package org2.bouncycastle.cms.hebca;

import com.hebca.crypto.Cert;
import com.hebca.crypto.Container;
import com.hebca.crypto.SKey;
import com.hebca.crypto.SymCrypter;
import com.hebca.crypto.util.SymCrypterInputStream;
import com.hebca.ext.exception.NoSuchAlgException;
import java.io.InputStream;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org2.bouncycastle.asn1.ASN1Object;
import org2.bouncycastle.asn1.ASN1OctetString;
import org2.bouncycastle.asn1.DERNull;
import org2.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org2.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org2.bouncycastle.cms.CMSException;
import org2.bouncycastle.cms.KeyTransRecipient;
import org2.bouncycastle.cms.RecipientOperator;
import org2.bouncycastle.cms.jcajce.EnvelopedDataHelper;
import org2.bouncycastle.jcajce.NamedJcaJceHelper;
import org2.bouncycastle.operator.InputDecryptor;

/* loaded from: classes3.dex */
public class HebcaKeyTransEnvelopedRecipient implements KeyTransRecipient {
    private static final String TEMP_PKCS7_SKEY_NAME = "pkcs7_enc_temp";
    private Container container;
    private String providerName;

    public HebcaKeyTransEnvelopedRecipient(Cert cert, String str) {
        this.container = cert.getContainer();
        this.providerName = str;
    }

    public HebcaKeyTransEnvelopedRecipient(Container container, String str) {
        this.container = container;
        this.providerName = str;
    }

    private byte[] extractSecretKey(AlgorithmIdentifier algorithmIdentifier, AlgorithmIdentifier algorithmIdentifier2, byte[] bArr) throws CMSException {
        try {
            return this.container.createAsymCrypter(false).crypt(bArr);
        } catch (Exception e) {
            throw new CMSException(e.getMessage());
        }
    }

    @Override // org2.bouncycastle.cms.KeyTransRecipient
    public RecipientOperator getRecipientOperator(AlgorithmIdentifier algorithmIdentifier, final AlgorithmIdentifier algorithmIdentifier2, byte[] bArr) throws CMSException {
        try {
            byte[] extractSecretKey = extractSecretKey(algorithmIdentifier, algorithmIdentifier2, bArr);
            IvParameterSpec ivParameterSpec = null;
            if (algorithmIdentifier2.getParameters() != null) {
                ASN1Object aSN1Object = (ASN1Object) algorithmIdentifier2.getParameters().getDERObject();
                String id = algorithmIdentifier2.getAlgorithm().getId();
                if ((id.equals(CMSEnvelopedDataGenerator.DES_EDE3_CBC) || id.equals("1.3.6.1.4.1.188.7.1.1.2") || id.equals(CMSEnvelopedDataGenerator.AES128_CBC) || id.equals(CMSEnvelopedDataGenerator.AES192_CBC) || id.equals(CMSEnvelopedDataGenerator.AES256_CBC)) && !(aSN1Object instanceof DERNull)) {
                    ivParameterSpec = new IvParameterSpec(ASN1OctetString.getInstance(aSN1Object).getOctets());
                }
            }
            if (!HebcaEnvelopedAlg.isDeviceAlg(HebcaEnvelopedAlg.getAlgByCMSAlgOID(algorithmIdentifier2.getAlgorithm()))) {
                final Cipher createContentCipher = new EnvelopedDataHelper(new NamedJcaJceHelper(this.providerName)).createContentCipher(new SecretKeySpec(extractSecretKey, ""), algorithmIdentifier2);
                return new RecipientOperator(new InputDecryptor() { // from class: org2.bouncycastle.cms.hebca.HebcaKeyTransEnvelopedRecipient.2
                    @Override // org2.bouncycastle.operator.InputDecryptor
                    public AlgorithmIdentifier getAlgorithmIdentifier() {
                        return algorithmIdentifier2;
                    }

                    @Override // org2.bouncycastle.operator.InputDecryptor
                    public InputStream getInputStream(InputStream inputStream) {
                        return new CipherInputStream(inputStream, createContentCipher);
                    }
                });
            }
            SKey importKey = this.container.getDevice().importKey(TEMP_PKCS7_SKEY_NAME, HebcaEnvelopedAlg.getSymCrypterAlg(algorithmIdentifier2), extractSecretKey);
            final SymCrypter createSymCrypter = ivParameterSpec != null ? this.container.getDevice().createSymCrypter(HebcaEnvelopedAlg.getSymCrypterAlg(algorithmIdentifier2), false, importKey, ivParameterSpec.getIV()) : this.container.getDevice().createSymCrypter(HebcaEnvelopedAlg.getSymCrypterAlg(algorithmIdentifier2), false, importKey);
            return new RecipientOperator(new InputDecryptor() { // from class: org2.bouncycastle.cms.hebca.HebcaKeyTransEnvelopedRecipient.1
                @Override // org2.bouncycastle.operator.InputDecryptor
                public AlgorithmIdentifier getAlgorithmIdentifier() {
                    return algorithmIdentifier2;
                }

                @Override // org2.bouncycastle.operator.InputDecryptor
                public InputStream getInputStream(InputStream inputStream) {
                    return new SymCrypterInputStream(inputStream, createSymCrypter);
                }
            });
        } catch (NoSuchAlgException e) {
            throw e;
        } catch (Exception e2) {
            throw new CMSException("create symCrypter error:" + e2.getMessage());
        }
    }
}
