package org.apache.derby.impl.drda;

import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
import java.sql.SQLException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.eclipse.persistence.jpa.jpql.parser.Expression;

/* loaded from: input_file:org/apache/derby/impl/drda/DecryptionManager.class */
class DecryptionManager {
    private static final int exponential_length__ = 255;
    private KeyPairGenerator keyPairGenerator_;
    private KeyPair keyPair_;
    private KeyAgreement keyAgreement_;
    private DHParameterSpec paramSpec_;
    private static final String SHA_1_PRNG_ALGORITHM = "SHA1PRNG";
    private static final int SECMEC_USRSSBPWD_SEED_LEN = 8;
    private static final byte[] modulusBytes__ = {-58, 33, 18, -41, 62, -26, 19, -16, -108, 122, -77, 31, 15, 104, 70, -95, -65, -11, -77, -92, -54, 13, 96, -68, 30, 76, 122, 13, -116, 22, -77, -29};
    private static final BigInteger modulus__ = new BigInteger(1, modulusBytes__);
    private static final byte[] baseBytes__ = {70, -112, -6, 31, 123, -98, 29, 68, 66, -56, 108, -111, 20, 96, 63, -34, -49, 7, 30, -36, -20, 95, 98, 110, 33, -30, 86, -82, -39, -22, 52, -28};
    private static final BigInteger base__ = new BigInteger(1, baseBytes__);
    private static char[] hex_table = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};

    /* JADX INFO: Access modifiers changed from: package-private */
    public DecryptionManager() throws SQLException {
        try {
            if (Security.getProvider("IBMJCE") == null) {
                Security.addProvider((Provider) Class.forName("IBMJCE").newInstance());
            }
            this.paramSpec_ = new DHParameterSpec(modulus__, base__, 255);
            this.keyPairGenerator_ = KeyPairGenerator.getInstance("DH", "IBMJCE");
            this.keyPairGenerator_.initialize(this.paramSpec_);
            this.keyPair_ = this.keyPairGenerator_.generateKeyPair();
            this.keyAgreement_ = KeyAgreement.getInstance("DH", "IBMJCE");
            this.keyAgreement_.init(this.keyPair_.getPrivate());
        } catch (ClassNotFoundException e) {
            throw new SQLException("java.lang.ClassNotFoundException is caught when initializing EncryptionManager '" + e.getMessage() + Expression.QUOTE);
        } catch (IllegalAccessException e2) {
            throw new SQLException("java.lang.IllegalAccessException is caught when initializing EncryptionManager '" + e2.getMessage() + Expression.QUOTE);
        } catch (InstantiationException e3) {
            throw new SQLException("java.lang.InstantiationException is caught when initializing EncryptionManager '" + e3.getMessage() + Expression.QUOTE);
        } catch (InvalidAlgorithmParameterException e4) {
            throw new SQLException("java.security.InvalidAlgorithmParameterException is caught when initializing EncryptionManager '" + e4.getMessage() + Expression.QUOTE);
        } catch (InvalidKeyException e5) {
            throw new SQLException("java.security.InvalidKeyException is caught when initializing EncryptionManager '" + e5.getMessage() + Expression.QUOTE);
        } catch (NoSuchAlgorithmException e6) {
            throw new SQLException("java.security.NoSuchAlgorithmException is caught when initializing EncryptionManager '" + e6.getMessage() + Expression.QUOTE);
        } catch (NoSuchProviderException e7) {
            throw new SQLException("java.security.NoSuchProviderException is caught when initializing EncryptionManager '" + e7.getMessage() + Expression.QUOTE);
        }
    }

    public byte[] obtainPublicKey() {
        this.keyPair_.getPublic().getEncoded();
        byte[] byteArray = ((DHPublicKey) this.keyPair_.getPublic()).getY().toByteArray();
        if (byteArray.length == 33 && byteArray[0] == 0) {
            byte[] bArr = new byte[32];
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = byteArray[i + 1];
            }
            return bArr;
        }
        if (byteArray.length >= 32) {
            return byteArray;
        }
        byte[] bArr2 = new byte[32];
        int i2 = 0;
        while (i2 < 32 - byteArray.length) {
            bArr2[i2] = 0;
            i2++;
        }
        for (int i3 = i2; i3 < bArr2.length; i3++) {
            bArr2[i3] = byteArray[i3 - i2];
        }
        return bArr2;
    }

    private byte[] calculateDecryptionToken(int i, byte[] bArr) {
        byte[] bArr2 = new byte[8];
        if (i == 7) {
            if (bArr.length < 8) {
                System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
                for (int length = bArr.length; length < 8; length++) {
                    bArr2[length] = 0;
                }
            } else {
                System.arraycopy(bArr, 0, bArr2, 0, 8);
            }
        } else if (i == 9) {
            for (int i2 = 0; i2 < 8; i2++) {
                bArr2[i2] = bArr[i2 + 12];
            }
        }
        return bArr2;
    }

