package mixconfig.tools.dataretention;

import anon.crypto.MyRSA;
import anon.crypto.MyRSAPrivateKey;
import anon.util.Util;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Date;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.engines.AESFastEngine;
import org.bouncycastle.crypto.modes.GCMBlockCipher;
import org.bouncycastle.crypto.params.AEADParameters;
import org.bouncycastle.crypto.params.KeyParameter;

/* loaded from: input_file:mixconfig/tools/dataretention/DataRetentionLogFileHeader.class */
public class DataRetentionLogFileHeader {
    public static final byte MAX_nr_of_keys = 10;
    public static final int LOGGING_ENTITY_FIRST_MIX = 1;
    public static final int LOGGING_ENTITY_MIDDLE_MIX = 2;
    public static final int LOGGING_ENTITY_LAST_MIX = 3;
    private long m_BaseTime;
    private t_encrypted_key[] keys;
    private byte[] auth_tag;
    private byte m_sizeOfLogEntry;
    private byte version = 0;
    private byte reserved1 = 0;
    private byte reserved2 = 0;
    private byte reserved3 = 0;
    private byte day = 0;
    private byte month = 0;
    private short year = 0;
    private byte logging_entity = 0;
    private byte logged_fields = 0;
    private short nr_of_log_entries_per_encrypted_log_line = 0;
    private byte nr_of_keys = 0;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:mixconfig/tools/dataretention/DataRetentionLogFileHeader$t_encrypted_key.class */
    public class t_encrypted_key {
        public static final short ENCRYPTED_KEY_LENGTH = 256;
        public byte[] encryptedKeyBlock = null;

        t_encrypted_key() {
        }
    }

    public DataRetentionLogFileHeader() {
        this.keys = null;
        this.auth_tag = null;
        this.keys = new t_encrypted_key[10];
        for (int i = 0; i < 10; i++) {
            this.keys[i] = new t_encrypted_key();
        }
        this.auth_tag = new byte[16];
    }

    public void writeToFile(FileOutputStream fileOutputStream) throws Exception {
        writeWithoutAuthTag(fileOutputStream);
        fileOutputStream.write(this.auth_tag);
    }

    private void writeWithoutAuthTag(OutputStream outputStream) throws Exception {
        outputStream.write(this.version);
        outputStream.write(this.reserved1);
        outputStream.write(this.reserved2);
        outputStream.write(this.reserved3);
        outputStream.write(this.day);
        outputStream.write(this.month);
        byte b = (byte) (this.year >> 8);
        byte b2 = (byte) (this.year & 255);
        outputStream.write(b);
        outputStream.write(b2);
        outputStream.write(this.logging_entity);
        outputStream.write(this.logged_fields);
        outputStream.write(this.nr_of_log_entries_per_encrypted_log_line);
        outputStream.write(this.nr_of_keys);
        for (int i = 0; i < this.nr_of_keys; i++) {
            outputStream.write(this.keys[i].encryptedKeyBlock);
        }
        outputStream.flush();
    }

    public void parseFromFile(FileInputStream fileInputStream) throws IOException {
        this.version = (byte) fileInputStream.read();
        if (this.version != 0) {
            throw new IOException("Unknown version");
        }
        this.reserved1 = (byte) fileInputStream.read();
        this.reserved2 = (byte) fileInputStream.read();
        this.reserved3 = (byte) fileInputStream.read();
        this.day = (byte) fileInputStream.read();
        this.month = (byte) fileInputStream.read();
        this.year = (short) ((((short) fileInputStream.read()) << 8) | ((short) fileInputStream.read()));
        this.m_BaseTime = new Date(this.year - 1900, this.month - 1, this.day).getTime() / 1000;
        this.logging_entity = (byte) fileInputStream.read();
        this.logged_fields = (byte) fileInputStream.read();
        this.nr_of_log_entries_per_encrypted_log_line = (short) fileInputStream.read();
        this.nr_of_keys = (byte) fileInputStream.read();
        for (int i = 0; i < this.nr_of_keys; i++) {
            this.keys[i].encryptedKeyBlock = new byte[256];
            fileInputStream.read(this.keys[i].encryptedKeyBlock);
        }
        fileInputStream.read(this.auth_tag);
        this.m_sizeOfLogEntry = (byte) 18;
    }

