DESede");
                Arrays.fill(bArr, (byte) 0);
                cipher.init(2, secretKeySpec, new IvParameterSpec(this.salt));
                return new OpenSSLASNParser(fixRSAKey(cipher.doFinal(this.cipherText)));
            } catch (Exception e) {
                throw new IllegalStateException(" API :: decrypt ciphertext failed.", e);
            }
        }
    }

    public String getAlg() {
        return this.alg;
    }

    @Override // com.union.parser.PrivateKeyParser
    public void setAlg(String str) {
        this.alg = str;
    }

    OpenSSLASNParser(byte[] bArr) {
        this.encode = bArr;
    }

    @Override // com.union.parser.PrivateKeyParser
    public byte[] getEncode() {
        return this.encode;
    }

    @Override // com.union.parser.PrivateKeyParser
    public PrivateKey getPrivateKey() {
        try {
            return KeyFactory.getInstance(PrivateKeyParser.algorithm).generatePrivate(new PKCS8EncodedKeySpec(this.encode));
        } catch (Exception e) {
            throw new IllegalStateException(" API :: generate private key failed.", e);
        }
    }
}
