package com.yessign.jce.cms;

import com.yessign.asn1.ASN1EncodableArray;
import com.yessign.asn1.ASN1OctetString;
import com.yessign.asn1.ASN1Sequence;
import com.yessign.asn1.BERConstructedOctetString;
import com.yessign.asn1.DERInteger;
import com.yessign.asn1.DERNull;
import com.yessign.asn1.DERObject;
import com.yessign.asn1.DERObjectIdentifier;
import com.yessign.asn1.DEROctetString;
import com.yessign.asn1.DERSet;
import com.yessign.asn1.cms.ContentInfo;
import com.yessign.asn1.cms.EncryptedContentInfo;
import com.yessign.asn1.cms.EnvelopedData;
import com.yessign.asn1.cms.KEKIdentifier;
import com.yessign.asn1.cms.KEKRecipientInfo;
import com.yessign.asn1.cms.KeyTransRecipientInfo;
import com.yessign.asn1.cms.RecipientIdentifier;
import com.yessign.asn1.cms.RecipientInfo;
import com.yessign.asn1.cms.SignedData;
import com.yessign.asn1.pkcs.IssuerAndSerialNumber;
import com.yessign.asn1.pkcs.PKCSObjectIdentifiers;
import com.yessign.asn1.x509.AlgorithmIdentifier;
import com.yessign.asn1.x509.SubjectPublicKeyInfo;
import com.yessign.asn1.x509.TBSCertificateStructure;
import com.yessign.jce.provider.PBE;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidParameterSpecException;
import java.util.ArrayList;
import java.util.Iterator;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes.dex */
public class CMSEnvelopedDataGenerator {
    private ArrayList a = new ArrayList();
    private SecureRandom b = new SecureRandom();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class a {
        X509Certificate a;
        AlgorithmIdentifier b;
        PublicKey c;
        ASN1OctetString d;
        SecretKey e;
        KEKIdentifier f;

        /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
        a(PublicKey publicKey, ASN1OctetString aSN1OctetString) {
            this.c = publicKey;
            this.d = aSN1OctetString;
            try {
                this.b = SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(publicKey.getEncoded())).getAlgorithmId();
            } catch (IOException unused) {
                throw new IllegalArgumentException("공개키에서 키 알고리즘 추출 실패");
            }
        }

        /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
        a(X509Certificate x509Certificate) {
            this.a = x509Certificate;
            this.c = x509Certificate.getPublicKey();
            try {
                this.b = TBSCertificateStructure.getInstance(ASN1Sequence.getInstance(x509Certificate.getTBSCertificate())).getSubjectPublicKeyInfo().getAlgorithmId();
            } catch (IOException unused) {
                throw new IllegalArgumentException("인증서에서 키 알고리즘 추출 실패");
            } catch (CertificateEncodingException unused2) {
                throw new IllegalArgumentException("인증서에서 TBS 구조체 추출 실패");
            }
        }

