package org.conscrypt;

import com.tencent.matrix.trace.core.AppMethodBeat;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org.conscrypt.NativeRef;
import org.conscrypt.OpenSSLX509CertificateFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes5.dex */
public final class OpenSSLKey {
    private final NativeRef.EVP_PKEY ctx;
    private final boolean hardwareBacked;
    private final boolean wrapped;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSSLKey(long j10) {
        this(j10, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSSLKey(long j10, boolean z10) {
        this(j10, z10, false);
    }

    OpenSSLKey(long j10, boolean z10, boolean z11) {
        AppMethodBeat.i(59317);
        this.ctx = new NativeRef.EVP_PKEY(j10);
        this.wrapped = z10;
        this.hardwareBacked = z11;
        AppMethodBeat.o(59317);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OpenSSLKey fromECPrivateKeyForTLSStackOnly(PrivateKey privateKey, ECParameterSpec eCParameterSpec) throws InvalidKeyException {
        AppMethodBeat.i(59340);
        OpenSSLKey openSSLKey = getOpenSSLKey(privateKey);
        if (openSSLKey != null) {
            AppMethodBeat.o(59340);
            return openSSLKey;
        }
        OpenSSLKey fromKeyMaterial = fromKeyMaterial(privateKey);
        if (fromKeyMaterial != null) {
            AppMethodBeat.o(59340);
            return fromKeyMaterial;
        }
        OpenSSLKey wrapJCAPrivateKeyForTLSStackOnly = OpenSSLECPrivateKey.wrapJCAPrivateKeyForTLSStackOnly(privateKey, eCParameterSpec);
        AppMethodBeat.o(59340);
        return wrapJCAPrivateKeyForTLSStackOnly;
    }

    private static OpenSSLKey fromKeyMaterial(PrivateKey privateKey) throws InvalidKeyException {
        AppMethodBeat.i(59352);
        if (!"PKCS#8".equals(privateKey.getFormat())) {
            AppMethodBeat.o(59352);
            return null;
        }
        byte[] encoded = privateKey.getEncoded();
        if (encoded == null) {
            AppMethodBeat.o(59352);
            return null;
        }
        try {
            OpenSSLKey openSSLKey = new OpenSSLKey(NativeCrypto.EVP_parse_private_key(encoded));
            AppMethodBeat.o(59352);
            return openSSLKey;
        } catch (OpenSSLX509CertificateFactory.ParsingException e8) {
            InvalidKeyException invalidKeyException = new InvalidKeyException(e8);
            AppMethodBeat.o(59352);
            throw invalidKeyException;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OpenSSLKey fromPrivateKey(PrivateKey privateKey) throws InvalidKeyException {
        AppMethodBeat.i(59329);
        if (privateKey instanceof OpenSSLKeyHolder) {
            OpenSSLKey openSSLKey = ((OpenSSLKeyHolder) privateKey).getOpenSSLKey();
            AppMethodBeat.o(59329);
            return openSSLKey;
        }
        String format = privateKey.getFormat();
        if (format == null) {
            OpenSSLKey wrapPrivateKey = wrapPrivateKey(privateKey);
            AppMethodBeat.o(59329);
            return wrapPrivateKey;
        }
        if (!"PKCS#8".equals(privateKey.getFormat())) {
            InvalidKeyException invalidKeyException = new InvalidKeyException("Unknown key format " + format);
            AppMethodBeat.o(59329);
            throw invalidKeyException;
        }
        if (privateKey.getEncoded() == null) {
            InvalidKeyException invalidKeyException2 = new InvalidKeyException("Key encoding is null");
            AppMethodBeat.o(59329);
            throw invalidKeyException2;
        }
        try {
            OpenSSLKey openSSLKey2 = new OpenSSLKey(NativeCrypto.EVP_parse_private_key(privateKey.getEncoded()));
            AppMethodBeat.o(59329);
            return openSSLKey2;
        } catch (OpenSSLX509CertificateFactory.ParsingException e8) {
            InvalidKeyException invalidKeyException3 = new InvalidKeyException(e8);
            AppMethodBeat.o(59329);
            throw invalidKeyException3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OpenSSLKey fromPrivateKeyForTLSStackOnly(PrivateKey privateKey, PublicKey publicKey) throws InvalidKeyException {
        AppMethodBeat.i(59334);
        OpenSSLKey openSSLKey = getOpenSSLKey(privateKey);
        if (openSSLKey != null) {
            AppMethodBeat.o(59334);
            return openSSLKey;
        }
        OpenSSLKey fromKeyMaterial = fromKeyMaterial(privateKey);
        if (fromKeyMaterial != null) {
            AppMethodBeat.o(59334);
            return fromKeyMaterial;
        }
        OpenSSLKey wrapJCAPrivateKeyForTLSStackOnly = wrapJCAPrivateKeyForTLSStackOnly(privateKey, publicKey);
        AppMethodBeat.o(59334);
        return wrapJCAPrivateKeyForTLSStackOnly;
    }