    public byte[] decryptData(byte[] bArr, int i, byte[] bArr2, byte[] bArr3) throws SQLException {
        byte[] calculateDecryptionToken = calculateDecryptionToken(i, bArr2);
        try {
            this.keyAgreement_.doPhase(KeyFactory.getInstance("DH", "IBMJCE").generatePublic(new DHPublicKeySpec(new BigInteger(1, bArr3), modulus__, base__)), true);
            byte[] generateSecret = this.keyAgreement_.generateSecret();
            byte[] bArr4 = new byte[32];
            if (generateSecret.length == 33 && generateSecret[0] == 0) {
                for (int i2 = 0; i2 < bArr4.length; i2++) {
                    bArr4[i2] = generateSecret[i2 + 1];
                }
            }
            if (generateSecret.length < 32) {
                int i3 = 0;
                while (i3 < 32 - generateSecret.length) {
                    bArr4[i3] = 0;
                    i3++;
                }
                for (int i4 = i3; i4 < generateSecret.length; i4++) {
                    bArr4[i4] = generateSecret[i4 - i3];
                }
            }
            byte[] bArr5 = new byte[8];
            if (generateSecret.length == 32) {
                for (int i5 = 0; i5 < 8; i5++) {
                    bArr5[i5] = generateSecret[i5 + 12];
                }
            } else {
                if (generateSecret.length != 33 && generateSecret.length >= 32) {
                    throw new SQLException("sharedSecret key length error " + generateSecret.length);
                }
                for (int i6 = 0; i6 < 8; i6++) {
                    bArr5[i6] = bArr4[i6 + 12];
                }
            }
            for (int i7 = 0; i7 < 8; i7++) {
                byte b = bArr5[i7];
                int i8 = 1;
                for (int i9 = 0; i9 < 8; i9++) {
                    if (b < 0) {
                        i8 = 1 - i8;
                    }
                    b = (byte) (b << 1);
                }
                if (i8 == 1) {
                    if ((bArr5[i7] & 1) != 0) {
                        int i10 = i7;
                        bArr5[i10] = (byte) (bArr5[i10] & 254);
                    } else {
                        int i11 = i7;
                        bArr5[i11] = (byte) (bArr5[i11] | 1);
                    }
                }
            }
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr5, "DES");
            Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding", "IBMJCE");
            cipher.init(2, secretKeySpec, new IvParameterSpec(calculateDecryptionToken));
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            throw new SQLException("java.security.InvalidAlgorithmParameterException is caught when encrypting data '" + e.getMessage() + Expression.QUOTE);
        } catch (InvalidKeyException e2) {
            throw new SQLException("java.security.InvalidKeyException is caught when encrypting data '" + e2.getMessage() + Expression.QUOTE);
        } catch (NoSuchAlgorithmException e3) {
            throw new SQLException("java.security.NoSuchAlgorithmException is caught when encrypting data '" + e3.getMessage() + Expression.QUOTE);
        } catch (NoSuchProviderException e4) {
            throw new SQLException("java.security.NoSuchProviderException is caught when encrypting data '" + e4.getMessage() + Expression.QUOTE);
        } catch (InvalidKeySpecException e5) {
            throw new SQLException("java.security.InvalidKeySpecException is caught when encrypting data");
        } catch (BadPaddingException e6) {
            throw new SQLException("javax.crypto.BadPaddingException is caught when encrypting data '" + e6.getMessage() + Expression.QUOTE);
        } catch (IllegalBlockSizeException e7) {
            throw new SQLException("javax.crypto.IllegalBlockSizeException is caught when encrypting data '" + e7.getMessage() + Expression.QUOTE);
        } catch (NoSuchPaddingException e8) {
            throw new SQLException("javax.crypto.NoSuchPaddingException is caught when encrypting data '" + e8.getMessage() + Expression.QUOTE);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static byte[] generateSeed() throws SQLException {
        try {
            SecureRandom secureRandom = SecureRandom.getInstance(SHA_1_PRNG_ALGORITHM);
            byte[] bArr = new byte[8];
            secureRandom.setSeed(secureRandom.generateSeed(8));
            secureRandom.nextBytes(bArr);
            return bArr;
        } catch (NoSuchAlgorithmException e) {
            throw new SQLException("java.security.NoSuchAlgorithmException is caught when initializing DecryptionManager '" + e.getMessage() + Expression.QUOTE);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String toHexString(byte[] bArr, int i, int i2) {
        StringBuffer stringBuffer = new StringBuffer(i2 * 2);
        int i3 = i + i2;
        for (int i4 = i; i4 < i3; i4++) {
            int i5 = (bArr[i4] & 240) >>> 4;
            int i6 = bArr[i4] & 15;
            stringBuffer.append(hex_table[i5]);
            stringBuffer.append(hex_table[i6]);
        }
        return stringBuffer.toString();
    }

    protected static byte[] toHexByte(String str, int i, int i2) {
        byte[] bArr = new byte[(i2 - i) * 2];
        int i3 = i + i2;
        for (int i4 = i; i4 < i3; i4++) {
            char charAt = str.charAt(i4);
            bArr[i4] = (byte) ((charAt & 240) >>> 4);
            bArr[i4 + 1] = (byte) (charAt & 15);
        }
        return bArr;
    }
}
