package net.e6tech.elements.security.hsm.atalla.simulator;

import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import net.e6tech.elements.common.logging.Logger;
import net.e6tech.elements.security.Hex;

/* loaded from: input_file:net/e6tech/elements/security/hsm/atalla/simulator/AKB.class */
public class AKB {
    public static final String DES_EDE_CBC_NO_PADDING = "DESede/CBC/NoPadding";
    public static final String ALGORITHM_DES_EDE = "DESede";
    private String keyBlock;
    String checkDigits;

    public AKB(String str) {
        this.keyBlock = str;
    }

    public AKB(String str, byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        this.keyBlock = generateAKB(str, bArr, bArr2);
        this.checkDigits = calculateCheckDigits(bArr2);
    }

    public static byte[] normalizeKey(byte[] bArr) throws GeneralSecurityException {
        byte[] bArr2 = new byte[24];
        if (bArr.length == 8) {
            System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
            System.arraycopy(bArr, 0, bArr2, 8, bArr.length);
            System.arraycopy(bArr, 0, bArr2, 16, bArr.length);
        } else if (bArr.length == 16) {
            System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
            System.arraycopy(bArr, 0, bArr2, 16, 8);
        } else {
            if (bArr.length != 24) {
                throw new GeneralSecurityException("Invalid key side=" + bArr.length);
            }
            bArr2 = bArr;
        }
        return bArr2;
    }

    public String getKeyBlock() {
        return this.keyBlock;
    }

    public String getCheckDigits() {
        return this.checkDigits;
    }

    public String getHeader() {
        return this.keyBlock.split(",")[0];
    }

    public String getEncryptedKey() {
        return this.keyBlock.split(",")[1];
    }

    public String getMac() {
        return this.keyBlock.split(",")[2];
    }

    public byte[] decryptKey(byte[] bArr) throws GeneralSecurityException {
        byte[] bArr2;
        byte[] bArr3 = new byte[0];
        try {
            bArr3 = getHeader().getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            Logger.suppress(e);
        }
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr3);
        Cipher cipher = Cipher.getInstance(DES_EDE_CBC_NO_PADDING);
        cipher.init(2, new SecretKeySpec(maskAKBEncryptionKey(bArr, Hex.toBytes("45")[0]), ALGORITHM_DES_EDE), ivParameterSpec);
        byte[] doFinal = cipher.doFinal(Hex.toBytes(getEncryptedKey()));
        byte b = Hex.toBytes("53")[0];
        byte b2 = Hex.toBytes("44")[0];
        if (doFinal[8] == b && doFinal[9] == b && doFinal[10] == b && doFinal[11] == b && doFinal[12] == b && doFinal[13] == b && doFinal[14] == b && doFinal[15] == b) {
            bArr2 = new byte[8];
            System.arraycopy(doFinal, 0, bArr2, 0, 8);
        } else if (doFinal[16] == b2 && doFinal[17] == b2 && doFinal[18] == b2 && doFinal[19] == b2 && doFinal[20] == b2 && doFinal[21] == b2 && doFinal[22] == b2 && doFinal[23] == b2) {
            bArr2 = new byte[16];
            System.arraycopy(doFinal, 0, bArr2, 0, 16);
        } else {
            bArr2 = doFinal;
        }
        if (!generateAKB(getHeader(), bArr, bArr2).split(",")[2].equals(getMac())) {
            throw new GeneralSecurityException("Mac not verified");
        }
        if (this.checkDigits == null) {
            this.checkDigits = calculateCheckDigits(bArr2);
        }
        return bArr2;
    }

    private String generateAKB(String str, byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        if (bArr2.length % 8 != 0) {
            throw new GeneralSecurityException("key size must be multiple of 8");
        }
        byte[] bArr3 = new byte[24];
        if (bArr2.length == 8) {
            byte b = Hex.toBytes("53")[0];
            System.arraycopy(bArr2, 0, bArr3, 0, bArr2.length);
            for (int i = 8; i < 24; i++) {
                bArr3[i] = b;
            }
        } else if (bArr2.length == 16) {
            byte b2 = Hex.toBytes("44")[0];
            System.arraycopy(bArr2, 0, bArr3, 0, bArr2.length);
            for (int i2 = 16; i2 < 24; i2++) {
                bArr3[i2] = b2;
            }
        } else if (bArr2.length != 24) {
            throw new GeneralSecurityException("Invalid key size=" + bArr2.length);
        }
        byte[] bArr4 = new byte[0];
        try {
            bArr4 = str.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            Logger.suppress(e);
        }
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr4);
        Cipher cipher = Cipher.getInstance(DES_EDE_CBC_NO_PADDING);
        cipher.init(1, new SecretKeySpec(maskAKBEncryptionKey(bArr, Hex.toBytes("45")[0]), ALGORITHM_DES_EDE), ivParameterSpec);
        String hex = Hex.toString(cipher.doFinal(bArr3));
        return str + "," + hex + "," + cbcMac(maskAKBEncryptionKey(bArr, Hex.toBytes("4D")[0]), Hex.toBytes(Hex.toString(bArr4) + hex));
    }

    private byte[] maskAKBEncryptionKey(byte[] bArr, byte b) {
        byte[] bArr2 = new byte[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr2[i] = (byte) (bArr[i] ^ b);
        }
        return bArr2;
    }

    private String cbcMac(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, ALGORITHM_DES_EDE);
        Cipher cipher = Cipher.getInstance(DES_EDE_CBC_NO_PADDING);
        if (bArr2.length % 8 != 0) {
            throw new GeneralSecurityException("data block size must be multiple of 8");
        }
        int length = bArr2.length / 8;
        byte[] bArr3 = null;
        IvParameterSpec ivParameterSpec = new IvParameterSpec(new byte[8]);
        for (int i = 0; i < length; i++) {
            cipher.init(1, secretKeySpec, ivParameterSpec);
            bArr3 = cipher.doFinal(bArr2, i * 8, 8);
            ivParameterSpec = new IvParameterSpec(bArr3);
        }
        return Hex.toString(bArr3);
    }

    public static String calculateCheckDigits(byte[] bArr) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
        cipher.init(1, new SecretKeySpec(normalizeKey(bArr), ALGORITHM_DES_EDE));
        return Hex.toString(cipher.doFinal(new byte[8])).substring(0, 4);
    }
}