    static OpenSSLKey fromPrivateKeyPemInputStream(InputStream inputStream) throws InvalidKeyException {
        AppMethodBeat.i(59332);
        OpenSSLBIOInputStream openSSLBIOInputStream = new OpenSSLBIOInputStream(inputStream, true);
        try {
            try {
                long PEM_read_bio_PrivateKey = NativeCrypto.PEM_read_bio_PrivateKey(openSSLBIOInputStream.getBioContext());
                if (PEM_read_bio_PrivateKey == 0) {
                    return null;
                }
                return new OpenSSLKey(PEM_read_bio_PrivateKey);
            } catch (Exception e8) {
                InvalidKeyException invalidKeyException = new InvalidKeyException(e8);
                AppMethodBeat.o(59332);
                throw invalidKeyException;
            }
        } finally {
            openSSLBIOInputStream.release();
            AppMethodBeat.o(59332);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OpenSSLKey fromPublicKey(PublicKey publicKey) throws InvalidKeyException {
        AppMethodBeat.i(59372);
        if (publicKey instanceof OpenSSLKeyHolder) {
            OpenSSLKey openSSLKey = ((OpenSSLKeyHolder) publicKey).getOpenSSLKey();
            AppMethodBeat.o(59372);
            return openSSLKey;
        }
        if (!"X.509".equals(publicKey.getFormat())) {
            InvalidKeyException invalidKeyException = new InvalidKeyException("Unknown key format " + publicKey.getFormat());
            AppMethodBeat.o(59372);
            throw invalidKeyException;
        }
        if (publicKey.getEncoded() == null) {
            InvalidKeyException invalidKeyException2 = new InvalidKeyException("Key encoding is null");
            AppMethodBeat.o(59372);
            throw invalidKeyException2;
        }
        try {
            OpenSSLKey openSSLKey2 = new OpenSSLKey(NativeCrypto.EVP_parse_public_key(publicKey.getEncoded()));
            AppMethodBeat.o(59372);
            return openSSLKey2;
        } catch (Exception e8) {
            InvalidKeyException invalidKeyException3 = new InvalidKeyException(e8);
            AppMethodBeat.o(59372);
            throw invalidKeyException3;
        }
    }

    static OpenSSLKey fromPublicKeyPemInputStream(InputStream inputStream) throws InvalidKeyException {
        AppMethodBeat.i(59381);
        OpenSSLBIOInputStream openSSLBIOInputStream = new OpenSSLBIOInputStream(inputStream, true);
        try {
            try {
                long PEM_read_bio_PUBKEY = NativeCrypto.PEM_read_bio_PUBKEY(openSSLBIOInputStream.getBioContext());
                if (PEM_read_bio_PUBKEY == 0) {
                    return null;
                }
                return new OpenSSLKey(PEM_read_bio_PUBKEY);
            } catch (Exception e8) {
                InvalidKeyException invalidKeyException = new InvalidKeyException(e8);
                AppMethodBeat.o(59381);
                throw invalidKeyException;
            }
        } finally {
            openSSLBIOInputStream.release();
            AppMethodBeat.o(59381);
        }
    }

