package org.jruby.ext.openssl;

import java.io.PrintStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Set;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.RC2ParameterSpec;
import org.jruby.Ruby;
import org.jruby.RubyArray;
import org.jruby.RubyBoolean;
import org.jruby.RubyClass;
import org.jruby.RubyInteger;
import org.jruby.RubyModule;
import org.jruby.RubyNumeric;
import org.jruby.RubyObject;
import org.jruby.RubyString;
import org.jruby.anno.JRubyMethod;
import org.jruby.common.IRubyWarnings;
import org.jruby.exceptions.RaiseException;
import org.jruby.ext.openssl.impl.ASN1Registry;
import org.jruby.runtime.Arity;
import org.jruby.runtime.ObjectAllocator;
import org.jruby.runtime.ThreadContext;
import org.jruby.runtime.Visibility;
import org.jruby.runtime.builtin.IRubyObject;
import org.jruby.util.ByteList;
import org.jruby.util.TypeConverter;

/* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/Cipher.class */
public class Cipher extends RubyObject {
    private static final long serialVersionUID = -5390983669951165103L;
    private static final ObjectAllocator ALLOCATOR = new ObjectAllocator() { // from class: org.jruby.ext.openssl.Cipher.1
        @Override // org.jruby.runtime.ObjectAllocator
        public Cipher allocate(Ruby ruby, RubyClass rubyClass) {
            return new Cipher(ruby, rubyClass);
        }
    };
    private javax.crypto.Cipher cipher;
    private String name;
    private String cryptoBase;
    private String cryptoVersion;
    private String cryptoMode;
    private String paddingType;
    private String realName;
    private int keyLength;
    private int generateKeyLength;
    private int ivLength;
    private boolean encryptMode;
    private boolean cipherInited;
    private byte[] key;
    private byte[] realIV;
    private byte[] orgIV;
    private String padding;
    private int processedDataBytes;
    private byte[] lastIV;
    private transient ByteList auth_tag;
    private static final int MAX_AUTH_TAG_LENGTH = 16;
    private transient ByteList auth_data;

    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/Cipher$AES.class */
    public static class AES extends Cipher {
        private static final long serialVersionUID = -3627749495034257750L;
        final String keyLength;

        AES(Ruby ruby, RubyClass rubyClass, String str) {
            super(ruby, rubyClass);
            this.keyLength = str;
        }

        @JRubyMethod(rest = true, visibility = Visibility.PRIVATE)
        public IRubyObject initialize(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
            initializeImpl(threadContext.runtime, "AES-" + this.keyLength + '-' + ((iRubyObjectArr == null || iRubyObjectArr.length <= 0) ? "CBC" : iRubyObjectArr[0].toString()));
            return this;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/Cipher$AESCipherAllocator.class */
    public static class AESCipherAllocator implements ObjectAllocator {
        private final String keyLength;

        AESCipherAllocator(String str) {
            this.keyLength = str;
        }

        @Override // org.jruby.runtime.ObjectAllocator
        public AES allocate(Ruby ruby, RubyClass rubyClass) {
            return new AES(ruby, rubyClass, this.keyLength);
        }
    }

    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/Cipher$Algorithm.class */
    public static final class Algorithm {
        final String base;
        final String version;
        final String mode;
        private String padding;
        private String realName;
        private boolean realNameNeedsPadding;
        private int keyLength = -1;
        private int ivLength = -1;
        private static final Set<String> NO_PADDING_BLOCK_MODES;
        private static final String[] OPENSSL_BLOCK_MODES = {"CBC", "CFB", "CFB8", "ECB", "OFB"};
        private static final Set<String> KNOWN_BLOCK_MODES = new HashSet(10, 1.0f);

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/Cipher$Algorithm$AllSupportedCiphers.class */
        public static final class AllSupportedCiphers {
            static final HashMap<String, String[]> CIPHERS_MAP = new LinkedHashMap(120, 1.0f);

