package sun.security.mscapi;

import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyException;
import java.security.KeyFactory;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.CipherSpi;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.SecretKeySpec;
import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;
import sun.security.mscapi.CSignature;
import sun.security.rsa.RSAKeyFactory;
import sun.security.util.KeyUtil;

/* loaded from: input_file:jre/lib/ext/sunmscapi.jar:sun/security/mscapi/CRSACipher.class */
public final class CRSACipher extends CipherSpi {
    private static final byte[] B0 = new byte[0];
    private static final int MODE_ENCRYPT = 1;
    private static final int MODE_DECRYPT = 2;
    private static final int MODE_SIGN = 3;
    private static final int MODE_VERIFY = 4;
    private static final String PAD_PKCS1 = "PKCS1Padding";
    private static final int PAD_PKCS1_LENGTH = 11;
    private int mode;
    private byte[] buffer;
    private int bufOfs;
    private int outputSize;
    private CKey publicKey;
    private CKey privateKey;
    private SecureRandom random;
    private int paddingLength = 0;
    private AlgorithmParameterSpec spec = null;
    private String paddingType = PAD_PKCS1;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineSetMode(String str) throws NoSuchAlgorithmException {
        if (!str.equalsIgnoreCase("ECB")) {
            throw new NoSuchAlgorithmException("Unsupported mode " + str);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineSetPadding(String str) throws NoSuchPaddingException {
        if (!str.equalsIgnoreCase(PAD_PKCS1)) {
            throw new NoSuchPaddingException("Padding " + str + " not supported");
        }
        this.paddingType = PAD_PKCS1;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public int engineGetBlockSize() {
        return 0;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public int engineGetOutputSize(int i) {
        return this.outputSize;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public byte[] engineGetIV() {
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public AlgorithmParameters engineGetParameters() {
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineInit(int i, Key key, SecureRandom secureRandom) throws InvalidKeyException {
        init(i, key);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineInit(int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (algorithmParameterSpec != null) {
            if (!(algorithmParameterSpec instanceof TlsRsaPremasterSecretParameterSpec)) {
                throw new InvalidAlgorithmParameterException("Parameters not supported");
            }
            this.spec = algorithmParameterSpec;
            this.random = secureRandom;
        }
        init(i, key);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineInit(int i, Key key, AlgorithmParameters algorithmParameters, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (algorithmParameters != null) {
            throw new InvalidAlgorithmParameterException("Parameters not supported");
        }
        init(i, key);
    }

    private void init(int i, Key key) throws InvalidKeyException {
        boolean z;
        switch (i) {
            case 1:
            case 3:
                this.paddingLength = 11;
                z = true;
                break;
            case 2:
            case 4:
                this.paddingLength = 0;
                z = false;
                break;
            default:
                throw new InvalidKeyException("Unknown mode: " + i);
        }
        if (!(key instanceof CKey)) {
            if (!(key instanceof RSAPublicKey)) {
                throw new InvalidKeyException("Unsupported key type: " + ((Object) key));
            }
            RSAPublicKey rSAPublicKey = (RSAPublicKey) key;
            BigInteger modulus = rSAPublicKey.getModulus();
            BigInteger publicExponent = rSAPublicKey.getPublicExponent();
            RSAKeyFactory.checkKeyLengths((modulus.bitLength() + 7) & (-8), publicExponent, -1, 16384);
            byte[] byteArray = modulus.toByteArray();
            byte[] byteArray2 = publicExponent.toByteArray();
            int length = byteArray[0] == 0 ? (byteArray.length - 1) * 8 : byteArray.length * 8;
            try {
                key = CSignature.importPublicKey("RSA", CSignature.RSA.generatePublicKeyBlob(length, byteArray, byteArray2), length);
            } catch (KeyStoreException e) {
                throw new InvalidKeyException(e);
            }
        }
        if (key instanceof PublicKey) {
            this.mode = z ? 1 : 4;
            this.publicKey = (CKey) key;
            this.privateKey = null;
            this.outputSize = this.publicKey.length() / 8;
        } else {
            if (!(key instanceof PrivateKey)) {
                throw new InvalidKeyException("Unknown key type: " + ((Object) key));
            }
            this.mode = z ? 3 : 2;
            this.privateKey = (CKey) key;
            this.publicKey = null;
            this.outputSize = this.privateKey.length() / 8;
        }
        this.bufOfs = 0;
        this.buffer = new byte[this.outputSize];
    }

    private void update(byte[] bArr, int i, int i2) {
        if (i2 == 0 || bArr == null) {
            return;
        }
        if (this.bufOfs + i2 > this.buffer.length - this.paddingLength) {
            this.bufOfs = this.buffer.length + 1;
        } else {
            System.arraycopy(bArr, i, this.buffer, this.bufOfs, i2);
            this.bufOfs += i2;
        }
    }

