package org.silvertunnel_ng.netlib.layer.tor.util;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.x509.RSAPublicKeyStructure;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.encodings.OAEPEncoding;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.provider.JCERSAPrivateCrtKey;
import org.bouncycastle.jce.provider.JCERSAPrivateKey;
import org.bouncycastle.jce.provider.JCERSAPublicKey;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PEMWriter;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/silvertunnel_ng/netlib/layer/tor/util/Encryption.class */
public class Encryption {
    private static final Logger LOG = LoggerFactory.getLogger(Encryption.class);
    public static final String DIGEST_ALGORITHM = "SHA-1";
    private static final String PK_ALGORITHM = "RSA";
    private static final int KEY_STRENGTH = 1024;
    private static final int KEY_CERTAINTY = 80;

    public static byte[] getDigest(byte[] bArr) {
        return getDigest(DIGEST_ALGORITHM, bArr);
    }

    public static byte[] getDigest(String str, byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(bArr);
            return messageDigest.digest();
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static MessageDigest getMessagesDigest() {
        try {
            return MessageDigest.getInstance(DIGEST_ALGORITHM);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static byte[] intermediateDigest(MessageDigest messageDigest) {
        try {
            return ((MessageDigest) messageDigest.clone()).digest();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static boolean verifySignature(byte[] bArr, RSAPublicKeyStructure rSAPublicKeyStructure, byte[] bArr2) {
        byte[] digest = getDigest(bArr2);
        try {
            RSAKeyParameters rSAKeyParameters = new RSAKeyParameters(false, rSAPublicKeyStructure.getModulus(), rSAPublicKeyStructure.getPublicExponent());
            PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
            pKCS1Encoding.init(false, rSAKeyParameters);
            return Arrays.equals(digest, pKCS1Encoding.processBlock(bArr, 0, bArr.length));
        } catch (Exception e) {
            LOG.warn("unexpected", e);
            return false;
        }
    }

    public static boolean verifySignature(byte[] bArr, PublicKey publicKey, byte[] bArr2) {
        return verifySignatureWithHash(bArr, publicKey, getDigest(bArr2));
    }

    public static boolean verifySignatureWithHash(byte[] bArr, PublicKey publicKey, byte[] bArr2) {
        try {
            Cipher cipher = Cipher.getInstance(PK_ALGORITHM);
            cipher.init(2, publicKey);
            byte[] doFinal = cipher.doFinal(bArr);
            if (doFinal != null && bArr2 != null && doFinal.length > bArr2.length) {
                LOG.warn("verifySignature(): try to fix bug in security calculation with OpenJDK-6 java web start (ticket #59)");
                LOG.warn("verifySignature(): original decryptedDigest=" + Encoding.toHexString(doFinal));
                LOG.warn("verifySignature(): dataDigest              =" + Encoding.toHexString(bArr2));
                byte[] bArr3 = new byte[bArr2.length];
                System.arraycopy(doFinal, doFinal.length - bArr2.length, bArr3, 0, bArr2.length);
                doFinal = bArr3;
            }
            boolean equals = Arrays.equals(doFinal, bArr2);
            if (!equals) {
                LOG.info("verifySignature(): decryptedDigest=" + Encoding.toHexString(doFinal));
                LOG.info("verifySignature(): dataDigest     =" + Encoding.toHexString(bArr2));
            }
            return equals;
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static byte[] signData(byte[] bArr, RSAKeyParameters rSAKeyParameters) {
        try {
            byte[] digest = getDigest(bArr);
            PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
            pKCS1Encoding.init(true, rSAKeyParameters);
            return pKCS1Encoding.processBlock(digest, 0, digest.length);
        } catch (InvalidCipherTextException e) {
            LOG.warn("Common.signData(): " + e.getMessage(), e);
            return null;
        }
    }

    public static byte[] signData(byte[] bArr, PrivateKey privateKey) {
        try {
            Cipher cipher = Cipher.getInstance(PK_ALGORITHM);
            cipher.init(1, privateKey);
            return cipher.doFinal(getDigest(DIGEST_ALGORITHM, bArr));
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static RSAPublicKey extractPublicRSAKey(String str) {
        RSAPublicKey rSAPublicKey;
        Object readObject;
        try {
            PEMReader pEMReader = new PEMReader(new StringReader(str));
            readObject = pEMReader.readObject();
            pEMReader.close();
        } catch (Exception e) {
            LOG.warn("Encryption.extractPublicRSAKey: Caught exception:" + e.getMessage());
            rSAPublicKey = null;
        }
        if (!(readObject instanceof JCERSAPublicKey)) {
            throw new IOException("Encryption.extractPublicRSAKey: no public key found in string '" + str + "'");
        }
        JCERSAPublicKey jCERSAPublicKey = (JCERSAPublicKey) readObject;
        rSAPublicKey = getRSAPublicKey(jCERSAPublicKey.getModulus(), jCERSAPublicKey.getPublicExponent());
        return rSAPublicKey;
    }

