package org.apache.geode.internal.cache.tier.sockets;

import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Properties;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.geode.DataSerializer;
import org.apache.geode.LogWriter;
import org.apache.geode.annotations.internal.MakeNotStatic;
import org.apache.geode.distributed.DistributedSystem;
import org.apache.geode.distributed.internal.DistributionConfig;
import org.apache.geode.internal.ByteArrayDataInput;
import org.apache.geode.internal.HeapDataOutputStream;
import org.apache.geode.internal.Version;
import org.apache.geode.internal.cache.tier.Encryptor;
import org.apache.geode.internal.logging.InternalLogWriter;
import org.apache.geode.security.AuthenticationFailedException;
import org.apache.geode.security.GemFireSecurityException;

/* loaded from: input_file:org/apache/geode/internal/cache/tier/sockets/EncryptorImpl.class */
public class EncryptorImpl implements Encryptor {
    private static final BigInteger dhP = new BigInteger("135287020639910739997189928970717021771311421882765429190887700940242697307989907008041927806610978529253822307916592536509818186767394634756714063947534092593553024224277712367371302394452615862654308111809029797196494501056604787763641987260783383085570220968104473500348898008043285865193451061481841186553");
    private static final BigInteger dhG = new BigInteger("130583456807197150961665134075139695376245536366239321690167044250081505657615277976871655435431431908701485776974110415733273525810283593126577393912282416840649805564834470583437473176415335737232689814802018696718110109967325936556664646275595822588612548788965341273697569202082715873518528062345259949959");
    private static final int dhL = 1023;
    private Cipher _encrypt;
    private Cipher _decrypt;
    private PublicKey clientPublicKey;
    private String clientSKAlgo;

    @MakeNotStatic
    private static PrivateKey dhPrivateKey;

    @MakeNotStatic
    private static PublicKey dhPublicKey;

    @MakeNotStatic
    private static String dhSKAlgo;

    @MakeNotStatic
    private static String certificateFilePath;

    @MakeNotStatic
    private static HashMap certificateMap;

    @MakeNotStatic
    private static String privateKeyAlias;

    @MakeNotStatic
    private static String privateKeySubject;

    @MakeNotStatic
    private static PrivateKey privateKeyEncrypt;

    @MakeNotStatic
    private static String privateKeySignAlgo;

    @MakeNotStatic
    private static SecureRandom random;
    private byte appSecureMode;
    private LogWriter logWriter;

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptorImpl(EncryptorImpl encryptorImpl) {
        this.appSecureMode = (byte) 0;
        this.appSecureMode = encryptorImpl.appSecureMode;
        this.logWriter = encryptorImpl.logWriter;
    }

    public EncryptorImpl(LogWriter logWriter) {
        this.appSecureMode = (byte) 0;
        this.logWriter = logWriter;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setAppSecureMode(byte b) {
        this.appSecureMode = b;
    }

    public static byte[] decryptBytes(byte[] bArr, Cipher cipher) throws Exception {
        return cipher.doFinal(bArr);
    }

    protected Cipher getDecryptCipher(String str, PublicKey publicKey) throws Exception {
        Cipher cipher;
        if (this._decrypt == null) {
            KeyAgreement keyAgreement = KeyAgreement.getInstance("DH");
            keyAgreement.init(dhPrivateKey);
            keyAgreement.doPhase(publicKey, true);
            int keySize = getKeySize(str);
            int blockSize = getBlockSize(str);
            if (keySize == -1 || blockSize == -1) {
                SecretKey generateSecret = keyAgreement.generateSecret(str);
                cipher = Cipher.getInstance(str);
                cipher.init(2, generateSecret);
            } else {
                String dhAlgoStr = getDhAlgoStr(str);
                byte[] generateSecret2 = keyAgreement.generateSecret();
                SecretKeySpec secretKeySpec = new SecretKeySpec(generateSecret2, 0, keySize, dhAlgoStr);
                IvParameterSpec ivParameterSpec = new IvParameterSpec(generateSecret2, keySize, blockSize);
                cipher = Cipher.getInstance(dhAlgoStr + "/CBC/PKCS5Padding");
                cipher.init(2, secretKeySpec, ivParameterSpec);
            }
            this._decrypt = cipher;
        }
        return this._decrypt;
    }