    public int getLength() {
        return 12 + (256 * this.nr_of_keys) + 16;
    }

    public byte[] getEncryptedKey(int i) {
        return this.keys[i].encryptedKeyBlock;
    }

    public int getEncryptedKeyCount() {
        return this.nr_of_keys;
    }

    public static byte[] decryptSymKey(byte[] bArr, MyRSAPrivateKey myRSAPrivateKey) throws Exception {
        MyRSA myRSA = new MyRSA();
        myRSA.init(myRSAPrivateKey);
        byte[] processBlockPKCS1 = myRSA.processBlockPKCS1(bArr, 0, bArr.length);
        byte[] bArr2 = new byte[16];
        System.arraycopy(processBlockPKCS1, 0, bArr2, 0, 16);
        verifyMac(processBlockPKCS1, 0, 20, processBlockPKCS1, 20, new byte[]{-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -2}, bArr2);
        SHA512Digest sHA512Digest = new SHA512Digest();
        sHA512Digest.update(processBlockPKCS1, 16, 4);
        byte[] bArr3 = new byte[sHA512Digest.getDigestSize()];
        sHA512Digest.doFinal(bArr3, 0);
        for (int i = 0; i < 16; i++) {
            bArr2[i] = (byte) (processBlockPKCS1[i] ^ bArr3[i]);
        }
        return bArr2;
    }

    public void verifyHeader(byte[] bArr) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        writeWithoutAuthTag(byteArrayOutputStream);
        verifyMac(byteArrayOutputStream.toByteArray(), this.auth_tag, new byte[]{-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -3}, bArr);
    }

    public int getSizeOfLogLine() {
        return (this.nr_of_log_entries_per_encrypted_log_line * this.m_sizeOfLogEntry) + 16;
    }

    public int getNrOfLogEntriesPerLogLine() {
        return this.nr_of_log_entries_per_encrypted_log_line;
    }

    public int getSizeOfLogEntry() {
        return this.m_sizeOfLogEntry;
    }

    public int getLoggingEntity() {
        return this.logging_entity;
    }

    public long getBaseTime() {
        return this.m_BaseTime;
    }

    public static int decryptAndVerify(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws Exception {
        return decryptAndVerify(bArr, 0, bArr.length, bArr2, bArr3, bArr4);
    }

    public static int decryptAndVerify(byte[] bArr, int i, int i2, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws Exception {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESFastEngine());
        gCMBlockCipher.init(false, new AEADParameters(new KeyParameter(bArr3), 128, bArr2, null));
        byte[] bArr5 = new byte[gCMBlockCipher.getOutputSize(i2)];
        int processBytes = gCMBlockCipher.processBytes(bArr, i, i2, bArr5, 0);
        int doFinal = processBytes + gCMBlockCipher.doFinal(bArr5, processBytes);
        if (bArr4 != null) {
            System.arraycopy(bArr5, 0, bArr4, 0, Math.min(doFinal, bArr4.length));
        }
        return doFinal;
    }

    private static void verifyMac(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws Exception {
        verifyMac(bArr, 0, bArr.length, bArr2, 0, bArr3, bArr4);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void verifyMac(byte[] bArr, int i, int i2, byte[] bArr2, int i3, byte[] bArr3, byte[] bArr4) throws Exception {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESFastEngine());
        gCMBlockCipher.init(true, new AEADParameters(new KeyParameter(bArr4), 128, bArr3, null));
        byte[] bArr5 = new byte[gCMBlockCipher.getOutputSize(i2)];
        int processBytes = gCMBlockCipher.processBytes(bArr, i, i2, bArr5, 0);
        int doFinal = processBytes + gCMBlockCipher.doFinal(bArr5, processBytes);
        if (!Util.arraysEqual(bArr2, i3, bArr5, bArr5.length - 16, 16)) {
            throw new Exception("Wrong MAC");
        }
    }
}