    public static RSAKeyPair extractRSAKeyPair(String str) {
        RSAKeyPair rSAKeyPair;
        Object readObject;
        try {
            PEMReader pEMReader = new PEMReader(new StringReader(str));
            readObject = pEMReader.readObject();
            pEMReader.close();
        } catch (Exception e) {
            LOG.warn("Encryption.extractPrivateRSAKey: Caught exception:" + e.getMessage());
            rSAKeyPair = null;
        }
        if (!(readObject instanceof KeyPair)) {
            throw new IOException("Encryption.extractRSAKeyPair: no private key found in string '" + str + "'");
        }
        KeyPair keyPair = (KeyPair) readObject;
        if (!(keyPair.getPrivate() instanceof JCERSAPrivateKey)) {
            throw new IOException("Encryption.extractRSAKeyPair: no private key found in key pair of string '" + str + "'");
        }
        if (!(keyPair.getPublic() instanceof JCERSAPublicKey)) {
            throw new IOException("Encryption.extractRSAKeyPair: no public key found in key pair of string '" + str + "'");
        }
        JCERSAPrivateCrtKey jCERSAPrivateCrtKey = keyPair.getPrivate();
        LOG.debug("JCEPrivateKey={}", jCERSAPrivateCrtKey);
        rSAKeyPair = new RSAKeyPair(keyPair.getPublic(), jCERSAPrivateCrtKey);
        return rSAKeyPair;
    }

    public static String getPEMStringFromRSAKeyPair(RSAKeyPair rSAKeyPair) {
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        try {
            pEMWriter.writeObject(new KeyPair(rSAKeyPair.getPublic(), rSAKeyPair.getPrivate()).getPrivate());
            pEMWriter.close();
            return stringWriter.toString();
        } catch (IOException e) {
            LOG.warn("Caught exception:" + e.getMessage());
            return "";
        }
    }

    public static RSAPublicKey getRSAPublicKey(BigInteger bigInteger, BigInteger bigInteger2) {
        try {
            return (RSAPublicKey) KeyFactory.getInstance(PK_ALGORITHM).generatePublic(new RSAPublicKeySpec(bigInteger, bigInteger2));
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static RSAPrivateKey getRSAPrivateKey(BigInteger bigInteger, BigInteger bigInteger2) {
        try {
            return (RSAPrivateKey) KeyFactory.getInstance(PK_ALGORITHM).generatePrivate(new RSAPrivateKeySpec(bigInteger, bigInteger2));
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static RSAPublicKey extractBinaryRSAKey(byte[] bArr) {
        RSAPublicKey rSAPublicKey;
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
            RSAPublicKeyStructure rSAPublicKeyStructure = new RSAPublicKeyStructure(aSN1InputStream.readObject());
            rSAPublicKey = getRSAPublicKey(rSAPublicKeyStructure.getModulus(), rSAPublicKeyStructure.getPublicExponent());
            aSN1InputStream.close();
        } catch (IOException e) {
            LOG.warn("Caught exception:" + e.getMessage());
            rSAPublicKey = null;
        }
        return rSAPublicKey;
    }

    public static RSAPublicKey getRSAPublicKey(JCERSAPublicKey jCERSAPublicKey) {
        return getRSAPublicKey(jCERSAPublicKey.getModulus(), jCERSAPublicKey.getPublicExponent());
    }

    public static byte[] getPKCS1EncodingFromRSAPublicKey(RSAPublicKey rSAPublicKey) {
        try {
            RSAPublicKeyStructure rSAPublicKeyStructure = new RSAPublicKeyStructure(rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
            aSN1OutputStream.writeObject(rSAPublicKeyStructure.toASN1Object());
            aSN1OutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            return null;
        }
    }

