package org.cryptacular.generator;

import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.EncryptionScheme;
import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
import org.bouncycastle.asn1.pkcs.PBES2Parameters;
import org.bouncycastle.asn1.pkcs.PBKDF2Params;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.crypto.util.PBKDF2Config;
import org.bouncycastle.operator.GenericKey;
import org.bouncycastle.operator.OutputEncryptor;
import org.cryptacular.pbe.PBES2Algorithm;
import org.cryptacular.pbe.PBES2EncryptionScheme;
import org.cryptacular.spec.DigestSpec;

/* loaded from: input_file:org/cryptacular/generator/AESP12Generator.class */
public class AESP12Generator extends AbstractP12Generator {
    public static final Set<ASN1ObjectIdentifier> SUPPORTED_DIGEST_ALGORITHMS = Collections.unmodifiableSet(new HashSet(Arrays.asList(NISTObjectIdentifiers.id_sha256, NISTObjectIdentifiers.id_sha512, NISTObjectIdentifiers.id_sha3_256, NISTObjectIdentifiers.id_sha3_384, NISTObjectIdentifiers.id_sha3_512)));
    private static final Map<ASN1ObjectIdentifier, DigestSpec> DIGEST_ID_TO_DIGEST_SPEC_MAP = new HashMap();
    private static final Map<ASN1ObjectIdentifier, ASN1ObjectIdentifier> DIGEST_ID_TO_HMAC_ID_MAP = new HashMap();
    private final ASN1ObjectIdentifier digestAlgorithm;
    private final PBKDF2Config pbkdf2Config;
    private final PBES2OutputEncryptorBuilder outputEncryptorBuilder;

    /* loaded from: input_file:org/cryptacular/generator/AESP12Generator$PBES2OutputEncryptorBuilder.class */
    static class PBES2OutputEncryptorBuilder {
        private final SecureRandom random = new SecureRandom();
        private final PBES2Algorithm encryptionAlg;
        private final PBKDF2Config pbkdf2Config;

        PBES2OutputEncryptorBuilder(PBES2Algorithm pBES2Algorithm, PBKDF2Config pBKDF2Config) {
            this.encryptionAlg = pBES2Algorithm;
            this.pbkdf2Config = pBKDF2Config;
        }

        OutputEncryptor build(char[] cArr) {
            byte[] bArr = new byte[this.pbkdf2Config.getSaltLength()];
            this.random.nextBytes(bArr);
            byte[] bArr2 = new byte[this.encryptionAlg.getBlockSize() / 8];
            this.random.nextBytes(bArr2);
            final PBES2Parameters pBES2Parameters = new PBES2Parameters(new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(bArr, this.pbkdf2Config.getIterationCount(), this.pbkdf2Config.getPRF())), new EncryptionScheme(new ASN1ObjectIdentifier(this.encryptionAlg.getOid()), new DEROctetString(bArr2)));
            final PBES2EncryptionScheme pBES2EncryptionScheme = new PBES2EncryptionScheme(pBES2Parameters, cArr);
            return new OutputEncryptor() { // from class: org.cryptacular.generator.AESP12Generator.PBES2OutputEncryptorBuilder.1
                @Override // org.bouncycastle.operator.OutputEncryptor
                public AlgorithmIdentifier getAlgorithmIdentifier() {
                    return new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pBES2Parameters);
                }

                @Override // org.bouncycastle.operator.OutputEncryptor
                public OutputStream getOutputStream(OutputStream outputStream) {
                    return pBES2EncryptionScheme.wrap(true, outputStream);
                }

                @Override // org.bouncycastle.operator.OutputEncryptor
                public GenericKey getKey() {
                    return null;
                }
            };
        }
    }

    public AESP12Generator() {
        this(NISTObjectIdentifiers.id_sha256, 2048);
    }

    public AESP12Generator(int i) {
        this(NISTObjectIdentifiers.id_sha256, i);
    }

    public AESP12Generator(ASN1ObjectIdentifier aSN1ObjectIdentifier, int i) {
        if (!SUPPORTED_DIGEST_ALGORITHMS.contains(aSN1ObjectIdentifier)) {
            throw new IllegalArgumentException("Unsupported digest algorithm");
        }
        this.digestAlgorithm = aSN1ObjectIdentifier;
        this.pbkdf2Config = new PBKDF2Config.Builder().withIterationCount(i).withPRF(new AlgorithmIdentifier(DIGEST_ID_TO_HMAC_ID_MAP.get(aSN1ObjectIdentifier), DERNull.INSTANCE)).build();
        this.outputEncryptorBuilder = new PBES2OutputEncryptorBuilder(PBES2Algorithm.AES256, this.pbkdf2Config);
    }

    @Override // org.cryptacular.generator.AbstractP12Generator
    public int getIterations() {
        return this.pbkdf2Config.getIterationCount();
    }

    @Override // org.cryptacular.generator.AbstractP12Generator
    protected ASN1ObjectIdentifier getDigestAlgorithmId() {
        return this.digestAlgorithm;
    }

    @Override // org.cryptacular.generator.AbstractP12Generator
    protected DigestSpec getDigestSpec() {
        return DIGEST_ID_TO_DIGEST_SPEC_MAP.get(this.digestAlgorithm);
    }

    @Override // org.cryptacular.generator.AbstractP12Generator
    protected OutputEncryptor keyOutputEncryptor(char[] cArr) {
        return this.outputEncryptorBuilder.build(cArr);
    }

    @Override // org.cryptacular.generator.AbstractP12Generator
    protected OutputEncryptor dataOutputEncryptor(char[] cArr) {
        return this.outputEncryptorBuilder.build(cArr);
    }

    static {
        DIGEST_ID_TO_DIGEST_SPEC_MAP.put(NISTObjectIdentifiers.id_sha256, new DigestSpec("SHA256"));
        DIGEST_ID_TO_DIGEST_SPEC_MAP.put(NISTObjectIdentifiers.id_sha512, new DigestSpec("SHA512"));
        DIGEST_ID_TO_DIGEST_SPEC_MAP.put(NISTObjectIdentifiers.id_sha3_256, new DigestSpec("SHA3", 256));
        DIGEST_ID_TO_DIGEST_SPEC_MAP.put(NISTObjectIdentifiers.id_sha3_384, new DigestSpec("SHA3", 384));
        DIGEST_ID_TO_DIGEST_SPEC_MAP.put(NISTObjectIdentifiers.id_sha3_512, new DigestSpec("SHA3", 512));
        DIGEST_ID_TO_HMAC_ID_MAP.put(NISTObjectIdentifiers.id_sha256, PKCSObjectIdentifiers.id_hmacWithSHA256);
        DIGEST_ID_TO_HMAC_ID_MAP.put(NISTObjectIdentifiers.id_sha512, PKCSObjectIdentifiers.id_hmacWithSHA512);
        DIGEST_ID_TO_HMAC_ID_MAP.put(NISTObjectIdentifiers.id_sha3_256, NISTObjectIdentifiers.id_hmacWithSHA3_256);
        DIGEST_ID_TO_HMAC_ID_MAP.put(NISTObjectIdentifiers.id_sha3_384, NISTObjectIdentifiers.id_hmacWithSHA3_384);
        DIGEST_ID_TO_HMAC_ID_MAP.put(NISTObjectIdentifiers.id_sha3_512, NISTObjectIdentifiers.id_hmacWithSHA3_512);
    }
}
