package com.metabit.custom.safe.safeseal.impl;

import com.metabit.custom.safe.iip.AsymmetricEncryptionWithIIP;
import com.metabit.custom.safe.iip.ECDHEWithIntegrityPadding;
import com.metabit.custom.safe.iip.RSAWithIntegrityPadding;
import com.metabit.custom.safe.iip.shared.AlgorithmSpecCollection;
import com.metabit.custom.safe.iip.shared.CryptoFactory;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.zip.DataFormatException;
import java.util.zip.Deflater;
import java.util.zip.Inflater;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.crypto.DataLengthException;

/* loaded from: input_file:com/metabit/custom/safe/safeseal/impl/SAFESeal.class */
public class SAFESeal {
    private final CryptoFactory cryptoFactory;
    private TransportFormatConverter formatConverter;
    private AsymmetricEncryptionWithIIP asymmetricLayer;
    private boolean keyAgreementMode = false;
    private boolean compressionMode = false;

    public SAFESeal(CryptoFactory cryptoFactory) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        this.cryptoFactory = cryptoFactory;
        init();
    }

    private static byte[] tryToCompress(byte[] bArr, InternalTransportTuple internalTransportTuple) throws NoSuchAlgorithmException {
        byte[] bArr2;
        int length = bArr.length;
        byte[] bArr3 = new byte[length];
        Deflater deflater = new Deflater(9, true);
        deflater.setInput(bArr);
        deflater.finish();
        int deflate = deflater.deflate(bArr3);
        if (deflate >= length) {
            bArr2 = bArr;
            internalTransportTuple.cryptoSettings.setCompressionOID(AlgorithmSpecCollection.COMPRESSION_NONE.getOID());
        } else {
            bArr2 = new byte[deflate];
            System.arraycopy(bArr3, 0, bArr2, 0, deflate);
            internalTransportTuple.cryptoSettings.setCompressionOID(AlgorithmSpecCollection.COMPRESSION_GZIP.getOID());
        }
        deflater.end();
        return bArr2;
    }

    public boolean getKeyAgreementMode() {
        return this.keyAgreementMode;
    }

    public void setKeyAgreementMode(boolean z) {
        this.keyAgreementMode = z;
        this.compressionMode = false;
        init();
    }

    private void init() {
        this.formatConverter = new TransportFormatConverter();
    }

    public byte[] seal(byte[] bArr, PrivateKey privateKey, PublicKey[] publicKeyArr, Long l) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IllegalBlockSizeException, InvalidKeySpecException, BadPaddingException, IOException, ShortBufferException {
        InternalTransportTuple internalTransportTuple;
        if (this.keyAgreementMode) {
            this.asymmetricLayer = new ECDHEWithIntegrityPadding(this.cryptoFactory, AlgorithmSpecCollection.AES256ECB_PADDED);
            internalTransportTuple = new InternalTransportTuple(true);
            internalTransportTuple.setDiversification(l);
        } else {
            Matcher matcher = Pattern.compile(".+RSA private CRT key,\\s+(\\d{4})\\sbits(?m:$)").matcher(privateKey.toString());
            if (!matcher.find()) {
                throw new UnsupportedOperationException("could not determine key size");
            }
            int intValue = Integer.valueOf(matcher.group(1)).intValue();
            switch (intValue) {
                case 1024:
                    this.asymmetricLayer = new RSAWithIntegrityPadding(this.cryptoFactory, AlgorithmSpecCollection.RSA1024);
                    break;
                case 2048:
                    this.asymmetricLayer = new RSAWithIntegrityPadding(this.cryptoFactory, AlgorithmSpecCollection.RSA2048);
                    break;
                case 4096:
                    this.asymmetricLayer = new RSAWithIntegrityPadding(this.cryptoFactory, AlgorithmSpecCollection.RSA4096);
                    break;
                default:
                    throw new InvalidKeySpecException("key of unsupported size " + intValue);
            }
            internalTransportTuple = new InternalTransportTuple(false);
            internalTransportTuple.cryptoSettings.setEncryptionKeySize(intValue);
        }
        internalTransportTuple.encryptedData = this.asymmetricLayer.padEncryptAndPackage(!this.compressionMode ? bArr : tryToCompress(bArr, internalTransportTuple), publicKeyArr, privateKey, internalTransportTuple.getKeyDiversificationData());
        internalTransportTuple.cryptoIV = this.asymmetricLayer.getSymmetricIV();
        return this.formatConverter.wrapForTransport(internalTransportTuple);
    }

    public byte[] reveal(byte[] bArr, PrivateKey privateKey, PublicKey publicKey) throws BadPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, NoSuchPaddingException, NoSuchProviderException, IOException, ShortBufferException {
        InternalTransportTuple unwrapTransportFormat = this.formatConverter.unwrapTransportFormat(bArr);
        ASN1ObjectIdentifier compressionOID = unwrapTransportFormat.cryptoSettings.getCompressionOID();
        if (compressionOID.equals((ASN1Primitive) AlgorithmSpecCollection.COMPRESSION_GZIP.getOID())) {
            this.compressionMode = true;
        } else {
            if (!compressionOID.equals((ASN1Primitive) AlgorithmSpecCollection.COMPRESSION_NONE.getOID())) {
                throw new NoSuchAlgorithmException("invalid compression");
            }
            this.compressionMode = false;
        }
        if (this.keyAgreementMode) {
            this.asymmetricLayer = new ECDHEWithIntegrityPadding(this.cryptoFactory, AlgorithmSpecCollection.AES256ECB_PADDED);
        } else {
            switch (unwrapTransportFormat.cryptoSettings.getEncryptionKeySize()) {
                case 1024:
                    this.asymmetricLayer = new RSAWithIntegrityPadding(this.cryptoFactory, AlgorithmSpecCollection.RSA1024);
                    break;
                case 2048:
                    this.asymmetricLayer = new RSAWithIntegrityPadding(this.cryptoFactory, AlgorithmSpecCollection.RSA2048);
                    break;
                case 4096:
                    this.asymmetricLayer = new RSAWithIntegrityPadding(this.cryptoFactory, AlgorithmSpecCollection.RSA4096);
                    break;
                default:
                    throw new InvalidKeyException("specified key size not supported");
            }
        }
        try {
            byte[] decryptAndVerify = this.asymmetricLayer.decryptAndVerify(unwrapTransportFormat.encryptedData, publicKey, privateKey, unwrapTransportFormat.keyDiversificationData, unwrapTransportFormat.cryptoIV);
            if (this.compressionMode) {
                decryptAndVerify = inflateZLIBcompressedData(decryptAndVerify);
            }
            return decryptAndVerify;
        } catch (ArrayIndexOutOfBoundsException | DataFormatException | DataLengthException e) {
            throw new BadPaddingException();
        }
    }

    private byte[] inflateZLIBcompressedData(byte[] bArr) throws DataFormatException {
        int inflate;
        Inflater inflater = new Inflater(true);
        int length = bArr.length;
        int i = 0;
        do {
            i += length;
            inflater.setInput(bArr);
            inflate = inflater.inflate(new byte[i]);
            if (inflate == 0) {
                throw new IllegalArgumentException("input compression level not handled");
            }
            inflater.reset();
        } while (i == inflate);
        byte[] bArr2 = new byte[inflate];
        inflater.setInput(bArr);
        inflater.inflate(bArr2);
        inflater.end();
        return bArr2;
    }

    public boolean getCompressionMode() {
        return this.compressionMode;
    }

    public void setCompressionMode(boolean z) {
        this.compressionMode = z;
    }
}
