package de.schlichtherle.truezip.crypto.raes;

import de.schlichtherle.truezip.crypto.SICSeekableBlockCipher;
import de.schlichtherle.truezip.crypto.SuspensionPenalty;
import de.schlichtherle.truezip.crypto.raes.Type0RaesParameters;
import de.schlichtherle.truezip.rof.ReadOnlyFile;
import de.schlichtherle.truezip.util.ArrayHelper;
import edu.umd.cs.findbugs.annotations.DefaultAnnotation;
import edu.umd.cs.findbugs.annotations.NonNull;
import java.io.EOFException;
import java.io.IOException;
import net.jcip.annotations.NotThreadSafe;
import org.bouncycastle.crypto.PBEParametersGenerator;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.engines.AESFastEngine;
import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;

/* JADX INFO: Access modifiers changed from: package-private */
@DefaultAnnotation({NonNull.class})
@NotThreadSafe
/* loaded from: input_file:de/schlichtherle/truezip/crypto/raes/Type0RaesReadOnlyFile.class */
public final class Type0RaesReadOnlyFile extends RaesReadOnlyFile {
    private final Type0RaesParameters.KeyStrength keyStrength;
    private final KeyParameter sha256MacParam;
    private final byte[] footer;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    public Type0RaesReadOnlyFile(ReadOnlyFile readOnlyFile, Type0RaesParameters type0RaesParameters) throws IOException {
        super(readOnlyFile);
        ParametersWithIV generateDerivedParameters;
        KeyParameter generateDerivedMacParameters;
        byte[] bArr;
        if (!$assertionsDisabled && null == type0RaesParameters) {
            throw new AssertionError();
        }
        readOnlyFile.seek(0L);
        long length = readOnlyFile.length();
        byte[] bArr2 = new byte[8];
        readOnlyFile.readFully(bArr2);
        short readUByte = readUByte(bArr2, 5);
        try {
            Type0RaesParameters.KeyStrength keyStrength = Type0RaesParameters.KeyStrength.values()[readUByte];
            if (!$assertionsDisabled && keyStrength.ordinal() != readUByte) {
                throw new AssertionError();
            }
            int bytes = keyStrength.getBytes();
            int bits = keyStrength.getBits();
            this.keyStrength = keyStrength;
            int readUShort = readUShort(bArr2, 6);
            if (1024 > readUShort) {
                throw new RaesException("Iteration count must be 1024 or greater, but is " + readUShort + "!");
            }
            byte[] bArr3 = new byte[bytes];
            readOnlyFile.readFully(bArr3);
            HMac hMac = new HMac(new SHA256Digest());
            this.footer = new byte[hMac.getMacSize()];
            long length2 = bArr2.length + bArr3.length;
            long length3 = length - this.footer.length;
            long j = length3 - length2;
            if (j < 0) {
                throw new RaesException("False positive Type 0 RAES file is too short!", new EOFException());
            }
            readOnlyFile.seek(length3);
            readOnlyFile.readFully(this.footer);
            if (-1 != readOnlyFile.read()) {
                throw new RaesException("Expected end of file after data envelope trailer!");
            }
            PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA256Digest());
            long j2 = 0;
            do {
                char[] readPassword = type0RaesParameters.getReadPassword(0 != j2);
                if (!$assertionsDisabled && null == readPassword) {
                    throw new AssertionError();
                }
                byte[] PKCS12PasswordToBytes = PBEParametersGenerator.PKCS12PasswordToBytes(readPassword);
                int length4 = readPassword.length;
                while (true) {
                    length4--;
                    if (length4 < 0) {
                        break;
                    } else {
                        readPassword[length4] = 0;
                    }
                }
                pKCS12ParametersGenerator.init(PKCS12PasswordToBytes, bArr3, readUShort);
                generateDerivedParameters = pKCS12ParametersGenerator.generateDerivedParameters(bits, Constants.AES_BLOCK_SIZE_BITS);
                generateDerivedMacParameters = pKCS12ParametersGenerator.generateDerivedMacParameters(bits);
                paranoidWipe(PKCS12PasswordToBytes);
                j2 = SuspensionPenalty.enforce(j2);
                hMac.init(generateDerivedMacParameters);
                byte[] key = generateDerivedParameters.getParameters().getKey();
                hMac.update(key, 0, key.length);
                bArr = new byte[hMac.getMacSize()];
                RaesOutputStream.klac(hMac, j, bArr);
            } while (!ArrayHelper.equals(this.footer, 0, bArr, 0, bArr.length / 2));
            this.sha256MacParam = generateDerivedMacParameters;
            SICSeekableBlockCipher sICSeekableBlockCipher = new SICSeekableBlockCipher(new AESFastEngine());
            sICSeekableBlockCipher.init(false, generateDerivedParameters);
            init(sICSeekableBlockCipher, length2, j);
            type0RaesParameters.setKeyStrength(keyStrength);
        } catch (ArrayIndexOutOfBoundsException e) {
            throw new RaesException("Unknown index for cipher key strength: " + ((int) readUByte));
        }
    }

    private void paranoidWipe(byte[] bArr) {
        int length = bArr.length;
        while (true) {
            length--;
            if (length < 0) {
                return;
            } else {
                bArr[length] = 0;
            }
        }
    }

    @Override // de.schlichtherle.truezip.crypto.raes.RaesReadOnlyFile
    public Type0RaesParameters.KeyStrength getKeyStrength() {
        return this.keyStrength;
    }

    @Override // de.schlichtherle.truezip.crypto.raes.RaesReadOnlyFile
    public void authenticate() throws IOException {
        HMac hMac = new HMac(new SHA256Digest());
        hMac.init(this.sha256MacParam);
        byte[] computeMac = computeMac(hMac);
        if (!$assertionsDisabled && computeMac.length != hMac.getMacSize()) {
            throw new AssertionError();
        }
        if (!ArrayHelper.equals(computeMac, 0, this.footer, this.footer.length / 2, this.footer.length / 2)) {
            throw new RaesAuthenticationException();
        }
    }

    static {
        $assertionsDisabled = !Type0RaesReadOnlyFile.class.desiredAssertionStatus();
    }
}
