package org.bouncycastle.openpgp.operator.jcajce;

import com.sun.jna.platform.linux.Fcntl;
import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.cryptlib.CryptlibObjectIdentifiers;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962Parameters;
import org.bouncycastle.bcpg.ECDHPublicBCPGKey;
import org.bouncycastle.bcpg.PublicKeyPacket;
import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
import org.bouncycastle.jcajce.spec.XDHParameterSpec;
import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.openpgp.operator.PGPPad;
import org.bouncycastle.openpgp.operator.PublicKeyKeyEncryptionMethodGenerator;
import org.bouncycastle.openpgp.operator.RFC6637Utils;
import org.bouncycastle.util.Arrays;

/* loaded from: input_file:org/bouncycastle/openpgp/operator/jcajce/JcePublicKeyKeyEncryptionMethodGenerator.class */
public class JcePublicKeyKeyEncryptionMethodGenerator extends PublicKeyKeyEncryptionMethodGenerator {
    private static final byte X_HDR = 64;
    private OperatorHelper helper;
    private SecureRandom random;
    private JcaPGPKeyConverter keyConverter;

    /* JADX INFO: Access modifiers changed from: private */
    @FunctionalInterface
    /* loaded from: input_file:org/bouncycastle/openpgp/operator/jcajce/JcePublicKeyKeyEncryptionMethodGenerator$EphPubEncoding.class */
    public interface EphPubEncoding {
        byte[] getEphPubEncoding(byte[] bArr);
    }

    /* JADX INFO: Access modifiers changed from: private */
    @FunctionalInterface
    /* loaded from: input_file:org/bouncycastle/openpgp/operator/jcajce/JcePublicKeyKeyEncryptionMethodGenerator$KeyPairGeneratorOperation.class */
    public interface KeyPairGeneratorOperation {
        void initialize(KeyPairGenerator keyPairGenerator) throws GeneralSecurityException, IOException;
    }

    public JcePublicKeyKeyEncryptionMethodGenerator(PGPPublicKey pGPPublicKey) {
        super(pGPPublicKey);
        this.helper = new OperatorHelper(new DefaultJcaJceHelper());
        this.keyConverter = new JcaPGPKeyConverter();
    }

    public JcePublicKeyKeyEncryptionMethodGenerator setProvider(Provider provider) {
        this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
        this.keyConverter.setProvider(provider);
        return this;
    }

    public JcePublicKeyKeyEncryptionMethodGenerator setProvider(String str) {
        this.helper = new OperatorHelper(new NamedJcaJceHelper(str));
        this.keyConverter.setProvider(str);
        return this;
    }

    public JcePublicKeyKeyEncryptionMethodGenerator setSecureRandom(SecureRandom secureRandom) {
        this.random = secureRandom;
        return this;
    }

    @Override // org.bouncycastle.openpgp.operator.PublicKeyKeyEncryptionMethodGenerator
    protected byte[] encryptSessionInfo(PGPPublicKey pGPPublicKey, byte[] bArr) throws PGPException {
        try {
            PublicKey publicKey = this.keyConverter.getPublicKey(pGPPublicKey);
            if (pGPPublicKey.getAlgorithm() == 18) {
                final ECDHPublicBCPGKey eCDHPublicBCPGKey = (ECDHPublicBCPGKey) pGPPublicKey.getPublicKeyPacket().getKey();
                String id = RFC6637Utils.getKeyEncryptionOID(eCDHPublicBCPGKey.getSymmetricKeyAlgorithm()).getId();
                PublicKeyPacket publicKeyPacket = pGPPublicKey.getPublicKeyPacket();
                return eCDHPublicBCPGKey.getCurveOID().equals((ASN1Primitive) CryptlibObjectIdentifiers.curvey25519) ? getEncryptSessionInfo(publicKeyPacket, XDHParameterSpec.X25519, publicKey, id, eCDHPublicBCPGKey.getSymmetricKeyAlgorithm(), bArr, RFC6637Utils.getXDHAlgorithm(publicKeyPacket), new KeyPairGeneratorOperation() { // from class: org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator.1
                    @Override // org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator.KeyPairGeneratorOperation
                    public void initialize(KeyPairGenerator keyPairGenerator) throws GeneralSecurityException, IOException {
                        keyPairGenerator.initialize(255, JcePublicKeyKeyEncryptionMethodGenerator.this.random);
                    }
                }, new EphPubEncoding() { // from class: org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator.2
                    @Override // org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator.EphPubEncoding
                    public byte[] getEphPubEncoding(byte[] bArr2) {
                        return Arrays.prepend(bArr2, (byte) 64);
                    }
                }) : getEncryptSessionInfo(publicKeyPacket, "EC", publicKey, id, eCDHPublicBCPGKey.getSymmetricKeyAlgorithm(), bArr, RFC6637Utils.getAgreementAlgorithm(publicKeyPacket), new KeyPairGeneratorOperation() { // from class: org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator.3
                    @Override // org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator.KeyPairGeneratorOperation
                    public void initialize(KeyPairGenerator keyPairGenerator) throws GeneralSecurityException, IOException {
                        AlgorithmParameters createAlgorithmParameters = JcePublicKeyKeyEncryptionMethodGenerator.this.helper.createAlgorithmParameters("EC");
                        createAlgorithmParameters.init(new X962Parameters(eCDHPublicBCPGKey.getCurveOID()).getEncoded());
                        keyPairGenerator.initialize(createAlgorithmParameters.getParameterSpec(AlgorithmParameterSpec.class), JcePublicKeyKeyEncryptionMethodGenerator.this.random);
                    }
                }, new EphPubEncoding() { // from class: org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator.4
                    @Override // org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator.EphPubEncoding
                    public byte[] getEphPubEncoding(byte[] bArr2) {
                        if (null == bArr2 || bArr2.length < 1 || bArr2[0] != 4) {
                            bArr2 = JcaJcePGPUtil.getX9Parameters(eCDHPublicBCPGKey.getCurveOID()).getCurve().decodePoint(bArr2).getEncoded(false);
                        }
                        return bArr2;
                    }
                });
            }
            if (pGPPublicKey.getAlgorithm() == 25) {
                return getEncryptSessionInfo(pGPPublicKey, XDHParameterSpec.X25519, publicKey, NISTObjectIdentifiers.id_aes128_wrap.getId(), 7, bArr, "X25519withSHA256HKDF", 255);
            }
            if (pGPPublicKey.getAlgorithm() == 26) {
                return getEncryptSessionInfo(pGPPublicKey, XDHParameterSpec.X448, publicKey, NISTObjectIdentifiers.id_aes256_wrap.getId(), 9, bArr, "X448withSHA512HKDF", Fcntl.S_IRWXU);
            }
            Cipher createPublicKeyCipher = this.helper.createPublicKeyCipher(pGPPublicKey.getAlgorithm());
            createPublicKeyCipher.init(1, publicKey, this.random);
            return createPublicKeyCipher.doFinal(bArr);
        } catch (IOException e) {
            throw new PGPException("unable to encode MPI: " + e.getMessage(), e);
        } catch (InvalidKeyException e2) {
            throw new PGPException("key invalid: " + e2.getMessage(), e2);
        } catch (BadPaddingException e3) {
            throw new PGPException("bad padding: " + e3.getMessage(), e3);
        } catch (IllegalBlockSizeException e4) {
            throw new PGPException("illegal block size: " + e4.getMessage(), e4);
        } catch (GeneralSecurityException e5) {
            throw new PGPException("unable to set up ephemeral keys: " + e5.getMessage(), e5);
        }
    }