            AllSupportedCiphers() {
            }

            static {
                String[] cipherModes = Cipher.cipherModes(CipherStrings.SSL_TXT_AES);
                if (cipherModes != null) {
                    for (String str : cipherModes) {
                        String str2 = "AES/" + str;
                        CIPHERS_MAP.put("AES-128-" + str, new String[]{CipherStrings.SSL_TXT_AES, str, "128", str2});
                        CIPHERS_MAP.put("AES-192-" + str, new String[]{CipherStrings.SSL_TXT_AES, str, "192", str2});
                        CIPHERS_MAP.put("AES-256-" + str, new String[]{CipherStrings.SSL_TXT_AES, str, "256", str2});
                    }
                    CIPHERS_MAP.put("AES128", new String[]{CipherStrings.SSL_TXT_AES, "CBC", "128", "AES/CBC"});
                    CIPHERS_MAP.put("AES192", new String[]{CipherStrings.SSL_TXT_AES, "CBC", "192", "AES/CBC"});
                    CIPHERS_MAP.put("AES256", new String[]{CipherStrings.SSL_TXT_AES, "CBC", "256", "AES/CBC"});
                }
                String[] cipherModes2 = Cipher.cipherModes("Blowfish");
                if (cipherModes2 != null) {
                    CIPHERS_MAP.put("BF", new String[]{"BF", "CBC", null, "Blowfish/CBC"});
                    for (String str3 : cipherModes2) {
                        CIPHERS_MAP.put("BF-" + str3, new String[]{"BF", str3, null, "Blowfish/" + str3});
                    }
                }
                String[] cipherModes3 = Cipher.cipherModes("Camellia");
                if (cipherModes3 != null) {
                    for (String str4 : cipherModes3) {
                        String str5 = "Camellia/" + str4;
                        CIPHERS_MAP.put("CAMELLIA-128-" + str4, new String[]{"CAMELLIA", str4, "128", str5});
                        CIPHERS_MAP.put("CAMELLIA-192-" + str4, new String[]{"CAMELLIA", str4, "192", str5});
                        CIPHERS_MAP.put("CAMELLIA-256-" + str4, new String[]{"CAMELLIA", str4, "256", str5});
                    }
                    CIPHERS_MAP.put("CAMELLIA128", new String[]{"CAMELLIA", "CBC", "128", "Camellia/CBC"});
                    CIPHERS_MAP.put("CAMELLIA192", new String[]{"CAMELLIA", "CBC", "192", "Camellia/CBC"});
                    CIPHERS_MAP.put("CAMELLIA256", new String[]{"CAMELLIA", "CBC", "256", "Camellia/CBC"});
                }
                String[] cipherModes4 = Cipher.cipherModes("CAST5");
                if (cipherModes4 != null) {
                    CIPHERS_MAP.put("CAST", new String[]{"CAST", "CBC", null, "CAST5/CBC"});
                    CIPHERS_MAP.put("CAST-CBC", CIPHERS_MAP.get("CAST"));
                    for (String str6 : cipherModes4) {
                        CIPHERS_MAP.put("CAST5-" + str6, new String[]{"CAST", str6, null, "CAST5/" + str6});
                    }
                }
                String[] cipherModes5 = Cipher.cipherModes("CAST6");
                if (cipherModes5 != null) {
                    for (String str7 : cipherModes5) {
                        CIPHERS_MAP.put("CAST6-" + str7, new String[]{"CAST6", str7, null, "CAST6/" + str7});
                    }
                }
                String[] cipherModes6 = Cipher.cipherModes(CipherStrings.SSL_TXT_DES);
                if (cipherModes6 != null) {
                    CIPHERS_MAP.put(CipherStrings.SSL_TXT_DES, new String[]{CipherStrings.SSL_TXT_DES, "CBC", null, "DES/CBC"});
                    for (String str8 : cipherModes6) {
                        CIPHERS_MAP.put("DES-" + str8, new String[]{CipherStrings.SSL_TXT_DES, str8, null, "DES/" + str8});
                    }
                }
                String[] cipherModes7 = Cipher.cipherModes("DESede");
                if (cipherModes7 != null) {
                    CIPHERS_MAP.put(ASN1Registry.SN_des_ede_ecb, new String[]{CipherStrings.SSL_TXT_DES, "ECB", "EDE", "DESede/ECB"});
                    CIPHERS_MAP.put(ASN1Registry.SN_des_ede_cbc, new String[]{CipherStrings.SSL_TXT_DES, "CBC", "EDE", "DESede/CBC"});
                    CIPHERS_MAP.put(ASN1Registry.SN_des_ede_cfb64, new String[]{CipherStrings.SSL_TXT_DES, "CBC", "EDE", "DESede/CFB"});
                    CIPHERS_MAP.put(ASN1Registry.SN_des_ede_ofb64, new String[]{CipherStrings.SSL_TXT_DES, "CBC", "EDE", "DESede/OFB"});
                    CIPHERS_MAP.put(ASN1Registry.SN_des_ede3_ecb, new String[]{CipherStrings.SSL_TXT_DES, "ECB", "EDE3", "DESede/ECB"});
                    for (String str9 : cipherModes7) {
                        CIPHERS_MAP.put("DES-EDE3-" + str9, new String[]{CipherStrings.SSL_TXT_DES, str9, "EDE3", "DESede/" + str9});
                    }
                    CIPHERS_MAP.put("DES3", new String[]{CipherStrings.SSL_TXT_DES, "CBC", "EDE3", "DESede/CBC"});
                }
                String[] cipherModes8 = Cipher.cipherModes(CipherStrings.SSL_TXT_RC2);
                if (cipherModes8 != null) {
                    CIPHERS_MAP.put(CipherStrings.SSL_TXT_RC2, new String[]{CipherStrings.SSL_TXT_RC2, "CBC", null, "RC2/CBC"});
                    for (String str10 : cipherModes8) {
                        CIPHERS_MAP.put("RC2-" + str10, new String[]{CipherStrings.SSL_TXT_RC2, str10, null, "RC2/" + str10});
                    }
                    CIPHERS_MAP.put(ASN1Registry.SN_rc2_40_cbc, new String[]{CipherStrings.SSL_TXT_RC2, "CBC", "40", "RC2/CBC"});
                    CIPHERS_MAP.put(ASN1Registry.SN_rc2_64_cbc, new String[]{CipherStrings.SSL_TXT_RC2, "CBC", "64", "RC2/CBC"});
                }
                if (Cipher.cipherModes("RC4") != null) {
                    CIPHERS_MAP.put("RC4", new String[]{"RC4", null, null, "RC4"});
                    CIPHERS_MAP.put(ASN1Registry.SN_rc4_40, new String[]{"RC4", null, "40", "RC4"});
                }
                String[] cipherModes9 = Cipher.cipherModes("SEED");
                if (cipherModes9 != null) {
                    CIPHERS_MAP.put("SEED", new String[]{"SEED", "CBC", null, "SEED/CBC"});
                    for (String str11 : cipherModes9) {
                        CIPHERS_MAP.put("SEED-" + str11, new String[]{"SEED", str11, null, "SEED/" + str11});
                    }
                }
            }
        }

        Algorithm(String str, String str2, String str3) {
            this.base = str;
            this.version = str2;
            this.mode = str3;
        }

        @Deprecated
        public static String jsseToOssl(String str, int i) {
            return javaToOssl(str, i);
        }

        public static String javaToOssl(String str, int i) {
            String str2 = null;
            String str3 = null;
            ArrayList split = StringHelper.split(str, '/');
            int size = split.size();
            if (size != 1 && size != 3) {
                return null;
            }
            if (size > 2) {
                str3 = (String) split.get(1);
            }
            String str4 = (String) split.get(0);
            if (!KNOWN_BLOCK_MODES.contains(str3)) {
                str2 = str3;
                str3 = "CBC";
            }
            if (str3 == null) {
                str3 = "CBC";
            }
            if ("DESede".equals(str4)) {
                str4 = CipherStrings.SSL_TXT_DES;
                str2 = "EDE3";
            } else if ("Blowfish".equals(str4)) {
                str4 = "BF";
            }
            if (str2 == null) {
                str2 = String.valueOf(i);
            }
            return str4 + '-' + str2 + '-' + str3;
        }