    public static void initCertsMap(Properties properties) throws Exception {
        certificateMap = new HashMap();
        certificateFilePath = properties.getProperty(Handshake.PUBLIC_KEY_FILE_PROP);
        if (certificateFilePath == null || certificateFilePath.length() <= 0) {
            return;
        }
        KeyStore keyStore = KeyStore.getInstance("JKS");
        String property = properties.getProperty(Handshake.PUBLIC_KEY_PASSWD_PROP);
        char[] charArray = property != null ? property.toCharArray() : null;
        FileInputStream fileInputStream = new FileInputStream(certificateFilePath);
        try {
            keyStore.load(fileInputStream, charArray);
            fileInputStream.close();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = keyStore.getCertificate(aliases.nextElement());
                if (certificate instanceof X509Certificate) {
                    certificateMap.put(((X509Certificate) certificate).getSubjectDN().getName(), certificate);
                }
            }
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    public static void initPrivateKey(Properties properties) throws Exception {
        String property = properties.getProperty(Handshake.PRIVATE_KEY_FILE_PROP);
        privateKeyAlias = "";
        privateKeyEncrypt = null;
        if (property == null || property.length() <= 0) {
            return;
        }
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        privateKeyAlias = properties.getProperty(Handshake.PRIVATE_KEY_ALIAS_PROP);
        if (privateKeyAlias == null) {
            privateKeyAlias = "";
        }
        String property2 = properties.getProperty(Handshake.PRIVATE_KEY_PASSWD_PROP);
        char[] charArray = property2 != null ? property2.toCharArray() : null;
        FileInputStream fileInputStream = new FileInputStream(property);
        try {
            keyStore.load(fileInputStream, charArray);
            fileInputStream.close();
            Key key = keyStore.getKey(privateKeyAlias, charArray);
            Certificate certificate = keyStore.getCertificate(privateKeyAlias);
            if ((key instanceof PrivateKey) && (certificate instanceof X509Certificate)) {
                privateKeyEncrypt = (PrivateKey) key;
                privateKeySignAlgo = ((X509Certificate) certificate).getSigAlgName();
                privateKeySubject = ((X509Certificate) certificate).getSubjectDN().getName();
            }
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    public static void initDHKeys(DistributionConfig distributionConfig) throws Exception {
        dhSKAlgo = distributionConfig.getSecurityClientDHAlgo();
        dhPrivateKey = null;
        dhPublicKey = null;
        if (dhSKAlgo == null || dhSKAlgo.length() <= 0) {
            return;
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
        keyPairGenerator.initialize(new DHParameterSpec(dhP, dhG, 1023));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        dhPrivateKey = generateKeyPair.getPrivate();
        dhPublicKey = generateKeyPair.getPublic();
        random = new SecureRandom();
        random.nextBytes(new byte[48]);
    }

    @Override // org.apache.geode.internal.cache.tier.Encryptor
    public byte[] decryptBytes(byte[] bArr) throws Exception {
        if (this.appSecureMode == 2) {
            return decryptBytes(bArr, getDecryptCipher(this.clientSKAlgo != null ? this.clientSKAlgo : dhSKAlgo, this.clientPublicKey));
        }
        return bArr;
    }

    @Override // org.apache.geode.internal.cache.tier.Encryptor
    public byte[] encryptBytes(byte[] bArr) throws Exception {
        if (this.appSecureMode == 2) {
            return encryptBytes(bArr, getEncryptCipher(this.clientSKAlgo != null ? this.clientSKAlgo : dhSKAlgo, this.clientPublicKey));
        }
        return bArr;
    }

    public static byte[] encryptBytes(byte[] bArr, Cipher cipher) throws Exception {
        return cipher.doFinal(bArr);
    }

