package com.cfca.util.pki.cms;

import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.Parser;
import com.cfca.util.pki.asn1.ASN1EncodableVector;
import com.cfca.util.pki.asn1.ASN1InputStream;
import com.cfca.util.pki.asn1.ASN1Object;
import com.cfca.util.pki.asn1.ASN1OctetString;
import com.cfca.util.pki.asn1.DERInteger;
import com.cfca.util.pki.asn1.DERNull;
import com.cfca.util.pki.asn1.DERObjectIdentifier;
import com.cfca.util.pki.asn1.DEROctetString;
import com.cfca.util.pki.asn1.DERSequence;
import com.cfca.util.pki.asn1.cms.IssuerAndSerialNumber;
import com.cfca.util.pki.asn1.cms.KEKIdentifier;
import com.cfca.util.pki.asn1.cms.KeyTransRecipientInfo;
import com.cfca.util.pki.asn1.cms.OriginatorIdentifierOrKey;
import com.cfca.util.pki.asn1.cms.RecipientIdentifier;
import com.cfca.util.pki.asn1.cms.RecipientInfo;
import com.cfca.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import com.cfca.util.pki.asn1.x509.AlgorithmIdentifier;
import com.cfca.util.pki.asn1.x509.SubjectPublicKeyInfo;
import com.cfca.util.pki.asn1.x509.TBSCertificateStructure;
import com.cfca.util.pki.cert.X509Cert;
import com.cfca.util.pki.cipher.JKey;
import com.cfca.util.pki.cipher.Mechanism;
import com.cfca.util.pki.cipher.Session;
import java.io.IOException;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.SecretKey;
import javax.crypto.spec.RC2ParameterSpec;

/* loaded from: input_file:com/cfca/util/pki/cms/CMSEnvelopedGenerator.class */
public class CMSEnvelopedGenerator {
    public static final String IDEA_CBC = "1.3.6.1.4.1.188.7.1.1.2";
    public static final String CAST5_CBC = "1.2.840.113533.7.66.10";
    public static final String AES128_ECB = "2.16.840.1.101.3.4.1.1";
    public static final String AES128_CBC = "2.16.840.1.101.3.4.1.2";
    List recipientInfs = new ArrayList();
    SecureRandom rand = new SecureRandom();
    public static final String DES_EDE3_CBC = PKCSObjectIdentifiers.des3CBCEncryption.getId();
    public static final String DES_EDE3_EBC = PKCSObjectIdentifiers.des3Encryption.getId();
    public static final String DES_ECB = PKCSObjectIdentifiers.desEncryption.getId();
    public static final String DES_CBC = PKCSObjectIdentifiers.desCBCEncryption.getId();
    public static final String RC4 = PKCSObjectIdentifiers.rc4Encryption.getId();
    public static final String RC2_CBC = PKCSObjectIdentifiers.RC2_CBC.getId();
    private static final CMSEnvelopedHelper HELPER = CMSEnvelopedHelper.INSTANCE;

    /* loaded from: input_file:com/cfca/util/pki/cms/CMSEnvelopedGenerator$RecipientInf.class */
    protected class RecipientInf {
        X509Cert cert;
        AlgorithmIdentifier keyEncAlg;
        JKey pubKey;
        ASN1OctetString subKeyId;
        SecretKey secKey;
        KEKIdentifier secKeyId;
        OriginatorIdentifierOrKey originator;
        ASN1OctetString ukm;
        AlgorithmIdentifier derivationAlg;
        final CMSEnvelopedGenerator this$0;

        RecipientInf(CMSEnvelopedGenerator cMSEnvelopedGenerator, X509Cert x509Cert) {
            this.this$0 = cMSEnvelopedGenerator;
            this.cert = x509Cert;
            try {
                this.pubKey = x509Cert.getPublicKey();
            } catch (PKIException e) {
            }
            TBSCertificateStructure tBSCertificateStructure = null;
            try {
                tBSCertificateStructure = TBSCertificateStructure.getInstance(ASN1Object.fromByteArray(x509Cert.getTBSCertificate()));
            } catch (PKIException e2) {
            } catch (IOException e3) {
            }
            this.keyEncAlg = tBSCertificateStructure.getSubjectPublicKeyInfo().getAlgorithmId();
        }

        RecipientInf(CMSEnvelopedGenerator cMSEnvelopedGenerator, JKey jKey, ASN1OctetString aSN1OctetString) throws PKIException {
            this.this$0 = cMSEnvelopedGenerator;
            this.pubKey = jKey;
            this.subKeyId = aSN1OctetString;
            try {
                this.keyEncAlg = SubjectPublicKeyInfo.getInstance(ASN1Object.fromByteArray(Parser.convertPublicKey(jKey).getEncoded())).getAlgorithmId();
            } catch (PKIException e) {
                throw e;
            } catch (IOException e2) {
                throw new IllegalArgumentException("can't extract key algorithm from this key");
            }
        }

