package org.bouncycastle.openssl;

import com.google.crypto.tink.subtle.PemKeyType;
import java.io.IOException;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.EncryptionScheme;
import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
import org.bouncycastle.asn1.pkcs.PBES2Parameters;
import org.bouncycastle.asn1.pkcs.PBKDF2Params;
import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.util.io.pem.PemGenerationException;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemObjectGenerator;

/* loaded from: classes4.dex */
public class PKCS8Generator implements PemObjectGenerator {

    /* renamed from: i, reason: collision with root package name */
    public static final String f27014i = NISTObjectIdentifiers.f24731h.i();

    /* renamed from: j, reason: collision with root package name */
    public static final String f27015j = NISTObjectIdentifiers.f24738o.i();

    /* renamed from: k, reason: collision with root package name */
    public static final String f27016k = NISTObjectIdentifiers.f24745v.i();

    /* renamed from: l, reason: collision with root package name */
    public static final String f27017l = PKCSObjectIdentifiers.H1.i();

    /* renamed from: m, reason: collision with root package name */
    public static final String f27018m = PKCSObjectIdentifiers.y3.i();

    /* renamed from: n, reason: collision with root package name */
    public static final String f27019n = PKCSObjectIdentifiers.z3.i();

    /* renamed from: o, reason: collision with root package name */
    public static final String f27020o = PKCSObjectIdentifiers.A3.i();

    /* renamed from: p, reason: collision with root package name */
    public static final String f27021p = PKCSObjectIdentifiers.B3.i();

    /* renamed from: q, reason: collision with root package name */
    public static final String f27022q = PKCSObjectIdentifiers.C3.i();

    /* renamed from: r, reason: collision with root package name */
    public static final String f27023r = PKCSObjectIdentifiers.D3.i();
    public char[] a;
    public String b;

    /* renamed from: c, reason: collision with root package name */
    public int f27024c;

    /* renamed from: d, reason: collision with root package name */
    public PrivateKey f27025d;

    /* renamed from: e, reason: collision with root package name */
    public Cipher f27026e;

    /* renamed from: f, reason: collision with root package name */
    public SecureRandom f27027f;

    /* renamed from: g, reason: collision with root package name */
    public AlgorithmParameterGenerator f27028g;

    /* renamed from: h, reason: collision with root package name */
    public SecretKeyFactory f27029h;

    public PKCS8Generator(PrivateKey privateKey) {
        this.f27025d = privateKey;
    }

    public PKCS8Generator(PrivateKey privateKey, String str, String str2) throws NoSuchProviderException, NoSuchAlgorithmException {
        Provider provider = Security.getProvider(str2);
        if (provider != null) {
            a(privateKey, str, provider);
            return;
        }
        throw new NoSuchProviderException("cannot find provider: " + str2);
    }

    public PKCS8Generator(PrivateKey privateKey, String str, Provider provider) throws NoSuchAlgorithmException {
        a(privateKey, str, provider);
    }

    private void a(PrivateKey privateKey, String str, Provider provider) throws NoSuchAlgorithmException {
        this.f27025d = privateKey;
        this.b = str;
        this.f27024c = 2048;
        try {
            this.f27026e = Cipher.getInstance(str, provider);
            if (PEMUtilities.c(new DERObjectIdentifier(str))) {
                this.f27028g = AlgorithmParameterGenerator.getInstance(str, provider);
            } else {
                this.f27029h = SecretKeyFactory.getInstance(str, provider);
            }
        } catch (NoSuchPaddingException e2) {
            throw new NoSuchAlgorithmException(str + " found, but padding not available: " + e2.getMessage());
        }
    }

    public PKCS8Generator a(int i2) {
        this.f27024c = i2;
        return this;
    }

    public PKCS8Generator a(SecureRandom secureRandom) {
        this.f27027f = secureRandom;
        return this;
    }

    public PKCS8Generator a(char[] cArr) {
        this.a = cArr;
        return this;
    }

    @Override // org.bouncycastle.util.io.pem.PemObjectGenerator
    public PemObject generate() throws PemGenerationException {
        byte[] encoded = this.f27025d.getEncoded();
        String str = this.b;
        if (str == null) {
            return new PemObject(PemKeyType.PRIVATE_KEY, encoded);
        }
        DERObjectIdentifier dERObjectIdentifier = new DERObjectIdentifier(str);
        if (PEMUtilities.c(dERObjectIdentifier)) {
            byte[] bArr = new byte[20];
            if (this.f27027f == null) {
                this.f27027f = new SecureRandom();
            }
            this.f27027f.nextBytes(bArr);
            SecretKey a = PEMUtilities.a(this.b, this.a, bArr, this.f27024c);
            AlgorithmParameters generateParameters = this.f27028g.generateParameters();
            try {
                this.f27026e.init(1, a, generateParameters);
                EncryptionScheme encryptionScheme = new EncryptionScheme(new DERObjectIdentifier(this.b), ASN1Object.a(generateParameters.getEncoded()));
                KeyDerivationFunc keyDerivationFunc = new KeyDerivationFunc(PKCSObjectIdentifiers.F1, new PBKDF2Params(bArr, this.f27024c));
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.a(keyDerivationFunc);
                aSN1EncodableVector.a(encryptionScheme);
                return new PemObject("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.E1, new PBES2Parameters(new DERSequence(aSN1EncodableVector))), this.f27026e.doFinal(encoded)).g());
            } catch (IOException e2) {
                throw new PemGenerationException(e2.getMessage(), e2);
            } catch (GeneralSecurityException e3) {
                throw new PemGenerationException(e3.getMessage(), e3);
            }
        }
        if (!PEMUtilities.a(dERObjectIdentifier)) {
            throw new PemGenerationException("unknown algorithm: " + this.b);
        }
        byte[] bArr2 = new byte[20];
        if (this.f27027f == null) {
            this.f27027f = new SecureRandom();
        }
        this.f27027f.nextBytes(bArr2);
        try {
            this.f27026e.init(1, this.f27029h.generateSecret(new PBEKeySpec(this.a)), new PBEParameterSpec(bArr2, this.f27024c));
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.a(new DEROctetString(bArr2));
            aSN1EncodableVector2.a(new DERInteger(this.f27024c));
            return new PemObject("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(dERObjectIdentifier, new PKCS12PBEParams(new DERSequence(aSN1EncodableVector2))), this.f27026e.doFinal(encoded)).g());
        } catch (IOException e4) {
            throw new PemGenerationException(e4.getMessage(), e4);
        } catch (GeneralSecurityException e5) {
            throw new PemGenerationException(e5.getMessage(), e5);
        }
    }
}
