package net.netca.pki.encoding.asn1.pki.cms;

import java.util.Arrays;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.ASN1TypeManager;
import net.netca.pki.encoding.asn1.ObjectIdentifier;
import net.netca.pki.encoding.asn1.OctetString;
import net.netca.pki.encoding.asn1.Sequence;
import net.netca.pki.encoding.asn1.SequenceType;
import net.netca.pki.encoding.asn1.TaggedValue;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;
import net.netca.pki.encoding.asn1.pki.IKDF;
import net.netca.pki.encoding.asn1.pki.PBES2Params;
import net.netca.pki.encoding.asn1.pki.PBKDF2Params;
import net.netca.pki.encoding.asn1.pki.RC2CBCParameter;
import net.netca.pki.encoding.asn1.pki.SymEncrypter;
import net.netca.pki.encoding.asn1.pki.pkcs12.Pkcs12KDF;
import net.netca.pki.encoding.asn1.pki.pkcs12.Pkcs12PbeParams;
import net.netca.pki.u;
import org.bouncycastle.crypto.tls.CipherSuite;

/* loaded from: classes.dex */
public final class EncryptedContentInfo {
    private static final SequenceType type = (SequenceType) ASN1TypeManager.getInstance().get("EncryptedContentInfo");
    private Sequence seq;

    public EncryptedContentInfo(String str, AlgorithmIdentifier algorithmIdentifier, byte[] bArr) {
        if (str == null) {
            throw new u("contentType is null");
        }
        if (algorithmIdentifier == null) {
            throw new u("contentEncryptionAlgorithm is null");
        }
        this.seq = new Sequence(type);
        this.seq.add(new ObjectIdentifier(str));
        this.seq.add(algorithmIdentifier.getASN1Object());
        if (bArr != null) {
            this.seq.add(new TaggedValue(128, 0, true, new OctetString(bArr)));
        }
    }

    public EncryptedContentInfo(Sequence sequence) {
        if (!type.match(sequence)) {
            throw new u("not EncryptedContentInfo");
        }
        this.seq = sequence;
    }

    private EncryptedContentInfo(byte[] bArr) {
        this.seq = (Sequence) ASN1Object.decode(bArr, type);
    }

    public static EncryptedContentInfo decode(byte[] bArr) {
        return new EncryptedContentInfo(bArr);
    }

    public static SequenceType getASN1Type() {
        return type;
    }

    private static AlgorithmIdentifier getEncryptAlgorithmIdentifier(String str, byte[] bArr) {
        if (str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_128BIT_RC4) || str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_40BIT_RC4)) {
            return AlgorithmIdentifier.CreateAlgorithmIdentifierNullParam(AlgorithmIdentifier.RC4_OID);
        }
        if (str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_2KEY_TRIPLEDES_CBC) || str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_3KEY_TRIPLEDES_CBC)) {
            return new AlgorithmIdentifier(AlgorithmIdentifier.DESEDE3CBC_OID, new OctetString(bArr));
        }
        return new AlgorithmIdentifier(AlgorithmIdentifier.RC2CBC_OID, (str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_40BIT_RC2_CBC) ? new RC2CBCParameter(CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256, bArr) : new RC2CBCParameter(58, bArr)).getASN1Object());
    }

    private static int getIVLengthFromPkcs12PbeAlgorithm(String str) {
        return (str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_128BIT_RC2_CBC) || str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_2KEY_TRIPLEDES_CBC) || str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_3KEY_TRIPLEDES_CBC) || str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_40BIT_RC2_CBC)) ? 8 : 0;
    }

    private static int getKeyLengthFromAlgorithm(AlgorithmIdentifier algorithmIdentifier) {
        String oid = algorithmIdentifier.getOid();
        if (oid.equals(AlgorithmIdentifier.AES128CBCPAD_OID)) {
            return 16;
        }
        if (oid.equals(AlgorithmIdentifier.AES192CBCPAD_OID)) {
            return 24;
        }
        if (oid.equals(AlgorithmIdentifier.AES256CBCPAD_OID)) {
            return 32;
        }
        if (oid.equals(AlgorithmIdentifier.DESCBC_OID)) {
            return 8;
        }
        if (oid.equals(AlgorithmIdentifier.DESEDE3CBC_OID)) {
            return 24;
        }
        if (oid.equals(AlgorithmIdentifier.SM1CBC_OID) || oid.equals(AlgorithmIdentifier.SM4CBC_OID) || oid.equals(AlgorithmIdentifier.GM_SM4CBC_OID) || oid.equals(AlgorithmIdentifier.SSF33CBC_OID)) {
            return 16;
        }
        throw new u("unknown key length");
    }

    private static int getKeyLengthFromPkcs12PbeAlgorithm(String str) {
        if (str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_128BIT_RC2_CBC) || str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_128BIT_RC4) || str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_2KEY_TRIPLEDES_CBC)) {
            return 16;
        }
        if (str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_3KEY_TRIPLEDES_CBC)) {
            return 24;
        }
        if (str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_40BIT_RC2_CBC) || str.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_40BIT_RC4)) {
            return 5;
        }
        throw new u("unknown key length");
    }

