package com.github.davidcarboni.cryptolite;

import java.io.Serializable;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/github/davidcarboni/cryptolite/KeyWrapper.class */
public class KeyWrapper implements Serializable {
    private static final long serialVersionUID = -6232240044326148130L;
    private static final String WRAP_KEY_ALGORITHM = "AES";
    private static final String WRAP_ALGORITHM_SYMMETRIC = "AESWrap";
    private static final String WRAP_ALGORITHM_ASYMMETRIC = "AES/ECB/PKCS7Padding";
    public static final int PBKD_ITERATIONS = 1024;
    private SecretKey wrapKey;

    public KeyWrapper(String str, String str2) {
        this.wrapKey = Keys.generateSecretKey(str, str2);
    }

    public KeyWrapper(SecretKey secretKey) {
        if (!StringUtils.equals("AES", secretKey.getAlgorithm())) {
            throw new IllegalArgumentException("The wrapping key algorithm needs to be AES");
        }
        this.wrapKey = secretKey;
    }

    public String wrapSecretKey(SecretKey secretKey) {
        return wrap(secretKey, WRAP_ALGORITHM_SYMMETRIC);
    }

    public String wrapPrivateKey(PrivateKey privateKey) {
        return wrap(privateKey, WRAP_ALGORITHM_ASYMMETRIC);
    }

    public static String encodePublicKey(PublicKey publicKey) {
        return ByteArray.toBase64String(publicKey.getEncoded());
    }

    public SecretKey unwrapSecretKey(String str) {
        return (SecretKey) unwrap(str, "AES", 3, WRAP_ALGORITHM_SYMMETRIC);
    }

    public PrivateKey unwrapPrivateKey(String str) {
        return (PrivateKey) unwrap(str, "RSA", 2, WRAP_ALGORITHM_ASYMMETRIC);
    }

    public static PublicKey decodePublicKey(String str) {
        try {
            try {
                return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(ByteArray.fromBase64String(str)));
            } catch (InvalidKeySpecException e) {
                throw new IllegalArgumentException("Unable to convert key '" + str + "' to a valid public key.", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            if (SecurityProvider.addProvider()) {
                return decodePublicKey(str);
            }
            throw new IllegalStateException("Algorithm unavailable: AES", e2);
        }
    }

    public KeyPair unwrapKeyPair(String str, String str2) {
        return new KeyPair(decodePublicKey(str2), unwrapPrivateKey(str));
    }

    private String wrap(Key key, String str) {
        try {
            Cipher cipher = Cipher.getInstance(str);
            cipher.init(3, this.wrapKey, Random.getInstance());
            return ByteArray.toBase64String(cipher.wrap(key));
        } catch (InvalidKeyException e) {
            throw new IllegalArgumentException("Invalid key for " + str, e);
        } catch (NoSuchAlgorithmException e2) {
            if (SecurityProvider.addProvider()) {
                return wrap(key, str);
            }
            throw new IllegalStateException("Algorithm unavailable: " + str, e2);
        } catch (IllegalBlockSizeException e3) {
            throw new IllegalStateException("Error in block size for algorithm " + str, e3);
        } catch (NoSuchPaddingException e4) {
            throw new IllegalStateException("Padding unavailable: " + str, e4);
        }
    }

    private Key unwrap(String str, String str2, int i, String str3) {
        try {
            byte[] fromBase64String = ByteArray.fromBase64String(str);
            Cipher cipher = Cipher.getInstance(str3);
            cipher.init(4, this.wrapKey, Random.getInstance());
            return cipher.unwrap(fromBase64String, str2, i);
        } catch (InvalidKeyException e) {
            throw new IllegalArgumentException("Invalid key for algorithm " + str3, e);
        } catch (NoSuchAlgorithmException e2) {
            if (SecurityProvider.addProvider()) {
                return unwrap(str, str2, i, str3);
            }
            throw new IllegalStateException("Algorithm unavailable: " + str3, e2);
        } catch (NoSuchPaddingException e3) {
            throw new IllegalStateException("Padding unavailable: " + str3, e3);
        }
    }
}
