package ksign.jce.provider.pkcs;

import com.ksign.asn1.ASN1EncodableVector;
import com.ksign.asn1.ASN1ObjectIdentifier;
import com.ksign.asn1.ASN1Set;
import com.ksign.asn1.BERSet;
import com.ksign.asn1.DEROctetStreamString;
import com.ksign.asn1.DEROctetString;
import com.ksign.asn1.DERSequence;
import com.ksign.asn1.cms.CMSObjectIdentifiers;
import com.ksign.asn1.cms.ContentInfoSizeFake;
import com.ksign.asn1.cms.EncryptedContentInfoSizeFake;
import com.ksign.asn1.cms.EnvelopedData;
import com.ksign.asn1.cms.EnvelopedDataSizeFake;
import com.ksign.asn1.cms.IssuerAndSerialNumber;
import com.ksign.asn1.cms.KeyTransRecipientInfo;
import com.ksign.asn1.cms.RecipientIdentifier;
import com.ksign.asn1.cms.RecipientInfo;
import com.ksign.asn1.kisa.KISAObjectIdentifiers;
import com.ksign.asn1.oiw.OIWObjectIdentifiers;
import com.ksign.asn1.pkcs.PKCSObjectIdentifiers;
import com.ksign.asn1.x509.AlgorithmIdentifier;
import com.ksign.wizsign.others.smartchannel.crypt.Crypto;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javak.crypto.Cipher;
import javak.crypto.CipherInputStream;
import javak.crypto.SecretKey;
import javak.crypto.spec.IvParameterSpec;
import javak.crypto.spec.SecretKeySpec;
import ksign.jce.provider.x509.X509CertificateObject;
import ksign.jce.util.JCEUtil;

/* loaded from: classes.dex */
public class EnvelopedDataGenerator {
    private static final ASN1ObjectIdentifier DATA = CMSObjectIdentifiers.data;
    private static final ASN1ObjectIdentifier ENVELOPED_DATA = CMSObjectIdentifiers.envelopedData;
    private String algo;
    private Cipher cipher2;
    private InputStream inputStream;
    private IvParameterSpec iv;
    private OutputStream outputStream;
    private ASN1Set recipientInfos;
    private SecretKey secretKey;
    private AlgorithmIdentifier contentEncryptionAlgorithm = null;
    private ArrayList certRecipient = new ArrayList();
    private CMSMessage cms = new CMSMessage();
    private ByteArrayOutputStream bos = new ByteArrayOutputStream();

