package com.hedera.hashgraph.sdk;

import java.io.IOException;
import java.io.Reader;
import java.io.Writer;
import javax.annotation.Nullable;
import javax.crypto.Cipher;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.EncryptionScheme;
import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
import org.bouncycastle.asn1.pkcs.PBES2Parameters;
import org.bouncycastle.asn1.pkcs.PBKDF2Params;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.pkcs.PKCSException;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemWriter;

/* loaded from: input_file:com/hedera/hashgraph/sdk/Pem.class */
final class Pem {
    private static final String TYPE_PRIVATE_KEY = "PRIVATE KEY";
    private static final String TYPE_ENCRYPTED_PRIVATE_KEY = "ENCRYPTED PRIVATE KEY";

    private Pem() {
    }

    static void writeEncryptedPrivateKey(PrivateKeyInfo privateKeyInfo, Writer writer, String str) throws IOException {
        byte[] randomBytes = Crypto.randomBytes(32);
        Cipher initAesCbc128Encrypt = Crypto.initAesCbc128Encrypt(Crypto.deriveKeySha256(str, randomBytes, 262144, 16), Crypto.randomBytes(16));
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, new PBES2Parameters(new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(randomBytes, 262144, 16, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA256))), new EncryptionScheme(NISTObjectIdentifiers.id_aes128_CBC, ASN1Primitive.fromByteArray(initAesCbc128Encrypt.getParameters().getEncoded())))), Crypto.runCipher(initAesCbc128Encrypt, privateKeyInfo.getEncoded()));
        PemWriter pemWriter = new PemWriter(writer);
        pemWriter.writeObject(new PemObject(TYPE_ENCRYPTED_PRIVATE_KEY, encryptedPrivateKeyInfo.getEncoded()));
        pemWriter.flush();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PrivateKeyInfo readPrivateKey(Reader reader, @Nullable String str) throws IOException {
        try {
            PEMParser pEMParser = new PEMParser(reader);
            try {
                Object readObject = pEMParser.readObject();
                char[] charArray = str != null ? str.toCharArray() : "".toCharArray();
                if (readObject == null) {
                    throw new BadKeyException("PEM file did not contain a private key");
                }
                if (readObject instanceof PKCS8EncryptedPrivateKeyInfo) {
                    PrivateKeyInfo decryptPrivateKeyInfo = ((PKCS8EncryptedPrivateKeyInfo) readObject).decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(new BouncyCastleProvider()).build(charArray));
                    pEMParser.close();
                    return decryptPrivateKeyInfo;
                }
                if (readObject instanceof PrivateKeyInfo) {
                    PrivateKeyInfo privateKeyInfo = (PrivateKeyInfo) readObject;
                    pEMParser.close();
                    return privateKeyInfo;
                }
                if (readObject instanceof PEMEncryptedKeyPair) {
                    PrivateKeyInfo privateKeyInfo2 = ((PEMEncryptedKeyPair) readObject).decryptKeyPair(new JcePEMDecryptorProviderBuilder().setProvider(new BouncyCastleProvider()).build(charArray)).getPrivateKeyInfo();
                    pEMParser.close();
                    return privateKeyInfo2;
                }
                if (!(readObject instanceof PEMKeyPair)) {
                    throw new BadKeyException("PEM file contained something the SDK didn't know what to do with: " + readObject.getClass().getName());
                }
                PrivateKeyInfo privateKeyInfo3 = ((PEMKeyPair) readObject).getPrivateKeyInfo();
                pEMParser.close();
                return privateKeyInfo3;
            } catch (Throwable th) {
                try {
                    pEMParser.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (OperatorCreationException e) {
            throw new RuntimeException((Throwable) e);
        } catch (PKCSException e2) {
            if (e2.getMessage().contains("password empty")) {
                throw new BadKeyException("PEM file contained an encrypted private key but no passphrase was given");
            }
            throw new RuntimeException((Throwable) e2);
        }
    }
}
