package com.yubico.yubikit.piv.jca;

import com.yubico.yubikit.core.util.Callback;
import com.yubico.yubikit.core.util.Result;
import com.yubico.yubikit.piv.KeyType;
import com.yubico.yubikit.piv.Padding;
import com.yubico.yubikit.piv.PivSession;
import java.io.ByteArrayOutputStream;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Map;
import javax.annotation.Nullable;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherSpi;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes8.dex */
public class PivCipherSpi extends CipherSpi {

    /* renamed from: h, reason: collision with root package name */
    public static final Logger f24514h = LoggerFactory.k(PivCipherSpi.class);

    /* renamed from: a, reason: collision with root package name */
    public final Callback<Callback<Result<PivSession, Exception>>> f24515a;

    /* renamed from: b, reason: collision with root package name */
    public final Map<KeyType, KeyPair> f24516b;

    /* renamed from: d, reason: collision with root package name */
    @Nullable
    public PivPrivateKey f24517d;

    /* renamed from: e, reason: collision with root package name */
    @Nullable
    public String f24518e;

    /* renamed from: f, reason: collision with root package name */
    @Nullable
    public String f24519f;
    public final ByteArrayOutputStream c = new ByteArrayOutputStream();

    /* renamed from: g, reason: collision with root package name */
    public int f24520g = -1;

    public PivCipherSpi(Callback<Callback<Result<PivSession, Exception>>> callback, Map<KeyType, KeyPair> map) throws NoSuchPaddingException {
        this.f24515a = callback;
        this.f24516b = map;
    }

    @Override // javax.crypto.CipherSpi
    public int engineDoFinal(byte[] bArr, int i2, int i3, byte[] bArr2, int i4) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException {
        byte[] engineDoFinal = engineDoFinal(bArr, i2, i3);
        try {
            System.arraycopy(engineDoFinal, 0, bArr2, i4, engineDoFinal.length);
            return engineDoFinal.length;
        } catch (IndexOutOfBoundsException unused) {
            throw new ShortBufferException();
        }
    }

    @Override // javax.crypto.CipherSpi
    public byte[] engineDoFinal(byte[] bArr, int i2, int i3) throws IllegalBlockSizeException, BadPaddingException {
        if (this.f24517d == null) {
            throw new IllegalStateException("Cipher not initialized");
        }
        if (i3 > 0) {
            this.c.write(bArr, i2, i3);
        }
        byte[] byteArray = this.c.toByteArray();
        try {
            KeyPair keyPair = this.f24516b.get(this.f24517d.keyType);
            Cipher cipher = Cipher.getInstance(Padding.f24454a);
            cipher.init(this.f24520g, keyPair.getPublic());
            Cipher cipher2 = Cipher.getInstance("RSA/" + this.f24518e + "/" + this.f24519f);
            cipher2.init(this.f24520g, keyPair.getPrivate());
            int i4 = this.f24520g;
            if (i4 != 1) {
                if (i4 == 2) {
                    return cipher2.doFinal(cipher.doFinal(this.f24517d.j(this.f24515a, byteArray)));
                }
                throw new UnsupportedOperationException();
            }
            try {
                return this.f24517d.j(this.f24515a, cipher.doFinal(cipher2.doFinal(byteArray)));
            } catch (BadPaddingException | IllegalBlockSizeException e2) {
                throw new IllegalStateException(e2);
            }
        } catch (NoSuchPaddingException e3) {
            throw new UnsupportedOperationException("SecurityProvider doesn't support RSA without padding", e3);
        } catch (Exception e4) {
            throw new IllegalStateException(e4);
        }
    }

    @Override // javax.crypto.CipherSpi
    public int engineGetBlockSize() {
        PivPrivateKey pivPrivateKey = this.f24517d;
        if (pivPrivateKey != null) {
            return pivPrivateKey.keyType.params.f24423b / 8;
        }
        throw new IllegalStateException("Cipher not initialized");
    }

    @Override // javax.crypto.CipherSpi
    public byte[] engineGetIV() {
        return new byte[0];
    }

    @Override // javax.crypto.CipherSpi
    public int engineGetOutputSize(int i2) {
        return engineGetBlockSize();
    }

    @Override // javax.crypto.CipherSpi
    @Nullable
    public AlgorithmParameters engineGetParameters() {
        return null;
    }

    @Override // javax.crypto.CipherSpi
    public void engineInit(int i2, Key key, @Nullable AlgorithmParameters algorithmParameters, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (algorithmParameters != null) {
            throw new InvalidAlgorithmParameterException("Cipher must be initialized with params = null");
        }
        engineInit(i2, key, secureRandom);
    }

    @Override // javax.crypto.CipherSpi
    public void engineInit(int i2, Key key, SecureRandom secureRandom) throws InvalidKeyException {
        com.yubico.yubikit.core.internal.Logger.c(f24514h, "Engine init: mode={} padding={}", this.f24518e, this.f24519f);
        if (!(key instanceof PivPrivateKey)) {
            throw new InvalidKeyException("Unsupported key type");
        }
        if (!KeyType.Algorithm.RSA.name().equals(key.getAlgorithm())) {
            throw new InvalidKeyException("Cipher only supports RSA.");
        }
        this.f24517d = (PivPrivateKey) key;
        this.f24520g = i2;
        this.c.reset();
    }

    @Override // javax.crypto.CipherSpi
    public void engineInit(int i2, Key key, @Nullable AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (algorithmParameterSpec != null) {
            throw new InvalidAlgorithmParameterException("Cipher must be initialized with params = null");
        }
        engineInit(i2, key, secureRandom);
    }

    @Override // javax.crypto.CipherSpi
    public void engineSetMode(String str) throws NoSuchAlgorithmException {
        this.f24518e = str;
    }

    @Override // javax.crypto.CipherSpi
    public void engineSetPadding(String str) throws NoSuchPaddingException {
        this.f24519f = str;
    }

    @Override // javax.crypto.CipherSpi
    public int engineUpdate(byte[] bArr, int i2, int i3, byte[] bArr2, int i4) throws ShortBufferException {
        this.c.write(bArr, i2, i3);
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    public byte[] engineUpdate(byte[] bArr, int i2, int i3) {
        this.c.write(bArr, i2, i3);
        return new byte[0];
    }
}
