package org.opensaml.xmlsec.derivation.impl;

import com.google.common.primitives.Bytes;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
import net.shibboleth.utilities.java.support.component.AbstractInitializableComponent;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
import org.bouncycastle.crypto.digests.RIPEMD160Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA224Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.digests.SHA384Digest;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.params.KDFParameters;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.xmlsec.agreement.CloneableKeyAgreementParameter;
import org.opensaml.xmlsec.agreement.KeyAgreementException;
import org.opensaml.xmlsec.agreement.KeyAgreementParameter;
import org.opensaml.xmlsec.agreement.XMLExpressableKeyAgreementParameter;
import org.opensaml.xmlsec.agreement.impl.KeyAgreementParameterParser;
import org.opensaml.xmlsec.algorithm.AlgorithmDescriptor;
import org.opensaml.xmlsec.algorithm.AlgorithmSupport;
import org.opensaml.xmlsec.algorithm.DigestAlgorithm;
import org.opensaml.xmlsec.derivation.KeyDerivation;
import org.opensaml.xmlsec.derivation.KeyDerivationException;
import org.opensaml.xmlsec.derivation.KeyDerivationSupport;
import org.opensaml.xmlsec.encryption.ConcatKDFParams;
import org.opensaml.xmlsec.encryption.KeyDerivationMethod;
import org.opensaml.xmlsec.encryption.support.EncryptionConstants;
import org.opensaml.xmlsec.signature.DigestMethod;

/* loaded from: input_file:org/opensaml/xmlsec/derivation/impl/ConcatKDF.class */
public class ConcatKDF extends AbstractInitializableComponent implements KeyDerivation, XMLExpressableKeyAgreementParameter, CloneableKeyAgreementParameter {
    public static final String DEFAULT_DIGEST_METHOD = "http://www.w3.org/2001/04/xmlenc#sha256";

    @NonnullAfterInit
    private String digestMethod;

    @Nullable
    private String algorithmID;

    @Nullable
    private String partyUInfo;

    @Nullable
    private String partyVInfo;

    @Nullable
    private String suppPubInfo;

    @Nullable
    private String suppPrivInfo;

    /* loaded from: input_file:org/opensaml/xmlsec/derivation/impl/ConcatKDF$Parser.class */
    public static class Parser implements KeyAgreementParameterParser {
        @Override // org.opensaml.xmlsec.agreement.impl.KeyAgreementParameterParser
        public boolean handles(@Nonnull XMLObject xMLObject) {
            return KeyDerivationMethod.class.isInstance(xMLObject) && EncryptionConstants.ALGO_ID_KEYDERIVATION_CONCATKDF.equals(((KeyDerivationMethod) KeyDerivationMethod.class.cast(xMLObject)).getAlgorithm());
        }

        @Override // org.opensaml.xmlsec.agreement.impl.KeyAgreementParameterParser
        public KeyAgreementParameter parse(@Nonnull XMLObject xMLObject) throws KeyAgreementException {
            if (!handles(xMLObject)) {
                throw new KeyAgreementException("This implementation does not handle: " + xMLObject.getClass().getName());
            }
            try {
                return ConcatKDF.fromXMLObject((KeyDerivationMethod) KeyDerivationMethod.class.cast(xMLObject));
            } catch (ComponentInitializationException e) {
                throw new KeyAgreementException(e);
            }
        }
    }

    @Override // org.opensaml.xmlsec.derivation.KeyDerivation
    public String getAlgorithm() {
        return EncryptionConstants.ALGO_ID_KEYDERIVATION_CONCATKDF;
    }

    @NonnullAfterInit
    public String getDigestMethod() {
        return this.digestMethod;
    }

    public void setDigestMethod(@Nullable String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.digestMethod = StringSupport.trimOrNull(str);
    }

    @Nullable
    public String getAlgorithmID() {
        return this.algorithmID;
    }

    public void setAlgorithmID(@Nullable String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.algorithmID = StringSupport.trimOrNull(str);
    }

