package cmsutil.asn1.kari;

import androidx.exifinterface.media.ExifInterface;
import cmsutil.asn1.ASNDecodeException;
import cmsutil.asn1.CMSCryptographyException;
import cmsutil.asn1.base.ASNContextSpecificConstructed;
import cmsutil.asn1.base.ASNInteger;
import cmsutil.asn1.base.ASNSequence;
import cmsutil.tools.OID;
import cmsutil.tools.ProviderUtil;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import ru.CryptoPro.JCP.ASN.PKIXCMP.PKIBody;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCP.Key.InternalGostPublicKey;

/* loaded from: classes.dex */
public class KARI extends ASNContextSpecificConstructed {
    private static final OID wrapParamOID = OID.OID_Crypt_VerbaO;
    private static final OID wrapParamOID_2012 = OID.OID_Gost28147_89_Rosstandart_TC26_Z_ParamSet;
    private KeyEncryptionAlgorithmIdentifier keyEncryptionAlgorithmIdentifier;
    private Originator originator;
    private RecipientEncryptedKeys recipientEncryptedKeys;
    private UKM ukm;
    private ASNInteger version;

    public KARI(ASNContextSpecificConstructed aSNContextSpecificConstructed, PrivateKey privateKey, String str) throws ASNDecodeException, CMSCryptographyException {
        this.subs = aSNContextSpecificConstructed.getSubStructures();
        this.encodedValue = aSNContextSpecificConstructed.getEncoded();
        this.type = (byte) (this.encodedValue[0] & PKIBody._CCP);
        this.realInternalLength = aSNContextSpecificConstructed.getRealInternalLength();
        this.realEncodedLength = aSNContextSpecificConstructed.getRealEncodedLength();
        this.virtualEncodedLength = aSNContextSpecificConstructed.getVirtualEncodedLength();
        this.virtualInternalLength = aSNContextSpecificConstructed.getVirtualInternalLength();
        if (!checkConsist()) {
            throw new ASNDecodeException("Structure KARI is corrupted!");
        }
        this.version = (ASNInteger) this.subs.get(0);
        this.originator = new Originator((ASNContextSpecificConstructed) this.subs.get(1), str);
        this.ukm = new UKM((ASNContextSpecificConstructed) this.subs.get(2));
        this.keyEncryptionAlgorithmIdentifier = new KeyEncryptionAlgorithmIdentifier((ASNSequence) this.subs.get(3));
        try {
            String findEncryptionProvider = ProviderUtil.findEncryptionProvider(str);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(this.ukm.getUKM());
            KeyAgreement keyAgreement = KeyAgreement.getInstance(privateKey.getAlgorithm(), findEncryptionProvider);
            keyAgreement.init(privateKey, ivParameterSpec);
            keyAgreement.doPhase(this.originator.getPublicKey(), true);
            this.recipientEncryptedKeys = new RecipientEncryptedKeys((ASNSequence) this.subs.get(4), keyAgreement.generateSecret("GOST28147"), this.keyEncryptionAlgorithmIdentifier.getKeyWrapAlgorithm(), str);
        } catch (InvalidAlgorithmParameterException e) {
            throw new CMSCryptographyException(e.getMessage());
        } catch (InvalidKeyException e2) {
            throw new CMSCryptographyException(e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            throw new CMSCryptographyException(e3.getMessage());
        } catch (NoSuchProviderException e4) {
            throw new CMSCryptographyException(e4.getMessage());
        }
    }