    protected Cipher getEncryptCipher(String str, PublicKey publicKey) throws Exception {
        Cipher cipher;
        if (this._encrypt == null) {
            KeyAgreement keyAgreement = KeyAgreement.getInstance("DH");
            keyAgreement.init(dhPrivateKey);
            keyAgreement.doPhase(publicKey, true);
            int keySize = getKeySize(str);
            int blockSize = getBlockSize(str);
            if (keySize == -1 || blockSize == -1) {
                SecretKey generateSecret = keyAgreement.generateSecret(str);
                cipher = Cipher.getInstance(str);
                cipher.init(1, generateSecret);
            } else {
                String dhAlgoStr = getDhAlgoStr(str);
                byte[] generateSecret2 = keyAgreement.generateSecret();
                SecretKeySpec secretKeySpec = new SecretKeySpec(generateSecret2, 0, keySize, dhAlgoStr);
                IvParameterSpec ivParameterSpec = new IvParameterSpec(generateSecret2, keySize, blockSize);
                cipher = Cipher.getInstance(dhAlgoStr + "/CBC/PKCS5Padding");
                cipher.init(1, secretKeySpec, ivParameterSpec);
            }
            this._encrypt = cipher;
        }
        return this._encrypt;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isEnabled() {
        return dhSKAlgo != null && dhSKAlgo.length() > 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte writeEncryptedCredential(DataOutputStream dataOutputStream, DataInputStream dataInputStream, HeapDataOutputStream heapDataOutputStream) throws IOException {
        try {
            this.logWriter.fine("HandShake: using Diffie-Hellman key exchange with algo " + dhSKAlgo);
            boolean z = certificateFilePath != null && certificateFilePath.length() > 0;
            if (z) {
                this.logWriter.fine("HandShake: server authentication using digital signature required");
            }
            heapDataOutputStream.writeByte(2);
            this.appSecureMode = (byte) 2;
            heapDataOutputStream.writeBoolean(z);
            DataSerializer.writeString(dhSKAlgo, heapDataOutputStream);
            DataSerializer.writeByteArray(dhPublicKey.getEncoded(), heapDataOutputStream);
            byte[] bArr = null;
            if (z) {
                bArr = new byte[64];
                random.nextBytes(bArr);
                DataSerializer.writeByteArray(bArr, heapDataOutputStream);
            }
            heapDataOutputStream.flush();
            dataOutputStream.write(heapDataOutputStream.toByteArray());
            dataOutputStream.flush();
            byte readByte = dataInputStream.readByte();
            if (readByte == 59) {
                byte[] readByteArray = DataSerializer.readByteArray(dataInputStream);
                if (z) {
                    String readString = DataSerializer.readString(dataInputStream);
                    byte[] readByteArray2 = DataSerializer.readByteArray(dataInputStream);
                    if (!certificateMap.containsKey(readString)) {
                        throw new AuthenticationFailedException(String.format("HandShake failed to find public key for server with subject %s", readString));
                    }
                    X509Certificate x509Certificate = (X509Certificate) certificateMap.get(readString);
                    Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
                    signature.initVerify(x509Certificate);
                    signature.update(bArr);
                    if (!signature.verify(readByteArray2)) {
                        throw new AuthenticationFailedException("Mismatch in client challenge bytes. Malicious server?");
                    }
                    this.logWriter.fine("HandShake: Successfully verified the digital signature from server");
                }
                byte[] readByteArray3 = DataSerializer.readByteArray(dataInputStream);
                this.clientPublicKey = KeyFactory.getInstance("DH").generatePublic(new X509EncodedKeySpec(readByteArray));
                HeapDataOutputStream heapDataOutputStream2 = new HeapDataOutputStream(Version.CURRENT);
                Throwable th = null;
                try {
                    try {
                        DataSerializer.writeByteArray(readByteArray3, heapDataOutputStream2);
                        DataSerializer.writeByteArray(encryptBytes(heapDataOutputStream2.toByteArray(), getEncryptCipher(dhSKAlgo, this.clientPublicKey)), dataOutputStream);
                        if (heapDataOutputStream2 != null) {
                            if (0 != 0) {
                                try {
                                    heapDataOutputStream2.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                heapDataOutputStream2.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            }
            return readByte;
        } catch (IOException e) {
            throw e;
        } catch (GemFireSecurityException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new AuthenticationFailedException("HandShake failed in Diffie-Hellman key exchange", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte writeEncryptedCredentials(DataOutputStream dataOutputStream, DataInputStream dataInputStream, Properties properties, HeapDataOutputStream heapDataOutputStream) throws IOException {
        try {
            this.logWriter.fine("HandShake: using Diffie-Hellman key exchange with algo " + dhSKAlgo);
            boolean z = certificateFilePath != null && certificateFilePath.length() > 0;
            if (z) {
                this.logWriter.fine("HandShake: server authentication using digital signature required");
            }
            heapDataOutputStream.writeByte(2);
            heapDataOutputStream.writeBoolean(z);
            DataSerializer.writeString(dhSKAlgo, heapDataOutputStream);
            DataSerializer.writeByteArray(dhPublicKey.getEncoded(), heapDataOutputStream);
            byte[] bArr = null;
            if (z) {
                bArr = new byte[64];
                random.nextBytes(bArr);
                DataSerializer.writeByteArray(bArr, heapDataOutputStream);
            }
            heapDataOutputStream.flush();
            dataOutputStream.write(heapDataOutputStream.toByteArray());
            dataOutputStream.flush();
            byte readByte = dataInputStream.readByte();
            if (readByte == 59) {
                byte[] readByteArray = DataSerializer.readByteArray(dataInputStream);
                if (z) {
                    String readString = DataSerializer.readString(dataInputStream);
                    byte[] readByteArray2 = DataSerializer.readByteArray(dataInputStream);
                    if (!certificateMap.containsKey(readString)) {
                        throw new AuthenticationFailedException(String.format("HandShake failed to find public key for server with subject %s", readString));
                    }
                    X509Certificate x509Certificate = (X509Certificate) certificateMap.get(readString);
                    Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
                    signature.initVerify(x509Certificate);
                    signature.update(bArr);
                    if (!signature.verify(readByteArray2)) {
                        throw new AuthenticationFailedException("Mismatch in client challenge bytes. Malicious server?");
                    }
                    this.logWriter.fine("HandShake: Successfully verified the digital signature from server");
                }
                byte[] readByteArray3 = DataSerializer.readByteArray(dataInputStream);