    @Nullable
    public String getPartyUInfo() {
        return this.partyUInfo;
    }

    public void setPartyUInfo(@Nullable String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.partyUInfo = StringSupport.trimOrNull(str);
    }

    @Nullable
    public String getPartyVInfo() {
        return this.partyVInfo;
    }

    public void setPartyVInfo(@Nullable String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.partyVInfo = StringSupport.trimOrNull(str);
    }

    @Nullable
    public String getSuppPubInfo() {
        return this.suppPubInfo;
    }

    public void setSuppPubInfo(@Nullable String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.suppPubInfo = StringSupport.trimOrNull(str);
    }

    @Nullable
    public String getSuppPrivInfo() {
        return this.suppPrivInfo;
    }

    public void setSuppPrivInfo(@Nullable String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.suppPrivInfo = StringSupport.trimOrNull(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
    public void doInitialize() throws ComponentInitializationException {
        try {
            decodeParam(this.algorithmID, ConcatKDFParams.ALGORITHM_ID_ATTRIBUTE_NAME);
            decodeParam(this.partyUInfo, ConcatKDFParams.PARTY_U_INFO_ATTRIBUTE_NAME);
            decodeParam(this.partyVInfo, ConcatKDFParams.PARTY_V_INFO_ATTRIBUTE_NAME);
            decodeParam(this.suppPubInfo, ConcatKDFParams.SUPP_PUB_INFO_ATTRIBUTE_NAME);
            decodeParam(this.suppPrivInfo, ConcatKDFParams.SUPP_PRIV_INFO_ATTRIBUTE_NAME);
            if (this.digestMethod == null) {
                this.digestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
                return;
            }
            AlgorithmDescriptor algorithmDescriptor = AlgorithmSupport.getGlobalAlgorithmRegistry().get(this.digestMethod);
            if (algorithmDescriptor == null) {
                throw new ComponentInitializationException("Specified digest algorithm is unknown: " + this.digestMethod);
            }
            if (!DigestAlgorithm.class.isInstance(algorithmDescriptor)) {
                throw new ComponentInitializationException("Specified digest algorithm is not a digest algorithm: " + this.digestMethod);
            }
            try {
                getDigestInstance(this.digestMethod);
            } catch (KeyDerivationException e) {
                throw new ComponentInitializationException("Unable to obtain digest instance", e);
            }
        } catch (KeyDerivationException e2) {
            throw new ComponentInitializationException("Invalid ConcatKDF param value", e2);
        }
    }

    /* JADX WARN: Type inference failed for: r0v10, types: [byte[], byte[][]] */
    @Override // org.opensaml.xmlsec.derivation.KeyDerivation
    public SecretKey derive(@Nonnull byte[] bArr, @Nonnull String str, @Nullable Integer num) throws KeyDerivationException {
        Constraint.isNotNull(bArr, "Secret byte[] was null");
        Constraint.isNotNull(str, "Key algorithm was null");
        ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
        return new SecretKeySpec(derive(bArr, Bytes.concat((byte[][]) new byte[]{decodeParam(this.algorithmID, ConcatKDFParams.ALGORITHM_ID_ATTRIBUTE_NAME), decodeParam(this.partyUInfo, ConcatKDFParams.PARTY_U_INFO_ATTRIBUTE_NAME), decodeParam(this.partyVInfo, ConcatKDFParams.PARTY_V_INFO_ATTRIBUTE_NAME), decodeParam(this.suppPubInfo, ConcatKDFParams.SUPP_PUB_INFO_ATTRIBUTE_NAME), decodeParam(this.suppPrivInfo, ConcatKDFParams.SUPP_PRIV_INFO_ATTRIBUTE_NAME)}), KeyDerivationSupport.getEffectiveKeyLength(str, num)), KeyDerivationSupport.getJCAKeyAlgorithm(str));
    }

