package com.ibm.net.ssh;

import java.io.ByteArrayOutputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.lang.reflect.Array;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:lib/com.ibm.ws.prereq.rxa.2.3_1.0.90.jar:com/ibm/net/ssh/OpensshPrivateKeyWriter.class */
final class OpensshPrivateKeyWriter {
    private static final String COPYRIGHT = "\n\nLicensed Materials - Property of IBM\n\n(C) Copyright IBM Corp. 2010, 2012 All Rights Reserved.\n\nUS Government Users Restricted Rights - Use, duplication or\ndisclosure restricted by GSA ADP Schedule Contract with\nIBM Corp.\n\n\n";
    private static final String RSA_PRIVATE_BEGIN_MARKER = "-----BEGIN RSA PRIVATE KEY-----";
    private static final String RSA_PRIVATE_END_MARKER = "-----END RSA PRIVATE KEY-----";
    private static final String DSA_PRIVATE_BEGIN_MARKER = "-----BEGIN DSA PRIVATE KEY-----";
    private static final String DSA_PRIVATE_END_MARKER = "-----END DSA PRIVATE KEY-----";
    private static final String PROC_TYPE = "Proc-Type: 4,ENCRYPTED";
    private static final String DEK_INFO = "DEK-Info: ";
    private static final String COMMA = ",";
    private static final char LINE_TERMINATOR = '\n';
    private static final String DES_EDE3_CBC = "DES-EDE3-CBC";
    private static final String DES_EDE_CIPHER = "DESede/CBC/PKCS5Padding";
    private static final String TRIPLE_DES = "3DES";
    private static final String DES_EDE_KEY_FACTORY = "DESede";
    private static final String AES_128_CBC = "AES-128-CBC";
    private static final String AES_CIPHER = "AES/CBC/PKCS5Padding";
    private static final String AES = "AES";
    private static final int AES_KEY_LEN = 16;
    private static final int BASE_16 = 16;
    private static final String RSA_KEY_FACTORY = "RSA";
    private static final String DSA_KEY_FACTORY = "DSA";
    private static final String MD5_MESSAGE_DIGEST = "MD5";
    private static final int IV_SIZE = 8;
    private static final int PEM_BYTES_PER_LINE = 48;
    private static final int RSA_DER_VALUE_LEN = 9;
    private static final int DSA_DER_VALUE_LEN = 6;
    private static final int MODULUS_INDEX = 1;
    private static final int E_INDEX = 2;
    private static final int D_INDEX = 3;
    private static final int PRIME_P_INDEX = 4;
    private static final int PRIME_Q_INDEX = 5;
    private static final int EXP_P_INDEX = 6;
    private static final int EXP_Q_INDEX = 7;
    private static final int COEFFICIENT_INDEX = 8;
    private static final int P_INDEX = 1;
    private static final int Q_INDEX = 2;
    private static final int G_INDEX = 3;
    private static final int Y_INDEX = 4;
    private static final int X_INDEX = 5;

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean store(KeyPair keyPair, IvParameterSpec ivParameterSpec, String str, char[] cArr, String str2) throws IOException {
        byte[] bArr;
        if (cArr != null) {
            if (cArr == null || str2 == null) {
                return false;
            }
            if (!str2.equalsIgnoreCase(TRIPLE_DES) && !str2.equalsIgnoreCase(AES)) {
                return false;
            }
        }
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(str);
                if (keyPair.getPrivate() instanceof RSAPrivateCrtKey) {
                    fileOutputStream.write(RSA_PRIVATE_BEGIN_MARKER.getBytes());
                } else {
                    fileOutputStream.write(DSA_PRIVATE_BEGIN_MARKER.getBytes());
                }
                fileOutputStream.write(10);
                ByteArrayOutputStream derEncode = derEncode(keyPair);
                if (cArr != null) {
                    fileOutputStream.write(PROC_TYPE.getBytes());
                    fileOutputStream.write(10);
                    fileOutputStream.write(DEK_INFO.getBytes());
                    if (str2.equalsIgnoreCase(AES)) {
                        fileOutputStream.write(AES_128_CBC.getBytes());
                    } else {
                        fileOutputStream.write(DES_EDE3_CBC.getBytes());
                    }
                    fileOutputStream.write(",".getBytes());
                    Cipher cipher = str2.equalsIgnoreCase(AES) ? Cipher.getInstance(AES_CIPHER) : Cipher.getInstance(DES_EDE_CIPHER);
                    if (ivParameterSpec != null) {