    private static OpenSSLKey getOpenSSLKey(PrivateKey privateKey) {
        AppMethodBeat.i(59344);
        if (privateKey instanceof OpenSSLKeyHolder) {
            OpenSSLKey openSSLKey = ((OpenSSLKeyHolder) privateKey).getOpenSSLKey();
            AppMethodBeat.o(59344);
            return openSSLKey;
        }
        if (!"RSA".equals(privateKey.getAlgorithm())) {
            AppMethodBeat.o(59344);
            return null;
        }
        OpenSSLKey wrapRsaKey = Platform.wrapRsaKey(privateKey);
        AppMethodBeat.o(59344);
        return wrapRsaKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PrivateKey getPrivateKey(PKCS8EncodedKeySpec pKCS8EncodedKeySpec, int i10) throws InvalidKeySpecException {
        AppMethodBeat.i(59411);
        try {
            OpenSSLKey openSSLKey = new OpenSSLKey(NativeCrypto.EVP_parse_private_key(pKCS8EncodedKeySpec.getEncoded()));
            if (NativeCrypto.EVP_PKEY_type(openSSLKey.getNativeRef()) != i10) {
                InvalidKeySpecException invalidKeySpecException = new InvalidKeySpecException("Unexpected key type");
                AppMethodBeat.o(59411);
                throw invalidKeySpecException;
            }
            try {
                PrivateKey privateKey = openSSLKey.getPrivateKey();
                AppMethodBeat.o(59411);
                return privateKey;
            } catch (NoSuchAlgorithmException e8) {
                InvalidKeySpecException invalidKeySpecException2 = new InvalidKeySpecException(e8);
                AppMethodBeat.o(59411);
                throw invalidKeySpecException2;
            }
        } catch (Exception e10) {
            InvalidKeySpecException invalidKeySpecException3 = new InvalidKeySpecException(e10);
            AppMethodBeat.o(59411);
            throw invalidKeySpecException3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey getPublicKey(X509EncodedKeySpec x509EncodedKeySpec, int i10) throws InvalidKeySpecException {
        AppMethodBeat.i(59393);
        try {
            OpenSSLKey openSSLKey = new OpenSSLKey(NativeCrypto.EVP_parse_public_key(x509EncodedKeySpec.getEncoded()));
            if (NativeCrypto.EVP_PKEY_type(openSSLKey.getNativeRef()) != i10) {
                InvalidKeySpecException invalidKeySpecException = new InvalidKeySpecException("Unexpected key type");
                AppMethodBeat.o(59393);
                throw invalidKeySpecException;
            }
            try {
                PublicKey publicKey = openSSLKey.getPublicKey();
                AppMethodBeat.o(59393);
                return publicKey;
            } catch (NoSuchAlgorithmException e8) {
                InvalidKeySpecException invalidKeySpecException2 = new InvalidKeySpecException(e8);
                AppMethodBeat.o(59393);
                throw invalidKeySpecException2;
            }
        } catch (Exception e10) {
            InvalidKeySpecException invalidKeySpecException3 = new InvalidKeySpecException(e10);
            AppMethodBeat.o(59393);
            throw invalidKeySpecException3;
        }
    }

    private static OpenSSLKey wrapJCAPrivateKeyForTLSStackOnly(PrivateKey privateKey, PublicKey publicKey) throws InvalidKeyException {
        AppMethodBeat.i(59359);
        String algorithm = privateKey.getAlgorithm();
        if ("RSA".equals(algorithm)) {
            OpenSSLKey wrapJCAPrivateKeyForTLSStackOnly = OpenSSLRSAPrivateKey.wrapJCAPrivateKeyForTLSStackOnly(privateKey, publicKey);
            AppMethodBeat.o(59359);
            return wrapJCAPrivateKeyForTLSStackOnly;
        }
        if ("EC".equals(algorithm)) {
            OpenSSLKey wrapJCAPrivateKeyForTLSStackOnly2 = OpenSSLECPrivateKey.wrapJCAPrivateKeyForTLSStackOnly(privateKey, publicKey);
            AppMethodBeat.o(59359);
            return wrapJCAPrivateKeyForTLSStackOnly2;
        }
        InvalidKeyException invalidKeyException = new InvalidKeyException("Unsupported key algorithm: " + algorithm);
        AppMethodBeat.o(59359);
        throw invalidKeyException;
    }

