package com.huawei.paas.foundation.auth.encrypt.impl;

import com.huawei.paas.foundation.auth.encrypt.CipherException;
import com.huawei.paas.foundation.auth.encrypt.CipherManager;
import com.huawei.paas.foundation.auth.encrypt.CommonUtil;
import com.huawei.paas.foundation.auth.encrypt.KeyException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;

/* loaded from: input_file:com/huawei/paas/foundation/auth/encrypt/impl/KeyManagerUtil.class */
public final class KeyManagerUtil {
    public static final byte[] FILE_VERSION = {1, 0, 0, 0};
    public static final int KEYLEN_SEQUENCE_START = 4;
    public static final int KEYLEN_INT = 4;
    public static final int KEYLEN_DIGEST = 32;
    public static final int KEYLEN_KEYMATIRIAL = 512;
    public static final int KEYLEN_KEYLEN_START = 52;
    public static final int KEYLEN_KEYMATIRIAL_START = 128;
    public static final int KEYLEN_PAD_START = 57;
    public static final int KEYLEN_PADLEN = 71;
    public static final int KEYLEN_ALGLEN_START = 8;
    public static final int KEYLEN_TOTAL = 1024;
    public static final int KEY_COUNT = 16;
    private static final int MAX_BUFFER_SIZE = 16385;

    private KeyManagerUtil() {
    }

    public static byte[] generatSecureRandom(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public static byte[] sha256(byte[] bArr) {
        try {
            return MessageDigest.getInstance("SHA-256").digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            return new byte[0];
        }
    }

    public static byte[] generateNewRootKey(int i) {
        return generateNewKey(i, generatSecureRandom(KEYLEN_KEYMATIRIAL), false);
    }

    public static byte[] generateNewWorkKey(int i, File file) throws CipherException {
        return generateNewKey(i, CipherManager.getInstance().encrypt(generatSecureRandom(KEYLEN_KEYMATIRIAL), file), true);
    }

    /* JADX WARN: Type inference failed for: r1v10, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v8, types: [byte[], byte[][]] */
    public static byte[] generateNewKey(int i, byte[] bArr, boolean z) {
        byte[] bArr2 = FILE_VERSION;
        byte[] intToBytes = intToBytes(i + 1);
        byte[] intToBytes2 = intToBytes(2);
        byte[] intToBytes3 = intToBytes(PBKDF2WithHmacSHA.KEYGEN_ITERATION);
        byte[] intToBytes4 = intToBytes(PBKDF2WithHmacSHA.KEYGEN_KEYLEN);
        byte[] generatSecureRandom = generatSecureRandom(32);
        byte[] booleanToBytes = booleanToBytes(z);
        byte[] intToBytes5 = intToBytes(bArr.length);
        byte[] bArr3 = new byte[(KEYLEN_TOTAL - (KEYLEN_KEYMATIRIAL_START + bArr.length)) - 32];
        Arrays.fill(bArr3, (byte) 0);
        byte[] bArr4 = new byte[71];
        Arrays.fill(bArr4, (byte) 0);
        byte[] bArr5 = new byte[992];
        concat(bArr5, new byte[]{bArr2, intToBytes, intToBytes2, intToBytes3, intToBytes4, generatSecureRandom, intToBytes5, booleanToBytes, bArr4, bArr, bArr3});
        byte[] sha256 = sha256(bArr5);
        byte[] bArr6 = new byte[KEYLEN_TOTAL];
        concat(bArr6, new byte[]{bArr5, sha256});
        return bArr6;
    }

    private static void concat(byte[] bArr, byte[]... bArr2) {
        int i = 0;
        for (byte[] bArr3 : bArr2) {
            System.arraycopy(bArr3, 0, bArr, i, bArr3.length);
            i += bArr3.length;
        }
    }

    public static byte[] intToBytes(int i) {
        return ByteBuffer.allocate(4).putInt(i).array();
    }

    public static byte[] booleanToBytes(boolean z) {
        return z ? new byte[]{1} : new byte[]{0};
    }

    public static int bytesToInt(byte[] bArr) {
        return ByteBuffer.wrap(bArr).getInt();
    }

    public static void writeKeyFile(byte[] bArr, File file) throws KeyException {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(file);
                fileOutputStream.write(bArr);
                CommonUtil.close(fileOutputStream);
            } catch (IOException e) {
                throw new KeyException("write key file failed.");
            }
        } catch (Throwable th) {
            CommonUtil.close(fileOutputStream);
            throw th;
        }
    }

    public static byte[] readKeyFile(File file) throws KeyException {
        try {
            try {
                FileInputStream fileInputStream = new FileInputStream(file);
                byte[] bArr = new byte[MAX_BUFFER_SIZE];
                int read = fileInputStream.read(bArr);
                if (read <= 0) {
                    throw new KeyException("key file is not valid.");
                }
                byte[] bArr2 = new byte[read];
                System.arraycopy(bArr, 0, bArr2, 0, read);
                CommonUtil.close(fileInputStream);
                return bArr2;
            } catch (IOException e) {
                throw new KeyException("read key file failed.");
            }
        } catch (Throwable th) {
            CommonUtil.close(null);
            throw th;
        }
    }

    public static int checkKeys(byte[] bArr) throws KeyException {
        if (bArr.length < 1024 || bArr.length > 16384) {
            throw new KeyException("invalid key length.");
        }
        if (bArr.length != 1024) {
            byte[] bArr2 = new byte[bArr.length - KEYLEN_TOTAL];
            System.arraycopy(bArr, KEYLEN_TOTAL, bArr2, 0, bArr2.length);
            return 1 + checkKeys(bArr2);
        }
        byte[] bArr3 = new byte[992];
        System.arraycopy(bArr, 0, bArr3, 0, bArr3.length);
        byte[] sha256 = sha256(bArr3);
        for (int i = 0; i < sha256.length; i++) {
            if (bArr[bArr3.length + i] != sha256[i]) {
                throw new KeyException("invalid key digest.");
            }
        }
        return 1;
    }

    public static byte[] getKeyVersionBytes(byte[] bArr) {
        byte[] bArr2 = new byte[4];
        System.arraycopy(bArr, 4, bArr2, 0, 4);
        return bArr2;
    }

    public static int getKeyVersionInt(byte[] bArr) {
        return bytesToInt(getKeyVersionBytes(bArr));
    }
}
