package edu.vt.middleware.crypt.symmetric;

import cc.robart.app.db.room.tables.UserData;
import edu.vt.middleware.crypt.AbstractEncryptionCli;
import edu.vt.middleware.crypt.CryptException;
import edu.vt.middleware.crypt.digest.DigestAlgorithm;
import edu.vt.middleware.crypt.pbe.EncryptionScheme;
import edu.vt.middleware.crypt.pbe.OpenSSLEncryptionScheme;
import edu.vt.middleware.crypt.pbe.OpenSSLKeyGenerator;
import edu.vt.middleware.crypt.pbe.PBES1EncryptionScheme;
import edu.vt.middleware.crypt.pbe.PBES2EncryptionScheme;
import edu.vt.middleware.crypt.pbe.PBKDF1KeyGenerator;
import edu.vt.middleware.crypt.pbe.PBKDF2KeyGenerator;
import edu.vt.middleware.crypt.pbe.PKCS12EncryptionScheme;
import edu.vt.middleware.crypt.pbe.PKCS12KeyGenerator;
import edu.vt.middleware.crypt.pkcs.PBEParameter;
import edu.vt.middleware.crypt.pkcs.PBKDF2Parameters;
import edu.vt.middleware.crypt.util.CryptReader;
import edu.vt.middleware.crypt.util.CryptWriter;
import edu.vt.middleware.crypt.util.HexConverter;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.Option;

/* loaded from: classes2.dex */
public class SymmetricCli extends AbstractEncryptionCli {
    private static final String COMMAND_NAME = "enc";
    protected static final String OPT_DIGEST = "digest";
    protected static final String OPT_GENKEY = "genkey";
    protected static final String OPT_ITERATIONS = "iter";
    protected static final String OPT_IV = "iv";
    protected static final String OPT_KEY = "key";
    protected static final String OPT_KEYSIZE = "keysize";
    protected static final String OPT_MODE = "mode";
    protected static final String OPT_PADDING = "padding";
    protected static final String OPT_PBE = "pbe";
    protected static final String OPT_SALT = "salt";
    protected static final String OPT_SCHEME = "scheme";
    private HexConverter hexConv = new HexConverter();

    public static void main(String[] strArr) {
        new SymmetricCli().performAction(strArr);
    }

    protected void decrypt(CommandLine commandLine) throws Exception {
        validateOptions(commandLine);
        SymmetricAlgorithm newAlgorithm = newAlgorithm(commandLine);
        if (commandLine.hasOption(OPT_KEY)) {
            newAlgorithm.setKey(readKey(commandLine));
            if (commandLine.hasOption(OPT_IV)) {
                newAlgorithm.setIV(this.hexConv.toBytes(commandLine.getOptionValue(OPT_IV)));
            }
            decrypt(newAlgorithm, getInputStream(commandLine), getOutputStream(commandLine));
            return;
        }
        if (!commandLine.hasOption(OPT_PBE)) {
            throw new IllegalArgumentException("Either -key or -pbe is required for encryption or decryption.");
        }
        InputStream inputStream = getInputStream(commandLine);
        OutputStream outputStream = getOutputStream(commandLine);
        try {
            getPBEScheme(newAlgorithm, commandLine).decrypt(commandLine.getOptionValue(OPT_PBE).toCharArray(), inputStream, outputStream);
        } finally {
            closeStream(inputStream);
            closeStream(outputStream);
        }
    }

    @Override // edu.vt.middleware.crypt.AbstractCli
    protected void dispatch(CommandLine commandLine) throws Exception {
        if (commandLine.hasOption("encrypt")) {
            encrypt(commandLine);
            return;
        }
        if (commandLine.hasOption("decrypt")) {
            decrypt(commandLine);
        } else if (commandLine.hasOption(OPT_GENKEY)) {
            genKey(commandLine);
        } else {
            printHelp();
        }
    }