    public static String getPEMStringFromRSAPublicKey(RSAPublicKey rSAPublicKey) {
        StringBuffer stringBuffer = new StringBuffer();
        try {
            stringBuffer.append("-----BEGIN RSA PUBLIC KEY-----\n");
            byte[] encode = Base64.encode(getPKCS1EncodingFromRSAPublicKey(rSAPublicKey));
            for (int i = 0; i < encode.length; i++) {
                stringBuffer.append((char) encode[i]);
                if ((i + 1) % 64 == 0) {
                    stringBuffer.append("\n");
                }
            }
            stringBuffer.append("\n");
            stringBuffer.append("-----END RSA PUBLIC KEY-----\n");
            return stringBuffer.toString();
        } catch (Exception e) {
            return null;
        }
    }

    public static byte[] asymEncrypt(RSAPublicKey rSAPublicKey, byte[] bArr, byte[] bArr2) throws TorException {
        if (bArr2 == null) {
            throw new NullPointerException("can't encrypt NULL data");
        }
        byte[] encrypt = new HybridEncryption().encrypt(bArr2, rSAPublicKey, bArr);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Encryption.asymEncrypt(): unencrypted payload:\n" + Encoding.toHexString(bArr2, 100));
            LOG.debug("Encryption.asymEncrypt(): encrypted payload:\n" + Encoding.toHexString(encrypt, 100));
        }
        return encrypt;
    }

    public static byte[] asymDecrypt(RSAPrivateKey rSAPrivateKey, byte[] bArr) throws TorException {
        if (bArr == null) {
            throw new NullPointerException("can't encrypt NULL data");
        }
        if (bArr.length < 70) {
            throw new TorException("input array too short");
        }
        try {
            OAEPEncoding oAEPEncoding = new OAEPEncoding(new RSAEngine());
            oAEPEncoding.init(false, new RSAKeyParameters(true, rSAPrivateKey.getModulus(), rSAPrivateKey.getPrivateExponent()));
            int inputBlockSize = oAEPEncoding.getInputBlockSize();
            byte[] bArr2 = new byte[inputBlockSize];
            System.arraycopy(bArr, 0, bArr2, 0, inputBlockSize);
            byte[] decodeBlock = oAEPEncoding.decodeBlock(bArr2, 0, inputBlockSize);
            byte[] bArr3 = new byte[16];
            System.arraycopy(decodeBlock, 0, bArr3, 0, 16);
            AESCounterMode aESCounterMode = new AESCounterMode(bArr3);
            byte[] bArr4 = new byte[bArr.length - inputBlockSize];
            System.arraycopy(bArr, inputBlockSize, bArr4, 0, bArr4.length);
            byte[] processStream = aESCounterMode.processStream(bArr4);
            byte[] bArr5 = new byte[(decodeBlock.length - 16) + processStream.length];
            System.arraycopy(decodeBlock, 16, bArr5, 0, decodeBlock.length - 16);
            System.arraycopy(processStream, 0, bArr5, decodeBlock.length - 16, processStream.length);
            if (LOG.isDebugEnabled()) {
                LOG.debug("Encryption.asymDecrypt():: encrypted payload:\n" + Encoding.toHexString(bArr, 100));
                LOG.debug("Encryption.asymDecrypt():: unencrypted payload:\n" + Encoding.toHexString(bArr5, 100));
            }
            return bArr5;
        } catch (InvalidCipherTextException e) {
            LOG.error("Encryption.asymDecrypt(): can't decrypt cipher text:" + e.getMessage());
            throw new TorException("Encryption.asymDecrypt(): InvalidCipherTextException:" + e.getMessage());
        }
    }

    public static RSAKeyPair createNewRSAKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(PK_ALGORITHM);
            keyPairGenerator.initialize(KEY_STRENGTH);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) genKeyPair.getPrivate();
            RSAPublicKey rSAPublicKey = (RSAPublicKey) genKeyPair.getPublic();
            LOG.debug("privateKey={}", rSAPrivateCrtKey);
            LOG.debug("publicKey={}", rSAPublicKey);
            return new RSAKeyPair(rSAPublicKey, rSAPrivateCrtKey);
        } catch (NoSuchAlgorithmException e) {
            LOG.error("Could not create new key pair", e);
            throw new RuntimeException(e);
        }
    }

    static {
        try {
            if (Security.getProvider("BC") == null) {
                Security.addProvider(new BouncyCastleProvider());
            }
        } catch (Throwable th) {
            LOG.error("Cannot initialize class Encryption", th);
        }
    }
}
