package net.netca.pki.encoding.asn1.pki;

import com.tencent.soter.core.keystore.KeyPropertiesCompact;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.OAEPParameterSpec;
import net.netca.pki.algorithm.ecc.Curve;
import net.netca.pki.algorithm.ecc.ECCKeyPair;
import net.netca.pki.u;

/* loaded from: classes.dex */
public final class JCEPrivateKeyDecrypter implements PrivateKeyDecrypter {
    private PrivateKey privkey;
    private ECCKeyPair sm2;

    public JCEPrivateKeyDecrypter(PrivateKey privateKey) {
        this.privkey = privateKey;
    }

    public JCEPrivateKeyDecrypter(ECCKeyPair eCCKeyPair) {
        this.sm2 = eCCKeyPair;
    }

    public JCEPrivateKeyDecrypter(PrivateKeyInfo privateKeyInfo) {
        String str;
        if (privateKeyInfo.isSM2()) {
            this.sm2 = privateKeyInfo.getSM2KeyPair();
            return;
        }
        String oid = privateKeyInfo.getPrivateKeyAlgorithm().getOid();
        if (oid.equals(AlgorithmIdentifier.RSAEncrypt_OID) || oid.equals(AlgorithmIdentifier.RSAES_OAEP_OID)) {
            str = KeyPropertiesCompact.KEY_ALGORITHM_RSA;
        } else {
            if (!oid.equals(AlgorithmIdentifier.ECPubKey_OID)) {
                throw new u("unknow PrivateKeyInfo");
            }
            str = KeyPropertiesCompact.KEY_ALGORITHM_EC;
        }
        try {
            this.privkey = KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getASN1Object().encode()));
        } catch (NoSuchAlgorithmException e) {
            throw new u("generatePrivate fail", e);
        } catch (InvalidKeySpecException e2) {
            throw new u("generatePrivate fail", e2);
        }
    }

    public JCEPrivateKeyDecrypter(PrivateKeyInfo privateKeyInfo, String str) {
        String str2;
        if (privateKeyInfo.isSM2()) {
            this.sm2 = privateKeyInfo.getSM2KeyPair();
            return;
        }
        String oid = privateKeyInfo.getPrivateKeyAlgorithm().getOid();
        if (oid.equals(AlgorithmIdentifier.RSAEncrypt_OID) || oid.equals(AlgorithmIdentifier.RSAES_OAEP_OID)) {
            str2 = KeyPropertiesCompact.KEY_ALGORITHM_RSA;
        } else {
            if (!oid.equals(AlgorithmIdentifier.ECPubKey_OID)) {
                throw new u("unknow PrivateKeyInfo");
            }
            str2 = KeyPropertiesCompact.KEY_ALGORITHM_EC;
        }
        try {
            this.privkey = KeyFactory.getInstance(str2, str).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getASN1Object().encode()));
        } catch (NoSuchAlgorithmException e) {
            throw new u("generatePrivate fail", e);
        } catch (NoSuchProviderException e2) {
            throw new u("generatePrivate fail", e2);
        } catch (InvalidKeySpecException e3) {
            throw new u("generatePrivate fail", e3);
        }
    }

    private byte[] sm2Decrypt(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, int i, int i2) {
        if (!algorithmIdentifier.getOid().equals(AlgorithmIdentifier.SM2ENC_OID)) {
            throw new u("no sm2 decrypt,privkey mismatch");
        }
        byte[] bArr2 = new byte[i2];
        System.arraycopy(bArr, i, bArr2, 0, i2);
        return this.sm2.SM2Decrypt(net.netca.pki.algorithm.ecc.SM2Cipher.parse(Curve.getSM2Curve(), bArr2));
    }

    @Override // net.netca.pki.encoding.asn1.pki.PrivateKeyDecrypter
    public byte[] decrypt(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, int i, int i2) {
        if (this.sm2 != null) {
            return sm2Decrypt(algorithmIdentifier, bArr, i, i2);
        }
        String oid = algorithmIdentifier.getOid();
        String jCEPublicKeyAlgorithm = JCEPublicKeyEncrypter.getJCEPublicKeyAlgorithm(oid);
        if (jCEPublicKeyAlgorithm == null) {
            throw new u("unknown public key encrypt algorithm " + oid);
        }
        OAEPParameterSpec oAEPParameterSpec = "RSA/ECB/OAEPPadding".equals(jCEPublicKeyAlgorithm) ? JCEPublicKeyEncrypter.toOAEPParameterSpec(algorithmIdentifier.getParam()) : null;
        try {
            Cipher cipher = Cipher.getInstance(jCEPublicKeyAlgorithm);
            if (oAEPParameterSpec != null) {
                cipher.init(2, this.privkey, oAEPParameterSpec);
            } else {
                cipher.init(2, this.privkey);
            }
            return cipher.doFinal(bArr, i, i2);
        } catch (InvalidAlgorithmParameterException e) {
            throw new u("InvalidAlgorithmParameterException: " + e.getMessage(), e);
        } catch (InvalidKeyException e2) {
            throw new u("InvalidKeyException: " + e2.getMessage(), e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new u("NoSuchAlgorithmException: " + e3.getMessage(), e3);
        } catch (BadPaddingException e4) {
            throw new u("BadPaddingException: " + e4.getMessage(), e4);
        } catch (IllegalBlockSizeException e5) {
            throw new u("IllegalBlockSizeException: " + e5.getMessage(), e5);
        } catch (NoSuchPaddingException e6) {
            throw new u("NoSuchPaddingException: " + e6.getMessage(), e6);
        }
    }
}