    protected byte[] derive(@Nonnull byte[] bArr, @Nonnull byte[] bArr2, @Nonnull Integer num) throws KeyDerivationException {
        ConcatenationKDFGenerator concatenationKDFGenerator = new ConcatenationKDFGenerator(getDigestInstance(this.digestMethod));
        concatenationKDFGenerator.init(new KDFParameters(bArr, bArr2));
        int intValue = num.intValue() / 8;
        byte[] bArr3 = new byte[intValue];
        concatenationKDFGenerator.generateBytes(bArr3, 0, intValue);
        return bArr3;
    }

    @Nonnull
    protected Digest getDigestInstance(@Nonnull String str) throws KeyDerivationException {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1000393448:
                if (str.equals("http://www.w3.org/2001/04/xmlenc#sha256")) {
                    z = 2;
                    break;
                }
                break;
            case -1000390693:
                if (str.equals("http://www.w3.org/2001/04/xmlenc#sha512")) {
                    z = 4;
                    break;
                }
                break;
            case 1060036557:
                if (str.equals("http://www.w3.org/2000/09/xmldsig#sha1")) {
                    z = false;
                    break;
                }
                break;
            case 1253031479:
                if (str.equals("http://www.w3.org/2001/04/xmlenc#ripemd160")) {
                    z = 5;
                    break;
                }
                break;
            case 2029689854:
                if (str.equals("http://www.w3.org/2001/04/xmldsig-more#sha224")) {
                    z = true;
                    break;
                }
                break;
            case 2029691001:
                if (str.equals("http://www.w3.org/2001/04/xmldsig-more#sha384")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return new SHA1Digest();
            case true:
                return new SHA224Digest();
            case true:
                return new SHA256Digest();
            case true:
                return new SHA384Digest();
            case true:
                return new SHA512Digest();
            case true:
                return new RIPEMD160Digest();
            default:
                throw new KeyDerivationException("Specified digest algorithm is unsupported: " + str);
        }
    }

    @Override // org.opensaml.xmlsec.agreement.CloneableKeyAgreementParameter
    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public ConcatKDF m5825clone() {
        try {
            return (ConcatKDF) super.clone();
        } catch (CloneNotSupportedException e) {
            return null;
        }
    }

    @Nonnull
    protected byte[] decodeParam(@Nullable String str, @Nonnull String str2) throws KeyDerivationException {
        String trimOrNull = StringSupport.trimOrNull(str);
        if (trimOrNull == null) {
            return new byte[0];
        }
        try {
            return Hex.decodeHex(trimOrNull);
        } catch (DecoderException e) {
            throw new KeyDerivationException("ConcatKDF parameter was not valid hex-encoded value: " + str2, e);
        }
    }

    @Nullable
    protected static String padParam(@Nullable String str) {
        String trimOrNull = StringSupport.trimOrNull(str);
        if (trimOrNull == null) {
            return null;
        }
        return "00" + trimOrNull;
    }

    @Nullable
    protected static String unpadParam(@Nullable String str, @Nullable String str2) throws KeyDerivationException {
        String trimOrNull = StringSupport.trimOrNull(str);
        if (trimOrNull == null) {
            return null;
        }
        if (!trimOrNull.startsWith("00")) {
            throw new KeyDerivationException("ConcatKDF parameter was not a valid padded hexBinary value (non-byte-aligned): " + str2);
        }
        if (trimOrNull.length() < 4) {
            throw new KeyDerivationException("ConcatKDF parameter was not a valid padded hexBinary value (too short): " + str2);
        }
        return trimOrNull.substring(2);
    }

