package net.netca.pki.encoding.asn1.pki;

import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import net.netca.pki.PkiException;
import net.netca.pki.algorithm.ecc.Curve;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.BitString;
import net.netca.pki.encoding.asn1.Sequence;

/* loaded from: classes3.dex */
public final class JCEPublicKeyEncrypter implements PublicKeyEncrypter {
    private String cipherProvider;
    private String keyFactoryProvider;

    public JCEPublicKeyEncrypter() {
        this.keyFactoryProvider = null;
        this.cipherProvider = null;
    }

    public JCEPublicKeyEncrypter(String str, String str2) {
        this.keyFactoryProvider = null;
        this.cipherProvider = null;
        this.cipherProvider = str;
        this.keyFactoryProvider = str2;
    }

    public static String getJCEPublicKeyAlgorithm(String str) {
        if (str.equals(AlgorithmIdentifier.RSAEncrypt_OID)) {
            return "RSA/ECB/PKCS1Padding";
        }
        if (str.equals(AlgorithmIdentifier.SM2ENC_OID)) {
            return "SM2/ECB/NoPadding";
        }
        if (str.equals(AlgorithmIdentifier.RSAES_OAEP_OID)) {
            return "RSA/ECB/OAEPPadding";
        }
        return null;
    }

    private byte[] sm2Encrypt(PublicKey publicKey, byte[] bArr, int i2, int i3) throws PkiException {
        BitString subjectPublicKey = publicKey.toSubjectPublicKeyInfo().getSubjectPublicKey();
        if (subjectPublicKey.getUnusedBits() != 0) {
            throw new PkiException("bad sm2 public key");
        }
        net.netca.pki.algorithm.ecc.ECCPublicKey Parse = net.netca.pki.algorithm.ecc.ECCPublicKey.Parse(Curve.getSM2Curve(), subjectPublicKey.getValue());
        if (Parse == null) {
            throw new PkiException("bad sm2 public key");
        }
        byte[] bArr2 = new byte[i3];
        System.arraycopy(bArr, i2, bArr2, 0, i3);
        net.netca.pki.algorithm.ecc.SM2Cipher SM2Encrypt = Parse.SM2Encrypt(bArr2, JCESecureRandomGenerator.getInstance());
        Arrays.fill(bArr2, (byte) 0);
        if (SM2Encrypt != null) {
            return SM2Encrypt.encode();
        }
        throw new PkiException("sm2 encrypt fail");
    }

    public static OAEPParameterSpec toOAEPParameterSpec(ASN1Object aSN1Object) throws PkiException {
        if (aSN1Object == null) {
            throw new PkiException("no pss param");
        }
        if (aSN1Object instanceof Sequence) {
            return toOAEPParameterSpec(new RSAESOAEPParams((Sequence) aSN1Object));
        }
        throw new PkiException("bad pss param,not sequence");
    }

    private static OAEPParameterSpec toOAEPParameterSpec(RSAESOAEPParams rSAESOAEPParams) throws PkiException {
        String oid = rSAESOAEPParams.getHashAlgorithm().getOid();
        String defaultHashAlgorithmName = JCEHasher.getDefaultHashAlgorithmName(oid);
        if (oid.equals(defaultHashAlgorithmName)) {
            throw new PkiException("bad oaep param,unknown hash algo");
        }
        String oid2 = rSAESOAEPParams.getMgf1HashAlgorithm().getOid();
        String defaultHashAlgorithmName2 = JCEHasher.getDefaultHashAlgorithmName(oid2);
        if (oid2.equals(defaultHashAlgorithmName2)) {
            throw new PkiException("bad mgf1 param,unknown hash algo");
        }
        return new OAEPParameterSpec(defaultHashAlgorithmName, "MGF1", new MGF1ParameterSpec(defaultHashAlgorithmName2), new PSource.PSpecified(rSAESOAEPParams.getLabel()));
    }

    @Override // net.netca.pki.encoding.asn1.pki.PublicKeyEncrypter
    public byte[] encrypt(PublicKey publicKey, AlgorithmIdentifier algorithmIdentifier, byte[] bArr, int i2, int i3) throws PkiException {
        String oid = algorithmIdentifier.getOid();
        String jCEPublicKeyAlgorithm = getJCEPublicKeyAlgorithm(oid);
        if (jCEPublicKeyAlgorithm == null) {
            throw new PkiException("unknown public key encrypt algorithm " + oid);
        }
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(publicKey.toSubjectPublicKeyInfo().getASN1Object().encode());
        String keyType = JCEVerifier.getKeyType(publicKey);
        if (keyType == null) {
            throw new PkiException("unknown publick key");
        }
        try {
            String str = this.keyFactoryProvider;
            java.security.PublicKey generatePublic = (str != null ? KeyFactory.getInstance(keyType, str) : KeyFactory.getInstance(keyType)).generatePublic(x509EncodedKeySpec);
            OAEPParameterSpec oAEPParameterSpec = "RSA/ECB/OAEPPadding".equals(jCEPublicKeyAlgorithm) ? toOAEPParameterSpec(algorithmIdentifier.getParam()) : null;
            String str2 = this.cipherProvider;
            Cipher cipher = str2 != null ? Cipher.getInstance(jCEPublicKeyAlgorithm, str2) : Cipher.getInstance(jCEPublicKeyAlgorithm);
            if (oAEPParameterSpec != null) {
                cipher.init(1, generatePublic, oAEPParameterSpec);
            } else {
                cipher.init(1, generatePublic);
            }
            return cipher.doFinal(bArr, i2, i3);
        } catch (InvalidAlgorithmParameterException e2) {
            throw new PkiException("InvalidAlgorithmParameterException: " + e2.getMessage(), e2);
        } catch (InvalidKeyException e3) {
            if ("SM2/ECB/NoPadding".equals(jCEPublicKeyAlgorithm)) {
                return sm2Encrypt(publicKey, bArr, i2, i3);
            }
            throw new PkiException("InvalidKeyException: " + e3.getMessage(), e3);
        } catch (NoSuchAlgorithmException e4) {
            if ("SM2/ECB/NoPadding".equals(jCEPublicKeyAlgorithm)) {
                return sm2Encrypt(publicKey, bArr, i2, i3);
            }
            throw new PkiException("NoSuchAlgorithmException: " + e4.getMessage());
        } catch (NoSuchProviderException e5) {
            throw new PkiException("NoSuchProviderException: " + e5.getMessage(), e5);
        } catch (InvalidKeySpecException e6) {
            if ("SM2/ECB/NoPadding".equals(jCEPublicKeyAlgorithm)) {
                return sm2Encrypt(publicKey, bArr, i2, i3);
            }
            throw new PkiException("InvalidKeySpecException: " + e6.getMessage(), e6);
        } catch (BadPaddingException e7) {
            throw new PkiException("BadPaddingException: " + e7.getMessage(), e7);
        } catch (IllegalBlockSizeException e8) {
            throw new PkiException("IllegalBlockSizeException: " + e8.getMessage(), e8);
        } catch (NoSuchPaddingException e9) {
            throw new PkiException("NoSuchPaddingException: " + e9.getMessage(), e9);
        }
    }
}
