package com.yubico.yubikit.core.keys;

import com.yubico.yubikit.core.application.BadResponseException;
import com.yubico.yubikit.core.fido.CtapException;
import com.yubico.yubikit.core.util.Tlv;
import com.yubico.yubikit.core.util.Tlvs;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.Nullable;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;

/* loaded from: classes5.dex */
public abstract class PrivateKeyValues implements Destroyable {
    private static final byte[] OID_ECDSA = {CtapException.ERR_NO_OPERATION_PENDING, -122, 72, -50, 61, 2, 1};
    final int bitLength;
    private boolean destroyed = false;

    /* loaded from: classes5.dex */
    public static class Ec extends PrivateKeyValues {
        private final EllipticCurveValues ellipticCurveValues;
        private final byte[] secret;

        protected Ec(EllipticCurveValues ellipticCurveValues, byte[] bArr) {
            super(ellipticCurveValues.getBitLength());
            this.ellipticCurveValues = ellipticCurveValues;
            this.secret = Arrays.copyOf(bArr, bArr.length);
        }

        @Override // com.yubico.yubikit.core.keys.PrivateKeyValues, javax.security.auth.Destroyable
        public void destroy() throws DestroyFailedException {
            Arrays.fill(this.secret, (byte) 0);
            super.destroy();
        }

        public EllipticCurveValues getCurveParams() {
            return this.ellipticCurveValues;
        }

        public byte[] getSecret() {
            byte[] bArr = this.secret;
            return Arrays.copyOf(bArr, bArr.length);
        }

        public String toString() {
            return "PrivateKeyValues.Ec{curve=" + this.ellipticCurveValues.name() + ", bitLength=" + this.bitLength + ", destroyed=" + isDestroyed() + '}';
        }
    }

    /* loaded from: classes5.dex */
    public static class Rsa extends PrivateKeyValues {

        @Nullable
        private BigInteger crtCoefficient;
        private final BigInteger modulus;

        @Nullable
        private BigInteger primeExponentP;

        @Nullable
        private BigInteger primeExponentQ;
        private BigInteger primeP;
        private BigInteger primeQ;
        private final BigInteger publicExponent;

        protected Rsa(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, @Nullable BigInteger bigInteger5, @Nullable BigInteger bigInteger6, @Nullable BigInteger bigInteger7) {
            super(bigInteger.bitLength());
            this.modulus = bigInteger;
            this.publicExponent = bigInteger2;
            this.primeP = bigInteger3;
            this.primeQ = bigInteger4;
            this.primeExponentP = bigInteger5;
            this.primeExponentQ = bigInteger6;
            this.crtCoefficient = bigInteger7;
            if (bigInteger5 == null || bigInteger6 == null || bigInteger7 == null) {
                if (bigInteger5 != null || bigInteger6 != null || bigInteger7 != null) {
                    throw new IllegalArgumentException("All CRT values must either be present or omitted");
                }
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static Rsa fromRsaPrivateKey(RSAPrivateKey rSAPrivateKey) {
            List<BigInteger> parsePkcs8RsaKeyValues;
            if (rSAPrivateKey instanceof RSAPrivateCrtKey) {
                RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) rSAPrivateKey;
                parsePkcs8RsaKeyValues = Arrays.asList(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent(), rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ(), rSAPrivateCrtKey.getPrimeExponentP(), rSAPrivateCrtKey.getPrimeExponentQ(), rSAPrivateCrtKey.getCrtCoefficient());
            } else {
                if (!"PKCS#8".equals(rSAPrivateKey.getFormat())) {
                    throw new IllegalArgumentException("Unsupported private key encoding");
                }
                parsePkcs8RsaKeyValues = parsePkcs8RsaKeyValues(rSAPrivateKey.getEncoded());
            }
            if (parsePkcs8RsaKeyValues.get(1).intValue() == 65537) {
                return new Rsa(parsePkcs8RsaKeyValues.get(0), parsePkcs8RsaKeyValues.get(1), parsePkcs8RsaKeyValues.get(3), parsePkcs8RsaKeyValues.get(4), parsePkcs8RsaKeyValues.get(5), parsePkcs8RsaKeyValues.get(6), parsePkcs8RsaKeyValues.get(7));
            }
            throw new IllegalArgumentException("Unsupported RSA public exponent");
        }

