package org.xwiki.crypto.password.internal;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import javax.inject.Inject;
import javax.inject.Provider;
import javax.inject.Singleton;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.xwiki.component.annotation.Component;
import org.xwiki.component.manager.ComponentLookupException;
import org.xwiki.component.manager.ComponentManager;
import org.xwiki.crypto.AsymmetricKeyFactory;
import org.xwiki.crypto.params.cipher.asymmetric.PrivateKeyParameters;
import org.xwiki.crypto.params.cipher.symmetric.KeyWithIVParameters;
import org.xwiki.crypto.params.cipher.symmetric.SymmetricCipherParameters;
import org.xwiki.crypto.password.KeyDerivationFunction;
import org.xwiki.crypto.password.PasswordBasedCipher;
import org.xwiki.crypto.password.PasswordBasedCipherFactory;
import org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor;
import org.xwiki.crypto.password.internal.pbe.AbstractBcPBCipher;
import org.xwiki.crypto.password.internal.pbe.factory.AbstractBcPBCipherFactory;
import org.xwiki.crypto.password.params.KeyDerivationFunctionParameters;
import org.xwiki.crypto.password.params.PBKDF2Parameters;

@Singleton
@Component
/* loaded from: input_file:WEB-INF/lib/xwiki-commons-crypto-password-9.11.4.jar:org/xwiki/crypto/password/internal/DefaultPrivateKeyPasswordBasedEncryptor.class */
public class DefaultPrivateKeyPasswordBasedEncryptor implements PrivateKeyPasswordBasedEncryptor {

    @Inject
    private ComponentManager manager;

    @Inject
    private AsymmetricKeyFactory keyFactory;

    @Inject
    private Provider<SecureRandom> randomProvider;

    @Override // org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor
    public PrivateKeyParameters decrypt(byte[] bArr, byte[] bArr2) throws GeneralSecurityException, IOException {
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = EncryptedPrivateKeyInfo.getInstance(bArr2);
        return decrypt(bArr, encryptedPrivateKeyInfo.getEncryptionAlgorithm(), encryptedPrivateKeyInfo.getEncryptedData());
    }

    @Override // org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor
    public PrivateKeyParameters decrypt(byte[] bArr, javax.crypto.EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) throws GeneralSecurityException, IOException {
        return decrypt(bArr, encryptedPrivateKeyInfo.getEncoded());
    }

    private PrivateKeyParameters decrypt(byte[] bArr, AlgorithmIdentifier algorithmIdentifier, byte[] bArr2) throws GeneralSecurityException, IOException {
        return this.keyFactory.fromPKCS8(getPBECipher(bArr, algorithmIdentifier).doFinal(bArr2));
    }

    private PasswordBasedCipher getPBECipher(byte[] bArr, AlgorithmIdentifier algorithmIdentifier) throws IOException {
        PasswordBasedCipherFactory pBEFactory = getPBEFactory(algorithmIdentifier.getAlgorithm().getId());
        return pBEFactory instanceof AbstractBcPBCipherFactory ? ((AbstractBcPBCipherFactory) pBEFactory).getInstance(false, bArr, (ASN1Encodable) algorithmIdentifier) : pBEFactory.getInstance(false, bArr, algorithmIdentifier.getEncoded());
    }

    private PasswordBasedCipherFactory getPBEFactory(String str) {
        try {
            return (PasswordBasedCipherFactory) this.manager.getInstance(PasswordBasedCipherFactory.class, str);
        } catch (ComponentLookupException e) {
            throw new UnsupportedOperationException("Password based cipher factory not found: " + str, e);
        }
    }

    @Override // org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor
    public byte[] encrypt(String str, SymmetricCipherParameters symmetricCipherParameters, KeyDerivationFunctionParameters keyDerivationFunctionParameters, PrivateKeyParameters privateKeyParameters) throws GeneralSecurityException, IOException {
        return encrypt(getPBEFactory(str).getInstance(true, symmetricCipherParameters, keyDerivationFunctionParameters), privateKeyParameters);
    }

    @Override // org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor
    public byte[] encrypt(String str, SymmetricCipherParameters symmetricCipherParameters, KeyDerivationFunction keyDerivationFunction, PrivateKeyParameters privateKeyParameters) throws GeneralSecurityException, IOException {
        return encrypt(getPBEFactory(str).getInstance(true, symmetricCipherParameters, keyDerivationFunction), privateKeyParameters);
    }

    @Override // org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor
    public byte[] encrypt(String str, byte[] bArr, byte[] bArr2, PrivateKeyParameters privateKeyParameters) throws GeneralSecurityException, IOException {
        return encrypt(getPBEFactory(str).getInstance(true, bArr, bArr2), privateKeyParameters);
    }

    @Override // org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor
    public byte[] encrypt(String str, byte[] bArr, KeyDerivationFunctionParameters keyDerivationFunctionParameters, PrivateKeyParameters privateKeyParameters) throws GeneralSecurityException, IOException {
        PasswordBasedCipherFactory pBEFactory = getPBEFactory(str);
        return encrypt(pBEFactory.getInstance(true, (SymmetricCipherParameters) new KeyWithIVParameters(bArr, pBEFactory.getIVSize(), this.randomProvider.get()), keyDerivationFunctionParameters), privateKeyParameters);
    }

    @Override // org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor
    public byte[] encrypt(byte[] bArr, PrivateKeyParameters privateKeyParameters) throws GeneralSecurityException, IOException {
        PasswordBasedCipherFactory pBEFactory = getPBEFactory("PBES2-AES-CBC-Pad");
        return encrypt(pBEFactory.getInstance(true, (SymmetricCipherParameters) new KeyWithIVParameters(bArr, pBEFactory.getIVSize(), this.randomProvider.get()), (KeyDerivationFunctionParameters) new PBKDF2Parameters(this.randomProvider.get())), privateKeyParameters);
    }

    @Override // org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor
    public byte[] encrypt(PasswordBasedCipher passwordBasedCipher, PrivateKeyParameters privateKeyParameters) throws IOException, GeneralSecurityException {
        return new EncryptedPrivateKeyInfo(passwordBasedCipher instanceof AbstractBcPBCipher ? ((AbstractBcPBCipher) passwordBasedCipher).getPBEParameters() : AlgorithmIdentifier.getInstance(passwordBasedCipher.getEncoded()), passwordBasedCipher.doFinal(privateKeyParameters.getEncoded())).getEncoded();
    }
}