    private byte[] doFinal() throws BadPaddingException, IllegalBlockSizeException {
        try {
            if (this.bufOfs > this.buffer.length) {
                throw new IllegalBlockSizeException("Data must not be longer than " + (this.buffer.length - this.paddingLength) + " bytes");
            }
            try {
                byte[] bArr = this.buffer;
                switch (this.mode) {
                    case 1:
                        byte[] encryptDecrypt = encryptDecrypt(bArr, this.bufOfs, this.publicKey.getHCryptKey(), true);
                        this.bufOfs = 0;
                        return encryptDecrypt;
                    case 2:
                        byte[] encryptDecrypt2 = encryptDecrypt(bArr, this.bufOfs, this.privateKey.getHCryptKey(), false);
                        this.bufOfs = 0;
                        return encryptDecrypt2;
                    case 3:
                        byte[] encryptDecrypt3 = encryptDecrypt(bArr, this.bufOfs, this.privateKey.getHCryptKey(), true);
                        this.bufOfs = 0;
                        return encryptDecrypt3;
                    case 4:
                        byte[] encryptDecrypt4 = encryptDecrypt(bArr, this.bufOfs, this.publicKey.getHCryptKey(), false);
                        this.bufOfs = 0;
                        return encryptDecrypt4;
                    default:
                        throw new AssertionError((Object) "Internal error");
                }
            } catch (KeyException e) {
                throw new ProviderException(e);
            }
        } catch (Throwable th) {
            this.bufOfs = 0;
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public byte[] engineUpdate(byte[] bArr, int i, int i2) {
        update(bArr, i, i2);
        return B0;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public int engineUpdate(byte[] bArr, int i, int i2, byte[] bArr2, int i3) {
        update(bArr, i, i2);
        return 0;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public byte[] engineDoFinal(byte[] bArr, int i, int i2) throws BadPaddingException, IllegalBlockSizeException {
        update(bArr, i, i2);
        return doFinal();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public int engineDoFinal(byte[] bArr, int i, int i2, byte[] bArr2, int i3) throws ShortBufferException, BadPaddingException, IllegalBlockSizeException {
        if (this.outputSize > bArr2.length - i3) {
            throw new ShortBufferException("Need " + this.outputSize + " bytes for output");
        }
        update(bArr, i, i2);
        byte[] doFinal = doFinal();
        int length = doFinal.length;
        System.arraycopy(doFinal, 0, bArr2, i3, length);
        return length;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public byte[] engineWrap(Key key) throws InvalidKeyException, IllegalBlockSizeException {
        byte[] encoded = key.getEncoded();
        if (encoded == null || encoded.length == 0) {
            throw new InvalidKeyException("Could not obtain encoded key");
        }
        if (encoded.length > this.buffer.length) {
            throw new InvalidKeyException("Key is too long for wrapping");
        }
        update(encoded, 0, encoded.length);
        try {
            return doFinal();
        } catch (BadPaddingException e) {
            throw new InvalidKeyException("Wrapping failed", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public Key engineUnwrap(byte[] bArr, String str, int i) throws InvalidKeyException, NoSuchAlgorithmException {
        if (bArr.length > this.buffer.length) {
            throw new InvalidKeyException("Key is too long for unwrapping");
        }
        boolean equals = str.equals("TlsRsaPremasterSecret");
        BadPaddingException badPaddingException = null;
        byte[] bArr2 = null;
        update(bArr, 0, bArr.length);
        try {
            bArr2 = doFinal();
        } catch (BadPaddingException e) {
            if (!equals) {
                throw new InvalidKeyException("Unwrapping failed", e);
            }
            badPaddingException = e;
        } catch (IllegalBlockSizeException e2) {
            throw new InvalidKeyException("Unwrapping failed", e2);
        }
        if (equals) {
            if (!(this.spec instanceof TlsRsaPremasterSecretParameterSpec)) {
                throw new IllegalStateException("No TlsRsaPremasterSecretParameterSpec specified");
            }
            bArr2 = KeyUtil.checkTlsPreMasterSecretKey(((TlsRsaPremasterSecretParameterSpec) this.spec).getClientVersion(), ((TlsRsaPremasterSecretParameterSpec) this.spec).getServerVersion(), this.random, bArr2, badPaddingException != null);
        }
        return constructKey(bArr2, str, i);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public int engineGetKeySize(Key key) throws InvalidKeyException {
        if (key instanceof CKey) {
            return ((CKey) key).length();
        }
        if (key instanceof RSAKey) {
            return ((RSAKey) key).getModulus().bitLength();
        }
        throw new InvalidKeyException("Unsupported key type: " + ((Object) key));
    }

    private static PublicKey constructPublicKey(byte[] bArr, String str) throws InvalidKeyException, NoSuchAlgorithmException {
        try {
            return KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException e) {
            throw new NoSuchAlgorithmException("No installed provider supports the " + str + " algorithm", e);
        } catch (InvalidKeySpecException e2) {
            throw new InvalidKeyException("Cannot construct public key", e2);
        }
    }

    private static PrivateKey constructPrivateKey(byte[] bArr, String str) throws InvalidKeyException, NoSuchAlgorithmException {
        try {
            return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException e) {
            throw new NoSuchAlgorithmException("No installed provider supports the " + str + " algorithm", e);
        } catch (InvalidKeySpecException e2) {
            throw new InvalidKeyException("Cannot construct private key", e2);
        }
    }

    private static SecretKey constructSecretKey(byte[] bArr, String str) {
        return new SecretKeySpec(bArr, str);
    }

    private static Key constructKey(byte[] bArr, String str, int i) throws InvalidKeyException, NoSuchAlgorithmException {
        switch (i) {
            case 1:
                return constructPublicKey(bArr, str);
            case 2:
                return constructPrivateKey(bArr, str);
            case 3:
                return constructSecretKey(bArr, str);
            default:
                throw new InvalidKeyException("Unknown key type " + i);
        }
    }

    private static native byte[] encryptDecrypt(byte[] bArr, int i, long j, boolean z) throws KeyException;
}
