package com.azure.identity.implementation.intellij;

import com.azure.identity.CredentialUnavailableException;
import com.nimbusds.openid.connect.sdk.id.HashBasedPairwiseSubjectCodec;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:META-INF/lib/azure-identity-1.11.1.jar:com/azure/identity/implementation/intellij/IntelliJCryptoUtil.class */
public class IntelliJCryptoUtil {
    private static final byte[] SALSA20_IV = decodeHexString("E830094B97205D2A");

    public static MessageDigest getMessageDigestSHA256() {
        try {
            return MessageDigest.getInstance(HashBasedPairwiseSubjectCodec.HASH_ALGORITHM);
        } catch (NoSuchAlgorithmException e) {
            throw new CredentialUnavailableException("Algorithm SHA-256 is not supported. Decryption of IntelliJ Token data is not possible.", e);
        }
    }

    public static byte[] createKey(byte[] bArr, byte[] bArr2, byte[] bArr3, long j) {
        byte[] transformKey = Aes.transformKey(bArr3, bArr, j);
        MessageDigest messageDigestSHA256 = getMessageDigestSHA256();
        byte[] digest = messageDigestSHA256.digest(transformKey);
        messageDigestSHA256.update(bArr2);
        return messageDigestSHA256.digest(digest);
    }

    public static InputStream getDecryptedInputStream(InputStream inputStream, byte[] bArr, byte[] bArr2) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, new SecretKeySpec(bArr, "AES"), new IvParameterSpec(bArr2));
            return new CipherInputStream(inputStream, cipher);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new CredentialUnavailableException("Error Decrypting the IntelliJ cache database.", e);
        }
    }

    public static Salsa20 createSalsa20CryptoEngine(byte[] bArr) {
        try {
            byte[] digest = getMessageDigestSHA256().digest(bArr);
            Salsa20 salsa20 = new Salsa20();
            salsa20.engineInitDecrypt(digest, SALSA20_IV);
            return salsa20;
        } catch (Exception e) {
            throw new CredentialUnavailableException("Error creating the Salsa 20 Decryption Engine.", e);
        }
    }

    public static byte[] decrypt(byte[] bArr, Salsa20 salsa20) {
        try {
            return salsa20.crypt(bArr, 0, bArr.length);
        } catch (Exception e) {
            throw new CredentialUnavailableException("Error decrypting the IntelliJ database.", e);
        }
    }

    public static InputStream createDecryptedStream(byte[] bArr, InputStream inputStream, IntelliJKdbxMetadata intelliJKdbxMetadata) {
        return getDecryptedInputStream(inputStream, createKey(bArr, intelliJKdbxMetadata.getBaseSeed(), intelliJKdbxMetadata.getTransformSeed(), intelliJKdbxMetadata.getTransformRounds()), intelliJKdbxMetadata.getEncryptionIv());
    }

    public static byte[] decodeHexString(String str) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        for (int i = 0; i < str.length(); i += 2) {
            byteArrayOutputStream.write(Integer.parseInt(str.substring(i, i + 2), 16));
        }
        return byteArrayOutputStream.toByteArray();
    }
}
