package org.jpos.security.jceadapter;

import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.jpos.iso.ISOUtil;
import org.jpos.security.CipherMode;
import org.jpos.security.Util;

/* loaded from: input_file:org/jpos/security/jceadapter/JCEHandler.class */
public class JCEHandler {
    static final String ALG_DES = "DES";
    static final String ALG_TRIPLE_DES = "DESede";
    static final String DES_MODE_ECB = "ECB";
    static final String DES_MODE_CBC = "CBC";
    static final String DES_NO_PADDING = "NoPadding";
    static final Map<MacEngineKey, Mac> macEngines = new ConcurrentHashMap();
    Provider provider;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/jpos/security/jceadapter/JCEHandler$MacEngineKey.class */
    public static class MacEngineKey {
        private final String macAlgorithm;
        private final Key macKey;

        protected MacEngineKey(String str, Key key) {
            this.macAlgorithm = str;
            this.macKey = key;
        }

        public String getMacAlgorithm() {
            return this.macAlgorithm;
        }

        public Key getMacKey() {
            return this.macKey;
        }

        public int hashCode() {
            return (31 * 1) + (this.macAlgorithm == null ? 0 : this.macAlgorithm.hashCode());
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            MacEngineKey macEngineKey = (MacEngineKey) obj;
            return this.macAlgorithm == null ? macEngineKey.macAlgorithm == null : this.macAlgorithm.equals(macEngineKey.macAlgorithm) && this.macKey == macEngineKey.macKey;
        }
    }

    public JCEHandler(String str) throws JCEHandlerException {
        this.provider = null;
        try {
            this.provider = (Provider) Class.forName(str).newInstance();
            Security.addProvider(this.provider);
        } catch (Exception e) {
            throw new JCEHandlerException(e);
        }
    }

    public JCEHandler(Provider provider) {
        this.provider = null;
        this.provider = provider;
    }

    public Key generateDESKey(short s) throws JCEHandlerException {
        try {
            byte[] extractDESKeyMaterial = extractDESKeyMaterial(s, (s > 64 ? KeyGenerator.getInstance(ALG_TRIPLE_DES, this.provider.getName()) : KeyGenerator.getInstance(ALG_DES, this.provider.getName())).generateKey());
            Util.adjustDESParity(extractDESKeyMaterial);
            return formDESKey(s, extractDESKeyMaterial);
        } catch (Exception e) {
            if (e instanceof JCEHandlerException) {
                throw ((JCEHandlerException) e);
            }
            throw new JCEHandlerException(e);
        }
    }

    public byte[] encryptDESKey(short s, Key key, Key key2) throws JCEHandlerException {
        byte[] extractDESKeyMaterial = extractDESKeyMaterial(s, key);
        Util.adjustDESParity(extractDESKeyMaterial);
        return doCryptStuff(extractDESKeyMaterial, key2, 1);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] extractDESKeyMaterial(short s, Key key) throws JCEHandlerException {
        String algorithm = key.getAlgorithm();
        String format = key.getFormat();
        if (format.compareTo("RAW") != 0) {
            throw new JCEHandlerException("Unsupported DES key encoding format: " + format);
        }
        if (algorithm.startsWith(ALG_DES)) {
            return ISOUtil.trim(key.getEncoded(), getBytesLength(s));
        }
        throw new JCEHandlerException("Unsupported key algorithm: " + algorithm);
    }

    public Key decryptDESKey(short s, byte[] bArr, Key key, boolean z) throws JCEHandlerException {
        byte[] doCryptStuff = doCryptStuff(bArr, key, 2);
        if (!z || Util.isDESParityAdjusted(doCryptStuff)) {
            return formDESKey(s, doCryptStuff);
        }
        throw new JCEHandlerException("Parity not adjusted");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Key formDESKey(short s, byte[] bArr) throws JCEHandlerException {
        SecretKeySpec secretKeySpec = null;
        switch (s) {
            case 64:
                secretKeySpec = new SecretKeySpec(bArr, ALG_DES);
                break;
            case 128:
                bArr = ISOUtil.concat(bArr, 0, getBytesLength((short) 128), bArr, 0, getBytesLength((short) 64));
            case 192:
                secretKeySpec = new SecretKeySpec(bArr, ALG_TRIPLE_DES);
                break;
        }
        if (secretKeySpec == null) {
            throw new JCEHandlerException("Unsupported DES key length: " + ((int) s) + " bits");
        }
        return secretKeySpec;
    }