        static Algorithm osslToJava(String str) {
            return osslToJava(str, null);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static Algorithm osslToJava(String str, String str2) {
            String substring;
            String substring2;
            String str3;
            String[] strArr = AllSupportedCiphers.CIPHERS_MAP.get(str);
            if (strArr != null) {
                String str4 = strArr[1];
                Algorithm algorithm = new Algorithm(strArr[0], strArr[2], str4);
                algorithm.realName = strArr[3];
                algorithm.realNameNeedsPadding = true;
                algorithm.padding = getPaddingType(str2, str4);
                return algorithm;
            }
            String str5 = null;
            String str6 = null;
            if (str.indexOf(47) != -1) {
                ArrayList split = StringHelper.split(str, '/');
                String str7 = (String) split.get(0);
                String str8 = split.size() > 1 ? (String) split.get(1) : "CBC";
                String paddingType = getPaddingType(str2, str8);
                if (split.size() > 2) {
                    paddingType = (String) split.get(2);
                }
                Algorithm algorithm2 = new Algorithm(str7, null, str8);
                algorithm2.realName = str;
                algorithm2.padding = paddingType;
                return algorithm2;
            }
            int indexOf = str.indexOf(45);
            if (indexOf == -1) {
                substring = str;
                substring2 = null;
            } else {
                substring = str.substring(0, indexOf);
                int i = indexOf + 1;
                int indexOf2 = str.indexOf(45, i);
                if (indexOf2 == -1) {
                    substring2 = str.substring(i);
                } else {
                    str5 = str.substring(i, indexOf2);
                    int i2 = indexOf2 + 1;
                    int indexOf3 = str.indexOf(45, i2);
                    substring2 = indexOf3 == -1 ? str.substring(i2) : str.substring(i2, indexOf3);
                }
            }
            String upperCase = substring.toUpperCase();
            if (substring2 != null) {
                substring2 = substring2.toUpperCase();
            }
            boolean z = false;
            boolean z2 = true;
            if ("BF".equals(upperCase)) {
                str3 = "Blowfish";
            } else if ("CAST".equals(upperCase)) {
                str3 = "CAST5";
            } else if (upperCase.startsWith(CipherStrings.SSL_TXT_DES)) {
                if ("DES3".equals(upperCase)) {
                    upperCase = CipherStrings.SSL_TXT_DES;
                    str3 = "DESede";
                    str5 = "EDE3";
                } else if ("EDE3".equalsIgnoreCase(str5) || "EDE".equalsIgnoreCase(str5)) {
                    str3 = "DESede";
                    if (substring2 == null) {
                        substring2 = "ECB";
                    }
                } else if ("EDE3".equalsIgnoreCase(substring2) || "EDE".equalsIgnoreCase(substring2)) {
                    str3 = "DESede";
                    str5 = substring2;
                    substring2 = "ECB";
                } else {
                    str3 = CipherStrings.SSL_TXT_DES;
                }
            } else if (upperCase.length() > 3 && upperCase.startsWith(CipherStrings.SSL_TXT_AES)) {
                try {
                    String substring3 = upperCase.substring(3);
                    Integer.parseInt(substring3);
                    upperCase = CipherStrings.SSL_TXT_AES;
                    str3 = CipherStrings.SSL_TXT_AES;
                    str5 = substring3;
                } catch (NumberFormatException e) {
                    str3 = upperCase;
                }
            } else if (upperCase.length() <= 8 || !upperCase.startsWith("CAMELLIA")) {
                str3 = upperCase;
                if ("RC4".equals(upperCase)) {
                    if (!KNOWN_BLOCK_MODES.contains(substring2)) {
                        str5 = substring2;
                    }
                    substring2 = null;
                    z2 = false;
                    z = true;
                }
            } else {
                try {
                    String substring4 = upperCase.substring(8);
                    Integer.parseInt(substring4);
                    upperCase = "CAMELLIA";
                    str3 = "CAMELLIA";
                    str5 = substring4;
                } catch (NumberFormatException e2) {
                    str3 = upperCase;
                }
            }
            if (substring2 == null && z2) {
                substring2 = "CBC";
            }
            if (0 == 0) {
                str6 = getPaddingType(str2, substring2);
            }
            if (substring2 != null) {
                if (!z) {
                    str3 = str3 + '/' + substring2 + '/' + str6;
                }
            } else if (!z && str2 != null) {
                str3 = str3 + "/NONE/" + str6;
            }
            Algorithm algorithm3 = new Algorithm(upperCase, str5, substring2);
            algorithm3.realName = str3;
            algorithm3.padding = str6;
            return algorithm3;
        }

        String getPadding() {
            if (this.mode == null) {
                return null;
            }
            return this.padding;
        }

        private static String getPaddingType(String str, String str2) {
            return str == null ? NO_PADDING_BLOCK_MODES.contains(str2) ? "NoPadding" : "PKCS5Padding" : str.equalsIgnoreCase("PKCS5Padding") ? "PKCS5Padding" : (str.equals("0") || str.equalsIgnoreCase("NoPadding")) ? "NoPadding" : str.equalsIgnoreCase("ISO10126Padding") ? "ISO10126Padding" : str.equalsIgnoreCase("PKCS1Padding") ? "PKCS1Padding" : str.equalsIgnoreCase("SSL3Padding") ? "SSL3Padding" : str.equalsIgnoreCase("OAEPPadding") ? "OAEPPadding" : "PKCS5Padding";
        }

        String getRealName() {
            if (this.realName == null) {
                String str = this.base + '/' + (this.mode == null ? "NONE" : this.mode) + '/' + this.padding;
                this.realName = str;
                return str;
            }
            if (this.realNameNeedsPadding) {
                String padding = getPadding();
                if (padding != null) {
                    this.realName += '/' + padding;
                }
                this.realNameNeedsPadding = false;
            }
            return this.realName;
        }

        public static String getAlgorithmBase(javax.crypto.Cipher cipher) {
            String algorithm = cipher.getAlgorithm();
            int indexOf = algorithm.indexOf(47);
            return indexOf != -1 ? algorithm.substring(0, indexOf) : algorithm;
        }

        public static String getRealName(String str) {
            return osslToJava(str).getRealName();
        }

        public int getIvLength() {
            if (this.ivLength != -1) {
                return this.ivLength;
            }
            getKeyLength();
            if (this.ivLength == -1) {
                if (CipherStrings.SSL_TXT_AES.equals(this.base)) {
                    this.ivLength = 16;
                    if ("GCM".equals(this.mode) || "CCM".equals(this.mode)) {
                        this.ivLength = 12;
                    }
                } else if ("ECB".equals(this.mode)) {
                    this.ivLength = 0;
                } else {
                    this.ivLength = 8;
                }
            }
            return this.ivLength;
        }

        public int getKeyLength() {
            if (this.keyLength != -1) {
                return this.keyLength;
            }
            int i = -1;
            if (this.version != null) {
                try {
                    i = Integer.parseInt(this.version) / 8;
                } catch (NumberFormatException e) {
                    i = -1;
                }
            }
            if (i == -1) {
                if (CipherStrings.SSL_TXT_DES.equals(this.base)) {
                    i = "EDE".equalsIgnoreCase(this.version) ? 16 : "EDE3".equalsIgnoreCase(this.version) ? 24 : 8;
                } else if ("RC4".equals(this.base)) {
                    i = 16;
                } else {
                    i = 16;
                    try {
                        int maxAllowedKeyLength = javax.crypto.Cipher.getMaxAllowedKeyLength(getRealName()) / 8;
                        if (maxAllowedKeyLength < 16) {
                            i = maxAllowedKeyLength;
                        }
                    } catch (NoSuchAlgorithmException e2) {
                    }
                }
            }
            int i2 = i;
            this.keyLength = i2;
            return i2;
        }

