package org.opendaylight.netconf.keystore.plaintext.localfile;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.bouncycastle.crypto.io.CipherInputStream;
import org.bouncycastle.crypto.io.CipherOutputStream;
import org.bouncycastle.crypto.modes.GCMSIVBlockCipher;
import org.bouncycastle.crypto.params.AEADParameters;
import org.bouncycastle.crypto.params.KeyParameter;

/* loaded from: input_file:org/opendaylight/netconf/keystore/plaintext/localfile/CipherUtils.class */
final class CipherUtils {
    private static final int NONCE_BYTES = 12;
    private static final int MAC_SIZE = 128;
    private static final int ENTRY_LENGTHS_BYTES = 8;
    private static final SecureRandom RANDOM = new SecureRandom();
    private static final boolean ENCRYPTING_MODE = true;
    private static final boolean DECRYPTING_MODE = false;

    private CipherUtils() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void toBase64Stream(Collection<StorageEntry> collection, byte[] bArr, OutputStream outputStream) throws IOException {
        OutputStream wrap = Base64.getEncoder().wrap(outputStream);
        try {
            byte[] generateSeed = RANDOM.generateSeed(NONCE_BYTES);
            wrap.write(generateSeed);
            CipherOutputStream cipherOutputStream = new CipherOutputStream(wrap, cipher(true, bArr, generateSeed));
            try {
                Iterator<StorageEntry> it = collection.iterator();
                while (it.hasNext()) {
                    writeEntry(it.next(), cipherOutputStream);
                }
                cipherOutputStream.close();
                if (wrap != null) {
                    wrap.close();
                }
            } finally {
            }
        } catch (Throwable th) {
            if (wrap != null) {
                try {
                    wrap.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Collection<StorageEntry> fromBase64Stream(byte[] bArr, InputStream inputStream) throws IOException {
        InputStream wrap = Base64.getDecoder().wrap(inputStream);
        try {
            CipherInputStream cipherInputStream = new CipherInputStream(wrap, cipher(false, bArr, wrap.readNBytes(NONCE_BYTES)));
            try {
                LinkedList linkedList = new LinkedList();
                while (true) {
                    StorageEntry readEntry = readEntry(cipherInputStream);
                    if (readEntry == null) {
                        break;
                    }
                    linkedList.add(readEntry);
                }
                List copyOf = List.copyOf(linkedList);
                cipherInputStream.close();
                if (wrap != null) {
                    wrap.close();
                }
                return copyOf;
            } finally {
            }
        } catch (Throwable th) {
            if (wrap != null) {
                try {
                    wrap.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] generateSecret() {
        return RANDOM.generateSeed(32);
    }

    private static GCMSIVBlockCipher cipher(boolean z, byte[] bArr, byte[] bArr2) {
        GCMSIVBlockCipher gCMSIVBlockCipher = new GCMSIVBlockCipher();
        gCMSIVBlockCipher.init(z, new AEADParameters(new KeyParameter(bArr), MAC_SIZE, bArr2));
        return gCMSIVBlockCipher;
    }

    private static void writeEntry(StorageEntry storageEntry, OutputStream outputStream) throws IOException {
        outputStream.write(ByteBuffer.allocate(ENTRY_LENGTHS_BYTES).putInt(storageEntry.key().length).putInt(storageEntry.value().length).array());
        outputStream.write(storageEntry.key());
        outputStream.write(storageEntry.value());
    }

    private static StorageEntry readEntry(InputStream inputStream) throws IOException {
        byte[] bArr = new byte[ENTRY_LENGTHS_BYTES];
        if (inputStream.read(bArr) != ENTRY_LENGTHS_BYTES) {
            return null;
        }
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        int i = wrap.getInt();
        int i2 = wrap.getInt();
        byte[] bArr2 = new byte[i];
        byte[] bArr3 = new byte[i2];
        if (inputStream.read(bArr2) == i && inputStream.read(bArr3) == i2) {
            return new StorageEntry(bArr2, bArr3);
        }
        return null;
    }
}
