package com.cfca.util.pki.pkcs;

import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.Parser;
import com.cfca.util.pki.asn1.ASN1EncodableVector;
import com.cfca.util.pki.asn1.ASN1OctetString;
import com.cfca.util.pki.asn1.ASN1Sequence;
import com.cfca.util.pki.asn1.DERInteger;
import com.cfca.util.pki.asn1.DEROctetString;
import com.cfca.util.pki.asn1.DERSequence;
import com.cfca.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import com.cfca.util.pki.asn1.pkcs.pkcs8.EncryptedPrivateKeyInfo;
import com.cfca.util.pki.asn1.x509.AlgorithmIdentifier;
import com.cfca.util.pki.cipher.JCrypto;
import com.cfca.util.pki.cipher.JKey;
import com.cfca.util.pki.cipher.Mechanism;
import com.cfca.util.pki.cipher.Session;
import com.cfca.util.pki.cipher.param.PBEParam;

/* loaded from: input_file:com/cfca/util/pki/pkcs/PKCS8.class */
public class PKCS8 {
    private Session session;

    public PKCS8(Session session) {
        this.session = session;
    }

    public byte[] generateEPKI(JKey jKey, char[] cArr) throws PKIException {
        if (jKey.getKeyType() != JKey.RSA_PRV_KEY) {
            throw new PKIException(PKIException.UNSUPPORT_KEY_TYPE_ERR, new StringBuffer("产生PKCS8加密私钥信息，私钥类型不支持 : ").append(jKey.getKeyType()).toString());
        }
        byte[] key = jKey.getKey();
        PBEParam pBEParam = new PBEParam();
        byte[] salt = pBEParam.getSalt();
        int iterations = pBEParam.getIterations();
        JKey generatePBEKey = this.session.generatePBEKey(new Mechanism("PBEWITHSHAAND3-KEYTRIPLEDES-CBC"), cArr);
        byte[] encrypt = this.session.encrypt(new Mechanism("PBEWITHSHAAND3-KEYTRIPLEDES-CBC", pBEParam), generatePBEKey, key);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        DEROctetString dEROctetString = new DEROctetString(salt);
        DERInteger dERInteger = new DERInteger(iterations);
        aSN1EncodableVector.add(dEROctetString);
        aSN1EncodableVector.add(dERInteger);
        return Parser.writeDERObj2Bytes(new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.pbeWithSHAAnd3DESCBC, new DERSequence(aSN1EncodableVector)), encrypt));
    }

    public JKey decodeEPKI(byte[] bArr, char[] cArr) throws PKIException {
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo((ASN1Sequence) Parser.writeBytes2DERObj(bArr));
        AlgorithmIdentifier encryptionAlgorithm = encryptedPrivateKeyInfo.getEncryptionAlgorithm();
        if (!encryptionAlgorithm.getObjectId().equals(PKCSObjectIdentifiers.pbeWithSHAAnd3DESCBC)) {
            throw new PKIException(PKIException.UNSUPPORT_DECRYPT_ALG_ERR, new StringBuffer("解析PKCS8加密私钥信息，加密算法不支持 : ").append(encryptionAlgorithm.getObjectId().getId()).toString());
        }
        ASN1Sequence aSN1Sequence = (ASN1Sequence) encryptionAlgorithm.getParameters();
        ASN1OctetString aSN1OctetString = (ASN1OctetString) aSN1Sequence.getObjectAt(0);
        DERInteger dERInteger = (DERInteger) aSN1Sequence.getObjectAt(1);
        byte[] octets = aSN1OctetString.getOctets();
        int intValue = dERInteger.getValue().intValue();
        PBEParam pBEParam = new PBEParam();
        pBEParam.setSalt(octets);
        pBEParam.setIterations(intValue);
        JKey generatePBEKey = this.session.generatePBEKey(new Mechanism("PBEWITHSHAAND3-KEYTRIPLEDES-CBC"), cArr);
        return new JKey(JKey.RSA_PRV_KEY, this.session.decrypt(new Mechanism("PBEWITHSHAAND3-KEYTRIPLEDES-CBC", pBEParam), generatePBEKey, encryptedPrivateKeyInfo.getEncryptedData()));
    }

    public static void main(String[] strArr) {
        try {
            JCrypto jCrypto = JCrypto.getInstance();
            jCrypto.initialize(JCrypto.JSOFT_LIB, null);
            Session openSession = jCrypto.openSession(JCrypto.JSOFT_LIB);
            JKey privateKey = openSession.generateKeyPair(new Mechanism(Mechanism.RSA), 1024).getPrivateKey();
            byte[] key = privateKey.getKey();
            PKCS8 pkcs8 = new PKCS8(openSession);
            if (Parser.isEqualArray(key, pkcs8.decodeEPKI(pkcs8.generateEPKI(privateKey, "1234567".toCharArray()), "1234567".toCharArray()).getKey())) {
                System.out.println("OK");
            } else {
                System.out.println("ERROR");
            }
        } catch (Exception e) {
            System.err.println(e.toString());
        }
    }
}