        RecipientInf(CMSEnvelopedGenerator cMSEnvelopedGenerator, SecretKey secretKey, KEKIdentifier kEKIdentifier) {
            this.this$0 = cMSEnvelopedGenerator;
            this.secKey = secretKey;
            this.secKeyId = kEKIdentifier;
            if (secretKey.getAlgorithm().startsWith("DES")) {
                this.keyEncAlg = new AlgorithmIdentifier(new DERObjectIdentifier("1.2.840.113549.1.9.16.3.6"), new DERNull());
            } else {
                if (!secretKey.getAlgorithm().startsWith("RC2")) {
                    throw new IllegalArgumentException("unknown algorithm");
                }
                this.keyEncAlg = new AlgorithmIdentifier(new DERObjectIdentifier("1.2.840.113549.1.9.16.3.7"), new DERInteger(58));
            }
        }

        public RecipientInf(CMSEnvelopedGenerator cMSEnvelopedGenerator, SecretKey secretKey, String str, String str2, OriginatorIdentifierOrKey originatorIdentifierOrKey, X509Cert x509Cert) {
            this.this$0 = cMSEnvelopedGenerator;
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new DERObjectIdentifier(str2));
            aSN1EncodableVector.add(DERNull.INSTANCE);
            this.secKey = secretKey;
            this.keyEncAlg = new AlgorithmIdentifier(new DERObjectIdentifier(str), new DERSequence(aSN1EncodableVector));
            this.originator = originatorIdentifierOrKey;
            this.cert = x509Cert;
        }

        public RecipientInf(CMSEnvelopedGenerator cMSEnvelopedGenerator, SecretKey secretKey, AlgorithmIdentifier algorithmIdentifier) {
            this.this$0 = cMSEnvelopedGenerator;
            this.secKey = secretKey;
            this.derivationAlg = algorithmIdentifier;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public RecipientInfo toRecipientInfo(JKey jKey, Session session) throws IOException, GeneralSecurityException, PKIException {
            DEROctetString dEROctetString = new DEROctetString(session.encrypt(new Mechanism(Mechanism.RSA_PKCS), this.pubKey, jKey.getKey()));
            if (this.cert == null) {
                return new RecipientInfo(new KeyTransRecipientInfo(new RecipientIdentifier(this.subKeyId), this.keyEncAlg, dEROctetString));
            }
            ASN1InputStream aSN1InputStream = null;
            try {
                aSN1InputStream = new ASN1InputStream(this.cert.getTBSCertificate());
            } catch (PKIException e) {
            }
            TBSCertificateStructure tBSCertificateStructure = TBSCertificateStructure.getInstance(aSN1InputStream.readObject());
            return new RecipientInfo(new KeyTransRecipientInfo(new RecipientIdentifier(new IssuerAndSerialNumber(tBSCertificateStructure.getIssuer(), tBSCertificateStructure.getSerialNumber().getValue())), this.keyEncAlg, dEROctetString));
        }
    }

    public void addKeyTransRecipient(X509Cert x509Cert) throws IllegalArgumentException {
        this.recipientInfs.add(new RecipientInf(this, x509Cert));
    }

    public void addKeyTransRecipient(JKey jKey, byte[] bArr) throws IllegalArgumentException {
        try {
            this.recipientInfs.add(new RecipientInf(this, jKey, new DEROctetString(bArr)));
        } catch (PKIException e) {
        }
    }

    protected AlgorithmIdentifier getAlgorithmIdentifier(String str, AlgorithmParameters algorithmParameters) throws IOException {
        return new AlgorithmIdentifier(new DERObjectIdentifier(str), algorithmParameters != null ? new ASN1InputStream(algorithmParameters.getEncoded("ASN.1")).readObject() : new DERNull());
    }

    protected AlgorithmParameters generateParameters(String str, SecretKey secretKey, String str2) throws NoSuchProviderException, CMSException {
        try {
            AlgorithmParameterGenerator algorithmParameterGenerator = AlgorithmParameterGenerator.getInstance(str, str2);
            if (str.equals(RC2_CBC)) {
                byte[] bArr = new byte[8];
                this.rand.setSeed(System.currentTimeMillis());
                this.rand.nextBytes(bArr);
                try {
                    algorithmParameterGenerator.init(new RC2ParameterSpec(secretKey.getEncoded().length * 8, bArr));
                } catch (InvalidAlgorithmParameterException e) {
                    throw new CMSException(new StringBuffer("parameters generation error: ").append(e).toString(), e);
                }
            }
            return algorithmParameterGenerator.generateParameters();
        } catch (NoSuchAlgorithmException e2) {
            return null;
        }
    }
}