    protected void encrypt(CommandLine commandLine) throws Exception {
        validateOptions(commandLine);
        SymmetricAlgorithm newAlgorithm = newAlgorithm(commandLine);
        if (commandLine.hasOption(OPT_KEY)) {
            newAlgorithm.setKey(readKey(commandLine));
            if (commandLine.hasOption(OPT_IV)) {
                newAlgorithm.setIV(this.hexConv.toBytes(commandLine.getOptionValue(OPT_IV)));
            }
            encrypt(newAlgorithm, getInputStream(commandLine), getOutputStream(commandLine));
            return;
        }
        if (!commandLine.hasOption(OPT_PBE)) {
            throw new IllegalArgumentException("Either -key or -pbe is required for encryption or decryption.");
        }
        InputStream inputStream = getInputStream(commandLine);
        OutputStream outputStream = getOutputStream(commandLine);
        try {
            getPBEScheme(newAlgorithm, commandLine).encrypt(commandLine.getOptionValue(OPT_PBE).toCharArray(), inputStream, outputStream);
        } finally {
            closeStream(inputStream);
            closeStream(outputStream);
        }
    }

    protected void genKey(CommandLine commandLine) throws Exception {
        SecretKey generateKey;
        validateOptions(commandLine);
        SymmetricAlgorithm newAlgorithm = newAlgorithm(commandLine);
        if (commandLine.hasOption(OPT_PBE)) {
            generateKey = generatePBEKey(newAlgorithm, commandLine);
        } else if (commandLine.hasOption(OPT_KEYSIZE)) {
            int parseInt = Integer.parseInt(commandLine.getOptionValue(OPT_KEYSIZE));
            System.err.println("Generating key of size " + parseInt);
            generateKey = newAlgorithm.generateKey(parseInt);
        } else {
            System.err.println("Generating key of default size for " + newAlgorithm);
            generateKey = newAlgorithm.generateKey();
        }
        CryptWriter.writeEncodedKey(generateKey, getOutputStream(commandLine));
        if (commandLine.hasOption("out")) {
            System.err.println("Wrote key to " + commandLine.getOptionValue("out"));
        }
    }

    protected SecretKey generatePBEKey(SymmetricAlgorithm symmetricAlgorithm, CommandLine commandLine) throws Exception {
        byte[] generate;
        byte[] generate2;
        if (!commandLine.hasOption(OPT_SALT)) {
            throw new IllegalArgumentException("Salt is required for PBE key generation.");
        }
        if (!commandLine.hasOption(OPT_ITERATIONS)) {
            throw new IllegalArgumentException("Iteration count is required for PBE key generation.");
        }
        DigestAlgorithm newInstance = commandLine.hasOption(OPT_DIGEST) ? DigestAlgorithm.newInstance(commandLine.getOptionValue(OPT_DIGEST)) : null;
        String lowerCase = commandLine.hasOption(OPT_SCHEME) ? commandLine.getOptionValue(OPT_SCHEME).toLowerCase() : null;
        char[] charArray = commandLine.getOptionValue(OPT_PBE).toCharArray();
        byte[] bytes = this.hexConv.toBytes(commandLine.getOptionValue(OPT_SALT));
        int parseInt = Integer.parseInt(commandLine.getOptionValue(OPT_ITERATIONS));
        int parseInt2 = commandLine.hasOption(OPT_KEYSIZE) ? Integer.parseInt(commandLine.getOptionValue(OPT_KEYSIZE)) : -1;
        if ("pkcs12".equals(lowerCase)) {
            if (newInstance == null) {
                throw new IllegalArgumentException("pkcs12 requires a digest.");
            }
            if (parseInt2 < 0) {
                throw new IllegalArgumentException("Key size is required for pkcs5s2 PBE key generation.");
            }
            System.err.println("Generating PKCS#12 PBE key.");
            PKCS12KeyGenerator pKCS12KeyGenerator = new PKCS12KeyGenerator(newInstance, bytes, parseInt);
            generate = pKCS12KeyGenerator.generate(charArray, parseInt2);
            generate2 = pKCS12KeyGenerator.generate(charArray, symmetricAlgorithm.getBlockSize() * 8);
        } else if ("pkcs5s1".equals(lowerCase)) {
            if (newInstance == null) {
                throw new IllegalArgumentException("pkcs5s1 requires a digest.");
            }
            System.err.println("Generating PKCS#5 PBE key using PBKDF1 scheme.");
            byte[] generate3 = new PBKDF1KeyGenerator(newInstance, bytes, parseInt).generate(charArray, 128);
            byte[] bArr = new byte[8];
            byte[] bArr2 = new byte[8];
            System.arraycopy(generate3, 0, bArr, 0, 8);
            System.arraycopy(generate3, 8, bArr2, 0, 16);
            generate = bArr;
            generate2 = bArr2;
        } else if (!"openssl".equals(lowerCase)) {
            if (newInstance != null) {
                System.err.println("Ignoring digest for pkcs5s2 PBE scheme.");
            }
            if (parseInt2 < 0) {
                throw new IllegalArgumentException("Key size is required for pkcs5s2 PBE key generation.");
            }
            System.err.println("Generating PKCS#5 PBE key using PBKDF2 scheme.");
            PBKDF2KeyGenerator pBKDF2KeyGenerator = new PBKDF2KeyGenerator(bytes, parseInt);
            generate = pBKDF2KeyGenerator.generate(charArray, parseInt2);
            generate2 = pBKDF2KeyGenerator.generate(charArray, symmetricAlgorithm.getBlockSize() * 8);
        } else {
            if (parseInt2 < 0) {
                throw new IllegalArgumentException("Key size is required for pkcs5s2 PBE key generation.");
            }
            System.err.println("Generating OpenSSL PBE key.");
            OpenSSLKeyGenerator openSSLKeyGenerator = new OpenSSLKeyGenerator(bytes);
            generate = openSSLKeyGenerator.generate(charArray, parseInt2);
            generate2 = openSSLKeyGenerator.generate(charArray, symmetricAlgorithm.getBlockSize() * 8);
        }
        System.err.println("Derived key: " + this.hexConv.fromBytes(generate));
        System.err.println("Derived iv: " + this.hexConv.fromBytes(generate2));
        return new SecretKeySpec(generate, symmetricAlgorithm.getAlgorithm());
    }

