package org.apache.derby.client.am;

import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:zips/geronimo-tomcat-j2ee-1.0.zip:geronimo-1.0/repository/org.apache.derby/jars/derbyclient-10.1.1.0.jar:org/apache/derby/client/am/EncryptionManager.class */
public class EncryptionManager {
    transient Agent agent_;
    private static final byte[] modulusBytes__ = {-58, 33, 18, -41, 62, -26, 19, -16, -108, 122, -77, 31, 15, 104, 70, -95, -65, -11, -77, -92, -54, 13, 96, -68, 30, 76, 122, 13, -116, 22, -77, -29};
    private static final BigInteger modulus__ = new BigInteger(1, modulusBytes__);
    private static final byte[] baseBytes__ = {70, -112, -6, 31, 123, -98, 29, 68, 66, -56, 108, -111, 20, 96, 63, -34, -49, 7, 30, -36, -20, 95, 98, 110, 33, -30, 86, -82, -39, -22, 52, -28};
    private static final BigInteger base__ = new BigInteger(1, baseBytes__);
    private static final int exponential_length__ = 255;
    private DHParameterSpec paramSpec_;
    private KeyPairGenerator keyPairGenerator_;
    private KeyPair keyPair_;
    private KeyAgreement keyAgreement_;
    private byte[] token_;
    private byte[] secKey_;
    private SecretKeyFactory secretKeyFactory_ = null;
    private String providerName;
    private Provider provider;

    public EncryptionManager(Agent agent) throws SqlException {
        this.agent_ = agent;
        try {
            Provider[] providers = Security.getProviders("KeyAgreement.DH");
            if (providers == null) {
                throw new NoSuchProviderException();
            }
            this.provider = providers[0];
            this.providerName = this.provider.getName();
            Security.addProvider(this.provider);
            this.paramSpec_ = new DHParameterSpec(modulus__, base__, 255);
            this.keyPairGenerator_ = KeyPairGenerator.getInstance("DH", this.providerName);
            this.keyPairGenerator_.initialize(this.paramSpec_);
            this.keyPair_ = this.keyPairGenerator_.generateKeyPair();
            this.keyAgreement_ = KeyAgreement.getInstance("DH", this.providerName);
            this.keyAgreement_.init(this.keyPair_.getPrivate());
        } catch (InvalidAlgorithmParameterException e) {
            throw new SqlException(this.agent_.logWriter_, e, new StringBuffer().append("java.security.InvalidAlgorithmParameterException is caught when initializing EncryptionManager '").append(e.getMessage()).append("'").toString());
        } catch (InvalidKeyException e2) {
            throw new SqlException(this.agent_.logWriter_, e2, new StringBuffer().append("java.security.InvalidKeyException is caught when initializing EncryptionManager '").append(e2.getMessage()).append("'").toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new SqlException(this.agent_.logWriter_, e3, new StringBuffer().append("java.security.NoSuchAlgorithmException is caught when initializing EncryptionManager '").append(e3.getMessage()).append("'").toString());
        } catch (NoSuchProviderException e4) {
            throw new SqlException(this.agent_.logWriter_, e4, new StringBuffer().append("java.security.NoSuchProviderException is caught when initializing EncryptionManager '").append(e4.getMessage()).append("'").toString());
        }
    }

    public byte[] obtainPublicKey() {
        byte[] byteArray = ((DHPublicKey) this.keyPair_.getPublic()).getY().toByteArray();
        if (byteArray.length == 33 && byteArray[0] == 0) {
            byte[] bArr = new byte[32];
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = byteArray[i + 1];
            }
            return bArr;
        }
        if (byteArray.length >= 32) {
            return byteArray;
        }
        byte[] bArr2 = new byte[32];
        int i2 = 0;
        while (i2 < 32 - byteArray.length) {
            bArr2[i2] = 0;
            i2++;
        }
        for (int i3 = i2; i3 < bArr2.length; i3++) {
            bArr2[i3] = byteArray[i3 - i2];
        }
        return bArr2;
    }

    private byte[] calculateEncryptionToken(int i, byte[] bArr) {
        byte[] bArr2 = new byte[8];
        if (i == 7) {
            if (bArr.length < 8) {
                for (int i2 = 0; i2 < bArr.length; i2++) {
                    bArr2[i2] = bArr[i2];
                }
                for (int length = bArr.length; length < 8; length++) {
                    bArr2[length] = 0;
                }
            } else {
                for (int i3 = 0; i3 < 8; i3++) {
                    bArr2[i3] = bArr[i3];
                }
            }
        } else if (i == 9) {
            for (int i4 = 0; i4 < 8; i4++) {
                bArr2[i4] = bArr[i4 + 12];
            }
        }
        return bArr2;
    }

