package io.apigee.trireme.crypto.algorithms;

import io.apigee.trireme.crypto.CryptoServiceImpl;
import io.apigee.trireme.kernel.crypto.CryptoException;
import java.io.IOException;
import java.io.Reader;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/apigee/trireme/crypto/algorithms/DsaKeyPairProvider.class */
public class DsaKeyPairProvider extends KeyPairProvider {
    private static final Logger log = LoggerFactory.getLogger(DsaKeyPairProvider.class);
    public static final String DSA_TYPE = "DSA PRIVATE KEY";

    @Override // io.apigee.trireme.crypto.algorithms.KeyPairProvider
    public boolean isSupported(String str) {
        return CryptoServiceImpl.DSA.equals(str);
    }

    @Override // io.apigee.trireme.crypto.algorithms.KeyPairProvider
    public KeyPair readKeyPair(String str, Reader reader, char[] cArr) throws CryptoException, IOException {
        PemObject readPemObject = new PemReader(reader).readPemObject();
        if (readPemObject == null) {
            throw new CryptoException("Not a valid PEM file");
        }
        if (!DSA_TYPE.equals(readPemObject.getType())) {
            throw new CryptoException("PEM file does not contain a DSA private key");
        }
        ASN1Sequence readObject = new ASN1InputStream(readPemObject.getContent()).readObject();
        if (readObject == null) {
            throw new CryptoException("PEM file does not contain an ASN.1 object");
        }
        if (!(readObject instanceof ASN1Sequence)) {
            throw new CryptoException("PEM file does not contain a sequence");
        }
        ASN1Sequence aSN1Sequence = readObject;
        if (aSN1Sequence.size() != 6) {
            throw new CryptoException("ASN.1 sequence is the wrong length for a DSA key");
        }
        DERInteger objectAt = aSN1Sequence.getObjectAt(1);
        DERInteger objectAt2 = aSN1Sequence.getObjectAt(2);
        DERInteger objectAt3 = aSN1Sequence.getObjectAt(3);
        DERInteger objectAt4 = aSN1Sequence.getObjectAt(4);
        DERInteger objectAt5 = aSN1Sequence.getObjectAt(5);
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(CryptoServiceImpl.DSA);
            return new KeyPair(keyFactory.generatePublic(new DSAPublicKeySpec(objectAt4.getValue(), objectAt.getValue(), objectAt2.getValue(), objectAt3.getValue())), keyFactory.generatePrivate(new DSAPrivateKeySpec(objectAt5.getValue(), objectAt.getValue(), objectAt2.getValue(), objectAt3.getValue())));
        } catch (GeneralSecurityException e) {
            throw new CryptoException(e);
        }
    }

    @Override // io.apigee.trireme.crypto.algorithms.KeyPairProvider
    public PublicKey readPublicKey(String str, Reader reader) throws CryptoException, IOException {
        PEMParser pEMParser = new PEMParser(reader);
        try {
            Object readObject = pEMParser.readObject();
            if (log.isDebugEnabled()) {
                log.debug("Trying to read an {} public key and got {}", str, readObject);
            }
            if (!(readObject instanceof SubjectPublicKeyInfo)) {
                throw new CryptoException("Input data does not contain a public key");
            }
            SubjectPublicKeyInfo subjectPublicKeyInfo = (SubjectPublicKeyInfo) readObject;
            AlgorithmIdentifier algorithm = subjectPublicKeyInfo.getAlgorithm();
            if (!(algorithm.getParameters() instanceof ASN1Sequence)) {
                throw new CryptoException("Invalid DSA public key format: Algorithm ID not a Sequence");
            }
            ASN1Sequence parameters = algorithm.getParameters();
            if (parameters.size() != 3) {
                throw new CryptoException("Invalid DSA public key format: Identifier does not have 3 items");
            }
            DERInteger objectAt = parameters.getObjectAt(0);
            DERInteger objectAt2 = parameters.getObjectAt(1);
            DERInteger objectAt3 = parameters.getObjectAt(2);
            DERInteger parsePublicKey = subjectPublicKeyInfo.parsePublicKey();
            if (!(parsePublicKey instanceof ASN1Integer)) {
                throw new CryptoException("Invalid DSA public key format: Public key is not an integer");
            }
            try {
                PublicKey generatePublic = KeyFactory.getInstance(CryptoServiceImpl.DSA).generatePublic(new DSAPublicKeySpec(parsePublicKey.getValue(), objectAt.getValue(), objectAt2.getValue(), objectAt3.getValue()));
                pEMParser.close();
                return generatePublic;
            } catch (GeneralSecurityException e) {
                throw new CryptoException(e);
            }
        } catch (Throwable th) {
            pEMParser.close();
            throw th;
        }
    }
}
