package org.broadinstitute.gatk.engine.crypt;

import java.io.File;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import org.broadinstitute.gatk.utils.exceptions.ReviewedGATKException;
import org.broadinstitute.gatk.utils.io.IOUtils;

/* loaded from: input_file:org/broadinstitute/gatk/engine/crypt/CryptUtils.class */
public class CryptUtils {
    public static final int DEFAULT_KEY_LENGTH = 2048;
    public static final String DEFAULT_ENCRYPTION_ALGORITHM = "RSA";
    public static final String DEFAULT_RANDOM_NUMBER_GENERATION_ALGORITHM = "SHA1PRNG";
    public static final String GATK_DISTRIBUTED_PUBLIC_KEY_FILE_NAME = "GATK_public.key";
    public static final String GATK_MASTER_PRIVATE_KEY_FILE = "/humgen/gsa-hpprojects/GATK/data/gatk_master_keys/GATK_private.key";
    public static final String GATK_MASTER_PUBLIC_KEY_FILE = "/humgen/gsa-hpprojects/GATK/data/gatk_master_keys/GATK_public.key";
    public static final String GATK_USER_KEY_DIRECTORY = "/humgen/gsa-hpprojects/GATK/data/gatk_user_keys/";

    public static KeyPair generateKeyPair() {
        return generateKeyPair(2048, DEFAULT_ENCRYPTION_ALGORITHM, DEFAULT_RANDOM_NUMBER_GENERATION_ALGORITHM);
    }

    public static KeyPair generateKeyPair(int i, String str, String str2) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
            keyPairGenerator.initialize(i, createRandomnessSource(str2));
            return keyPairGenerator.generateKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new ReviewedGATKException(String.format("Could not find an implementation of the requested encryption algorithm %s", str), e);
        } catch (Exception e2) {
            throw new ReviewedGATKException("Error while generating key pair", e2);
        }
    }

    public static SecureRandom createRandomnessSource() {
        return createRandomnessSource(DEFAULT_RANDOM_NUMBER_GENERATION_ALGORITHM);
    }

    public static SecureRandom createRandomnessSource(String str) {
        try {
            return SecureRandom.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            throw new ReviewedGATKException(String.format("Could not find an implementation of the requested random-number generation algorithm %s", str), e);
        }
    }

    public static void writeKeyPair(KeyPair keyPair, File file, File file2) {
        writeKey(keyPair.getPrivate(), file);
        writeKey(keyPair.getPublic(), file2);
    }

    public static void writeKey(Key key, File file) {
        IOUtils.writeByteArrayToFile(key.getEncoded(), file);
    }

    public static PublicKey readPublicKey(File file) {
        return decodePublicKey(IOUtils.readFileIntoByteArray(file), DEFAULT_ENCRYPTION_ALGORITHM);
    }

    public static PublicKey readPublicKey(InputStream inputStream) {
        return decodePublicKey(IOUtils.readStreamIntoByteArray(inputStream), DEFAULT_ENCRYPTION_ALGORITHM);
    }

    public static PublicKey decodePublicKey(byte[] bArr, String str) {
        try {
            return KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException e) {
            throw new ReviewedGATKException(String.format("Could not find an implementation of the requested encryption algorithm %s", str), e);
        } catch (InvalidKeySpecException e2) {
            throw new ReviewedGATKException("Unable to use X.509 key specification to decode the given key", e2);
        }
    }

    public static PrivateKey readPrivateKey(File file) {
        return decodePrivateKey(IOUtils.readFileIntoByteArray(file), DEFAULT_ENCRYPTION_ALGORITHM);
    }

    public static PrivateKey readPrivateKey(InputStream inputStream) {
        return decodePrivateKey(IOUtils.readStreamIntoByteArray(inputStream), DEFAULT_ENCRYPTION_ALGORITHM);
    }

    public static PrivateKey decodePrivateKey(byte[] bArr, String str) {
        try {
            return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException e) {
            throw new ReviewedGATKException(String.format("Could not find an implementation of the requested encryption algorithm %s", str), e);
        } catch (InvalidKeySpecException e2) {
            throw new ReviewedGATKException("Unable to use the PKCS #8 key specification to decode the given key", e2);
        }
    }

    public static PublicKey loadGATKDistributedPublicKey() {
        InputStream systemResourceAsStream = ClassLoader.getSystemResourceAsStream(GATK_DISTRIBUTED_PUBLIC_KEY_FILE_NAME);
        if (systemResourceAsStream == null) {
            throw new ReviewedGATKException(String.format("Could not locate the GATK public key %s in the classpath", GATK_DISTRIBUTED_PUBLIC_KEY_FILE_NAME));
        }
        return readPublicKey(systemResourceAsStream);
    }

    public static PrivateKey loadGATKMasterPrivateKey() {
        return readPrivateKey(new File(GATK_MASTER_PRIVATE_KEY_FILE));
    }

    public static PublicKey loadGATKMasterPublicKey() {
        return readPublicKey(new File(GATK_MASTER_PUBLIC_KEY_FILE));
    }

    public static byte[] encryptData(byte[] bArr, Key key) {
        return transformDataUsingCipher(bArr, key, 1);
    }

    public static byte[] decryptData(byte[] bArr, Key key) {
        return transformDataUsingCipher(bArr, key, 2);
    }

    private static byte[] transformDataUsingCipher(byte[] bArr, Key key, int i) {
        try {
            Cipher cipher = Cipher.getInstance(key.getAlgorithm());
            cipher.init(i, key);
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException e) {
            throw new ReviewedGATKException("Key is invalid", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new ReviewedGATKException(String.format("Could not find an implementation of the requested algorithm %s", key.getAlgorithm()), e2);
        } catch (GeneralSecurityException e3) {
            throw new ReviewedGATKException("Error during encryption", e3);
        }
    }

    public static boolean keysDecryptEachOther(PrivateKey privateKey, PublicKey publicKey) {
        byte[] bytes = "Test PlainText".getBytes();
        byte[] encryptData = encryptData(bytes, privateKey);
        byte[] encryptData2 = encryptData(bytes, publicKey);
        return (Arrays.equals(bytes, encryptData) || Arrays.equals(bytes, encryptData2) || Arrays.equals(encryptData, encryptData2) || !Arrays.equals(bytes, decryptData(encryptData, publicKey)) || !Arrays.equals(bytes, decryptData(encryptData2, privateKey))) ? false : true;
    }
}