        @Deprecated
        public static int[] osslKeyIvLength(String str) {
            Algorithm osslToJava = osslToJava(str);
            return new int[]{osslToJava.getKeyLength(), osslToJava.getIvLength()};
        }

        public String toString() {
            return getClass().getSimpleName() + '@' + Integer.toHexString(hashCode()) + "<base=" + this.base + " mode=" + this.mode + " version=" + this.version + " padding=" + this.padding + " realName=" + this.realName + " realNameNeedsPadding=" + this.realNameNeedsPadding + ">";
        }

        static {
            for (String str : OPENSSL_BLOCK_MODES) {
                KNOWN_BLOCK_MODES.add(str);
            }
            KNOWN_BLOCK_MODES.add("CTR");
            KNOWN_BLOCK_MODES.add("CTS");
            KNOWN_BLOCK_MODES.add("PCBC");
            KNOWN_BLOCK_MODES.add("NONE");
            NO_PADDING_BLOCK_MODES = new HashSet(6, 1.0f);
            NO_PADDING_BLOCK_MODES.add("CFB");
            NO_PADDING_BLOCK_MODES.add("CFB8");
            NO_PADDING_BLOCK_MODES.add("OFB");
            NO_PADDING_BLOCK_MODES.add("CTR");
            NO_PADDING_BLOCK_MODES.add("GCM");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/Cipher$KeyAndIv.class */
    public static class KeyAndIv {
        final byte[] key;
        final byte[] iv;

        KeyAndIv(byte[] bArr, byte[] bArr2) {
            this.key = bArr;
            this.iv = bArr2;
        }
    }

    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/Cipher$Named.class */
    public static class Named extends Cipher {
        private static final long serialVersionUID = 5599069534014317221L;
        final String cipherBase;

        Named(Ruby ruby, RubyClass rubyClass, String str) {
            super(ruby, rubyClass);
            this.cipherBase = str;
        }

        @JRubyMethod(rest = true, visibility = Visibility.PRIVATE)
        public IRubyObject initialize(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
            StringBuilder sb = new StringBuilder();
            sb.append(this.cipherBase);
            if (iRubyObjectArr != null) {
                for (IRubyObject iRubyObject : iRubyObjectArr) {
                    sb.append('-').append((Object) iRubyObject.asString());
                }
            }
            initializeImpl(threadContext.runtime, sb.toString());
            return this;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/Cipher$NamedCipherAllocator.class */
    public static class NamedCipherAllocator implements ObjectAllocator {
        private final String cipherBase;

        NamedCipherAllocator(String str) {
            this.cipherBase = str;
        }

        @Override // org.jruby.runtime.ObjectAllocator
        public Named allocate(Ruby ruby, RubyClass rubyClass) {
            return new Named(ruby, rubyClass, this.cipherBase);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void createCipher(Ruby ruby, RubyModule rubyModule, RubyClass rubyClass) {
        RubyClass defineClassUnder = rubyModule.defineClassUnder("Cipher", ruby.getObject(), ALLOCATOR);
        defineClassUnder.defineClassUnder("CipherError", rubyClass, rubyClass.getAllocator());
        defineClassUnder.defineAnnotatedMethods(Cipher.class);
        defineClassUnder.defineClassUnder(CipherStrings.SSL_TXT_AES, defineClassUnder, new NamedCipherAllocator(CipherStrings.SSL_TXT_AES)).defineAnnotatedMethods(Named.class);
        defineClassUnder.defineClassUnder("CAST5", defineClassUnder, new NamedCipherAllocator("CAST5")).defineAnnotatedMethods(Named.class);
        defineClassUnder.defineClassUnder("BF", defineClassUnder, new NamedCipherAllocator("BF")).defineAnnotatedMethods(Named.class);
        defineClassUnder.defineClassUnder(CipherStrings.SSL_TXT_DES, defineClassUnder, new NamedCipherAllocator(CipherStrings.SSL_TXT_DES)).defineAnnotatedMethods(Named.class);
        defineClassUnder.defineClassUnder(CipherStrings.SSL_TXT_IDEA, defineClassUnder, new NamedCipherAllocator(CipherStrings.SSL_TXT_IDEA)).defineAnnotatedMethods(Named.class);
        defineClassUnder.defineClassUnder(CipherStrings.SSL_TXT_RC2, defineClassUnder, new NamedCipherAllocator(CipherStrings.SSL_TXT_RC2)).defineAnnotatedMethods(Named.class);
        defineClassUnder.defineClassUnder("RC4", defineClassUnder, new NamedCipherAllocator("RC4")).defineAnnotatedMethods(Named.class);
        defineClassUnder.defineClassUnder("RC5", defineClassUnder, new NamedCipherAllocator("RC5")).defineAnnotatedMethods(Named.class);
        defineClassUnder.defineClassUnder(CipherStrings.SSL_TXT_AES + "128", defineClassUnder, new AESCipherAllocator("128")).defineAnnotatedMethods(AES.class);
        defineClassUnder.defineClassUnder(CipherStrings.SSL_TXT_AES + "192", defineClassUnder, new AESCipherAllocator("192")).defineAnnotatedMethods(AES.class);
        defineClassUnder.defineClassUnder(CipherStrings.SSL_TXT_AES + "256", defineClassUnder, new AESCipherAllocator("256")).defineAnnotatedMethods(AES.class);
    }

    static RubyClass _Cipher(Ruby ruby) {
        return (RubyClass) ruby.getModule("OpenSSL").getConstantAt("Cipher");
    }