    @Override // org.opensaml.xmlsec.agreement.XMLExpressableKeyAgreementParameter
    public XMLObject buildXMLObject() {
        ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
        KeyDerivationMethod keyDerivationMethod = (KeyDerivationMethod) XMLObjectSupport.buildXMLObject(KeyDerivationMethod.DEFAULT_ELEMENT_NAME);
        keyDerivationMethod.setAlgorithm(getAlgorithm());
        ConcatKDFParams concatKDFParams = (ConcatKDFParams) XMLObjectSupport.buildXMLObject(ConcatKDFParams.DEFAULT_ELEMENT_NAME);
        DigestMethod digestMethod = (DigestMethod) XMLObjectSupport.buildXMLObject(DigestMethod.DEFAULT_ELEMENT_NAME);
        digestMethod.setAlgorithm(this.digestMethod);
        concatKDFParams.setDigestMethod(digestMethod);
        concatKDFParams.setAlgorithmID(padParam(this.algorithmID));
        concatKDFParams.setPartyUInfo(padParam(this.partyUInfo));
        concatKDFParams.setPartyVInfo(padParam(this.partyVInfo));
        concatKDFParams.setSuppPubInfo(padParam(this.suppPubInfo));
        concatKDFParams.setSuppPrivInfo(padParam(this.suppPrivInfo));
        keyDerivationMethod.getUnknownXMLObjects().add(concatKDFParams);
        return keyDerivationMethod;
    }

    @Nonnull
    public static ConcatKDF fromXMLObject(@Nonnull KeyDerivationMethod keyDerivationMethod) throws ComponentInitializationException {
        Constraint.isNotNull(keyDerivationMethod, "XMLObject was null");
        if (!EncryptionConstants.ALGO_ID_KEYDERIVATION_CONCATKDF.equals(keyDerivationMethod.getAlgorithm())) {
            throw new ComponentInitializationException("KeyDerivationMethod contains unsupported algorithm: " + keyDerivationMethod.getAlgorithm());
        }
        if (keyDerivationMethod.getUnknownXMLObjects().size() != 1 || keyDerivationMethod.getUnknownXMLObjects(ConcatKDFParams.DEFAULT_ELEMENT_NAME).size() != 1) {
            throw new ComponentInitializationException("KeyDerivationMethod contains unsupported children");
        }
        ConcatKDFParams concatKDFParams = (ConcatKDFParams) keyDerivationMethod.getUnknownXMLObjects(ConcatKDFParams.DEFAULT_ELEMENT_NAME).get(0);
        ConcatKDF concatKDF = new ConcatKDF();
        if (concatKDFParams.getDigestMethod() == null || concatKDFParams.getDigestMethod().getAlgorithm() == null) {
            throw new ComponentInitializationException("KeyDerivationMethod did not contain DigestMethod value");
        }
        concatKDF.setDigestMethod(concatKDFParams.getDigestMethod().getAlgorithm());
        try {
            concatKDF.setAlgorithmID(unpadParam(concatKDFParams.getAlgorithmID(), ConcatKDFParams.ALGORITHM_ID_ATTRIBUTE_NAME));
            concatKDF.setPartyUInfo(unpadParam(concatKDFParams.getPartyUInfo(), ConcatKDFParams.PARTY_U_INFO_ATTRIBUTE_NAME));
            concatKDF.setPartyVInfo(unpadParam(concatKDFParams.getPartyVInfo(), ConcatKDFParams.PARTY_V_INFO_ATTRIBUTE_NAME));
            concatKDF.setSuppPubInfo(unpadParam(concatKDFParams.getSuppPubInfo(), ConcatKDFParams.SUPP_PUB_INFO_ATTRIBUTE_NAME));
            concatKDF.setSuppPrivInfo(unpadParam(concatKDFParams.getSuppPrivInfo(), ConcatKDFParams.SUPP_PRIV_INFO_ATTRIBUTE_NAME));
            concatKDF.initialize();
            return concatKDF;
        } catch (KeyDerivationException e) {
            throw new ComponentInitializationException("Invalid ConcatKDF param value", e);
        }
    }
}