    public KARI(SecretKey secretKey, OID oid, X509Certificate x509Certificate, String str) throws ASNDecodeException, CMSCryptographyException {
        String str2;
        OID oid2;
        OID oid3;
        byte[] bArr = new byte[8];
        try {
            SecureRandom.getInstance("CPRandom", str).nextBytes(bArr);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
            String algorithm = x509Certificate.getPublicKey().getAlgorithm();
            if (!algorithm.equalsIgnoreCase("GOST3410_2012_256") && !algorithm.equalsIgnoreCase("GOST3410DH_2012_256")) {
                if (!algorithm.equalsIgnoreCase("GOST3410_2012_512") && !algorithm.equalsIgnoreCase("GOST3410DH_2012_512")) {
                    str2 = "GOST3410DHELEPH";
                    oid2 = OID.gostR3410ESDHOID;
                    oid3 = wrapParamOID;
                    String findEncryptionProvider = ProviderUtil.findEncryptionProvider(str);
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str2, findEncryptionProvider);
                    keyPairGenerator.initialize(((InternalGostPublicKey) x509Certificate.getPublicKey()).getSpec().getParams());
                    KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                    KeyAgreement keyAgreement = KeyAgreement.getInstance(algorithm, findEncryptionProvider);
                    keyAgreement.init(generateKeyPair.getPrivate(), ivParameterSpec);
                    keyAgreement.doPhase(x509Certificate.getPublicKey(), true);
                    SecretKey generateSecret = keyAgreement.generateSecret("GOST28147");
                    this.type = 1;
                    this.version = new ASNInteger(new BigInteger(ExifInterface.GPS_MEASUREMENT_3D));
                    this.originator = new Originator(generateKeyPair.getPublic());
                    this.ukm = new UKM(bArr);
                    this.keyEncryptionAlgorithmIdentifier = new KeyEncryptionAlgorithmIdentifier(oid2, oid, oid3);
                    this.recipientEncryptedKeys = new RecipientEncryptedKeys(new RecipientEncryptedKey[]{new RecipientEncryptedKey(new RecipientCertInfo(x509Certificate.getIssuerX500Principal(), x509Certificate.getSerialNumber()), new Gost28147EncryptedKey(secretKey, generateSecret, this.keyEncryptionAlgorithmIdentifier.getKeyWrapAlgorithm(), str))});
                    this.subs = new ArrayList<>(5);
                    this.subs.add(this.version);
                    this.subs.add(this.originator);
                    this.subs.add(this.ukm);
                    this.subs.add(this.keyEncryptionAlgorithmIdentifier);
                    this.subs.add(this.recipientEncryptedKeys);
                    encode();
                }
                str2 = JCP.GOST_EPH_DH_2012_512_NAME;
                oid2 = OID.gostR3410ESDHOID_2012;
                oid3 = wrapParamOID_2012;
                String findEncryptionProvider2 = ProviderUtil.findEncryptionProvider(str);
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(str2, findEncryptionProvider2);
                keyPairGenerator2.initialize(((InternalGostPublicKey) x509Certificate.getPublicKey()).getSpec().getParams());
                KeyPair generateKeyPair2 = keyPairGenerator2.generateKeyPair();
                KeyAgreement keyAgreement2 = KeyAgreement.getInstance(algorithm, findEncryptionProvider2);
                keyAgreement2.init(generateKeyPair2.getPrivate(), ivParameterSpec);
                keyAgreement2.doPhase(x509Certificate.getPublicKey(), true);
                SecretKey generateSecret2 = keyAgreement2.generateSecret("GOST28147");
                this.type = 1;
                this.version = new ASNInteger(new BigInteger(ExifInterface.GPS_MEASUREMENT_3D));
                this.originator = new Originator(generateKeyPair2.getPublic());
                this.ukm = new UKM(bArr);
                this.keyEncryptionAlgorithmIdentifier = new KeyEncryptionAlgorithmIdentifier(oid2, oid, oid3);
