package de.mhus.osgi.crypt.bc;

import aQute.bnd.annotation.component.Activate;
import aQute.bnd.annotation.component.Component;
import de.mhus.lib.core.IProperties;
import de.mhus.lib.core.MApi;
import de.mhus.lib.core.MLog;
import de.mhus.lib.core.MProperties;
import de.mhus.lib.core.crypt.Blowfish;
import de.mhus.lib.core.crypt.MRandom;
import de.mhus.lib.core.crypt.pem.PemBlock;
import de.mhus.lib.core.crypt.pem.PemBlockModel;
import de.mhus.lib.core.crypt.pem.PemKey;
import de.mhus.lib.core.crypt.pem.PemKeyPair;
import de.mhus.lib.core.crypt.pem.PemPair;
import de.mhus.lib.core.crypt.pem.PemPriv;
import de.mhus.lib.core.crypt.pem.PemPub;
import de.mhus.lib.errors.MException;
import de.mhus.osgi.crypt.api.cipher.CipherProvider;
import java.io.ByteArrayOutputStream;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.UUID;
import javax.crypto.Cipher;
import org.osgi.service.component.ComponentContext;

@Component(properties = {"cipher=RSA-2"}, immediate = true)
/* loaded from: input_file:de/mhus/osgi/crypt/bc/BouncyRsaCipher.class */
public class BouncyRsaCipher extends MLog implements CipherProvider {
    private final String NAME = "RSA-2";

    @Activate
    public void doActivate(ComponentContext componentContext) {
        BouncyUtil.init();
    }

    public PemBlock encode(PemPub pemPub, String str) throws MException {
        try {
            PublicKey generatePublic = KeyFactory.getInstance("RSA", "BC").generatePublic(new X509EncodedKeySpec(pemPub.getBytesBlock()));
            Cipher cipher = Cipher.getInstance("RSA", "BC");
            cipher.init(1, generatePublic);
            byte[] bytes = str.getBytes("utf-8");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int i = pemPub.getInt("Length", 1024) == 512 ? 53 : 117;
            int i2 = 0;
            while (i2 < bytes.length) {
                int min = Math.min(i, bytes.length - i2);
                byteArrayOutputStream.write(cipher.doFinal(bytes, i2, min));
                i2 += min;
            }
            PemBlockModel pemBlockModel = new PemBlockModel("CIPHER", byteArrayOutputStream.toByteArray());
            pemBlockModel.set("Method", getName());
            pemBlockModel.set("Encoding", "utf-8");
            if (pemPub.isProperty("Ident")) {
                pemBlockModel.set("KeyIdent", pemPub.getString("Ident"));
            }
            pemBlockModel.set("Created", new Date());
            return pemBlockModel;
        } catch (Throwable th) {
            throw new MException(new Object[]{th});
        }
    }

    public String decode(PemPriv pemPriv, PemBlock pemBlock, String str) throws MException {
        try {
            byte[] bytesBlock = pemPriv.getBytesBlock();
            if (str != null) {
                bytesBlock = Blowfish.decrypt(bytesBlock, str);
            }
            PrivateKey generatePrivate = KeyFactory.getInstance("RSA", "BC").generatePrivate(new PKCS8EncodedKeySpec(bytesBlock));
            Cipher cipher = Cipher.getInstance("RSA", "BC");
            cipher.init(2, generatePrivate);
            byte[] bytesBlock2 = pemBlock.getBytesBlock();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int max = Math.max((pemPriv.getInt("Length", 1024) / 1024) * 128, 64);
            int i = 0;
            while (i < bytesBlock2.length) {
                int min = Math.min(max, bytesBlock2.length - i);
                byteArrayOutputStream.write(cipher.doFinal(bytesBlock2, i, min));
                i += min;
            }
            return new String(byteArrayOutputStream.toByteArray(), pemBlock.getString("Encoding", "utf-8"));
        } catch (Exception e) {
            throw new MException(new Object[]{e});
        }
    }

    public String getName() {
        return "RSA-2";
    }

    public PemPair createKeys(IProperties iProperties) throws MException {
        if (iProperties == null) {
            try {
                iProperties = new MProperties();
            } catch (Exception e) {
                throw new MException(new Object[]{e});
            }
        }
        int i = iProperties.getInt("length", 1024);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
        keyPairGenerator.initialize(i, ((MRandom) MApi.lookup(MRandom.class)).getSecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        PrivateKey privateKey = generateKeyPair.getPrivate();
        PublicKey publicKey = generateKeyPair.getPublic();
        UUID randomUUID = UUID.randomUUID();
        UUID randomUUID2 = UUID.randomUUID();
        byte[] encoded = privateKey.getEncoded();
        String string = iProperties.getString("passphrase", (String) null);
        if (string != null) {
            encoded = Blowfish.encrypt(encoded, string);
        }
        PemKey pemKey = new PemKey("PUBLIC KEY", publicKey.getEncoded(), false).set("Method", getName()).set("Length", Integer.valueOf(i)).set("Format", publicKey.getFormat()).set("Ident", randomUUID2).set("PrivKeyIdent", randomUUID);
        PemKey pemKey2 = new PemKey("PRIVATE KEY", encoded, true).set("Method", getName()).set("Length", Integer.valueOf(i)).set("Format", privateKey.getFormat()).set("Ident", randomUUID).set("PubKeyIdent", randomUUID2);
        if (string != null) {
            pemKey2.set("Encrypted", "blowfish");
        }
        return new PemKeyPair(pemKey2, pemKey);
    }
}
