package cn.com.syan.jcee.common.impl.key;

import cn.com.syan.jcee.exception.JCEEException;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.spongycastle.asn1.pkcs.EncryptionScheme;
import org.spongycastle.asn1.pkcs.KeyDerivationFunc;
import org.spongycastle.asn1.pkcs.PBES2Parameters;
import org.spongycastle.asn1.pkcs.PBKDF2Params;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;

/* loaded from: classes.dex */
public class PKCS5PBES2 {
    private String keyAlgo = "PBKDF2WithHmacSHA1";
    private int keySize = 128;
    private int iterationCount = 2048;
    private final String CIPHER_ALGO = "AES/ECB/PKCS5Padding";

    private AlgorithmIdentifier buildPBES2Identifier(byte[] bArr, int i) {
        return new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.1.5.13"), new PBES2Parameters(new KeyDerivationFunc(new ASN1ObjectIdentifier("1.2.840.113549.1.5.12"), new PBKDF2Params(bArr, i)), new EncryptionScheme(new ASN1ObjectIdentifier("2.16.840.1.101.3.4.1.1"), new DEROctetString(new byte[0]))));
    }

    private SecretKey deriveSecretKey(char[] cArr, byte[] bArr, int i) throws InvalidKeyException {
        try {
            return SecretKeyFactory.getInstance(this.keyAlgo).generateSecret(new PBEKeySpec(cArr, bArr, i, this.keySize));
        } catch (Exception e) {
            throw new InvalidKeyException("fail to derive secret key, cause:" + e.getMessage(), e);
        }
    }

    private byte[] encryptOrDecrypt(byte[] bArr, SecretKey secretKey, int i) throws JCEEException {
        int i2 = i != 1 ? 2 : 1;
        try {
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(i2, secretKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new JCEEException("fail to encrypt data, cause " + e.getMessage(), e);
        }
    }

    private static byte[] getSalt() {
        byte[] bArr = new byte[16];
        try {
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return bArr;
    }

    private PBKDF2Params parse(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) {
        return PBKDF2Params.getInstance(PBES2Parameters.getInstance(encryptedPrivateKeyInfo.getEncryptionAlgorithm().getParameters()).getKeyDerivationFunc().getParameters());
    }

    public byte[] decrypt(byte[] bArr, char[] cArr) throws InvalidKeyException, JCEEException {
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = EncryptedPrivateKeyInfo.getInstance(bArr);
        PBKDF2Params parse = parse(encryptedPrivateKeyInfo);
        return encryptOrDecrypt(encryptedPrivateKeyInfo.getEncryptedData(), deriveSecretKey(cArr, parse.getSalt(), parse.getIterationCount().intValue()), 2);
    }

    public byte[] encrypt(byte[] bArr, char[] cArr) throws InvalidKeyException, JCEEException {
        byte[] salt = getSalt();
        try {
            return new EncryptedPrivateKeyInfo(buildPBES2Identifier(salt, this.iterationCount), encryptOrDecrypt(bArr, deriveSecretKey(cArr, salt, this.iterationCount), 1)).getEncoded();
        } catch (IOException e) {
            throw new JCEEException("fail to encrypt data, cause " + e.getMessage(), e);
        }
    }
}