    @JRubyMethod(meta = true)
    public static IRubyObject ciphers(ThreadContext threadContext, IRubyObject iRubyObject) {
        Ruby ruby = threadContext.runtime;
        Set<String> keySet = Algorithm.AllSupportedCiphers.CIPHERS_MAP.keySet();
        RubyArray newArray = ruby.newArray(keySet.size() * 2);
        Iterator<String> it = keySet.iterator();
        while (it.hasNext()) {
            newArray.append(ruby.newString(it.next()));
        }
        Iterator<String> it2 = keySet.iterator();
        while (it2.hasNext()) {
            newArray.append(ruby.newString(it2.next().toLowerCase()));
        }
        return newArray;
    }

    public static boolean isSupportedCipher(String str) {
        String upperCase = str.toUpperCase();
        if (Algorithm.AllSupportedCiphers.CIPHERS_MAP.get(upperCase) != null) {
            return true;
        }
        Algorithm osslToJava = Algorithm.osslToJava(upperCase);
        if (OpenSSL.isDebug()) {
            OpenSSL.debug("isSupportedCipher( " + str + " ) try new cipher = " + osslToJava.getRealName());
        }
        try {
            return getCipherInstance(osslToJava.getRealName(), true) != null;
        } catch (GeneralSecurityException e) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String[] cipherModes(String str) {
        String[] providerCipherModes = providerCipherModes(str);
        return providerCipherModes == null ? registeredCipherModes(str) : providerCipherModes;
    }

    private static String[] providerCipherModes(String str) {
        Provider.Service providerCipherService = providerCipherService(str);
        if (providerCipherService == null) {
            return null;
        }
        String attribute = providerCipherService.getAttribute("SupportedModes");
        return attribute == null ? Algorithm.OPENSSL_BLOCK_MODES : StringHelper.split(attribute, '|');
    }

    private static Provider.Service providerCipherService(String str) {
        Provider provider = SecurityHelper.securityProvider;
        if (provider != null) {
            return provider.getService("Cipher", str);
        }
        return null;
    }

    private static String[] registeredCipherModes(String str) {
        Provider.Service service;
        boolean z = false;
        for (Provider provider : Security.getProviders()) {
            String name = provider.getName() == null ? "" : provider.getName();
            if (!name.contains("JGSS") && !name.contains("SASL") && !name.contains("XMLD") && !name.contains("PCSC") && !name.contains("JSSE") && (service = provider.getService("Cipher", str)) != null) {
                z = true;
                String attribute = service.getAttribute("SupportedModes");
                if (attribute != null) {
                    return StringHelper.split(attribute, '|');
                }
            }
        }
        if (z) {
            return Algorithm.OPENSSL_BLOCK_MODES;
        }
        return null;
    }

    private static javax.crypto.Cipher getCipherInstance(String str, boolean z) throws NoSuchAlgorithmException, NoSuchPaddingException {
        try {
            return SecurityHelper.getCipher(str);
        } catch (NoSuchAlgorithmException e) {
            if (z) {
                return null;
            }
            throw e;
        } catch (NoSuchPaddingException e2) {
            if (z) {
                return null;
            }
            throw e2;
        }
    }

    public Cipher(Ruby ruby, RubyClass rubyClass) {
        super(ruby, rubyClass);
        this.keyLength = -1;
        this.generateKeyLength = -1;
        this.ivLength = -1;
        this.encryptMode = true;
        this.cipherInited = false;
        this.processedDataBytes = 0;
    }

    private void dumpVars(PrintStream printStream, String str) {
        printStream.println(toString() + ' ' + str + "\n name = " + this.name + " cryptoBase = " + this.cryptoBase + " cryptoVersion = " + this.cryptoVersion + " cryptoMode = " + this.cryptoMode + " padding_type = " + this.paddingType + " realName = " + this.realName + " keyLength = " + this.keyLength + " ivLength = " + this.ivLength + "\n cipher.alg = " + (this.cipher == null ? null : this.cipher.getAlgorithm()) + " cipher.blockSize = " + (this.cipher == null ? null : Integer.valueOf(this.cipher.getBlockSize())) + " encryptMode = " + this.encryptMode + " cipherInited = " + this.cipherInited + " key.length = " + (this.key == null ? 0 : this.key.length) + " iv.length = " + (this.realIV == null ? 0 : this.realIV.length) + " padding = " + this.padding);
    }

    @JRubyMethod(required = 1, visibility = Visibility.PRIVATE)
    public IRubyObject initialize(ThreadContext threadContext, IRubyObject iRubyObject) {
        initializeImpl(threadContext.runtime, iRubyObject.toString());
        return this;
    }

    final void initializeImpl(Ruby ruby, String str) {
        if (this.cipher != null) {
            throw ruby.newRuntimeError("Cipher already inititalized!");
        }
        updateCipher(str, this.padding);
    }

    @Override // org.jruby.RubyBasicObject
    @JRubyMethod(required = 1, visibility = Visibility.PRIVATE)
    public IRubyObject initialize_copy(IRubyObject iRubyObject) {
        if (this == iRubyObject) {
            return this;
        }
        checkFrozen();
        Cipher cipher = (Cipher) iRubyObject;
        this.cryptoBase = cipher.cryptoBase;
        this.cryptoVersion = cipher.cryptoVersion;
        this.cryptoMode = cipher.cryptoMode;
        this.paddingType = cipher.paddingType;
        this.realName = cipher.realName;
        this.name = cipher.name;
        this.keyLength = cipher.keyLength;
        this.ivLength = cipher.ivLength;
        this.encryptMode = cipher.encryptMode;
        this.cipherInited = false;
        if (cipher.key != null) {
            this.key = Arrays.copyOf(cipher.key, cipher.key.length);
        } else {
            this.key = null;
        }
        if (cipher.realIV != null) {
            this.realIV = Arrays.copyOf(cipher.realIV, cipher.realIV.length);
        } else {
            this.realIV = null;
        }
        this.orgIV = this.realIV;
        this.padding = cipher.padding;
        this.cipher = getCipherInstance();
        return this;
    }

    @JRubyMethod
    public final RubyString name() {
        return getRuntime().newString(this.name);
    }

    @JRubyMethod
    public final RubyInteger key_len() {
        return getRuntime().newFixnum(this.keyLength);
    }

    @JRubyMethod
    public final RubyInteger iv_len() {
        return getRuntime().newFixnum(this.ivLength);
    }

    @JRubyMethod(name = {"iv_len="}, required = 1)
    public final IRubyObject set_iv_len(IRubyObject iRubyObject) {
        this.ivLength = RubyNumeric.fix2int(iRubyObject);
        return iRubyObject;
    }

    @JRubyMethod(name = {"key_len="}, required = 1)
    public final IRubyObject set_key_len(IRubyObject iRubyObject) {
        this.keyLength = RubyNumeric.fix2int(iRubyObject);
        return iRubyObject;
    }