    private void keyParityCheck(byte[] bArr) throws SqlException {
        if (bArr.length != 8) {
            throw new SqlException(this.agent_.logWriter_, "DES key has the wrong length");
        }
        for (int i = 0; i < 8; i++) {
            byte b = bArr[i];
            int i2 = 1;
            for (int i3 = 0; i3 < 8; i3++) {
                if (b < 0) {
                    i2 = 1 - i2;
                }
                b = (byte) (b << 1);
            }
            if (i2 == 1) {
                if ((bArr[i] & 1) != 0) {
                    int i4 = i;
                    bArr[i4] = (byte) (bArr[i4] & 254);
                } else {
                    int i5 = i;
                    bArr[i5] = (byte) (bArr[i5] | 1);
                }
            }
        }
    }

    private byte[] generatePrivateKey(byte[] bArr) throws SqlException {
        try {
            this.keyAgreement_.doPhase(KeyFactory.getInstance("DH", this.provider).generatePublic(new DHPublicKeySpec(new BigInteger(1, bArr), modulus__, base__)), true);
            byte[] generateSecret = this.keyAgreement_.generateSecret();
            byte[] bArr2 = new byte[32];
            if (generateSecret.length == 33 && generateSecret[0] == 0) {
                for (int i = 0; i < bArr2.length; i++) {
                    bArr2[i] = generateSecret[i + 1];
                }
            }
            if (generateSecret.length < 32) {
                int i2 = 0;
                while (i2 < 32 - generateSecret.length) {
                    bArr2[i2] = 0;
                    i2++;
                }
                for (int i3 = i2; i3 < generateSecret.length; i3++) {
                    bArr2[i3] = generateSecret[i3 - i2];
                }
            }
            byte[] bArr3 = new byte[8];
            if (generateSecret.length == 32) {
                for (int i4 = 0; i4 < 8; i4++) {
                    bArr3[i4] = generateSecret[i4 + 12];
                }
            } else {
                if (generateSecret.length != 33 && generateSecret.length >= 32) {
                    throw new SqlException(this.agent_.logWriter_, new StringBuffer().append("sharedSecret key length error ").append(generateSecret.length).toString());
                }
                for (int i5 = 0; i5 < 8; i5++) {
                    bArr3[i5] = bArr2[i5 + 12];
                }
            }
            keyParityCheck(bArr3);
            return bArr3;
        } catch (InvalidKeyException e) {
            throw new SqlException(this.agent_.logWriter_, e, new StringBuffer().append("java.security.InvalidKeyException is caught when encrypting data '").append(e.getMessage()).append("'").toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new SqlException(this.agent_.logWriter_, e2, new StringBuffer().append("java.security.NoSuchAlgorithmException is caught when encrypting data '").append(e2.getMessage()).append("'").toString());
        } catch (InvalidKeySpecException e3) {
            throw new SqlException(this.agent_.logWriter_, e3, "java.security.InvalidKeySpecException is caught when encrypting data");
        }
    }