    @Override // edu.vt.middleware.crypt.AbstractCli
    protected String getCommandName() {
        return COMMAND_NAME;
    }

    protected EncryptionScheme getPBEScheme(SymmetricAlgorithm symmetricAlgorithm, CommandLine commandLine) {
        EncryptionScheme pBES2EncryptionScheme;
        if (!commandLine.hasOption(OPT_SALT)) {
            throw new IllegalArgumentException("Salt is required for PBE encryption/decryption.");
        }
        if (!commandLine.hasOption(OPT_ITERATIONS)) {
            throw new IllegalArgumentException("Iteration count is required for PBE encryption/decryption.");
        }
        DigestAlgorithm newInstance = commandLine.hasOption(OPT_DIGEST) ? DigestAlgorithm.newInstance(commandLine.getOptionValue(OPT_DIGEST)) : null;
        String lowerCase = commandLine.hasOption(OPT_SCHEME) ? commandLine.getOptionValue(OPT_SCHEME).toLowerCase() : null;
        byte[] bytes = this.hexConv.toBytes(commandLine.getOptionValue(OPT_SALT));
        int parseInt = Integer.parseInt(commandLine.getOptionValue(OPT_ITERATIONS));
        int parseInt2 = commandLine.hasOption(OPT_KEYSIZE) ? Integer.parseInt(commandLine.getOptionValue(OPT_KEYSIZE)) : 0;
        if ("pkcs12".equals(lowerCase)) {
            if (newInstance == null) {
                throw new IllegalArgumentException("pkcs12 requires a digest.");
            }
            if (parseInt2 < 0) {
                throw new IllegalArgumentException("Key size is required for pkcs5s2 PBE key generation.");
            }
            System.err.println("Using PKCS#12 PBE encryption scheme.");
            pBES2EncryptionScheme = new PKCS12EncryptionScheme(symmetricAlgorithm, newInstance, new PBEParameter(bytes, parseInt), parseInt2);
        } else if ("pkcs5s1".equals(lowerCase)) {
            if (newInstance == null) {
                throw new IllegalArgumentException("pkcs12 requires a digest.");
            }
            System.err.println("Using PKCS#5 PBES1 encryption scheme.");
            pBES2EncryptionScheme = new PBES1EncryptionScheme(symmetricAlgorithm, newInstance, new PBEParameter(bytes, parseInt));
        } else if (!"openssl".equals(lowerCase)) {
            if (newInstance != null) {
                System.err.println("Ignoring digest for pkcs5s2 PBE scheme.");
            }
            if (parseInt2 < 0) {
                throw new IllegalArgumentException("Key size is required for pkcs5s2 PBE key generation.");
            }
            System.err.println("Using PKCS#5 PBES2 encryption scheme.");
            pBES2EncryptionScheme = new PBES2EncryptionScheme(symmetricAlgorithm, new PBKDF2Parameters(bytes, parseInt, parseInt2 / 8));
        } else {
            if (parseInt2 < 0) {
                throw new IllegalArgumentException("Key size is required for pkcs5s2 PBE key generation.");
            }
            System.err.println("Using OpenSSL encryption scheme.");
            pBES2EncryptionScheme = new OpenSSLEncryptionScheme(symmetricAlgorithm, bytes, parseInt2);
        }
        if (commandLine.hasOption(OPT_IV)) {
            System.err.println("Using provided IV instead of generated value.");
            symmetricAlgorithm.setIV(this.hexConv.toBytes(commandLine.getOptionValue(OPT_IV)));
        }
        return pBES2EncryptionScheme;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.vt.middleware.crypt.AbstractEncryptionCli, edu.vt.middleware.crypt.AbstractCli
    public void initOptions() {
        super.initOptions();
        Option option = new Option(OPT_MODE, true, "cipher mode, e.g. CBC");
