package iaik.pkcs.pkcs1;

import iaik.asn1.OCTET_STRING;
import iaik.asn1.structures.AlgorithmID;
import iaik.security.md.SHA;
import iaik.security.rsa.RSAOaepPrivateKey;
import iaik.security.rsa.RSAOaepPublicKey;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.springframework.aop.framework.autoproxy.target.QuickTargetSourceCreator;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BOOT-INF/lib/jce_full-3.16.jar:iaik/pkcs/pkcs1/c.class */
public class c extends a {
    private byte[] e;
    private AlgorithmID b;
    private MaskGenerationAlgorithm d;
    private AlgorithmID c;
    private MessageDigest g;
    private AlgorithmID f;
    private static boolean a;

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // iaik.pkcs.pkcs1.a
    public byte[] b(byte[] bArr) throws BadPaddingException {
        if (this.g == null) {
            throw new NullPointerException("Cannot do OAEP padding. Hash engine must not be null!");
        }
        if (this.d == null) {
            throw new NullPointerException("Cannot do OAEP padding. MGF engine must not be null!");
        }
        int length = bArr.length;
        if (this.e == null) {
            this.e = new byte[0];
        }
        byte[] digest = this.g.digest(this.e);
        int length2 = digest.length;
        if (this.modLen_ < (2 * length2) + 2) {
            throw new BadPaddingException("Invalid OAEP: decrypted message too short");
        }
        int i = (length - length2) - 1;
        int i2 = 1 + length2;
        this.d.mask(bArr, i2, i, length2, bArr, 1);
        this.d.mask(bArr, 1, length2, i, bArr, i2);
        int i3 = 0;
        while (i3 < length2) {
            if (bArr[i2 + i3] != digest[i3]) {
                throw new BadPaddingException("Invalid OAEP: parameter hashes do not match!");
            }
            i3++;
        }
        while (i3 < i && bArr[i2 + i3] == 0) {
            i3++;
        }
        if (i3 != i) {
            int i4 = i3;
            int i5 = i3 + 1;
            if (bArr[i2 + i4] == 1) {
                int i6 = i - i5;
                byte[] bArr2 = new byte[i6];
                System.arraycopy(bArr, i2 + i5, bArr2, 0, i6);
                c();
                return bArr2;
            }
        }
        throw new BadPaddingException("Invalid OAEP: invalid padding string!");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void a(boolean z) {
        a = z;
    }

    @Override // iaik.pkcs.pkcs1.a
    void c() {
        if (this.g != null) {
            this.g.reset();
        }
        if (this.d != null) {
            this.d.reset();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // iaik.pkcs.pkcs1.a
    public byte[] a(byte[] bArr) throws BadPaddingException {
        if (this.g == null) {
            throw new NullPointerException("Cannot do OAEP padding. Hash engine must not be null!");
        }
        if (this.d == null) {
            throw new NullPointerException("Cannot do OAEP padding. MGF engine must not be null!");
        }
        SecureRandom e = e();
        if (e == null) {
            throw new NullPointerException("Cannot do OAEP padding. No SecureRandom available!");
        }
        if (this.e == null) {
            this.e = new byte[0];
        }
        byte[] digest = this.g.digest(this.e);
        int length = digest.length;
        int i = this.modLen_;
        if (bArr.length > (this.modLen_ - (2 * length)) - 2) {
            throw new BadPaddingException("Message to long for OAEP, must be (2*hLen)-2 bytes less than modulus");
        }
        byte[] bArr2 = new byte[length];
        e.nextBytes(bArr2);
        byte[] bArr3 = new byte[i];
        int i2 = (i - length) - 1;
        int i3 = length + 1;
        System.arraycopy(bArr2, 0, bArr3, 1, length);
        System.arraycopy(digest, 0, bArr3, i3, length);
        System.arraycopy(bArr, 0, bArr3, i - bArr.length, bArr.length);
        bArr3[(i - bArr.length) - 1] = 1;
        this.d.mask(bArr3, 1, length, i2, bArr3, i3);
        this.d.mask(bArr3, i3, i2, length, bArr3, 1);
        c();
        return bArr3;
    }

    private void b() throws InvalidAlgorithmParameterException {
        RSAOaepParameterSpec rSAOaepParameterSpec = null;
        if (this.publicKey_ != null) {
            if (this.publicKey_ instanceof RSAOaepPublicKey) {
                rSAOaepParameterSpec = (RSAOaepParameterSpec) ((RSAOaepPublicKey) this.publicKey_).getParams();
            }
        } else if (this.privateKey_ != null && (this.privateKey_ instanceof RSAOaepPrivateKey)) {
            rSAOaepParameterSpec = (RSAOaepParameterSpec) ((RSAOaepPrivateKey) this.privateKey_).getParams();
        }
        if (rSAOaepParameterSpec != null) {
            a(rSAOaepParameterSpec);
        }
    }