    public byte[] encryptData(byte[] bArr, int i, byte[] bArr2, byte[] bArr3) throws SqlException {
        SecretKey generateSecret;
        if (this.token_ == null) {
            this.token_ = calculateEncryptionToken(i, bArr2);
        }
        try {
            if (this.secKey_ == null) {
                this.secKey_ = generatePrivateKey(bArr3);
                generateSecret = new SecretKeySpec(this.secKey_, "DES");
            } else {
                DESKeySpec dESKeySpec = new DESKeySpec(this.secKey_);
                if (this.secretKeyFactory_ == null) {
                    this.secretKeyFactory_ = SecretKeyFactory.getInstance("DES", this.providerName);
                }
                generateSecret = this.secretKeyFactory_.generateSecret(dESKeySpec);
            }
            Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding", this.providerName);
            cipher.init(1, generateSecret, new IvParameterSpec(this.token_));
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            throw new SqlException(this.agent_.logWriter_, e, new StringBuffer().append("java.security.InvalidAlgorithmParameterException is caught when encrypting data '").append(e.getMessage()).append("'").toString());
        } catch (InvalidKeyException e2) {
            throw new SqlException(this.agent_.logWriter_, e2, new StringBuffer().append("java.security.InvalidKeyException is caught when encrypting data '").append(e2.getMessage()).append("'").toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new SqlException(this.agent_.logWriter_, e3, new StringBuffer().append("java.security.NoSuchAlgorithmException is caught when encrypting data '").append(e3.getMessage()).append("'").toString());
        } catch (NoSuchProviderException e4) {
            throw new SqlException(this.agent_.logWriter_, e4, new StringBuffer().append("java.security.NoSuchProviderException is caught when encrypting data '").append(e4.getMessage()).append("'").toString());
        } catch (InvalidKeySpecException e5) {
            throw new SqlException(this.agent_.logWriter_, e5, new StringBuffer().append("javax.crypto.IllegalBlockSizeException is caught when encrypting data '").append(e5.getMessage()).append("'").toString());
        } catch (BadPaddingException e6) {
            throw new SqlException(this.agent_.logWriter_, e6, new StringBuffer().append("javax.crypto.BadPaddingException is caught when encrypting data '").append(e6.getMessage()).append("'").toString());
        } catch (IllegalBlockSizeException e7) {
            throw new SqlException(this.agent_.logWriter_, e7, new StringBuffer().append("javax.crypto.IllegalBlockSizeException is caught when encrypting data '").append(e7.getMessage()).append("'").toString());
        } catch (NoSuchPaddingException e8) {
            throw new SqlException(this.agent_.logWriter_, e8, new StringBuffer().append("javax.crypto.NoSuchPaddingException is caught when encrypting data '").append(e8.getMessage()).append("'").toString());
        }
    }

    public byte[] decryptData(byte[] bArr, int i, byte[] bArr2, byte[] bArr3) throws SqlException {
        SecretKey generateSecret;
        if (this.token_ == null) {
            this.token_ = calculateEncryptionToken(i, bArr2);
        }
        try {
            if (this.secKey_ == null) {
                this.secKey_ = generatePrivateKey(bArr3);
                generateSecret = new SecretKeySpec(this.secKey_, "DES");
            } else {
                DESKeySpec dESKeySpec = new DESKeySpec(this.secKey_);
                if (this.secretKeyFactory_ == null) {
                    this.secretKeyFactory_ = SecretKeyFactory.getInstance("DES", this.providerName);
                }
                generateSecret = this.secretKeyFactory_.generateSecret(dESKeySpec);
            }
            Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding", this.providerName);
            cipher.init(2, generateSecret, new IvParameterSpec(this.token_));
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            throw new SqlException(this.agent_.logWriter_, e, new StringBuffer().append("java.security.InvalidAlgorithmParameterException is caught when encrypting data '").append(e.getMessage()).append("'").toString());
        } catch (InvalidKeyException e2) {
            throw new SqlException(this.agent_.logWriter_, e2, new StringBuffer().append("java.security.InvalidKeyException is caught when encrypting data '").append(e2.getMessage()).append("'").toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new SqlException(this.agent_.logWriter_, e3, new StringBuffer().append("java.security.NoSuchAlgorithmException is caught when encrypting data '").append(e3.getMessage()).append("'").toString());
        } catch (NoSuchProviderException e4) {
            throw new SqlException(this.agent_.logWriter_, e4, new StringBuffer().append("java.security.NoSuchProviderException is caught when encrypting data '").append(e4.getMessage()).append("'").toString());
        } catch (InvalidKeySpecException e5) {
            throw new SqlException(this.agent_.logWriter_, e5, new StringBuffer().append("javax.crypto.IllegalBlockSizeException is caught when encrypting data '").append(e5.getMessage()).append("'").toString());
        } catch (BadPaddingException e6) {
            throw new SqlException(this.agent_.logWriter_, e6, new StringBuffer().append("javax.crypto.BadPaddingException is caught when encrypting data '").append(e6.getMessage()).append("'").toString());
        } catch (IllegalBlockSizeException e7) {
            throw new SqlException(this.agent_.logWriter_, e7, new StringBuffer().append("javax.crypto.IllegalBlockSizeException is caught when encrypting data '").append(e7.getMessage()).append("'").toString());
        } catch (NoSuchPaddingException e8) {
            throw new SqlException(this.agent_.logWriter_, e8, new StringBuffer().append("javax.crypto.NoSuchPaddingException is caught when encrypting data '").append(e8.getMessage()).append("'").toString());
        }
    }

    public void setInitVector(byte[] bArr) {
        this.token_ = bArr;
    }

    public void setSecKey(byte[] bArr) {
        this.secKey_ = bArr;
    }

    public void resetSecurityKeys() {
        this.token_ = null;
        this.secKey_ = null;
    }
}
