package net.netca.pki.encoding.asn1.pki;

import net.netca.pki.Device;
import net.netca.pki.Util;
import net.netca.pki.d;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.Sequence;
import net.netca.pki.u;
import net.netca.pki.w;

/* loaded from: classes.dex */
public final class NetcaPublicKeyEncrypter implements d, PublicKeyEncrypter {
    private Device device;

    public NetcaPublicKeyEncrypter() {
        this.device = Device.getPseudoDevice();
        if (this.device == null) {
            throw new u("get software device fail");
        }
    }

    public NetcaPublicKeyEncrypter(Device device) {
        this.device = device.dup();
        if (this.device == null) {
            throw new u("device dup fail");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getNetcaPublicKeyAlgorithm(String str) {
        if (str.equals(AlgorithmIdentifier.RSAEncrypt_OID)) {
            return 16;
        }
        if (str.equals(AlgorithmIdentifier.RSAES_OAEP_OID)) {
            return 32;
        }
        return str.equals(AlgorithmIdentifier.SM2ENC_OID) ? 64 : -1;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static w toRSAOAEPParam(AlgorithmIdentifier algorithmIdentifier) {
        if (!algorithmIdentifier.hasParam()) {
            throw new u("oaep no param");
        }
        ASN1Object param = algorithmIdentifier.getParam();
        if (!(param instanceof Sequence)) {
            throw new u("bad oaep param encode,not sequence");
        }
        RSAESOAEPParams rSAESOAEPParams = new RSAESOAEPParams((Sequence) param);
        int netcaHashAlgorithm = NetcaHasher.getNetcaHashAlgorithm(rSAESOAEPParams.getHashAlgorithm().getOid());
        if (netcaHashAlgorithm < 0) {
            throw new u("unknown hash algo");
        }
        int mGF1AlgoFromHashAlgo = NetcaVerifier.getMGF1AlgoFromHashAlgo(rSAESOAEPParams.getMgf1HashAlgorithm().getOid());
        if (mGF1AlgoFromHashAlgo >= 0) {
            return new w(netcaHashAlgorithm, mGF1AlgoFromHashAlgo, rSAESOAEPParams.getLabel());
        }
        throw new u("unknown mgf1 algo");
    }

    @Override // net.netca.pki.encoding.asn1.pki.PublicKeyEncrypter
    public byte[] encrypt(PublicKey publicKey, AlgorithmIdentifier algorithmIdentifier, byte[] bArr, int i, int i2) {
        net.netca.pki.PublicKey publicKey2;
        String oid = algorithmIdentifier.getOid();
        int netcaPublicKeyAlgorithm = getNetcaPublicKeyAlgorithm(oid);
        if (netcaPublicKeyAlgorithm < 0) {
            throw new u("unknown public key encrypt algorithm " + oid);
        }
        try {
            publicKey2 = this.device.importSubjectPublicKeyInfo(publicKey.toSubjectPublicKeyInfo().getASN1Object().encode());
            try {
                if (publicKey2 == null) {
                    throw new u("importSubjectPublicKeyInfo fail");
                }
                if (netcaPublicKeyAlgorithm == 32) {
                    byte[] rsaOaepEncrypt = publicKey2.rsaOaepEncrypt(toRSAOAEPParam(algorithmIdentifier), bArr, i, i2);
                    if (publicKey2 != null) {
                        publicKey2.free();
                    }
                    return rsaOaepEncrypt;
                }
                byte[] encrypt = publicKey2.encrypt(netcaPublicKeyAlgorithm, bArr, i, i2);
                if (netcaPublicKeyAlgorithm != 64) {
                    if (publicKey2 != null) {
                        publicKey2.free();
                    }
                    return encrypt;
                }
                byte[] b2 = Util.b(encrypt);
                if (publicKey2 != null) {
                    publicKey2.free();
                }
                return b2;
            } catch (Throwable th) {
                th = th;
                if (publicKey2 != null) {
                    publicKey2.free();
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
            publicKey2 = null;
        }
    }

    @Override // net.netca.pki.d
    public void free() {
        this.device.free();
    }
}