    public EnvelopedDataGenerator(String str) {
        this.algo = str;
    }

    private void init() {
        int i = 8;
        int i2 = 16;
        try {
            if (this.algo.equals(Crypto.ALGORITHM_DES)) {
                i2 = 8;
            } else if (this.algo.equals("SEED")) {
                i = 16;
            } else if (this.algo.equals("DESEDE")) {
                i2 = 24;
            } else {
                if (!this.algo.equals(Crypto.ALGORITHM_ARIA)) {
                    JCEUtil.setErrorcode("60004");
                    throw new OIDNotFoundException("(KSign) envelopedData's CipherAlgorithm is not defined, " + this.algo);
                }
                i = 16;
            }
            byte[] bArr = new byte[i2];
            byte[] bArr2 = new byte[i];
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextBytes(bArr);
            secureRandom.nextBytes(bArr2);
            this.secretKey = new SecretKeySpec(bArr, this.algo);
            this.iv = new IvParameterSpec(bArr2);
            X509CertificateObject[] x509CertificateObjectArr = new X509CertificateObject[this.certRecipient.size()];
            for (int i3 = 0; i3 < this.certRecipient.size(); i3++) {
                x509CertificateObjectArr[i3] = (X509CertificateObject) this.certRecipient.get(i3);
            }
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            for (int i4 = 0; i4 < x509CertificateObjectArr.length; i4++) {
                RecipientIdentifier recipientIdentifier = new RecipientIdentifier(new IssuerAndSerialNumber(x509CertificateObjectArr[i4].getIssuerDnName(), x509CertificateObjectArr[i4].getSerialNumber()));
                AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERSequence());
                Cipher cipher = Cipher.getInstance("RSA", "Ksign");
                cipher.init(1, x509CertificateObjectArr[i4]);
                aSN1EncodableVector.add(new RecipientInfo(new KeyTransRecipientInfo(recipientIdentifier, algorithmIdentifier, new DEROctetString(cipher.doFinal(bArr)))));
            }
            this.recipientInfos = new BERSet(aSN1EncodableVector);
            this.cipher2 = Cipher.getInstance(String.valueOf(this.algo) + "/CBC/PKCS5Padding", "Ksign");
            this.cipher2.init(1, this.secretKey, this.iv);
            if (this.algo.equals(Crypto.ALGORITHM_DES)) {
                this.contentEncryptionAlgorithm = new AlgorithmIdentifier(OIWObjectIdentifiers.desCBC, new DEROctetString(bArr2));
                return;
            }
            if (this.algo.equals("SEED")) {
                this.contentEncryptionAlgorithm = new AlgorithmIdentifier(KISAObjectIdentifiers.seedCBC, new DEROctetString(bArr2));
                return;
            }
            if (this.algo.equals("DESEDE")) {
                this.contentEncryptionAlgorithm = new AlgorithmIdentifier(PKCSObjectIdentifiers.des_EDE3_CBC, new DEROctetString(bArr2));
            } else {
                if (!this.algo.equals(Crypto.ALGORITHM_ARIA)) {
                    JCEUtil.setErrorcode("60004");
                    throw new OIDNotFoundException("(KSign) envelopedData's cipherAlgorithm is not defined, " + this.algo);
                }
                this.contentEncryptionAlgorithm = new AlgorithmIdentifier(KISAObjectIdentifiers.ariaCBC, new DEROctetString(bArr2));
            }
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode("60013");
            }
            throw new PKCS7Exception("(KSign) PKCS7 : envelopedData's generate Error    " + e.toString());
        }
    }

    public void addRecipient(X509Certificate x509Certificate) {
        this.certRecipient.add(x509Certificate);
    }

    public EnvelopedData generate(OutputStream outputStream) {
        try {
            init();
            toBlockCipher(this.inputStream, outputStream);
            return null;
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        } catch (PKCS7Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public Key getKey() {
        return this.secretKey;
    }

    public IvParameterSpec getParameter() {
        return this.iv;
    }

    public void merge(EnvelopedData envelopedData, InputStream inputStream, OutputStream outputStream) {
        try {
            int available = inputStream.available();
            int i = available % 16;
            if (i != 0) {
                available += 16 - i;
            }
            outputStream.write(new ContentInfoSizeFake(ENVELOPED_DATA, new EnvelopedDataSizeFake(null, this.recipientInfos, new EncryptedContentInfoSizeFake(DATA, this.contentEncryptionAlgorithm, new DEROctetStreamString(available)), null, available), available).getDEREncoded());
            byte[] bArr = new byte[2048];
            while (true) {
                int read = inputStream.read(bArr);
                if (read == -1) {
                    outputStream.flush();
                    return;
                }
                outputStream.write(bArr, 0, read);
            }
        } catch (IOException e) {
            e.printStackTrace();
        } catch (IllegalStateException e2) {
            e2.printStackTrace();
        }
    }

    public void setContent(InputStream inputStream) {
        this.inputStream = inputStream;
    }

    public void streamClose(Object obj) {
        if (obj != null) {
            try {
                if (obj instanceof InputStream) {
                    ((InputStream) obj).close();
                } else if (obj instanceof OutputStream) {
                    ((OutputStream) obj).close();
                }
            } catch (Exception e) {
            }
        }
    }

    protected void toBlockCipher(InputStream inputStream, OutputStream outputStream) {
        CipherInputStream cipherInputStream;
        byte[] bArr = new byte[2048];
        try {
            cipherInputStream = new CipherInputStream(inputStream, this.cipher2);
            while (true) {
                try {
                    int read = cipherInputStream.read(bArr);
                    if (read == -1) {
                        outputStream.flush();
                        streamClose(cipherInputStream);
                        return;
                    }
                    outputStream.write(bArr, 0, read);
                } catch (Throwable th) {
                    th = th;
                    streamClose(cipherInputStream);
                    throw th;
                }
            }
        } catch (Throwable th2) {
            th = th2;
            cipherInputStream = null;
        }
    }
}
