package com.dstc.security.cms.crypto;

import com.dstc.security.asn1.Asn1;
import com.dstc.security.cms.CMSException;
import com.dstc.security.cms.KeyAgreeRecipientInfo;
import com.dstc.security.cms.KeyTransRecipientInfo;
import com.dstc.security.cms.OriginatorIdentifierOrKey;
import com.dstc.security.cms.OriginatorPublicKey;
import com.dstc.security.cms.RecipientEncryptedKey;
import com.dstc.security.cms.RecipientInfo;
import java.security.KeyFactory;
import java.security.PrivateKey;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;

/* loaded from: input_file:com/dstc/security/cms/crypto/ContentKeyDecryptor.class */
public class ContentKeyDecryptor {
    public static byte[] decryptKey(RecipientInfo recipientInfo, PrivateKey privateKey) throws CMSException {
        KeyWrap iDEAKeyWrap;
        if (recipientInfo instanceof KeyTransRecipientInfo) {
            KeyTransRecipientInfo keyTransRecipientInfo = (KeyTransRecipientInfo) recipientInfo;
            KeyTrans keyTrans = new KeyTrans(null, keyTransRecipientInfo.getKeyEncryptionAlgorithm());
            keyTrans.setDecryptionKey(privateKey);
            return keyTrans.decrypt(keyTransRecipientInfo.getEncryptedKey());
        }
        KeyAgreeRecipientInfo keyAgreeRecipientInfo = (KeyAgreeRecipientInfo) recipientInfo;
        try {
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ESDH");
            keyAgreement.init(privateKey);
            DHParameterSpec params = ((DHPrivateKey) privateKey).getParams();
            OriginatorIdentifierOrKey originatorIdentifierOrKey = keyAgreeRecipientInfo.getOriginatorIdentifierOrKey();
            if (!(originatorIdentifierOrKey instanceof OriginatorPublicKey)) {
                throw new CMSException("ESDH requires originator public key");
            }
            keyAgreement.doPhase(KeyFactory.getInstance("DH").generatePublic(new DHPublicKeySpec(Asn1.getAsn1(((OriginatorPublicKey) originatorIdentifierOrKey).getPublicKeyBytes()).getBigInteger(), params.getP(), params.getG())), true);
            SecretKey generateSecret = keyAgreement.generateSecret(keyAgreeRecipientInfo.getKeyEncryptionAlgorithm());
            if (generateSecret.getAlgorithm().equals("DESede")) {
                iDEAKeyWrap = new TripleDESKeyWrap(null);
            } else if (generateSecret.getAlgorithm().equals("RC2")) {
                iDEAKeyWrap = new RC2KeyWrap(null);
            } else {
                if (!generateSecret.getAlgorithm().equals("IDEA")) {
                    throw new CMSException(new StringBuffer("key algorithm ").append(generateSecret.getAlgorithm()).append(" unsupported in CMS").toString());
                }
                iDEAKeyWrap = new IDEAKeyWrap(null);
            }
            iDEAKeyWrap.setKeyEncryptingKey(generateSecret.getEncoded());
            return iDEAKeyWrap.decrypt(((RecipientEncryptedKey) keyAgreeRecipientInfo.getRecipientEncryptedKeys().iterator().next()).getEncryptedKey());
        } catch (CMSException e) {
            throw e;
        } catch (Exception e2) {
            throw new CMSException(new StringBuffer("Content key decrypton error: nested exception is ").append(e2.toString()).toString());
        }
    }
}