    private byte[] getEncryptSessionInfo(PublicKeyPacket publicKeyPacket, String str, PublicKey publicKey, String str2, int i, byte[] bArr, String str3, KeyPairGeneratorOperation keyPairGeneratorOperation, EphPubEncoding ephPubEncoding) throws GeneralSecurityException, IOException, PGPException {
        KeyPairGenerator createKeyPairGenerator = this.helper.createKeyPairGenerator(str);
        keyPairGeneratorOperation.initialize(createKeyPairGenerator);
        KeyPair generateKeyPair = createKeyPairGenerator.generateKeyPair();
        return getSessionInfo(ephPubEncoding.getEphPubEncoding(SubjectPublicKeyInfo.getInstance(generateKeyPair.getPublic().getEncoded()).getPublicKeyData().getBytes()), getWrapper(i, bArr, JcaJcePGPUtil.getSecret(this.helper, publicKey, str2, str3, new UserKeyingMaterialSpec(RFC6637Utils.createUserKeyingMaterial(publicKeyPacket, new JcaKeyFingerprintCalculator())), generateKeyPair.getPrivate()), PGPPad.padSessionData(bArr, this.sessionKeyObfuscation)));
    }

    private byte[] getEncryptSessionInfo(PGPPublicKey pGPPublicKey, String str, PublicKey publicKey, String str2, int i, byte[] bArr, String str3, int i2) throws GeneralSecurityException, IOException, PGPException {
        KeyPairGenerator createKeyPairGenerator = this.helper.createKeyPairGenerator(str);
        createKeyPairGenerator.initialize(i2, this.random);
        KeyPair generateKeyPair = createKeyPairGenerator.generateKeyPair();
        byte[] bytes = SubjectPublicKeyInfo.getInstance(generateKeyPair.getPublic().getEncoded()).getPublicKeyData().getBytes();
        Key secret = JcaJcePGPUtil.getSecret(this.helper, publicKey, str2, str3, JcaJcePGPUtil.getHybridValueParameterSpecWithPrepend(bytes, pGPPublicKey.getPublicKeyPacket(), str), generateKeyPair.getPrivate());
        byte[] bArr2 = new byte[bArr.length - 3];
        System.arraycopy(bArr, 1, bArr2, 0, bArr2.length);
        return getSessionInfo(bytes, bArr[0], getWrapper(i, bArr, secret, bArr2));
    }

    private byte[] getWrapper(int i, byte[] bArr, Key key, byte[] bArr2) throws PGPException, InvalidKeyException, IllegalBlockSizeException {
        Cipher createKeyWrapper = this.helper.createKeyWrapper(i);
        createKeyWrapper.init(3, key, this.random);
        return createKeyWrapper.wrap(new SecretKeySpec(bArr2, PGPUtil.getSymmetricCipherName(bArr[0])));
    }
}