    public static byte[] pkcs12Decrypt(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, String str, SymEncrypter symEncrypter, Pkcs12KDF pkcs12KDF) {
        byte[] bArr2;
        String oid = algorithmIdentifier.getOid();
        ASN1Object param = algorithmIdentifier.getParam();
        if (param == null) {
            throw new u("pkcs12 pbe no param");
        }
        Pkcs12PbeParams pkcs12PbeParams = new Pkcs12PbeParams((Sequence) param.to(Pkcs12PbeParams.getASN1Type()));
        byte[] salt = pkcs12PbeParams.getSalt();
        int iterations = pkcs12PbeParams.getIterations();
        int keyLengthFromPkcs12PbeAlgorithm = getKeyLengthFromPkcs12PbeAlgorithm(oid);
        int iVLengthFromPkcs12PbeAlgorithm = getIVLengthFromPkcs12PbeAlgorithm(oid);
        byte[] key = pkcs12KDF.getKey(AlgorithmIdentifier.SHA1_OID, str, salt, iterations, keyLengthFromPkcs12PbeAlgorithm);
        if (oid.equals(AlgorithmIdentifier.PBE_WITH_SHA_AND_2KEY_TRIPLEDES_CBC)) {
            byte[] bArr3 = new byte[24];
            System.arraycopy(key, 0, bArr3, 0, 16);
            System.arraycopy(key, 0, bArr3, 16, 8);
            Arrays.fill(key, (byte) 0);
            bArr2 = bArr3;
        } else {
            bArr2 = key;
        }
        byte[] cipher = symEncrypter.cipher(false, bArr2, getEncryptAlgorithmIdentifier(oid, iVLengthFromPkcs12PbeAlgorithm > 0 ? pkcs12KDF.getIV(AlgorithmIdentifier.SHA1_OID, str, salt, iterations, iVLengthFromPkcs12PbeAlgorithm) : null), bArr, 0, bArr.length);
        Arrays.fill(bArr2, (byte) 0);
        return cipher;
    }

    public static byte[] pkcs5Decrypt(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, byte[] bArr2, SymEncrypter symEncrypter, IKDF ikdf) {
        if (!algorithmIdentifier.getOid().equals(AlgorithmIdentifier.PBES2)) {
            throw new u("not PBES2");
        }
        ASN1Object param = algorithmIdentifier.getParam();
        if (param == null) {
            throw new u("PBES2 no param");
        }
        PBES2Params pBES2Params = new PBES2Params((Sequence) param.to(PBES2Params.getASN1Type()));
        AlgorithmIdentifier keyDerivationFunc = pBES2Params.getKeyDerivationFunc();
        if (!keyDerivationFunc.getOid().equals(AlgorithmIdentifier.PBKDF2)) {
            throw new u("KeyDerivationFunc not PBKDF2");
        }
        ASN1Object param2 = keyDerivationFunc.getParam();
        if (param2 == null) {
            throw new u("PBKDF2 no param");
        }
        PBKDF2Params pBKDF2Params = new PBKDF2Params((Sequence) param2.to(PBKDF2Params.getASN1Type()));
        AlgorithmIdentifier encryptionScheme = pBES2Params.getEncryptionScheme();
        byte[] kdf = ikdf.kdf(keyDerivationFunc, bArr2, null, pBKDF2Params.hasKeyLength() ? pBKDF2Params.getKeyLength() : getKeyLengthFromAlgorithm(encryptionScheme));
        byte[] cipher = symEncrypter.cipher(false, kdf, encryptionScheme, bArr, 0, bArr.length);
        Arrays.fill(kdf, (byte) 0);
        return cipher;
    }

    public byte[] decrypt(byte[] bArr, SymEncrypter symEncrypter) {
        byte[] encryptedContent = getEncryptedContent();
        if (encryptedContent != null) {
            return symEncrypter.cipher(false, bArr, getContentEncryptionAlgorithm(), encryptedContent, 0, encryptedContent.length);
        }
        throw new u("no EncryptedContent");
    }

    public ASN1Object getASN1Object() {
        return this.seq;
    }

    public AlgorithmIdentifier getContentEncryptionAlgorithm() {
        return new AlgorithmIdentifier((Sequence) this.seq.get(1));
    }

    public String getContentType() {
        return ((ObjectIdentifier) this.seq.get(0)).getString();
    }

    public byte[] getEncryptedContent() {
        if (this.seq.size() == 2) {
            return null;
        }
        return ((OctetString) ((TaggedValue) this.seq.get(2)).getInnerValue()).getValue();
    }

    public boolean hasEncryptedContent() {
        return this.seq.size() != 2;
    }

    public byte[] pkcs12Decrypt(String str, SymEncrypter symEncrypter, Pkcs12KDF pkcs12KDF) {
        byte[] encryptedContent = getEncryptedContent();
        if (encryptedContent != null) {
            return pkcs12Decrypt(getContentEncryptionAlgorithm(), encryptedContent, str, symEncrypter, pkcs12KDF);
        }
        throw new u("no EncryptedContent");
    }

    public byte[] pkcs5Decrypt(byte[] bArr, SymEncrypter symEncrypter, IKDF ikdf) {
        byte[] encryptedContent = getEncryptedContent();
        if (encryptedContent != null) {
            return pkcs5Decrypt(getContentEncryptionAlgorithm(), encryptedContent, bArr, symEncrypter, ikdf);
        }
        throw new u("no EncryptedContent");
    }
}