    @JRubyMethod(name = {"key="}, required = 1)
    public IRubyObject set_key(ThreadContext threadContext, IRubyObject iRubyObject) {
        try {
            ByteList byteList = iRubyObject.asString().getByteList();
            if (byteList.getRealSize() < this.keyLength) {
                throw newCipherError(threadContext.runtime, "key length too short");
            }
            byte[] bArr = new byte[this.keyLength];
            System.arraycopy(byteList.unsafeBytes(), byteList.getBegin(), bArr, 0, this.keyLength);
            this.key = bArr;
            return iRubyObject;
        } catch (Exception e) {
            Ruby ruby = threadContext.runtime;
            OpenSSL.debugStackTrace(ruby, e);
            throw newCipherError(ruby, e);
        }
    }

    @JRubyMethod(name = {"iv="}, required = 1)
    public IRubyObject set_iv(ThreadContext threadContext, IRubyObject iRubyObject) {
        try {
            ByteList byteList = iRubyObject.asString().getByteList();
            if (byteList.getRealSize() < this.ivLength) {
                throw newCipherError(threadContext.runtime, "iv length too short");
            }
            byte[] bArr = new byte[this.ivLength];
            System.arraycopy(byteList.unsafeBytes(), byteList.getBegin(), bArr, 0, this.ivLength);
            this.realIV = bArr;
            this.orgIV = this.realIV;
            if (!isStreamCipher()) {
                this.cipherInited = false;
            }
            return iRubyObject;
        } catch (Exception e) {
            Ruby ruby = threadContext.runtime;
            OpenSSL.debugStackTrace(ruby, e);
            throw newCipherError(ruby, e);
        }
    }

    @JRubyMethod
    public IRubyObject block_size(ThreadContext threadContext) {
        Ruby ruby = threadContext.runtime;
        checkCipherNotNull(ruby);
        return isStreamCipher() ? ruby.newFixnum(1) : ruby.newFixnum(this.cipher.getBlockSize());
    }

    private void init(ThreadContext threadContext, IRubyObject[] iRubyObjectArr, boolean z) {
        Ruby ruby = threadContext.runtime;
        Arity.checkArgumentCount(ruby, iRubyObjectArr, 0, 2);
        this.encryptMode = z;
        this.cipherInited = false;
        if (iRubyObjectArr.length > 0) {
            byte[] bytes = iRubyObjectArr[0].asString().getBytes();
            byte[] bArr = null;
            try {
                byte[] bytes2 = "OpenSSL for Ruby rulez!".getBytes("ISO8859-1");
                byte[] bArr2 = new byte[this.ivLength];
                System.arraycopy(bytes2, 0, bArr2, 0, this.ivLength);
                bArr = bArr2;
            } catch (Exception e) {
            }
            if (iRubyObjectArr.length > 1 && !iRubyObjectArr[1].isNil()) {
                ruby.getWarnings().warning(IRubyWarnings.ID.MISCELLANEOUS, "key derivation by " + getMetaClass().getRealClass().getName() + "#encrypt is deprecated; use " + getMetaClass().getRealClass().getName() + "::pkcs5_keyivgen instead");
                bArr = iRubyObjectArr[1].asString().getBytes();
                if (bArr.length > this.ivLength) {
                    byte[] bArr3 = new byte[this.ivLength];
                    System.arraycopy(bArr, 0, bArr3, 0, this.ivLength);
                    bArr = bArr3;
                }
            }
            this.key = evpBytesToKey(this.keyLength, this.ivLength, Digest.getDigest(ruby, "MD5"), bArr, bytes, 2048).key;
            this.realIV = bArr;
            this.orgIV = this.realIV;
        }
    }

    @JRubyMethod(optional = 2)
    public IRubyObject encrypt(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
        this.realIV = this.orgIV;
        init(threadContext, iRubyObjectArr, true);
        return this;
    }

    @JRubyMethod(optional = 2)
    public IRubyObject decrypt(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
        this.realIV = this.orgIV;
        init(threadContext, iRubyObjectArr, false);
        return this;
    }

    @JRubyMethod
    public IRubyObject reset(ThreadContext threadContext) {
        Ruby ruby = threadContext.runtime;
        checkCipherNotNull(ruby);
        if (!isStreamCipher()) {
            this.realIV = this.orgIV;
            doInitCipher(ruby);
        }
        return this;
    }

    private void updateCipher(String str, String str2) {
        this.name = str.toUpperCase();
        this.padding = str2;
        Algorithm osslToJava = Algorithm.osslToJava(this.name, this.padding);
        this.cryptoBase = osslToJava.base;
        this.cryptoVersion = osslToJava.version;
        this.cryptoMode = osslToJava.mode;
        this.realName = osslToJava.getRealName();
        this.paddingType = osslToJava.getPadding();
        this.keyLength = osslToJava.getKeyLength();
        this.ivLength = osslToJava.getIvLength();
        if (CipherStrings.SSL_TXT_DES.equalsIgnoreCase(this.cryptoBase)) {
            this.generateKeyLength = (this.keyLength / 8) * 7;
        }
        this.cipher = getCipherInstance();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final javax.crypto.Cipher getCipherInstance() {
        try {
            return getCipherInstance(this.realName, false);
        } catch (NoSuchAlgorithmException e) {
            throw newCipherError(getRuntime(), "unsupported cipher algorithm (" + this.realName + ")");
        } catch (NoSuchPaddingException e2) {
            throw newCipherError(getRuntime(), "unsupported cipher padding (" + this.realName + ")");
        }
    }

    @JRubyMethod(required = 1, optional = 3)
    public IRubyObject pkcs5_keyivgen(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
        String algorithm;
        Ruby ruby = threadContext.runtime;
        Arity.checkArgumentCount(ruby, iRubyObjectArr, 1, 4);
        byte[] bytes = iRubyObjectArr[0].asString().getBytes();
        byte[] bArr = null;
        int i = 2048;
        IRubyObject iRubyObject = threadContext.nil;
        if (iRubyObjectArr.length > 1) {
            if (iRubyObjectArr[1] != threadContext.nil) {
                bArr = iRubyObjectArr[1].asString().getBytes();
            }
            if (iRubyObjectArr.length > 2) {
                if (iRubyObjectArr[2] != threadContext.nil) {
                    i = RubyNumeric.num2int(iRubyObjectArr[2]);
                    if (i <= 0) {
                        throw ruby.newArgumentError("iterations must be a positive integer");
                    }
                }
                if (iRubyObjectArr.length > 3) {
                    iRubyObject = iRubyObjectArr[3];
                }
            }
        }
        if (bArr != null && bArr.length != 8) {
            throw newCipherError(ruby, "salt must be an 8-octet string");
        }
        if (iRubyObject.isNil()) {
            algorithm = "MD5";
        } else {
            algorithm = iRubyObject instanceof Digest ? ((Digest) iRubyObject).getAlgorithm() : iRubyObject.asJavaString();
        }
        KeyAndIv evpBytesToKey = evpBytesToKey(this.keyLength, this.ivLength, Digest.getDigest(ruby, algorithm), bArr, bytes, i);
        this.key = evpBytesToKey.key;
        this.realIV = evpBytesToKey.iv;
        this.orgIV = this.realIV;
        doInitCipher(ruby);
        return ruby.getNil();
    }