                        bArr = ivParameterSpec.getIV();
                    } else {
                        bArr = new byte[cipher.getBlockSize()];
                        SSHConstants.SECURE_RANDOM.nextBytes(bArr);
                    }
                    fileOutputStream.write(SSHString.bytesToString(bArr, 0, bArr.length, null, 0, true).getBytes());
                    fileOutputStream.write(10);
                    fileOutputStream.write(10);
                    cipher.init(1, str2.equalsIgnoreCase(AES) ? new SecretKeySpec(keyDerivation(cArr, bArr, 16), AES) : SecretKeyFactory.getInstance(DES_EDE_KEY_FACTORY).generateSecret(new DESedeKeySpec(keyDerivation(cArr, bArr, 24))), new IvParameterSpec(bArr));
                    byte[] byteArray = derEncode.toByteArray();
                    byte[] doFinal = cipher.doFinal(byteArray, 0, byteArray.length);
                    derEncode.reset();
                    derEncode.write(doFinal, 0, doFinal.length);
                }
                new Base64Encoder().encode(derEncode.toByteArray(), fileOutputStream);
                if (derEncode.toByteArray().length % 48 != 0) {
                    fileOutputStream.write(10);
                }
                if (keyPair.getPrivate() instanceof RSAPrivateCrtKey) {
                    fileOutputStream.write(RSA_PRIVATE_END_MARKER.getBytes());
                } else {
                    fileOutputStream.write(DSA_PRIVATE_END_MARKER.getBytes());
                }
                fileOutputStream.write(10);
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                return true;
            } catch (GeneralSecurityException e) {
                throw new IOException("Unable to write key:" + e.toString());
            }
        } catch (Throwable th) {
            if (fileOutputStream != null) {
                fileOutputStream.close();
            }
            throw th;
        }
    }

    private static ByteArrayOutputStream derEncode(KeyPair keyPair) throws IOException {
        Class<?> cls;
        Class<?> cls2;
        Class<?> cls3;
        Object newInstance;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            cls = Class.forName("com.ibm.security.util.DerOutputStream");
            cls2 = Class.forName("com.ibm.security.util.DerValue");
            cls3 = Class.forName("[Lcom.ibm.security.util.DerValue;");
        } catch (ClassNotFoundException e) {
            try {
                cls = Class.forName("sun.security.util.DerOutputStream");
                cls2 = Class.forName("sun.security.util.DerValue");
                cls3 = Class.forName("[Lsun.security.util.DerValue;");
            } catch (ClassNotFoundException e2) {
                throw new IOException("No available DerOutputStream and/or DerValue.");
            }
        }
        if (cls != null && cls2 != null && cls3 != null) {
            try {
                Object newInstance2 = cls.getConstructor((Class[]) null).newInstance((Object[]) null);
                Constructor<?> constructor = cls2.getConstructor(Byte.TYPE, byte[].class);
                Object[] objArr = {new Byte(cls2.getField("tag_Integer").getByte(null)), new byte[]{0}};
                if (keyPair.getPrivate() instanceof RSAPrivateCrtKey) {
                    RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) keyPair.getPrivate();
                    newInstance = Array.newInstance(cls2, 9);
                    Array.set(newInstance, 0, constructor.newInstance(objArr));
                    objArr[1] = rSAPrivateCrtKey.getModulus().toByteArray();
                    Array.set(newInstance, 1, constructor.newInstance(objArr));
                    objArr[1] = rSAPrivateCrtKey.getPublicExponent().toByteArray();
                    Array.set(newInstance, 2, constructor.newInstance(objArr));
                    objArr[1] = rSAPrivateCrtKey.getPrivateExponent().toByteArray();
                    Array.set(newInstance, 3, constructor.newInstance(objArr));
                    objArr[1] = rSAPrivateCrtKey.getPrimeP().toByteArray();
                    Array.set(newInstance, 4, constructor.newInstance(objArr));
                    objArr[1] = rSAPrivateCrtKey.getPrimeQ().toByteArray();