    public byte[] encryptData(byte[] bArr, Key key) throws JCEHandlerException {
        return doCryptStuff(bArr, key, 1);
    }

    public byte[] decryptData(byte[] bArr, Key key) throws JCEHandlerException {
        return doCryptStuff(bArr, key, 2);
    }

    public byte[] encryptDataCBC(byte[] bArr, Key key, byte[] bArr2) throws JCEHandlerException {
        return doCryptStuff(bArr, key, 1, CipherMode.CBC, bArr2);
    }

    public byte[] decryptDataCBC(byte[] bArr, Key key, byte[] bArr2) throws JCEHandlerException {
        return doCryptStuff(bArr, key, 2, CipherMode.CBC, bArr2);
    }

    byte[] doCryptStuff(byte[] bArr, Key key, int i) throws JCEHandlerException {
        return doCryptStuff(bArr, key, i, CipherMode.ECB, null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] doCryptStuff(byte[] bArr, Key key, int i, CipherMode cipherMode, byte[] bArr2) throws JCEHandlerException {
        String algorithm = key.getAlgorithm();
        if (key.getAlgorithm().startsWith(ALG_DES)) {
            algorithm = algorithm + "/" + modetoString(cipherMode) + "/" + DES_NO_PADDING;
        }
        IvParameterSpec ivParameterSpec = null;
        try {
            Cipher cipher = Cipher.getInstance(algorithm, this.provider.getName());
            if (cipherMode != CipherMode.ECB) {
                ivParameterSpec = new IvParameterSpec(bArr2);
            }
            cipher.init(i, key, ivParameterSpec);
            byte[] doFinal = cipher.doFinal(bArr);
            if (cipherMode != CipherMode.ECB) {
                System.arraycopy(doFinal, doFinal.length - 8, bArr2, 0, bArr2.length);
            }
            return doFinal;
        } catch (Exception e) {
            throw new JCEHandlerException(e);
        }
    }

    private String modetoString(CipherMode cipherMode) throws JCEHandlerException {
        switch (cipherMode) {
            case ECB:
                return DES_MODE_ECB;
            case CBC:
                return DES_MODE_CBC;
            case CFB8:
                return "CFB8";
            case CFB64:
                return "CFB64";
            default:
                throw new JCEHandlerException("Unsupported cipher mode " + cipherMode);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getBytesLength(short s) throws JCEHandlerException {
        int i;
        switch (s) {
            case 64:
                i = 8;
                break;
            case 128:
                i = 16;
                break;
            case 192:
                i = 24;
                break;
            default:
                throw new JCEHandlerException("Unsupported key length: " + ((int) s) + " bits");
        }
        return i;
    }

    Mac assignMACEngine(MacEngineKey macEngineKey) throws JCEHandlerException {
        if (macEngines.containsKey(macEngineKey)) {
            return macEngines.get(macEngineKey);
        }
        try {
            Mac mac = Mac.getInstance(macEngineKey.getMacAlgorithm(), this.provider);
            mac.init(macEngineKey.getMacKey());
            macEngines.put(macEngineKey, mac);
            return mac;
        } catch (InvalidKeyException e) {
            throw new JCEHandlerException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new JCEHandlerException(e2);
        }
    }

    public byte[] generateMAC(byte[] bArr, Key key, String str) throws JCEHandlerException {
        byte[] doFinal;
        Mac assignMACEngine = assignMACEngine(new MacEngineKey(str, key));
        synchronized (assignMACEngine) {
            assignMACEngine.reset();
            doFinal = assignMACEngine.doFinal(bArr);
        }
        return doFinal;
    }
}