    private void doInitCipher(Ruby ruby) {
        if (OpenSSL.isDebug(ruby)) {
            dumpVars(ruby.getOut(), "doInitCipher()");
        }
        checkCipherNotNull(ruby);
        if (this.key == null) {
            throw newCipherError(ruby, "key not specified");
        }
        try {
            if ("ECB".equalsIgnoreCase(this.cryptoMode)) {
                this.cipher.init(this.encryptMode ? 1 : 2, new SimpleSecretKey(getCipherAlgorithm(), this.key));
            } else {
                if (this.realIV == null) {
                    this.realIV = new byte[this.ivLength];
                }
                if (CipherStrings.SSL_TXT_RC2.equalsIgnoreCase(this.cryptoBase)) {
                    this.cipher.init(this.encryptMode ? 1 : 2, new SimpleSecretKey(CipherStrings.SSL_TXT_RC2, this.key), new RC2ParameterSpec(this.key.length * 8, this.realIV));
                } else if ("RC4".equalsIgnoreCase(this.cryptoBase)) {
                    this.cipher.init(this.encryptMode ? 1 : 2, new SimpleSecretKey("RC4", this.key));
                } else {
                    this.cipher.init(this.encryptMode ? 1 : 2, new SimpleSecretKey(getCipherAlgorithm(), this.key), "GCM".equalsIgnoreCase(this.cryptoMode) ? new GCMParameterSpec(getAuthTagLength() * 8, this.realIV) : new IvParameterSpec(this.realIV));
                }
            }
            this.cipherInited = true;
            this.processedDataBytes = 0;
        } catch (InvalidKeyException e) {
            throw newCipherError(ruby, e + "\n possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE");
        } catch (Exception e2) {
            OpenSSL.debugStackTrace(ruby, e2);
            throw newCipherError(ruby, e2);
        }
    }

    private String getCipherAlgorithm() {
        int indexOf = this.realName.indexOf(47);
        return indexOf <= 0 ? this.realName : this.realName.substring(0, indexOf);
    }

    @JRubyMethod
    public IRubyObject update(ThreadContext threadContext, IRubyObject iRubyObject) {
        return update(threadContext, iRubyObject, null);
    }

    @JRubyMethod
    public IRubyObject update(ThreadContext threadContext, IRubyObject iRubyObject, IRubyObject iRubyObject2) {
        ByteList byteList;
        Ruby ruby = threadContext.runtime;
        if (OpenSSL.isDebug(ruby)) {
            dumpVars(ruby.getOut(), "update()");
        }
        checkCipherNotNull(ruby);
        checkAuthTag(ruby);
        ByteList byteList2 = iRubyObject.asString().getByteList();
        int realSize = byteList2.getRealSize();
        if (realSize == 0) {
            throw ruby.newArgumentError("data must not be empty");
        }
        if (!this.cipherInited) {
            doInitCipher(ruby);
        }
        try {
            updateAuthData(ruby);
            byte[] unsafeBytes = byteList2.getUnsafeBytes();
            int begin = byteList2.begin();
            byte[] update = this.cipher.update(unsafeBytes, begin, realSize);
            if (update != null) {
                byteList = new ByteList(update, false);
                if (this.realIV != null) {
                    if (this.encryptMode) {
                        setLastIVIfNeeded(update);
                    } else {
                        setLastIVIfNeeded(unsafeBytes, begin, realSize);
                    }
                }
                this.processedDataBytes += realSize;
            } else {
                byteList = new ByteList(ByteList.NULL_ARRAY);
            }
            if (iRubyObject2 == null) {
                return RubyString.newString(ruby, byteList);
            }
            IRubyObject convertToType = TypeConverter.convertToType(iRubyObject2, threadContext.runtime.getString(), "to_str", true);
            ((RubyString) convertToType).setValue(byteList);
            return convertToType;
        } catch (Exception e) {
            OpenSSL.debugStackTrace(ruby, e);
            throw newCipherError(ruby, e);
        }
    }

    @JRubyMethod(name = {"<<"})
    public IRubyObject update_deprecated(ThreadContext threadContext, IRubyObject iRubyObject) {
        threadContext.runtime.getWarnings().warn(IRubyWarnings.ID.DEPRECATED_METHOD, getMetaClass().getRealClass().getName() + "#<< is deprecated; use #update instead");
        return update(threadContext, iRubyObject);
    }

    @JRubyMethod(name = {"final"})
    public IRubyObject do_final(ThreadContext threadContext) {
        ByteList byteList;
        Ruby ruby = threadContext.runtime;
        checkCipherNotNull(ruby);
        checkAuthTag(ruby);
        if (!this.cipherInited) {
            doInitCipher(ruby);
        }
        if ("RC4".equalsIgnoreCase(this.cryptoBase)) {
            return ruby.newString("");
        }
        try {
            if (isAuthDataMode()) {
                byteList = do_final_with_auth(ruby);
            } else {
                byte[] doFinal = this.cipher.doFinal();
                if (doFinal != null) {
                    byteList = new ByteList(doFinal, false);
                    if (this.realIV != null) {
                        setLastIVIfNeeded(doFinal);
                    }
                } else {
                    byteList = new ByteList(ByteList.NULL_ARRAY);
                }
            }
            if (this.realIV != null) {
                this.realIV = this.lastIV;
                doInitCipher(ruby);
            }
            return RubyString.newString(ruby, byteList);
        } catch (RuntimeException e) {
            OpenSSL.debugStackTrace(ruby, e);
            throw newCipherError(ruby, e);
        } catch (GeneralSecurityException e2) {
            OpenSSL.debugStackTrace(ruby, e2);
            throw newCipherError(ruby, e2);
        }
    }