        option.setArgName("name");
        option.setOptionalArg(false);
        Option option2 = new Option(OPT_PADDING, true, "cipher padding strategy, e.g. PKCS5Padding");
        option2.setArgName(OPT_PADDING);
        option2.setOptionalArg(false);
        Option option3 = new Option(OPT_KEY, true, "encryption/decryption key");
        option3.setArgName("filepath");
        option3.setOptionalArg(false);
        Option option4 = new Option(OPT_KEYSIZE, true, "key size in bits; only needed if -key option is not specified");
        option4.setArgName("bits");
        option4.setOptionalArg(false);
        Option option5 = new Option(OPT_IV, true, "initialization vectory in hex");
        option5.setArgName("hex_iv");
        option5.setOptionalArg(false);
        Option option6 = new Option(OPT_PBE, true, "generate PBE key from password/phrase; uses pkcs5s2 by default");
        option6.setArgName(UserData.COLUMN_PASSWORD);
        option6.setOptionalArg(false);
        Option option7 = new Option(OPT_SCHEME, true, "PBE key generation mode; one of pkcs5s1, pkcs5s2, openssl, pkcs12");
        option7.setArgName("name");
        option7.setOptionalArg(false);
        Option option8 = new Option(OPT_DIGEST, true, "digest algorithm to use with PBE mode pkcs5s1 or pkcs12");
        option8.setArgName("name");
        option8.setOptionalArg(false);
        Option option9 = new Option(OPT_SALT, true, "salt for PBE key generation in hex");
        option9.setArgName("hex_salt");
        option9.setOptionalArg(false);
        Option option10 = new Option(OPT_ITERATIONS, true, "iteration count for PBE key generation");
        option9.setArgName("count");
        option9.setOptionalArg(false);
        this.options.addOption(option);
        this.options.addOption(option2);
        this.options.addOption(option3);
        this.options.addOption(option4);
        this.options.addOption(option5);
        this.options.addOption(option6);
        this.options.addOption(option7);
        this.options.addOption(option8);
        this.options.addOption(option9);
        this.options.addOption(option10);
        this.options.addOption(new Option(OPT_GENKEY, "generate new encryption key"));
        this.options.addOption(new Option("encrypt", "perform encryption"));
        this.options.addOption(new Option("decrypt", "perform decryption"));
    }

    protected SymmetricAlgorithm newAlgorithm(CommandLine commandLine) {
        String optionValue = commandLine.getOptionValue("cipher");
        return commandLine.hasOption(OPT_MODE) ? commandLine.hasOption(OPT_PADDING) ? SymmetricAlgorithm.newInstance(optionValue, commandLine.getOptionValue(OPT_MODE), commandLine.getOptionValue(OPT_PADDING)) : SymmetricAlgorithm.newInstance(optionValue, commandLine.getOptionValue(OPT_MODE), SymmetricAlgorithm.DEFAULT_PADDING) : commandLine.hasOption(OPT_PADDING) ? SymmetricAlgorithm.newInstance(optionValue, SymmetricAlgorithm.DEFAULT_MODE, commandLine.getOptionValue(OPT_PADDING)) : SymmetricAlgorithm.newInstance(optionValue);
    }

    protected SecretKey readKey(CommandLine commandLine) throws CryptException, IOException {
        return CryptReader.readSecretKey(new File(commandLine.getOptionValue(OPT_KEY)), commandLine.getOptionValue("cipher"));
    }

    protected void validateOptions(CommandLine commandLine) {
        if (!commandLine.hasOption("cipher")) {
            throw new IllegalArgumentException("cipher option is required.");
        }
    }
}
