package net.netca.pki.encoding.asn1.pki;

import net.netca.pki.Device;
import net.netca.pki.Freeable;
import net.netca.pki.PkiException;
import net.netca.pki.RSAOAEPParam;
import net.netca.pki.Util;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.Sequence;

/* loaded from: classes3.dex */
public final class NetcaPublicKeyEncrypter implements PublicKeyEncrypter, Freeable {
    private Device device;

    public NetcaPublicKeyEncrypter() throws PkiException {
        Device pseudoDevice = Device.getPseudoDevice();
        this.device = pseudoDevice;
        if (pseudoDevice == null) {
            throw new PkiException("get software device fail");
        }
    }

    public NetcaPublicKeyEncrypter(Device device) throws PkiException {
        Device dup = device.dup();
        this.device = dup;
        if (dup == null) {
            throw new PkiException("device dup fail");
        }
    }

    public static int getNetcaPublicKeyAlgorithm(String str) {
        if (str.equals(AlgorithmIdentifier.RSAEncrypt_OID)) {
            return 16;
        }
        if (str.equals(AlgorithmIdentifier.RSAES_OAEP_OID)) {
            return 32;
        }
        return str.equals(AlgorithmIdentifier.SM2ENC_OID) ? 64 : -1;
    }

    public static RSAOAEPParam toRSAOAEPParam(AlgorithmIdentifier algorithmIdentifier) throws PkiException {
        if (!algorithmIdentifier.hasParam()) {
            throw new PkiException("oaep no param");
        }
        ASN1Object param = algorithmIdentifier.getParam();
        if (!(param instanceof Sequence)) {
            throw new PkiException("bad oaep param encode,not sequence");
        }
        RSAESOAEPParams rSAESOAEPParams = new RSAESOAEPParams((Sequence) param);
        int netcaHashAlgorithm = NetcaHasher.getNetcaHashAlgorithm(rSAESOAEPParams.getHashAlgorithm().getOid());
        if (netcaHashAlgorithm < 0) {
            throw new PkiException("unknown hash algo");
        }
        int mGF1AlgoFromHashAlgo = NetcaVerifier.getMGF1AlgoFromHashAlgo(rSAESOAEPParams.getMgf1HashAlgorithm().getOid());
        if (mGF1AlgoFromHashAlgo >= 0) {
            return new RSAOAEPParam(netcaHashAlgorithm, mGF1AlgoFromHashAlgo, rSAESOAEPParams.getLabel());
        }
        throw new PkiException("unknown mgf1 algo");
    }

    @Override // net.netca.pki.encoding.asn1.pki.PublicKeyEncrypter
    public byte[] encrypt(PublicKey publicKey, AlgorithmIdentifier algorithmIdentifier, byte[] bArr, int i2, int i3) throws PkiException {
        String oid = algorithmIdentifier.getOid();
        int netcaPublicKeyAlgorithm = getNetcaPublicKeyAlgorithm(oid);
        if (netcaPublicKeyAlgorithm < 0) {
            throw new PkiException("unknown public key encrypt algorithm " + oid);
        }
        Freeable freeable = null;
        try {
            net.netca.pki.PublicKey importSubjectPublicKeyInfo = this.device.importSubjectPublicKeyInfo(publicKey.toSubjectPublicKeyInfo().getASN1Object().encode());
            if (importSubjectPublicKeyInfo == null) {
                throw new PkiException("importSubjectPublicKeyInfo fail");
            }
            if (netcaPublicKeyAlgorithm == 32) {
                byte[] rsaOaepEncrypt = importSubjectPublicKeyInfo.rsaOaepEncrypt(toRSAOAEPParam(algorithmIdentifier), bArr, i2, i3);
                if (importSubjectPublicKeyInfo != null) {
                    importSubjectPublicKeyInfo.free();
                }
                return rsaOaepEncrypt;
            }
            byte[] encrypt = importSubjectPublicKeyInfo.encrypt(netcaPublicKeyAlgorithm, bArr, i2, i3);
            if (netcaPublicKeyAlgorithm != 64) {
                if (importSubjectPublicKeyInfo != null) {
                    importSubjectPublicKeyInfo.free();
                }
                return encrypt;
            }
            byte[] encodeSM2Cipher = Util.encodeSM2Cipher(encrypt);
            if (importSubjectPublicKeyInfo != null) {
                importSubjectPublicKeyInfo.free();
            }
            return encodeSM2Cipher;
        } catch (Throwable th) {
            if (0 != 0) {
                freeable.free();
            }
            throw th;
        }
    }

    @Override // net.netca.pki.Freeable
    public void free() {
        this.device.free();
    }
}