                this.recipientEncryptedKeys = new RecipientEncryptedKeys(new RecipientEncryptedKey[]{new RecipientEncryptedKey(new RecipientCertInfo(x509Certificate.getIssuerX500Principal(), x509Certificate.getSerialNumber()), new Gost28147EncryptedKey(secretKey, generateSecret2, this.keyEncryptionAlgorithmIdentifier.getKeyWrapAlgorithm(), str))});
                this.subs = new ArrayList<>(5);
                this.subs.add(this.version);
                this.subs.add(this.originator);
                this.subs.add(this.ukm);
                this.subs.add(this.keyEncryptionAlgorithmIdentifier);
                this.subs.add(this.recipientEncryptedKeys);
                encode();
            }
            str2 = JCP.GOST_EPH_DH_2012_256_NAME;
            oid2 = OID.gostR3410ESDHOID_2012;
            oid3 = wrapParamOID_2012;
            String findEncryptionProvider22 = ProviderUtil.findEncryptionProvider(str);
            KeyPairGenerator keyPairGenerator22 = KeyPairGenerator.getInstance(str2, findEncryptionProvider22);
            keyPairGenerator22.initialize(((InternalGostPublicKey) x509Certificate.getPublicKey()).getSpec().getParams());
            KeyPair generateKeyPair22 = keyPairGenerator22.generateKeyPair();
            KeyAgreement keyAgreement22 = KeyAgreement.getInstance(algorithm, findEncryptionProvider22);
            keyAgreement22.init(generateKeyPair22.getPrivate(), ivParameterSpec);
            keyAgreement22.doPhase(x509Certificate.getPublicKey(), true);
            SecretKey generateSecret22 = keyAgreement22.generateSecret("GOST28147");
            this.type = 1;
            this.version = new ASNInteger(new BigInteger(ExifInterface.GPS_MEASUREMENT_3D));
            this.originator = new Originator(generateKeyPair22.getPublic());
            this.ukm = new UKM(bArr);
            this.keyEncryptionAlgorithmIdentifier = new KeyEncryptionAlgorithmIdentifier(oid2, oid, oid3);
            this.recipientEncryptedKeys = new RecipientEncryptedKeys(new RecipientEncryptedKey[]{new RecipientEncryptedKey(new RecipientCertInfo(x509Certificate.getIssuerX500Principal(), x509Certificate.getSerialNumber()), new Gost28147EncryptedKey(secretKey, generateSecret22, this.keyEncryptionAlgorithmIdentifier.getKeyWrapAlgorithm(), str))});
            this.subs = new ArrayList<>(5);
            this.subs.add(this.version);
            this.subs.add(this.originator);
            this.subs.add(this.ukm);
            this.subs.add(this.keyEncryptionAlgorithmIdentifier);
            this.subs.add(this.recipientEncryptedKeys);
            encode();
        } catch (InvalidAlgorithmParameterException e) {
            throw new CMSCryptographyException(e.getMessage());
        } catch (InvalidKeyException e2) {
            throw new CMSCryptographyException(e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            throw new CMSCryptographyException(e3.getMessage());
        } catch (NoSuchProviderException e4) {
            throw new CMSCryptographyException(e4.getMessage());
        }
    }

    @Override // cmsutil.asn1.base.ASNContextSpecificConstructed, cmsutil.asn1.base.ASNConstructed
    protected boolean checkConsist() {
        return this.type == 1 && this.subs != null && this.subs.size() == 5 && (this.subs.get(0) instanceof ASNInteger) && (this.subs.get(1) instanceof ASNContextSpecificConstructed) && (this.subs.get(2) instanceof ASNContextSpecificConstructed) && (this.subs.get(3) instanceof ASNSequence) && (this.subs.get(4) instanceof ASNSequence) && ((ASNInteger) this.subs.get(0)).getValue().equals(BigInteger.valueOf(3L));
    }

    public SecretKey getCEK() {
        return this.recipientEncryptedKeys.getRecipientEncryptedKeys()[0].getEncryptedKey().getCEK();
    }

    public RecipientCertInfo getRecipientCertInfo() {
        return this.recipientEncryptedKeys.getRecipientEncryptedKeys()[0].getCertInfo();
    }
}
