package org.codingmatters.poom.ci.ciphering;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Optional;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.codingmatters.poom.ci.ciphering.descriptors.CipheredData;

/* loaded from: input_file:org/codingmatters/poom/ci/ciphering/DataUncipherer.class */
public class DataUncipherer implements DataCiphering {
    private final KeyStore privateKeystore;
    private final char[] keyspass;

    public DataUncipherer(KeyStore keyStore, char[] cArr) {
        this.privateKeystore = keyStore;
        this.keyspass = cArr;
    }

    public byte[] uncipher(CipheredData cipheredData) throws CertificateException, IOException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
        Optional<Key> lookupPrivateKey = lookupPrivateKey(cipheredData.certificate());
        return lookupPrivateKey.isPresent() ? uncipherData(readTransportKey(cipheredData.transportKeySpec(), lookupPrivateKey.get()), new IvParameterSpec(cipheredData.iv()), cipheredData.data()) : new byte[0];
    }

    private byte[] uncipherData(SecretKey secretKey, IvParameterSpec ivParameterSpec, byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, IOException {
        Cipher cipher = Cipher.getInstance(DataCiphering.DATA_TRANSFORMATION);
        cipher.init(2, secretKey, ivParameterSpec);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Throwable th = null;
        try {
            CipherInputStream cipherInputStream = new CipherInputStream(byteArrayInputStream, cipher);
            Throwable th2 = null;
            try {
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    byte[] bArr2 = new byte[1024];
                    for (int read = cipherInputStream.read(bArr2); read != -1; read = cipherInputStream.read(bArr2)) {
                        byteArrayOutputStream.write(bArr2, 0, read);
                    }
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    if (cipherInputStream != null) {
                        if (0 != 0) {
                            try {
                                cipherInputStream.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            cipherInputStream.close();
                        }
                    }
                    return byteArray;
                } finally {
                }
            } catch (Throwable th4) {
                if (cipherInputStream != null) {
                    if (th2 != null) {
                        try {
                            cipherInputStream.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        cipherInputStream.close();
                    }
                }
                throw th4;
            }
        } finally {
            if (byteArrayInputStream != null) {
                if (0 != 0) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    byteArrayInputStream.close();
                }
            }
        }
    }

    private SecretKey readTransportKey(byte[] bArr, Key key) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException {
        Cipher cipher = Cipher.getInstance(DataCiphering.TRANSPORT_KEY_TRANSFORMATION);
        cipher.init(2, key);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Throwable th = null;
        try {
            CipherInputStream cipherInputStream = new CipherInputStream(byteArrayInputStream, cipher);
            Throwable th2 = null;
            try {
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    byte[] bArr2 = new byte[1024];
                    for (int read = cipherInputStream.read(bArr2); read != -1; read = cipherInputStream.read(bArr2)) {
                        byteArrayOutputStream.write(bArr2, 0, read);
                    }
                    SecretKeySpec secretKeySpec = new SecretKeySpec(byteArrayOutputStream.toByteArray(), DataCiphering.TRANSPORT_KEY_ALGORITHM);
                    if (cipherInputStream != null) {
                        if (0 != 0) {
                            try {
                                cipherInputStream.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            cipherInputStream.close();
                        }
                    }
                    return secretKeySpec;
                } finally {
                }
            } catch (Throwable th4) {
                if (cipherInputStream != null) {
                    if (th2 != null) {
                        try {
                            cipherInputStream.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        cipherInputStream.close();
                    }
                }
                throw th4;
            }
        } finally {
            if (byteArrayInputStream != null) {
                if (0 != 0) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    byteArrayInputStream.close();
                }
            }
        }
    }

    private Optional<Key> lookupPrivateKey(byte[] bArr) throws CertificateException, IOException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Throwable th = null;
        try {
            try {
                String certificateAlias = this.privateKeystore.getCertificateAlias(certificateFactory.generateCertificate(byteArrayInputStream));
                if (certificateAlias == null) {
                    if (byteArrayInputStream != null) {
                        if (0 != 0) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            byteArrayInputStream.close();
                        }
                    }
                    return Optional.empty();
                }
                Optional<Key> ofNullable = Optional.ofNullable(this.privateKeystore.getKey(certificateAlias, this.keyspass));
                if (byteArrayInputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        byteArrayInputStream.close();
                    }
                }
                return ofNullable;
            } finally {
            }
        } catch (Throwable th4) {
            if (byteArrayInputStream != null) {
                if (th != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    byteArrayInputStream.close();
                }
            }
            throw th4;
        }
    }
}