                this.clientPublicKey = KeyFactory.getInstance("DH").generatePublic(new X509EncodedKeySpec(readByteArray));
                HeapDataOutputStream heapDataOutputStream2 = new HeapDataOutputStream(Version.CURRENT);
                try {
                    DataSerializer.writeProperties(properties, heapDataOutputStream2);
                    DataSerializer.writeByteArray(readByteArray3, heapDataOutputStream2);
                    DataSerializer.writeByteArray(encryptBytes(heapDataOutputStream2.toByteArray(), getEncryptCipher(dhSKAlgo, this.clientPublicKey)), dataOutputStream);
                    heapDataOutputStream2.close();
                } catch (Throwable th) {
                    heapDataOutputStream2.close();
                    throw th;
                }
            }
            return readByte;
        } catch (IOException e) {
            throw e;
        } catch (GemFireSecurityException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new AuthenticationFailedException("HandShake failed in Diffie-Hellman key exchange", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void readEncryptedCredentials(DataInputStream dataInputStream, DataOutputStream dataOutputStream, DistributedSystem distributedSystem, boolean z) throws Exception {
        this.appSecureMode = (byte) 2;
        boolean readBoolean = dataInputStream.readBoolean();
        InternalLogWriter internalLogWriter = (InternalLogWriter) distributedSystem.getSecurityLogWriter();
        this.clientSKAlgo = DataSerializer.readString(dataInputStream);
        byte[] readByteArray = DataSerializer.readByteArray(dataInputStream);
        if (!z) {
            if (readBoolean) {
                DataSerializer.readByteArray(dataInputStream);
            }
            dataOutputStream.writeByte(66);
            dataOutputStream.flush();
            return;
        }
        this.clientPublicKey = KeyFactory.getInstance("DH").generatePublic(new X509EncodedKeySpec(readByteArray));
        byte[] encoded = dhPublicKey.getEncoded();
        byte[] bArr = new byte[64];
        random.nextBytes(bArr);
        if (readBoolean) {
            byte[] readByteArray2 = DataSerializer.readByteArray(dataInputStream);
            if (privateKeyEncrypt == null) {
                throw new AuthenticationFailedException("Server private key not available for creating signature.");
            }
            Signature signature = Signature.getInstance(privateKeySignAlgo);
            signature.initSign(privateKeyEncrypt);
            signature.update(readByteArray2);
            byte[] sign = signature.sign();
            dataOutputStream.writeByte(59);
            DataSerializer.writeByteArray(encoded, dataOutputStream);
            DataSerializer.writeString(privateKeySubject, dataOutputStream);
            DataSerializer.writeByteArray(sign, dataOutputStream);
            internalLogWriter.fine("HandShake: sent the signed client challenge");
        } else {
            dataOutputStream.writeByte(59);
            DataSerializer.writeByteArray(encoded, dataOutputStream);
        }
        DataSerializer.writeByteArray(bArr, dataOutputStream);
        internalLogWriter.fine("HandShake: sent the public key and challenge");
        dataOutputStream.flush();
        ByteArrayDataInput byteArrayDataInput = new ByteArrayDataInput(decryptBytes(DataSerializer.readByteArray(dataInputStream), getDecryptCipher(this.clientSKAlgo, this.clientPublicKey)));
        if (!Arrays.equals(bArr, DataSerializer.readByteArray(byteArrayDataInput))) {
            throw new AuthenticationFailedException("Mismatch in challenge bytes. Malicious client?");
        }
        byteArrayDataInput.close();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Properties getDecryptedCredentials(DataInputStream dataInputStream, DataOutputStream dataOutputStream, DistributedSystem distributedSystem, boolean z, Properties properties) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException {
        Cipher cipher;
        boolean readBoolean = dataInputStream.readBoolean();
        InternalLogWriter internalLogWriter = (InternalLogWriter) distributedSystem.getSecurityLogWriter();
        String readString = DataSerializer.readString(dataInputStream);
        byte[] readByteArray = DataSerializer.readByteArray(dataInputStream);
        if (z) {
            PublicKey generatePublic = KeyFactory.getInstance("DH").generatePublic(new X509EncodedKeySpec(readByteArray));
            byte[] encoded = dhPublicKey.getEncoded();
            byte[] bArr = new byte[64];
            random.nextBytes(bArr);
            if (readBoolean) {
                byte[] readByteArray2 = DataSerializer.readByteArray(dataInputStream);
                if (privateKeyEncrypt == null) {
                    throw new AuthenticationFailedException("Server private key not available for creating signature.");
                }
                Signature signature = Signature.getInstance(privateKeySignAlgo);
                signature.initSign(privateKeyEncrypt);
                signature.update(readByteArray2);
                byte[] sign = signature.sign();
                dataOutputStream.writeByte(59);
                DataSerializer.writeByteArray(encoded, dataOutputStream);
                DataSerializer.writeString(privateKeySubject, dataOutputStream);
                DataSerializer.writeByteArray(sign, dataOutputStream);
                internalLogWriter.fine("HandShake: sent the signed client challenge");
            } else {
                dataOutputStream.writeByte(59);
                DataSerializer.writeByteArray(encoded, dataOutputStream);
            }
            DataSerializer.writeByteArray(bArr, dataOutputStream);
            internalLogWriter.fine("HandShake: sent the public key and challenge");
            dataOutputStream.flush();
            byte[] readByteArray3 = DataSerializer.readByteArray(dataInputStream);
            KeyAgreement keyAgreement = KeyAgreement.getInstance("DH");
            keyAgreement.init(dhPrivateKey);
            keyAgreement.doPhase(generatePublic, true);
            int keySize = getKeySize(readString);
            int blockSize = getBlockSize(readString);
            if (keySize == -1 || blockSize == -1) {
                SecretKey generateSecret = keyAgreement.generateSecret(readString);
                cipher = Cipher.getInstance(readString);
                cipher.init(2, generateSecret);
            } else {
                String dhAlgoStr = getDhAlgoStr(readString);
                byte[] generateSecret2 = keyAgreement.generateSecret();
                SecretKeySpec secretKeySpec = new SecretKeySpec(generateSecret2, 0, keySize, dhAlgoStr);
                IvParameterSpec ivParameterSpec = new IvParameterSpec(generateSecret2, keySize, blockSize);
                cipher = Cipher.getInstance(dhAlgoStr + "/CBC/PKCS5Padding");
                cipher.init(2, secretKeySpec, ivParameterSpec);
            }
            ByteArrayDataInput byteArrayDataInput = new ByteArrayDataInput(cipher.doFinal(readByteArray3));
            properties = DataSerializer.readProperties(byteArrayDataInput);
            if (!Arrays.equals(bArr, DataSerializer.readByteArray(byteArrayDataInput))) {
                throw new AuthenticationFailedException("Mismatch in challenge bytes. Malicious client?");
            }
            byteArrayDataInput.close();
        } else {
            if (readBoolean) {
                DataSerializer.readByteArray(dataInputStream);
            }
            dataOutputStream.writeByte(66);
            dataOutputStream.flush();
        }
        return properties;
    }