        /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
        a(SecretKey secretKey, KEKIdentifier kEKIdentifier) {
            AlgorithmIdentifier algorithmIdentifier;
            this.e = secretKey;
            this.f = kEKIdentifier;
            if (secretKey.getAlgorithm().startsWith("DES")) {
                algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier("1.2.840.113549.1.9.16.3.6"), new DERNull());
            } else {
                if (!secretKey.getAlgorithm().startsWith("RC2")) {
                    throw new IllegalArgumentException("unknown algorithm");
                }
                algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier("1.2.840.113549.1.9.16.3.7"), new DERInteger(58));
            }
            this.b = algorithmIdentifier;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void addKEKRecipient(SecretKey secretKey, byte[] bArr) {
        this.a.add(new a(secretKey, new KEKIdentifier(bArr, null, null)));
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void addKeyTransRecipient(PublicKey publicKey, byte[] bArr) throws IllegalArgumentException {
        this.a.add(new a(publicKey, new DEROctetString(bArr)));
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void addKeyTransRecipient(X509Certificate x509Certificate) throws IllegalArgumentException {
        this.a.add(new a(x509Certificate));
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public CMSEnvelopedData generate(CMSProcessable cMSProcessable, String str, boolean z, String str2) throws NoSuchProviderException, CMSException {
        AlgorithmParameters algorithmParameters;
        DERObject dERObject;
        DERObjectIdentifier dERObjectIdentifier;
        RecipientInfo recipientInfo;
        ASN1EncodableArray aSN1EncodableArray = new ASN1EncodableArray();
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(str, str2);
            Cipher cipher = Cipher.getInstance(str, str2);
            if (z) {
                algorithmParameters = AlgorithmParameterGenerator.getInstance(str, str2).generateParameters();
                dERObject = ASN1Sequence.getInstance(algorithmParameters.getEncoded("ASN.1"));
            } else {
                algorithmParameters = AlgorithmParameters.getInstance(str, str2);
                algorithmParameters.init(new IvParameterSpec(PBE.SEED_IV));
                dERObject = null;
            }
            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new DERObjectIdentifier(str), dERObject);
            SecretKey generateKey = keyGenerator.generateKey();
            cipher.init(1, generateKey, algorithmParameters);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cMSProcessable.write(cipherOutputStream);
            cipherOutputStream.close();
            BERConstructedOctetString bERConstructedOctetString = new BERConstructedOctetString(byteArrayOutputStream.toByteArray());
            Iterator it = this.a.iterator();
            while (it.hasNext()) {
                a aVar = (a) it.next();
                try {
                    Cipher cipher2 = Cipher.getInstance(aVar.b.getObjectId().getAlgName(), str2);
                    if (aVar.c != null) {
                        byte[] encoded = generateKey.getEncoded();
                        cipher2.init(1, aVar.c);
                        DEROctetString dEROctetString = new DEROctetString(cipher2.doFinal(encoded));
                        recipientInfo = aVar.a != null ? new RecipientInfo(new KeyTransRecipientInfo(new RecipientIdentifier(new IssuerAndSerialNumber(TBSCertificateStructure.getInstance(ASN1Sequence.getInstance(aVar.a.getTBSCertificate())).getIssuer(), aVar.a.getSerialNumber())), aVar.b, dEROctetString)) : new RecipientInfo(new KeyTransRecipientInfo(new RecipientIdentifier(aVar.d), aVar.b, dEROctetString));
                    } else {
                        cipher2.init(3, aVar.e);
                        recipientInfo = new RecipientInfo(new KEKRecipientInfo(aVar.f, aVar.b, new DEROctetString(cipher2.wrap(generateKey))));
                    }
                    aSN1EncodableArray.add(recipientInfo);
                } catch (IOException e) {
                    throw new CMSException("encoding error.", e);
                } catch (InvalidKeyException e2) {
                    throw new CMSException("key inappropriate for algorithm.", e2);
                } catch (GeneralSecurityException e3) {
                    throw new CMSException("error making encrypted content.", e3);
                }
            }
            try {
                SignedData.getInstance(ASN1Sequence.getInstance((byte[]) cMSProcessable.getContent()));
                dERObjectIdentifier = PKCSObjectIdentifiers.signedData;
            } catch (Exception unused) {
                dERObjectIdentifier = PKCSObjectIdentifiers.data;
            }
            return new CMSEnvelopedData(new ContentInfo(PKCSObjectIdentifiers.envelopedData, new EnvelopedData(null, new DERSet(aSN1EncodableArray), new EncryptedContentInfo(dERObjectIdentifier, algorithmIdentifier, bERConstructedOctetString), null)), generateKey);
        } catch (IOException e4) {
            throw new CMSException("exception decoding algorithm parameters.", e4);
        } catch (InvalidAlgorithmParameterException e5) {
            throw new CMSException("algorithm parameters invalid.", e5);
        } catch (InvalidKeyException e6) {
            throw new CMSException("key invalid in message.", e6);
        } catch (NoSuchAlgorithmException e7) {
            throw new CMSException("can't find algorithm.", e7);
        } catch (InvalidParameterSpecException e8) {
            throw new CMSException("Initial Vecter 생성 파라미터 오류임.", e8);
        } catch (NoSuchPaddingException e9) {
            throw new CMSException("required padding not supported.", e9);
        }
    }
}