    private ByteList do_final_with_auth(Ruby ruby) throws GeneralSecurityException {
        byte[] doFinal;
        ByteList byteList;
        updateAuthData(ruby);
        if (!this.encryptMode) {
            if (this.auth_tag != null) {
                doFinal = this.cipher.doFinal(this.auth_tag.getUnsafeBytes(), this.auth_tag.getBegin(), this.auth_tag.getRealSize());
            } else {
                doFinal = this.cipher.doFinal();
            }
            return new ByteList(doFinal, false);
        }
        byte[] doFinal2 = this.cipher.doFinal();
        int length = doFinal2.length - getAuthTagLength();
        int i = length;
        if (length > 0) {
            byteList = new ByteList(doFinal2, 0, i, false);
        } else {
            byteList = new ByteList(ByteList.NULL_ARRAY);
            i = 0;
        }
        this.auth_tag = new ByteList(doFinal2, i, doFinal2.length - i);
        return byteList;
    }

    private void checkAuthTag(Ruby ruby) {
        if (this.auth_tag != null && this.encryptMode) {
            throw newCipherError(ruby, "authentication tag already generated by cipher");
        }
    }

    private void setLastIVIfNeeded(byte[] bArr) {
        setLastIVIfNeeded(bArr, 0, bArr.length);
    }

    private void setLastIVIfNeeded(byte[] bArr, int i, int i2) {
        int i3 = this.ivLength;
        if (this.lastIV == null) {
            this.lastIV = new byte[i3];
        }
        if (i2 >= i3) {
            System.arraycopy(bArr, i + (i2 - i3), this.lastIV, 0, i3);
        }
    }

    @JRubyMethod(name = {"padding="})
    public IRubyObject set_padding(IRubyObject iRubyObject) {
        updateCipher(this.name, iRubyObject.toString());
        return iRubyObject;
    }

    @JRubyMethod(name = {"auth_tag"})
    public IRubyObject auth_tag(ThreadContext threadContext) {
        if (this.auth_tag != null) {
            return RubyString.newString(threadContext.runtime, this.auth_tag);
        }
        if (isAuthDataMode()) {
            return threadContext.nil;
        }
        throw newCipherError(threadContext.runtime, "authentication tag not supported by this cipher");
    }

    @JRubyMethod(name = {"auth_tag="})
    public IRubyObject set_auth_tag(ThreadContext threadContext, IRubyObject iRubyObject) {
        if (!isAuthDataMode()) {
            throw newCipherError(threadContext.runtime, "authentication tag not supported by this cipher");
        }
        RubyString asString = iRubyObject.asString();
        this.auth_tag = StringHelper.setByteListShared(asString);
        return asString;
    }

    private boolean isAuthDataMode() {
        return "GCM".equalsIgnoreCase(this.cryptoMode) || "CCM".equalsIgnoreCase(this.cryptoMode);
    }

    private int getAuthTagLength() {
        return Math.min(16, this.key.length);
    }

    @JRubyMethod(name = {"auth_data="})
    public IRubyObject set_auth_data(ThreadContext threadContext, IRubyObject iRubyObject) {
        if (!isAuthDataMode()) {
            throw newCipherError(threadContext.runtime, "authentication data not supported by this cipher");
        }
        RubyString asString = iRubyObject.asString();
        this.auth_data = StringHelper.setByteListShared(asString);
        return asString;
    }

    private boolean updateAuthData(Ruby ruby) {
        if (this.auth_data == null) {
            return false;
        }
        this.cipher.updateAAD(this.auth_data.getUnsafeBytes(), this.auth_data.getBegin(), this.auth_data.getRealSize());
        this.auth_data = null;
        return true;
    }

    @JRubyMethod(name = {"authenticated?"})
    public RubyBoolean authenticated_p(ThreadContext threadContext) {
        return threadContext.runtime.newBoolean(isAuthDataMode());
    }

    @JRubyMethod
    public IRubyObject random_key(ThreadContext threadContext) {
        RubyString random_bytes = Random.random_bytes(threadContext, this.keyLength);
        set_key(threadContext, random_bytes);
        return random_bytes;
    }

    @JRubyMethod
    public IRubyObject random_iv(ThreadContext threadContext) {
        RubyString random_bytes = Random.random_bytes(threadContext, this.ivLength);
        set_iv(threadContext, random_bytes);
        return random_bytes;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String getName() {
        return this.name;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final int getKeyLength() {
        return this.keyLength;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final int getGenerateKeyLength() {
        return this.generateKeyLength == -1 ? this.keyLength : this.generateKeyLength;
    }

    private void checkCipherNotNull(Ruby ruby) {
        if (this.cipher == null) {
            throw ruby.newRuntimeError("Cipher not inititalized!");
        }
    }

    private boolean isStreamCipher() {
        return this.cipher.getBlockSize() == 0;
    }

    private static RaiseException newCipherError(Ruby ruby, Exception exc) {
        return Utils.newError(ruby, _Cipher(ruby).getClass("CipherError"), exc);
    }

    private static RaiseException newCipherError(Ruby ruby, String str) {
        return Utils.newError(ruby, _Cipher(ruby).getClass("CipherError"), str);
    }

    private static KeyAndIv evpBytesToKey(int i, int i2, MessageDigest messageDigest, byte[] bArr, byte[] bArr2, int i3) {
        byte[] bArr3 = new byte[i];
        byte[] bArr4 = new byte[i2];
        if (bArr2 == null) {
            return new KeyAndIv(bArr3, bArr4);
        }
        int i4 = 0;
        int i5 = 0;
        byte[] bArr5 = null;
        int i6 = i;
        int i7 = i2;
        int i8 = 0;
        while (true) {
            messageDigest.reset();
            int i9 = i8;
            i8++;
            if (i9 > 0) {
                messageDigest.update(bArr5);
            }
            messageDigest.update(bArr2);
            if (bArr != null) {
                messageDigest.update(bArr, 0, 8);
            }
            bArr5 = messageDigest.digest();
            for (int i10 = 1; i10 < i3; i10++) {
                messageDigest.reset();
                messageDigest.update(bArr5);
                bArr5 = messageDigest.digest();
            }
            int i11 = 0;
            if (i6 > 0) {
                while (i6 != 0 && i11 != bArr5.length) {
                    int i12 = i4;
                    i4++;
                    bArr3[i12] = bArr5[i11];
                    i6--;
                    i11++;
                }
            }
            if (i7 > 0 && i11 != bArr5.length) {
                while (i7 != 0 && i11 != bArr5.length) {
                    int i13 = i5;
                    i5++;
                    bArr4[i13] = bArr5[i11];
                    i7--;
                    i11++;
                }
            }
            if (i6 == 0 && i7 == 0) {
                return new KeyAndIv(bArr3, bArr4);
            }
        }
    }
}
