package org.spongycastle.openssl;

import java.io.IOException;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.DERInteger;
import org.spongycastle.asn1.DERObjectIdentifier;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERSequence;
import org.spongycastle.asn1.nist.NISTObjectIdentifiers;
import org.spongycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.spongycastle.asn1.pkcs.EncryptionScheme;
import org.spongycastle.asn1.pkcs.KeyDerivationFunc;
import org.spongycastle.asn1.pkcs.PBES2Parameters;
import org.spongycastle.asn1.pkcs.PBKDF2Params;
import org.spongycastle.asn1.pkcs.PKCS12PBEParams;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.util.io.pem.PemGenerationException;
import org.spongycastle.util.io.pem.PemObject;
import org.spongycastle.util.io.pem.PemObjectGenerator;

/* loaded from: classes.dex */
public class PKCS8Generator implements PemObjectGenerator {

    /* renamed from: a, reason: collision with root package name */
    private char[] f11228a;

    /* renamed from: b, reason: collision with root package name */
    private String f11229b;

    /* renamed from: c, reason: collision with root package name */
    private int f11230c;

    /* renamed from: d, reason: collision with root package name */
    private PrivateKey f11231d;

    /* renamed from: e, reason: collision with root package name */
    private Cipher f11232e;

    /* renamed from: f, reason: collision with root package name */
    private SecureRandom f11233f;

    /* renamed from: g, reason: collision with root package name */
    private AlgorithmParameterGenerator f11234g;

    /* renamed from: h, reason: collision with root package name */
    private SecretKeyFactory f11235h;

    static {
        NISTObjectIdentifiers.f9348h.l();
        NISTObjectIdentifiers.f9353m.l();
        NISTObjectIdentifiers.f9358r.l();
        PKCSObjectIdentifiers.N.l();
        PKCSObjectIdentifiers.A0.l();
        PKCSObjectIdentifiers.B0.l();
        PKCSObjectIdentifiers.C0.l();
        PKCSObjectIdentifiers.D0.l();
        PKCSObjectIdentifiers.E0.l();
        PKCSObjectIdentifiers.F0.l();
    }

    @Override // org.spongycastle.util.io.pem.PemObjectGenerator
    public PemObject a() {
        byte[] encoded = this.f11231d.getEncoded();
        String str = this.f11229b;
        if (str == null) {
            return new PemObject("PRIVATE KEY", encoded);
        }
        DERObjectIdentifier dERObjectIdentifier = new DERObjectIdentifier(str);
        if (a.g(dERObjectIdentifier)) {
            byte[] bArr = new byte[20];
            if (this.f11233f == null) {
                this.f11233f = new SecureRandom();
            }
            this.f11233f.nextBytes(bArr);
            SecretKey b6 = a.b(this.f11229b, this.f11228a, bArr, this.f11230c);
            AlgorithmParameters generateParameters = this.f11234g.generateParameters();
            try {
                this.f11232e.init(1, b6, generateParameters);
                EncryptionScheme encryptionScheme = new EncryptionScheme(new DERObjectIdentifier(this.f11229b), ASN1Object.k(generateParameters.getEncoded()));
                KeyDerivationFunc keyDerivationFunc = new KeyDerivationFunc(PKCSObjectIdentifiers.L, new PBKDF2Params(bArr, this.f11230c));
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.a(keyDerivationFunc);
                aSN1EncodableVector.a(encryptionScheme);
                return new PemObject("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.K, new PBES2Parameters(new DERSequence(aSN1EncodableVector))), this.f11232e.doFinal(encoded)).f());
            } catch (IOException e6) {
                throw new PemGenerationException(e6.getMessage(), e6);
            } catch (GeneralSecurityException e7) {
                throw new PemGenerationException(e7.getMessage(), e7);
            }
        }
        if (!a.f(dERObjectIdentifier)) {
            throw new PemGenerationException("unknown algorithm: " + this.f11229b);
        }
        byte[] bArr2 = new byte[20];
        if (this.f11233f == null) {
            this.f11233f = new SecureRandom();
        }
        this.f11233f.nextBytes(bArr2);
        try {
            this.f11232e.init(1, this.f11235h.generateSecret(new PBEKeySpec(this.f11228a)), new PBEParameterSpec(bArr2, this.f11230c));
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.a(new DEROctetString(bArr2));
            aSN1EncodableVector2.a(new DERInteger(this.f11230c));
            return new PemObject("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(dERObjectIdentifier, new PKCS12PBEParams(new DERSequence(aSN1EncodableVector2))), this.f11232e.doFinal(encoded)).f());
        } catch (IOException e8) {
            throw new PemGenerationException(e8.getMessage(), e8);
        } catch (GeneralSecurityException e9) {
            throw new PemGenerationException(e9.getMessage(), e9);
        }
    }
}
