package com.dstc.security.cms;

import com.dstc.security.asn1.Asn1;
import com.dstc.security.asn1.Asn1Exception;
import com.dstc.security.asn1.Explicit;
import com.dstc.security.asn1.Integer;
import com.dstc.security.asn1.Oid;
import com.dstc.security.asn1.Sequence;
import com.dstc.security.cms.crypto.IDEAKeyWrap;
import com.dstc.security.cms.crypto.KeyWrap;
import com.dstc.security.cms.crypto.RC2KeyWrap;
import com.dstc.security.cms.crypto.TripleDESKeyWrap;
import com.dstc.security.common.AlgorithmId;
import com.dstc.security.common.OID;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/dstc/security/cms/KeyAgreeRecipientInfoImpl.class */
public final class KeyAgreeRecipientInfoImpl implements KeyAgreeRecipientInfo {
    private Asn1 asn1;
    private int version;
    private OriginatorIdentifierOrKey originator;
    private String keyEncryptionAlg;
    private Vector encryptedKeys;
    private Vector certStore;
    private SecureRandom rand;

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyAgreeRecipientInfoImpl(Asn1 asn1, Vector vector) throws Asn1Exception, CMSException {
        Asn1 asn12;
        this.asn1 = null;
        this.version = 3;
        this.encryptedKeys = null;
        this.certStore = vector;
        this.asn1 = asn1;
        Iterator components = asn1.components();
        this.version = ((Integer) components.next()).getInt();
        if (this.version != 3) {
            throw new CMSException(new StringBuffer("Bad version number for KeyAgreeRecipientInfo: ").append(this.version).toString());
        }
        this.originator = Factory.getOriginatorIdentifierOrKey((Asn1) ((Asn1) components.next()).components().next());
        Asn1 asn13 = (Asn1) components.next();
        Iterator components2 = (asn13.getTagNumber() == 1 ? (Asn1) components.next() : asn13).components();
        String oid = ((Oid) components2.next()).getOid();
        if (!oid.equals("1.2.840.113549.1.9.16.3.5") && !oid.equals("1.2.840.10046.2.1")) {
            throw new CMSException(new StringBuffer("Key agreement algorithm OID: ").append(oid).append(" not supported").toString());
        }
        this.keyEncryptionAlg = OID.getAlgName(new AlgorithmId((Asn1) components2.next()).getOid());
        Iterator components3 = ((Asn1) components.next()).components();
        this.encryptedKeys = new Vector();
        while (components3.hasNext() && (asn12 = (Asn1) components3.next()) != null) {
            this.encryptedKeys.add(new RecipientEncryptedKeyImpl(asn12));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyAgreeRecipientInfoImpl(SecureRandom secureRandom, DHParameterSpec dHParameterSpec, Vector vector, SecretKey secretKey) throws CMSException {
        this.asn1 = null;
        this.version = 3;
        this.encryptedKeys = null;
        try {
            this.rand = secureRandom;
            this.asn1 = new Sequence();
            this.asn1.add(new Integer(this.version));
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
            keyPairGenerator.initialize(dHParameterSpec, secureRandom);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            Asn1 asn1 = new OriginatorPublicKeyImpl(new AlgorithmId("1.2.840.10046.2.1"), new Integer(((DHPublicKey) generateKeyPair.getPublic()).getY()).getEncoded()).getAsn1();
            asn1.setTagClass(128);
            asn1.setTagNumber(1);
            Explicit explicit = new Explicit(128, 0);
            explicit.add(asn1);
            this.asn1.add(explicit);
            Sequence sequence = new Sequence();
            sequence.add(new Oid("1.2.840.113549.1.9.16.3.5"));
            if (secretKey.getAlgorithm().equals("DESede")) {
                sequence.add(new AlgorithmId("1.2.840.113549.1.9.16.3.6").getAsn1());
                this.asn1.add(sequence);
            } else if (secretKey.getAlgorithm().equals("RC2")) {
                sequence.add(new AlgorithmId("1.2.840.113549.1.9.16.3.7").getAsn1());
                this.asn1.add(sequence);
            } else {
                if (!secretKey.getAlgorithm().equals("IDEA")) {
                    throw new CMSException(new StringBuffer("Key algorithm ").append(secretKey.getAlgorithm()).append("not supported in CMS").toString());
                }
                sequence.add(new AlgorithmId("1.3.6.1.4.1.188.7.1.1.6").getAsn1());
                this.asn1.add(sequence);
            }
            Sequence sequence2 = new Sequence();
            Iterator it = vector.iterator();
            while (it.hasNext()) {
                X509Certificate x509Certificate = (X509Certificate) it.next();
                sequence2.add(new RecipientEncryptedKeyImpl(new IssuerAndSerialNumberImpl(x509Certificate), getWrappedKey(generateKeyPair.getPrivate(), x509Certificate.getPublicKey(), secretKey)).getAsn1());
            }
            this.asn1.add(sequence2);
        } catch (Exception e) {
            throw new CMSException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Asn1 getAsn1() {
        return this.asn1;
    }

    public int getCMSVersion() {
        return this.version;
    }

    @Override // com.dstc.security.cms.RecipientInfo
    public String getKeyEncryptionAlgorithm() {
        return this.keyEncryptionAlg;
    }

    @Override // com.dstc.security.cms.KeyAgreeRecipientInfo
    public OriginatorIdentifierOrKey getOriginatorIdentifierOrKey() {
        return this.originator;
    }

    @Override // com.dstc.security.cms.KeyAgreeRecipientInfo
    public Vector getRecipientEncryptedKeys() {
        return this.encryptedKeys;
    }

    private byte[] getWrappedKey(PrivateKey privateKey, PublicKey publicKey, SecretKey secretKey) throws CMSException {
        try {
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ESDH");
            keyAgreement.init(privateKey);
            keyAgreement.doPhase(publicKey, true);
            SecretKey secretKey2 = null;
            KeyWrap keyWrap = null;
            if (secretKey.getAlgorithm().equals("DESede")) {
                secretKey2 = keyAgreement.generateSecret("3DESwrap");
                keyWrap = new TripleDESKeyWrap(this.rand);
            } else if (secretKey.getAlgorithm().equals("RC2")) {
                secretKey2 = keyAgreement.generateSecret("RC2wrap");
                keyWrap = new RC2KeyWrap(this.rand);
            } else if (secretKey.getAlgorithm().equals("IDEA")) {
                secretKey2 = keyAgreement.generateSecret("IDEAwrap");
                keyWrap = new IDEAKeyWrap(this.rand);
            }
            keyWrap.setKeyEncryptingKey(secretKey2.getEncoded());
            return keyWrap.encrypt(secretKey.getEncoded());
        } catch (Exception e) {
            throw new CMSException(e.getMessage());
        }
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer("KeyAgreeRecipientInfo");
        stringBuffer.append("\n[");
        stringBuffer.append("\n  Version: ").append(this.version);
        stringBuffer.append("\n  OriginatorOrKey: ");
        StringTokenizer stringTokenizer = new StringTokenizer(this.originator.toString(), "\r\n");
        while (stringTokenizer.hasMoreTokens()) {
            stringBuffer.append("\n    ").append(stringTokenizer.nextToken());
        }
        stringBuffer.append("\n  Key encryption algo: ");
        stringBuffer.append(getKeyEncryptionAlgorithm());
        stringBuffer.append("\n]");
        return stringBuffer.toString();
    }
}