    private void a(RSAOaepParameterSpec rSAOaepParameterSpec) throws InvalidAlgorithmParameterException {
        this.f = rSAOaepParameterSpec.getHashAlgorithm();
        try {
            this.g = rSAOaepParameterSpec.getHashEngine();
            this.c = rSAOaepParameterSpec.getMaskGenAlgorithm();
            try {
                this.d = rSAOaepParameterSpec.getMGFEngine();
                this.b = rSAOaepParameterSpec.getPSourceAlgorithm();
                this.e = rSAOaepParameterSpec.getLabel();
            } catch (NoSuchAlgorithmException e) {
                throw new InvalidAlgorithmParameterException(new StringBuffer("Cannot set mask generation algorithm parameter; no mgf engine available: ").append(e.getMessage()).toString());
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new InvalidAlgorithmParameterException(new StringBuffer("Cannot set hash algorithm parameter; no hash engine available: ").append(e2.getMessage()).toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // iaik.pkcs.pkcs1.a
    public void a(int i, Key key, int i2, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException, InvalidKeyException {
        super.a(i, key, i2, algorithmParameterSpec, secureRandom);
        if (this.modLen_ < 42) {
            throw new InvalidKeyException("OAEP requires a modulus of at least 336 bits!");
        }
        if (this.opMode_ == 1) {
            if (this.publicKey_ == null) {
                throw new InvalidKeyException("OAEP cannot be used to generate signatures");
            }
        } else if (this.privateKey_ == null) {
            throw new InvalidKeyException("OAEP cannot be used to verify signatures");
        }
        if (algorithmParameterSpec == null) {
            b();
            return;
        }
        if (!(algorithmParameterSpec instanceof RSAOaepParameterSpec)) {
            if (!(algorithmParameterSpec instanceof RSAOaepPSourceParameterSpec)) {
                throw new InvalidAlgorithmParameterException("Invalid parameters. Expected RSAOaepParameterSpec or RSAOaepPSourceParameterSpec!");
            }
            b();
            RSAOaepPSourceParameterSpec rSAOaepPSourceParameterSpec = (RSAOaepPSourceParameterSpec) algorithmParameterSpec;
            this.b = rSAOaepPSourceParameterSpec.getPSourceAlgorithm();
            this.e = rSAOaepPSourceParameterSpec.getLabel();
            return;
        }
        RSAOaepParameterSpec rSAOaepParameterSpec = (RSAOaepParameterSpec) algorithmParameterSpec;
        if (a) {
            if (this.publicKey_ != null) {
                if (this.publicKey_ instanceof RSAOaepPublicKey) {
                    try {
                        if (!((RSAOaepPublicKey) this.publicKey_).validateParameters(algorithmParameterSpec)) {
                            throw new InvalidAlgorithmParameterException("Parameters are not valid for OAEP-Key used with this engine!");
                        }
                    } catch (InvalidParameterSpecException unused) {
                    }
                }
            } else if (this.privateKey_ != null && (this.privateKey_ instanceof RSAOaepPrivateKey)) {
                try {
                    if (!((RSAOaepPrivateKey) this.privateKey_).validateParameters(algorithmParameterSpec)) {
                        throw new InvalidAlgorithmParameterException("Parameters are not valid for OAEP-Key used with this engine!");
                    }
                } catch (InvalidParameterSpecException unused2) {
                }
            }
        }
        a(rSAOaepParameterSpec);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // iaik.pkcs.pkcs1.a
    public AlgorithmParameters a() {
        AlgorithmParameters algorithmParameters = null;
        if (this.f != null && this.c != null && this.b != null) {
            if (this.e != null) {
                this.b.setParameter(new OCTET_STRING((byte[]) this.e.clone()));
            }
            try {
                RSAOaepParameterSpec rSAOaepParameterSpec = new RSAOaepParameterSpec(this.f, this.c, this.b);
                algorithmParameters = AlgorithmParameters.getInstance("OAEP", "IAIK");
                algorithmParameters.init(rSAOaepParameterSpec);
                return algorithmParameters;
            } catch (Exception unused) {
            }
        }
        return algorithmParameters;
    }

