package com.jd.security.tde;

import com.jd.security.tde.Constants;
import com.jd.security.tde.util.Base64;
import java.nio.ByteBuffer;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/jd/security/tde/MKey.class */
public class MKey {
    private String service_identifier;
    private byte[] id;
    private byte[] key;
    private int ver;
    private Constants.key_usage key_usage;
    private Constants.key_status key_status;
    private Constants.key_type key_type;
    private SecretKeySpec skey;
    private long expired;
    private long effective;
    private boolean isValid;
    private String key_digest;

    public MKey(String str, byte[] bArr, byte[] bArr2, String str2, int i, long j, long j2, String str3, String str4, int i2) throws MalformedException, NoSuchAlgorithmException {
        if (bArr == null || str == null) {
            throw new MalformedException("ID and App fields cannot be null.");
        }
        this.service_identifier = str;
        this.id = bArr;
        this.ver = i;
        if (i < -1) {
            throw new MalformedException("Invalid key version.");
        }
        this.key_usage = Constants.key_usage.fromValue(str4);
        this.key_status = Constants.key_status.fromValue(i2);
        this.key_type = Constants.key_type.fromValue(str3);
        this.isValid = false;
        if (bArr2 != null) {
            this.key = bArr2;
            this.expired = j2;
            this.effective = j;
            this.skey = new SecretKeySpec(this.key, 0, 16, this.key_type.toString());
        }
        this.key_digest = str2;
        if (Base64.encodeToString(MessageDigest.getInstance(Constants.default_certdigest_algo).digest(this.key)).equals(this.key_digest)) {
            this.isValid = true;
        }
    }

    public boolean isValid() {
        return this.isValid;
    }

    public String getName() {
        return this.service_identifier;
    }

    public int getVersion() {
        return this.ver;
    }

    public byte[] getID() {
        return this.id;
    }

    public long getExpiredTime() {
        return this.expired;
    }

    public long getEffectiveTime() {
        return this.effective;
    }

    public Constants.key_type getKeyType() {
        return this.key_type;
    }

    public Constants.key_status getKeyStatus() {
        return this.key_status;
    }

    public Constants.key_usage getKeyUsage() {
        return this.key_usage;
    }

    public byte[] encrypt(byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException, IllegalBlockSizeException, InvalidAlgorithmParameterException {
        byte[] encrypt = KeyEncryption.encrypt(this, bArr);
        ByteBuffer allocate = ByteBuffer.allocate(2 + this.id.length + encrypt.length);
        allocate.put(Constants.cipher_type.WEAK.id);
        allocate.put(Constants.algo_type.AES_CBC_128.id);
        allocate.put(this.id);
        allocate.put(encrypt);
        return allocate.array();
    }

    public byte[] decrypt(byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, MalformedException {
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        if (Constants.cipher_type.fromValue(wrap.get()) != Constants.cipher_type.WEAK) {
            throw new MalformedException("Unmatch CipherText Type.");
        }
        byte b = wrap.get();
        if (Constants.algo_type.fromValue(b) != Constants.algo_type.AES_CBC_128) {
            throw new MalformedException("Unmatch Encryption Algorithm Type:" + ((int) b));
        }
        byte[] bArr2 = new byte[16];
        wrap.get(bArr2);
        if (!Arrays.equals(this.id, bArr2)) {
            throw new MalformedException("Unmatch MKey ID.");
        }
        byte[] bArr3 = new byte[bArr.length - wrap.position()];
        wrap.get(bArr3);
        return KeyEncryption.decrypt(this, bArr3);
    }

    public SecretKeySpec getKey() {
        return this.skey;
    }

    public byte[] getRawKey() {
        return this.key;
    }
}