        static List<BigInteger> parsePkcs8RsaKeyValues(byte[] bArr) {
            try {
                List<Tlv> decodeList = Tlvs.decodeList(Tlvs.decodeMap(Tlvs.decodeMap(Tlvs.unpackValue(48, bArr)).get(4)).get(48));
                ArrayList arrayList = new ArrayList();
                Iterator<Tlv> it = decodeList.iterator();
                while (it.hasNext()) {
                    arrayList.add(new BigInteger(it.next().getValue()));
                }
                if (((BigInteger) arrayList.remove(0)).intValue() == 0) {
                    return arrayList;
                }
                throw new IllegalArgumentException("Expected value 0");
            } catch (BadResponseException e) {
                throw new IllegalArgumentException(e.getMessage());
            }
        }

        @Override // com.yubico.yubikit.core.keys.PrivateKeyValues, javax.security.auth.Destroyable
        public void destroy() throws DestroyFailedException {
            this.primeP = BigInteger.ZERO;
            this.primeQ = BigInteger.ZERO;
            this.primeExponentP = null;
            this.primeExponentQ = null;
            this.crtCoefficient = null;
            super.destroy();
        }

        @Nullable
        public BigInteger getCrtCoefficient() {
            return this.crtCoefficient;
        }

        public BigInteger getModulus() {
            return this.modulus;
        }

        @Nullable
        public BigInteger getPrimeExponentP() {
            return this.primeExponentP;
        }

        @Nullable
        public BigInteger getPrimeExponentQ() {
            return this.primeExponentQ;
        }

        public BigInteger getPrimeP() {
            return this.primeP;
        }

        public BigInteger getPrimeQ() {
            return this.primeQ;
        }

        public BigInteger getPublicExponent() {
            return this.publicExponent;
        }

        public String toString() {
            return "PrivateKeyValues.Rsa{modulus=" + this.modulus + ", publicExponent=" + this.publicExponent + ", bitLength=" + this.bitLength + ", hasCrtValues=" + (this.crtCoefficient != null) + ", destroyed=" + isDestroyed() + '}';
        }
    }

    protected PrivateKeyValues(int i) {
        this.bitLength = i;
    }

    public static PrivateKeyValues fromPrivateKey(PrivateKey privateKey) {
        Map<Integer, byte[]> decodeMap;
        List<Tlv> decodeList;
        byte[] value;
        if (privateKey instanceof RSAPrivateKey) {
            return Rsa.fromRsaPrivateKey((RSAPrivateKey) privateKey);
        }
        try {
            decodeMap = Tlvs.decodeMap(Tlvs.unpackValue(48, privateKey.getEncoded()));
            decodeList = Tlvs.decodeList(decodeMap.get(48));
            value = decodeList.get(0).getValue();
        } catch (BadResponseException unused) {
        }
        if (Arrays.equals(OID_ECDSA, value)) {
            return new Ec(EllipticCurveValues.fromOid(decodeList.get(1).getValue()), Tlvs.decodeList(Tlvs.unpackValue(48, decodeMap.get(4))).get(1).getValue());
        }
        for (EllipticCurveValues ellipticCurveValues : Arrays.asList(EllipticCurveValues.Ed25519, EllipticCurveValues.X25519)) {
            if (Arrays.equals(ellipticCurveValues.getOid(), value)) {
                return new Ec(ellipticCurveValues, Tlvs.unpackValue(4, decodeMap.get(4)));
            }
        }
        throw new IllegalArgumentException("Unsupported private key type");
    }

    @Override // javax.security.auth.Destroyable
    public void destroy() throws DestroyFailedException {
        this.destroyed = true;
    }

    public final int getBitLength() {
        return this.bitLength;
    }

    @Override // javax.security.auth.Destroyable
    public final boolean isDestroyed() {
        return this.destroyed;
    }
}
