package com.huawei.dap.auth.security.workkey;

import com.huawei.dap.auth.security.util.FileUtils;
import com.huawei.dap.auth.security.util.HexUtil;
import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.crypto.PBEParametersGenerator;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;

/* loaded from: input_file:com/huawei/dap/auth/security/workkey/DefaultRootKeyFile.class */
public class DefaultRootKeyFile implements RootKeyFile {
    private static final int COMPONENT_SIZE = 128;
    private static final int ITERATION_COUNT = 10000;
    private static final int AES128_KEY_SIZE = 16;
    private final RootKeyFileFormat fileFormat;
    private static final String COMPONENT3 = "0B6AA66FADD74F59F019109582E1AAED1EEEEA14CEDFAFCA6DB384D8C3360D5E34087FD513B16929A2567E5E184AE2B49A71B9E25E6371C91227D8CE114957D3D383EBC4899DBA7C43F6D80273E57F60B8FC918C2474CA687F1C5DBD7A71B1DC0A1EA455C7F2304A4846FD05FFD9FDD96B606546C51241A190EF8B70382ABE55";
    private byte[] c1 = new byte[0];
    private byte[] c2 = new byte[0];
    private byte[] c3 = new byte[0];
    private byte[] salt = new byte[0];
    private byte[] macSalt = new byte[0];

    public DefaultRootKeyFile(RootKeyFileFormat rootKeyFileFormat) {
        this.fileFormat = rootKeyFileFormat;
    }

    public boolean load(String str) {
        try {
            this.c1 = readKeyBytes(str + this.fileFormat.getC1());
            this.c2 = readKeyBytes(str + this.fileFormat.getC2());
            this.c3 = HexUtil.hexStr2Byte(COMPONENT3);
            this.salt = readKeyBytes(str + this.fileFormat.getSalt());
            this.macSalt = readKeyBytes(str + this.fileFormat.getMacSalt());
            return true;
        } catch (IOException | DecoderException e) {
            return false;
        }
    }

    @Override // com.huawei.dap.auth.security.workkey.RootKeyFile
    public RootKey derive() {
        int min = Math.min(this.c1.length, Math.min(this.c2.length, this.c3.length));
        char[] cArr = new char[min];
        for (int i = 0; i < min; i++) {
            cArr[i] = (char) ((this.c1[i] ^ this.c2[i]) ^ this.c3[i]);
        }
        byte[] encryptPBKDF2WithSHA256 = encryptPBKDF2WithSHA256(cArr, this.salt, ITERATION_COUNT, AES128_KEY_SIZE);
        byte[] encryptPBKDF2WithSHA2562 = encryptPBKDF2WithSHA256(StandardCharsets.UTF_8.decode(ByteBuffer.allocate(encryptPBKDF2WithSHA256.length)).array(), this.macSalt, ITERATION_COUNT, AES128_KEY_SIZE);
        RootKey rootKey = new RootKey(encryptPBKDF2WithSHA256, encryptPBKDF2WithSHA2562);
        ByteUtil.reset(encryptPBKDF2WithSHA256);
        ByteUtil.reset(encryptPBKDF2WithSHA2562);
        return rootKey;
    }

    private static byte[] encryptPBKDF2WithSHA256(char[] cArr, byte[] bArr, int i, int i2) {
        PKCS5S2ParametersGenerator pKCS5S2ParametersGenerator = new PKCS5S2ParametersGenerator(new SHA256Digest());
        pKCS5S2ParametersGenerator.init(PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(cArr), bArr, i);
        return pKCS5S2ParametersGenerator.generateDerivedMacParameters(i2 * 8).getKey();
    }

    private static byte[] readKeyBytes(String str) throws IOException, DecoderException {
        InputStream inputStream = null;
        try {
            inputStream = FileUtils.getUrl(str).openStream();
            String iOUtils = IOUtils.toString(inputStream);
            IOUtils.closeQuietly(inputStream);
            if (StringUtils.isEmpty(iOUtils)) {
                throw new IOException("Root key is null");
            }
            String trim = iOUtils.trim();
            if (trim.length() < COMPONENT_SIZE) {
                throw new IOException("Root key is small than 128");
            }
            return HexUtil.hexStr2Byte(trim);
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }
}