    private static AlgorithmID b(String str) {
        String upperCase = str.toUpperCase(Locale.US);
        AlgorithmID algorithmID = null;
        if (upperCase.equals("SHA") || upperCase.equals("SHA1") || upperCase.equals(MessageDigestAlgorithms.SHA_1)) {
            algorithmID = (AlgorithmID) AlgorithmID.sha.clone();
        } else if (upperCase.equals(MessageDigestAlgorithms.MD5)) {
            algorithmID = (AlgorithmID) AlgorithmID.md5.clone();
        } else if (upperCase.equals("RIPEMD160") || upperCase.equals("RIPEMD-160")) {
            algorithmID = (AlgorithmID) AlgorithmID.ripeMd160.clone();
        } else if (upperCase.equals("RIPEMD128") || upperCase.equals("RIPEMD-128")) {
            algorithmID = (AlgorithmID) AlgorithmID.ripeMd128.clone();
        } else if (upperCase.equals(MessageDigestAlgorithms.SHA_256) || upperCase.equals("SHA256")) {
            algorithmID = (AlgorithmID) AlgorithmID.sha256.clone();
        } else if (upperCase.equals(MessageDigestAlgorithms.SHA_384) || upperCase.equals("SHA384")) {
            algorithmID = (AlgorithmID) AlgorithmID.sha384.clone();
        } else if (upperCase.equals(MessageDigestAlgorithms.SHA_512) || upperCase.equals("SHA512")) {
            algorithmID = (AlgorithmID) AlgorithmID.sha512.clone();
        } else if (upperCase.equals(MessageDigestAlgorithms.MD2)) {
            algorithmID = (AlgorithmID) AlgorithmID.md2.clone();
        } else if (upperCase.equals("WHIRLPOOL")) {
            algorithmID = (AlgorithmID) AlgorithmID.whirlpool.clone();
        }
        return algorithmID;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static c a(String str) throws NoSuchPaddingException {
        MessageDigest messageDigestInstance;
        AlgorithmID algorithmID;
        MaskGenerationAlgorithm maskGenerationAlgorithmInstance;
        c cVar;
        if (str.length() == 4) {
            cVar = new c();
        } else {
            if (str.length() < 21) {
                throw new NoSuchPaddingException(new StringBuffer("Invalid OAEP padding name: ").append(str).append(QuickTargetSourceCreator.PREFIX_PROTOTYPE).toString());
            }
            String upperCase = str.substring(8, str.length() - 7).toUpperCase(Locale.US);
            int indexOf = upperCase.indexOf("AND");
            String substring = upperCase.substring(0, indexOf);
            String substring2 = upperCase.substring(indexOf + 3);
            AlgorithmID b = b(substring.toUpperCase(Locale.US));
            if (b == null) {
                b = AlgorithmID.getAlgorithmID(substring);
            }
            if (b == null) {
                throw new NoSuchPaddingException(new StringBuffer("No AlgorithmID available for hash algorithm \"").append(substring).append("\" of padding scheme ").append(str).toString());
            }
            AlgorithmID algorithmID2 = (AlgorithmID) b.clone();
            try {
                messageDigestInstance = algorithmID2.getMessageDigestInstance("IAIK");
            } catch (NoSuchAlgorithmException unused) {
                try {
                    messageDigestInstance = algorithmID2.getMessageDigestInstance();
                } catch (NoSuchAlgorithmException unused2) {
                    throw new NoSuchPaddingException(new StringBuffer("No engine available for hash algorithm \"").append(substring).append("\" of padding scheme ").append(str).toString());
                }
            }
            if (substring2.equals("MGF1")) {
                algorithmID = (AlgorithmID) AlgorithmID.mgf1.clone();
                algorithmID.setParameter(algorithmID2.toASN1Object());
                maskGenerationAlgorithmInstance = new MGF1(algorithmID2, messageDigestInstance);
            } else {
                AlgorithmID algorithmID3 = AlgorithmID.getAlgorithmID(substring2);
                if (algorithmID3 == null) {
                    throw new NoSuchPaddingException(new StringBuffer("No AlgorithmID available for MGF algorithm \"").append(substring2).append("\" of padding scheme ").append(str).toString());
                }
                algorithmID = (AlgorithmID) algorithmID3.clone();
                try {
                    maskGenerationAlgorithmInstance = algorithmID.getMaskGenerationAlgorithmInstance("IAIK");
                } catch (NoSuchAlgorithmException unused3) {
                    try {
                        maskGenerationAlgorithmInstance = algorithmID.getMaskGenerationAlgorithmInstance();
                    } catch (NoSuchAlgorithmException unused4) {
                        throw new NoSuchPaddingException(new StringBuffer("No engine available for MGF algorithm \"").append(substring2).append("\" of padding scheme ").append(str).toString());
                    }
                }
            }
            AlgorithmID algorithmID4 = (AlgorithmID) AlgorithmID.pSpecified.clone();
            algorithmID4.setParameter(new OCTET_STRING());
            cVar = new c(str, algorithmID2, algorithmID, algorithmID4, messageDigestInstance, maskGenerationAlgorithmInstance, new byte[0]);
        }
        return cVar;
    }

    c(String str, AlgorithmID algorithmID, AlgorithmID algorithmID2, AlgorithmID algorithmID3, MessageDigest messageDigest, MaskGenerationAlgorithm maskGenerationAlgorithm, byte[] bArr) {
        super(str);
        this.f = (AlgorithmID) algorithmID.clone();
        this.c = (AlgorithmID) algorithmID2.clone();
        this.b = (AlgorithmID) algorithmID3.clone();
        this.g = messageDigest;
        this.d = maskGenerationAlgorithm;
        this.e = (byte[]) bArr.clone();
    }

    c() {
        super("OAEP");
        this.f = (AlgorithmID) RSAOaepParameterSpec.DEFAULT_HASH_ALGORITHM.clone();
        this.g = new SHA();
        this.c = (AlgorithmID) AlgorithmID.mgf1.clone();
        this.c.setParameter(this.f.toASN1Object());
        this.d = new MGF1(this.f, this.g);
        this.b = (AlgorithmID) AlgorithmID.pSpecified.clone();
        this.b.setParameter(new OCTET_STRING());
        this.e = new byte[0];
    }
}