                    Array.set(newInstance, 5, constructor.newInstance(objArr));
                    objArr[1] = rSAPrivateCrtKey.getPrimeExponentP().toByteArray();
                    Array.set(newInstance, 6, constructor.newInstance(objArr));
                    objArr[1] = rSAPrivateCrtKey.getPrimeExponentQ().toByteArray();
                    Array.set(newInstance, 7, constructor.newInstance(objArr));
                    objArr[1] = rSAPrivateCrtKey.getCrtCoefficient().toByteArray();
                    Array.set(newInstance, 8, constructor.newInstance(objArr));
                } else {
                    DSAPrivateKey dSAPrivateKey = (DSAPrivateKey) keyPair.getPrivate();
                    DSAPublicKey dSAPublicKey = (DSAPublicKey) keyPair.getPublic();
                    DSAParams params = dSAPrivateKey.getParams();
                    newInstance = Array.newInstance(cls2, 6);
                    Array.set(newInstance, 0, constructor.newInstance(objArr));
                    objArr[1] = params.getP().toByteArray();
                    Array.set(newInstance, 1, constructor.newInstance(objArr));
                    objArr[1] = params.getQ().toByteArray();
                    Array.set(newInstance, 2, constructor.newInstance(objArr));
                    objArr[1] = params.getG().toByteArray();
                    Array.set(newInstance, 3, constructor.newInstance(objArr));
                    objArr[1] = dSAPublicKey.getY().toByteArray();
                    Array.set(newInstance, 4, constructor.newInstance(objArr));
                    objArr[1] = dSAPrivateKey.getX().toByteArray();
                    Array.set(newInstance, 5, constructor.newInstance(objArr));
                }
                Class<?>[] clsArr = {cls3};
                cls.getMethod("putSequence", clsArr).invoke(newInstance2, newInstance);
                clsArr[0] = OutputStream.class;
                cls.getMethod("derEncode", clsArr).invoke(newInstance2, byteArrayOutputStream);
            } catch (IllegalAccessException e3) {
                throw new IOException("Error attempting to encode DER formatted key: " + e3.toString());
            } catch (IllegalArgumentException e4) {
                throw new IOException("Error attempting to encode DER formatted key: " + e4.toString());
            } catch (InstantiationException e5) {
                throw new IOException("Error attempting to encode DER formatted key: " + e5.toString());
            } catch (NoSuchFieldException e6) {
                throw new IOException("Error attempting to encode DER formatted key: " + e6.toString());
            } catch (NoSuchMethodException e7) {
                throw new IOException("Error attempting to encode DER formatted key: " + e7.toString());
            } catch (InvocationTargetException e8) {
                throw new IOException("Error attempting to encode DER formatted key: " + e8.toString());
            }
        }
        return byteArrayOutputStream;
    }

    private static byte[] keyDerivation(char[] cArr, byte[] bArr, int i) throws GeneralSecurityException {
        byte[] bytes = String.valueOf(cArr).getBytes();
        MessageDigest messageDigest = MessageDigest.getInstance(MD5_MESSAGE_DIGEST);
        byte[] bArr2 = new byte[i];
        messageDigest.reset();
        messageDigest.update(bytes, 0, bytes.length);
        messageDigest.update(bArr, 0, 8);
        byte[] digest = messageDigest.digest();
        int length = digest.length;
        if (length < i) {
            System.arraycopy(digest, 0, bArr2, 0, digest.length);
        } else {
            System.arraycopy(digest, 0, bArr2, 0, i);
        }
        while (length < i) {
            messageDigest.reset();
            messageDigest.update(bArr2, 0, length);
            messageDigest.update(bytes, 0, bytes.length);
            messageDigest.update(bArr, 0, 8);
            byte[] digest2 = messageDigest.digest();
            length += digest2.length;
            if (length < i) {
                System.arraycopy(digest2, 0, bArr2, length - digest2.length, digest2.length);
            } else {
                System.arraycopy(digest2, 0, bArr2, length - digest2.length, (i - length) + digest2.length);
            }
        }
        return bArr2;
    }
}