    private static int getKeySize(String str) {
        String str2;
        int indexOf = str.indexOf(58);
        int i = 0;
        if (indexOf >= 0) {
            str2 = str.substring(0, indexOf);
            i = Integer.parseInt(str.substring(indexOf + 1));
        } else {
            str2 = str;
        }
        int i2 = -1;
        if (str2.equalsIgnoreCase("DESede")) {
            i2 = 24;
        } else if (str2.equalsIgnoreCase("Blowfish")) {
            i2 = i > 128 ? i / 8 : 16;
        } else if (str2.equalsIgnoreCase("AES")) {
            i2 = (i == 192 || i == 256) ? i / 8 : 16;
        }
        return i2;
    }

    private static String getDhAlgoStr(String str) {
        int indexOf = str.indexOf(58);
        return indexOf >= 0 ? str.substring(0, indexOf) : str;
    }

    private static int getBlockSize(String str) {
        int i = -1;
        String dhAlgoStr = getDhAlgoStr(str);
        if (dhAlgoStr.equalsIgnoreCase("DESede")) {
            i = 8;
        } else if (dhAlgoStr.equalsIgnoreCase("Blowfish")) {
            i = 8;
        } else if (dhAlgoStr.equalsIgnoreCase("AES")) {
            i = 16;
        }
        return i;
    }
}
