package net.netca.pki.encoding.json.jose.impl.netcajni;

import net.netca.pki.Device;
import net.netca.pki.Freeable;
import net.netca.pki.PkiException;
import net.netca.pki.RSAOAEPParam;
import net.netca.pki.Util;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;
import net.netca.pki.encoding.asn1.pki.PublicKey;
import net.netca.pki.encoding.asn1.pki.PublicKeyEncrypter;
import net.netca.pki.encoding.asn1.pki.SubjectPublicKeyInfo;
import net.netca.pki.encoding.json.jose.IJWEPublicKeyEncrypter;
import net.netca.pki.encoding.json.jose.JWE;

/* loaded from: classes3.dex */
public class NetcaJWEPublicKeyEncrypter implements PublicKeyEncrypter, Freeable, IJWEPublicKeyEncrypter {
    private Device device;

    public NetcaJWEPublicKeyEncrypter() throws PkiException {
        Device pseudoDevice = Device.getPseudoDevice();
        this.device = pseudoDevice;
        if (pseudoDevice == null) {
            throw new PkiException("get software device fail");
        }
    }

    public static int getNetcaPublicKeyAlgorithm(String str) {
        if (str.equals(AlgorithmIdentifier.RSAEncrypt_OID)) {
            return 16;
        }
        return str.equals(AlgorithmIdentifier.SM2ENC_OID) ? 64 : -1;
    }

    @Override // net.netca.pki.encoding.asn1.pki.PublicKeyEncrypter
    public byte[] encrypt(PublicKey publicKey, AlgorithmIdentifier algorithmIdentifier, byte[] bArr, int i2, int i3) throws PkiException {
        String oid = algorithmIdentifier.getOid();
        int netcaPublicKeyAlgorithm = getNetcaPublicKeyAlgorithm(oid);
        if (netcaPublicKeyAlgorithm < 0) {
            throw new PkiException("unknown public key encrypt algorithm " + oid);
        }
        Freeable freeable = null;
        try {
            net.netca.pki.PublicKey importSubjectPublicKeyInfo = this.device.importSubjectPublicKeyInfo(publicKey.toSubjectPublicKeyInfo().getASN1Object().encode());
            if (importSubjectPublicKeyInfo == null) {
                throw new PkiException("importSubjectPublicKeyInfo fail");
            }
            byte[] encrypt = importSubjectPublicKeyInfo.encrypt(netcaPublicKeyAlgorithm, bArr, i2, i3);
            if (netcaPublicKeyAlgorithm != 64) {
                if (importSubjectPublicKeyInfo != null) {
                    importSubjectPublicKeyInfo.free();
                }
                return encrypt;
            }
            byte[] encodeSM2Cipher = Util.encodeSM2Cipher(encrypt);
            if (importSubjectPublicKeyInfo != null) {
                importSubjectPublicKeyInfo.free();
            }
            return encodeSM2Cipher;
        } catch (Throwable th) {
            if (0 != 0) {
                freeable.free();
            }
            throw th;
        }
    }

    @Override // net.netca.pki.encoding.json.jose.IJWEPublicKeyEncrypter
    public byte[] encrypt(SubjectPublicKeyInfo subjectPublicKeyInfo, String str, byte[] bArr, int i2, int i3) throws PkiException {
        String str2;
        if (str.equals(JWE.ENCRYPT_CEK_ALGO_RSA_OAEP)) {
            return oaepParamEncrypt(subjectPublicKeyInfo.getPublicKey(), new RSAOAEPParam(8192, 1, new byte[0]), bArr, i2, i3);
        }
        if (str.equals(JWE.ENCRYPT_CEK_ALGO_RSA_OAEP_256)) {
            return oaepParamEncrypt(subjectPublicKeyInfo.getPublicKey(), new RSAOAEPParam(8192, 3, new byte[0]), bArr, i2, i3);
        }
        if (str.equals(JWE.ENCRYPT_CEK_ALGO_RSA1_5)) {
            str2 = AlgorithmIdentifier.RSAEncrypt_OID;
        } else {
            if (!str.equals(JWE.ENCRYPT_CEK_ALGO_SM2_ENCRYPT)) {
                throw new PkiException("no support PublicKeyEncrypt algo" + str);
            }
            str2 = AlgorithmIdentifier.SM2ENC_OID;
        }
        return encrypt(subjectPublicKeyInfo.getPublicKey(), AlgorithmIdentifier.CreateAlgorithmIdentifier(str2), bArr, i2, i3);
    }

    @Override // net.netca.pki.Freeable
    public void free() {
        this.device.free();
    }

    public byte[] oaepParamEncrypt(PublicKey publicKey, RSAOAEPParam rSAOAEPParam, byte[] bArr, int i2, int i3) throws PkiException {
        Freeable freeable = null;
        try {
            net.netca.pki.PublicKey importSubjectPublicKeyInfo = this.device.importSubjectPublicKeyInfo(publicKey.toSubjectPublicKeyInfo().getASN1Object().encode());
            if (importSubjectPublicKeyInfo == null) {
                throw new PkiException("importSubjectPublicKeyInfo fail");
            }
            byte[] rsaOaepEncrypt = importSubjectPublicKeyInfo.rsaOaepEncrypt(rSAOAEPParam, bArr, i2, i3);
            if (importSubjectPublicKeyInfo != null) {
                importSubjectPublicKeyInfo.free();
            }
            return rsaOaepEncrypt;
        } catch (Throwable th) {
            if (0 != 0) {
                freeable.free();
            }
            throw th;
        }
    }
}
