package com.formosoft.jpki.util;

import com.formosoft.jpki.asn1.ASN1ParseException;
import com.formosoft.jpki.oid.OIDFactory;
import com.formosoft.jpki.pkcs7.EncryptedContentInfo;
import com.formosoft.jpki.pkcs7.EnvelopedData;
import com.formosoft.jpki.pkcs7.IssuerAndSerialNumber;
import com.formosoft.jpki.pkcs7.PKCS7;
import com.formosoft.jpki.pkcs7.RecipientInfo;
import com.formosoft.jpki.pkcs7.SetOfRecipientInfo;
import com.formosoft.jpki.x509.X509Algorithm;
import com.formosoft.jpki.x509.X509Certificate;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: input_file:com/formosoft/jpki/util/EncryptionUtil.class */
public class EncryptionUtil {
    private static final byte[] kDESKey = {-27, 31, 64, 53, 60, -114, 22, 16};
    KeySpec keyspec = new DESEDE();
    String ENC_KEY = "RSA";
    String ENC_ALG = "RSA/ECB/PKCS1Padding";

    public PKCS7 encrypt(byte[] bArr, Certificate certificate, String str) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, IllegalStateException, IllegalBlockSizeException, BadPaddingException, CertificateEncodingException, ASN1ParseException, IOException, InvalidAlgorithmParameterException {
        this.keyspec = KeySpec.getInstance(str);
        return encrypt(bArr, certificate);
    }

    public PKCS7 encrypt(byte[] bArr, Certificate certificate) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, IllegalStateException, IllegalBlockSizeException, BadPaddingException, CertificateEncodingException, ASN1ParseException, IOException, InvalidAlgorithmParameterException {
        X509Algorithm x509Algorithm;
        Key genKey = genKey();
        byte[] bArr2 = null;
        if (this.keyspec.IV_LEN > 0) {
            bArr2 = new SecureRandom().generateSeed(this.keyspec.IV_LEN);
            x509Algorithm = new X509Algorithm(JCAAlgorithm.getObjectIdentifier(this.keyspec.CIPHER_ALG), bArr2);
        } else {
            x509Algorithm = new X509Algorithm(JCAAlgorithm.getObjectIdentifier(this.keyspec.CIPHER_ALG));
        }
        byte[] encryptData = encryptData(bArr, genKey, bArr2);
        byte[] encryptKey = encryptKey(genKey, certificate);
        X509Certificate x509Certificate = new X509Certificate(certificate.getEncoded());
        return new PKCS7(new EnvelopedData(1, new SetOfRecipientInfo(new RecipientInfo[]{new RecipientInfo(1, new IssuerAndSerialNumber(x509Certificate.getIssuer(), x509Certificate.getSerialNumber()), new X509Algorithm(JCAAlgorithm.getObjectIdentifier(this.ENC_KEY)), encryptKey)}), new EncryptedContentInfo(OIDFactory.getObjectIdentifier("1.2.840.113549.1.7.1"), x509Algorithm, encryptData)));
    }

    protected Key genKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(this.keyspec.CIPHER_KEY);
        keyGenerator.init(this.keyspec.KEY_LEN);
        return keyGenerator.generateKey();
    }

    protected byte[] encryptData(byte[] bArr, Key key, byte[] bArr2) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalStateException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException {
        Cipher cipher = Cipher.getInstance(this.keyspec.CIPHER_ALG);
        if (bArr2 == null) {
            cipher.init(1, key);
        } else {
            cipher.init(1, key, new IvParameterSpec(bArr2));
        }
        return cipher.doFinal(bArr);
    }

    protected byte[] encryptKey(Key key, Certificate certificate) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalStateException, IllegalBlockSizeException, BadPaddingException {
        Cipher cipher = Cipher.getInstance(this.ENC_ALG);
        cipher.init(3, certificate);
        return cipher.wrap(key);
    }

    public byte[] decrypt(PKCS7 pkcs7, PrivateKey privateKey) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, IllegalStateException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, com.formosoft.jpki.security.BadPaddingException {
        EnvelopedData envelopedData = pkcs7.getEnvelopedData();
        if (envelopedData == null) {
            return null;
        }
        RecipientInfo recipientInfo = envelopedData.getRecipientInfos().getRecipientInfo(0);
        X509Algorithm encryptionAlgorithm = envelopedData.getEncryptedContentInfo().getEncryptionAlgorithm();
        String shortName = encryptionAlgorithm.getAlgorithm().getShortName();
        byte[] bArr = null;
        if (encryptionAlgorithm.getParameter() != null) {
            bArr = encryptionAlgorithm.getParameter().getContentValue();
        }
        this.keyspec = KeySpec.getInstance(shortName);
        if (this.keyspec == null) {
            throw new NoSuchAlgorithmException("Not support algorithm [" + shortName + "] yet!");
        }
        return decryptData(envelopedData.getEncryptedContentInfo().getEncryptedContent(), decryptKey(recipientInfo.getEncryptedKey(), privateKey), bArr);
    }

    protected Key decryptKey(byte[] bArr, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalStateException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, com.formosoft.jpki.security.BadPaddingException {
        Cipher cipher = Cipher.getInstance(this.ENC_ALG);
        cipher.init(4, privateKey);
        return cipher.unwrap(bArr, this.keyspec.CIPHER_KEY, 3);
    }

    protected byte[] decryptData(byte[] bArr, Key key, byte[] bArr2) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalStateException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException {
        Cipher cipher = Cipher.getInstance(this.keyspec.CIPHER_ALG);
        if (bArr2 != null) {
            cipher.init(2, key, new IvParameterSpec(bArr2));
        } else {
            cipher.init(2, key);
        }
        return cipher.doFinal(bArr);
    }
}
