package com.palantir.conjure.java.config.ssl.pkcs1;

import com.palantir.logsafe.Arg;
import com.palantir.logsafe.exceptions.SafeRuntimeException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;

/* loaded from: input_file:com/palantir/conjure/java/config/ssl/pkcs1/Pkcs1PrivateKeyReader.class */
public final class Pkcs1PrivateKeyReader {
    private static final byte INTEGER = 2;
    private static final byte SEQUENCE = 48;
    private final ByteBuffer derBytes;

    public Pkcs1PrivateKeyReader(byte[] bArr) {
        this.derBytes = ByteBuffer.wrap(bArr);
    }

    public RSAPrivateKeySpec readRsaKey() {
        if (this.derBytes.get() != SEQUENCE) {
            throw new SafeRuntimeException("Expected SEQUENCE byte (0x30) at the beginning of RSA private key", new Arg[0]);
        }
        this.derBytes.limit(this.derBytes.position() + readLength());
        if (readNumber().intValue() == 1) {
            throw new SafeRuntimeException("Only version 0 (two-prime) RSA keys are supported", new Arg[0]);
        }
        BigInteger readNumber = readNumber();
        BigInteger readNumber2 = readNumber();
        BigInteger readNumber3 = readNumber();
        BigInteger readNumber4 = readNumber();
        BigInteger readNumber5 = readNumber();
        BigInteger readNumber6 = readNumber();
        BigInteger readNumber7 = readNumber();
        BigInteger readNumber8 = readNumber();
        return (readNumber2.signum() == 0 || readNumber6.signum() == 0 || readNumber7.signum() == 0 || readNumber4.signum() == 0 || readNumber5.signum() == 0 || readNumber8.signum() == 0) ? new RSAPrivateKeySpec(readNumber, readNumber3) : new RSAPrivateCrtKeySpec(readNumber, readNumber2, readNumber3, readNumber4, readNumber5, readNumber6, readNumber7, readNumber8);
    }

    private BigInteger readNumber() {
        if (this.derBytes.get() != INTEGER) {
            throw new SafeRuntimeException("Expected INTEGER byte (0x02) when reading a number", new Arg[0]);
        }
        int readLength = readLength();
        byte[] bArr = new byte[readLength];
        System.arraycopy(this.derBytes.array(), this.derBytes.position(), bArr, 0, readLength);
        this.derBytes.position(this.derBytes.position() + readLength);
        return new BigInteger(bArr);
    }

    private int readLength() {
        byte b = this.derBytes.get();
        if (b == -1) {
            throw new SafeRuntimeException("Unable to decode length from der bytes", new Arg[0]);
        }
        if ((b & 128) == 0) {
            return b;
        }
        if ((b & Byte.MAX_VALUE) == 0) {
            throw new SafeRuntimeException("Indefinite length encoding is not supported", new Arg[0]);
        }
        int i = b & Byte.MAX_VALUE;
        if (i > 4) {
            throw new SafeRuntimeException("Values bigger than 4GBs are not supported", new Arg[0]);
        }
        int i2 = 0;
        for (int i3 = 0; i3 < i; i3++) {
            i2 = (i2 << 8) + (this.derBytes.get() & 255);
        }
        return i2;
    }
}
