package org.bouncycastle.openssl;

import java.io.IOException;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.EncryptionScheme;
import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
import org.bouncycastle.asn1.pkcs.PBES2Parameters;
import org.bouncycastle.asn1.pkcs.PBKDF2Params;
import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.util.io.pem.PemGenerationException;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemObjectGenerator;

/* loaded from: classes2.dex */
public class PKCS8Generator implements PemObjectGenerator {

    /* renamed from: a, reason: collision with root package name */
    public static final String f10465a = NISTObjectIdentifiers.h.e();

    /* renamed from: b, reason: collision with root package name */
    public static final String f10466b = NISTObjectIdentifiers.o.e();

    /* renamed from: c, reason: collision with root package name */
    public static final String f10467c = NISTObjectIdentifiers.v.e();
    public static final String d = PKCSObjectIdentifiers.B.e();
    public static final String e = PKCSObjectIdentifiers.bq.e();
    public static final String f = PKCSObjectIdentifiers.br.e();
    public static final String g = PKCSObjectIdentifiers.bs.e();
    public static final String h = PKCSObjectIdentifiers.bt.e();
    public static final String i = PKCSObjectIdentifiers.bu.e();
    public static final String j = PKCSObjectIdentifiers.bv.e();
    private char[] k;
    private String l;
    private int m;
    private PrivateKey n;
    private Cipher o;
    private SecureRandom p;
    private AlgorithmParameterGenerator q;
    private SecretKeyFactory r;

    @Override // org.bouncycastle.util.io.pem.PemObjectGenerator
    public final PemObject a() {
        byte[] encoded = this.n.getEncoded();
        if (this.l == null) {
            return new PemObject("PRIVATE KEY", encoded);
        }
        DERObjectIdentifier dERObjectIdentifier = new DERObjectIdentifier(this.l);
        if (a.a(dERObjectIdentifier)) {
            byte[] bArr = new byte[20];
            if (this.p == null) {
                this.p = new SecureRandom();
            }
            this.p.nextBytes(bArr);
            SecretKey a2 = a.a(this.l, this.k, bArr, this.m);
            AlgorithmParameters generateParameters = this.q.generateParameters();
            try {
                this.o.init(1, a2, generateParameters);
                EncryptionScheme encryptionScheme = new EncryptionScheme(new DERObjectIdentifier(this.l), ASN1Object.a(generateParameters.getEncoded()));
                KeyDerivationFunc keyDerivationFunc = new KeyDerivationFunc(PKCSObjectIdentifiers.z, new PBKDF2Params(bArr, this.m));
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.a(keyDerivationFunc);
                aSN1EncodableVector.a(encryptionScheme);
                return new PemObject("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.y, new PBES2Parameters(new DERSequence(aSN1EncodableVector))), this.o.doFinal(encoded)).a());
            } catch (IOException e2) {
                throw new PemGenerationException(e2.getMessage(), e2);
            } catch (GeneralSecurityException e3) {
                throw new PemGenerationException(e3.getMessage(), e3);
            }
        }
        if (!a.b(dERObjectIdentifier)) {
            throw new PemGenerationException("unknown algorithm: " + this.l);
        }
        byte[] bArr2 = new byte[20];
        if (this.p == null) {
            this.p = new SecureRandom();
        }
        this.p.nextBytes(bArr2);
        try {
            this.o.init(1, this.r.generateSecret(new PBEKeySpec(this.k)), new PBEParameterSpec(bArr2, this.m));
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.a(new DEROctetString(bArr2));
            aSN1EncodableVector2.a(new DERInteger(this.m));
            return new PemObject("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(dERObjectIdentifier, new PKCS12PBEParams(new DERSequence(aSN1EncodableVector2))), this.o.doFinal(encoded)).a());
        } catch (IOException e4) {
            throw new PemGenerationException(e4.getMessage(), e4);
        } catch (GeneralSecurityException e5) {
            throw new PemGenerationException(e5.getMessage(), e5);
        }
    }
}