    private static OpenSSLKey wrapPrivateKey(PrivateKey privateKey) throws InvalidKeyException {
        AppMethodBeat.i(59365);
        if (privateKey instanceof RSAPrivateKey) {
            OpenSSLKey wrapPlatformKey = OpenSSLRSAPrivateKey.wrapPlatformKey((RSAPrivateKey) privateKey);
            AppMethodBeat.o(59365);
            return wrapPlatformKey;
        }
        if (privateKey instanceof ECPrivateKey) {
            OpenSSLKey wrapPlatformKey2 = OpenSSLECPrivateKey.wrapPlatformKey((ECPrivateKey) privateKey);
            AppMethodBeat.o(59365);
            return wrapPlatformKey2;
        }
        InvalidKeyException invalidKeyException = new InvalidKeyException("Unknown key type: " + privateKey.toString());
        AppMethodBeat.o(59365);
        throw invalidKeyException;
    }

    public boolean equals(Object obj) {
        AppMethodBeat.i(59418);
        if (obj == this) {
            AppMethodBeat.o(59418);
            return true;
        }
        if (!(obj instanceof OpenSSLKey)) {
            AppMethodBeat.o(59418);
            return false;
        }
        OpenSSLKey openSSLKey = (OpenSSLKey) obj;
        if (this.ctx.equals(openSSLKey.getNativeRef())) {
            AppMethodBeat.o(59418);
            return true;
        }
        boolean z10 = NativeCrypto.EVP_PKEY_cmp(this.ctx, openSSLKey.getNativeRef()) == 1;
        AppMethodBeat.o(59418);
        return z10;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public NativeRef.EVP_PKEY getNativeRef() {
        return this.ctx;
    }

    PrivateKey getPrivateKey() throws NoSuchAlgorithmException {
        AppMethodBeat.i(59404);
        int EVP_PKEY_type = NativeCrypto.EVP_PKEY_type(this.ctx);
        if (EVP_PKEY_type == 6) {
            OpenSSLRSAPrivateKey openSSLRSAPrivateKey = new OpenSSLRSAPrivateKey(this);
            AppMethodBeat.o(59404);
            return openSSLRSAPrivateKey;
        }
        if (EVP_PKEY_type == 408) {
            OpenSSLECPrivateKey openSSLECPrivateKey = new OpenSSLECPrivateKey(this);
            AppMethodBeat.o(59404);
            return openSSLECPrivateKey;
        }
        NoSuchAlgorithmException noSuchAlgorithmException = new NoSuchAlgorithmException("unknown PKEY type");
        AppMethodBeat.o(59404);
        throw noSuchAlgorithmException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PublicKey getPublicKey() throws NoSuchAlgorithmException {
        AppMethodBeat.i(59385);
        int EVP_PKEY_type = NativeCrypto.EVP_PKEY_type(this.ctx);
        if (EVP_PKEY_type == 6) {
            OpenSSLRSAPublicKey openSSLRSAPublicKey = new OpenSSLRSAPublicKey(this);
            AppMethodBeat.o(59385);
            return openSSLRSAPublicKey;
        }
        if (EVP_PKEY_type == 408) {
            OpenSSLECPublicKey openSSLECPublicKey = new OpenSSLECPublicKey(this);
            AppMethodBeat.o(59385);
            return openSSLECPublicKey;
        }
        NoSuchAlgorithmException noSuchAlgorithmException = new NoSuchAlgorithmException("unknown PKEY type");
        AppMethodBeat.o(59385);
        throw noSuchAlgorithmException;
    }

    public int hashCode() {
        AppMethodBeat.i(59420);
        int hashCode = this.ctx.hashCode();
        AppMethodBeat.o(59420);
        return hashCode;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isHardwareBacked() {
        return this.hardwareBacked;
    }

    boolean isWrapped() {
        return this.wrapped;
    }
}
