package iaik.pkcs.pkcs1;

import iaik.asn1.OCTET_STRING;
import iaik.asn1.structures.AlgorithmID;
import iaik.security.md.SHA;
import iaik.security.rsa.RSAOaepPrivateKey;
import iaik.security.rsa.RSAOaepPublicKey;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.NoSuchPaddingException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:iaik/pkcs/pkcs1/a.class */
public class a extends c {
    private static boolean e = false;
    private AlgorithmID f;
    private MessageDigest g;
    private AlgorithmID h;
    private MaskGenerationAlgorithm i;
    private AlgorithmID j;
    private byte[] k;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void a(boolean z) {
        e = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static a a(String str) throws NoSuchPaddingException {
        MessageDigest messageDigestInstance;
        AlgorithmID algorithmID;
        MaskGenerationAlgorithm maskGenerationAlgorithmInstance;
        a aVar;
        if (str.length() == 4) {
            aVar = new a();
        } else {
            if (str.length() < 21) {
                throw new NoSuchPaddingException(new StringBuffer().append("Invalid OAEP padding name: ").append(str).append("!").toString());
            }
            String upperCase = str.substring(8, str.length() - 7).toUpperCase(Locale.US);
            int indexOf = upperCase.indexOf("AND");
            String substring = upperCase.substring(0, indexOf);
            String substring2 = upperCase.substring(indexOf + 3);
            AlgorithmID b = b(substring.toUpperCase(Locale.US));
            if (b == null) {
                b = AlgorithmID.getAlgorithmID(substring);
            }
            if (b == null) {
                throw new NoSuchPaddingException(new StringBuffer().append("No AlgorithmID available for hash algorithm \"").append(substring).append("\" of padding scheme ").append(str).toString());
            }
            AlgorithmID algorithmID2 = (AlgorithmID) b.clone();
            try {
                messageDigestInstance = algorithmID2.getMessageDigestInstance("IAIK");
            } catch (NoSuchAlgorithmException e2) {
                try {
                    messageDigestInstance = algorithmID2.getMessageDigestInstance();
                } catch (NoSuchAlgorithmException e3) {
                    throw new NoSuchPaddingException(new StringBuffer().append("No engine available for hash algorithm \"").append(substring).append("\" of padding scheme ").append(str).toString());
                }
            }
            if (substring2.equals("MGF1")) {
                algorithmID = (AlgorithmID) AlgorithmID.mgf1.clone();
                algorithmID.setParameter(algorithmID2.toASN1Object());
                maskGenerationAlgorithmInstance = new MGF1(algorithmID2, messageDigestInstance);
            } else {
                AlgorithmID algorithmID3 = AlgorithmID.getAlgorithmID(substring2);
                if (algorithmID3 == null) {
                    throw new NoSuchPaddingException(new StringBuffer().append("No AlgorithmID available for MGF algorithm \"").append(substring2).append("\" of padding scheme ").append(str).toString());
                }
                algorithmID = (AlgorithmID) algorithmID3.clone();
                try {
                    maskGenerationAlgorithmInstance = algorithmID.getMaskGenerationAlgorithmInstance("IAIK");
                } catch (NoSuchAlgorithmException e4) {
                    try {
                        maskGenerationAlgorithmInstance = algorithmID.getMaskGenerationAlgorithmInstance();
                    } catch (NoSuchAlgorithmException e5) {
                        throw new NoSuchPaddingException(new StringBuffer().append("No engine available for MGF algorithm \"").append(substring2).append("\" of padding scheme ").append(str).toString());
                    }
                }
            }
            AlgorithmID algorithmID4 = (AlgorithmID) AlgorithmID.pSpecified.clone();
            algorithmID4.setParameter(new OCTET_STRING());
            aVar = new a(str, algorithmID2, algorithmID, algorithmID4, messageDigestInstance, maskGenerationAlgorithmInstance, new byte[0]);
        }
        return aVar;
    }

    private static AlgorithmID b(String str) {
        String upperCase = str.toUpperCase(Locale.US);
        AlgorithmID algorithmID = null;
        if (upperCase.equals("SHA") || upperCase.equals("SHA1") || upperCase.equals("SHA-1")) {
            algorithmID = (AlgorithmID) AlgorithmID.sha.clone();
        } else if (upperCase.equals("MD5")) {
            algorithmID = (AlgorithmID) AlgorithmID.md5.clone();
        } else if (upperCase.equals("RIPEMD160") || upperCase.equals("RIPEMD-160")) {
            algorithmID = (AlgorithmID) AlgorithmID.ripeMd160.clone();
        } else if (upperCase.equals("RIPEMD128") || upperCase.equals("RIPEMD-128")) {
            algorithmID = (AlgorithmID) AlgorithmID.ripeMd128.clone();
        } else if (upperCase.equals("SHA-256") || upperCase.equals("SHA256")) {
            algorithmID = (AlgorithmID) AlgorithmID.sha256.clone();
        } else if (upperCase.equals("SHA-384") || upperCase.equals("SHA384")) {
            algorithmID = (AlgorithmID) AlgorithmID.sha384.clone();
        } else if (upperCase.equals("SHA-512") || upperCase.equals("SHA512")) {
            algorithmID = (AlgorithmID) AlgorithmID.sha512.clone();
        } else if (upperCase.equals("MD2")) {
            algorithmID = (AlgorithmID) AlgorithmID.md2.clone();
        } else if (upperCase.equals("WHIRLPOOL")) {
            algorithmID = (AlgorithmID) AlgorithmID.whirlpool.clone();
        }
        return algorithmID;
    }

    a() {
        super("OAEP");
        this.f = (AlgorithmID) RSAOaepParameterSpec.DEFAULT_HASH_ALGORITHM.clone();
        this.g = new SHA();
        this.h = (AlgorithmID) AlgorithmID.mgf1.clone();
        this.h.setParameter(this.f.toASN1Object());
        this.i = new MGF1(this.f, this.g);
        this.j = (AlgorithmID) AlgorithmID.pSpecified.clone();
        this.j.setParameter(new OCTET_STRING());
        this.k = new byte[0];
    }

    a(String str, AlgorithmID algorithmID, AlgorithmID algorithmID2, AlgorithmID algorithmID3, MessageDigest messageDigest, MaskGenerationAlgorithm maskGenerationAlgorithm, byte[] bArr) {
        super(str);
        this.f = (AlgorithmID) algorithmID.clone();
        this.h = (AlgorithmID) algorithmID2.clone();
        this.j = (AlgorithmID) algorithmID3.clone();
        this.g = messageDigest;
        this.i = maskGenerationAlgorithm;
        this.k = (byte[]) bArr.clone();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // iaik.pkcs.pkcs1.c
    public void a(int i, Key key, int i2, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        super.a(i, key, i2, algorithmParameterSpec, secureRandom);
        if (this.c < 42) {
            throw new InvalidKeyException("OAEP requires a modulus of at least 336 bits!");
        }
        if (this.d == 1) {
            if (this.b == null) {
                throw new InvalidKeyException("OAEP cannot be used to generate signatures");
            }
        } else if (this.a == null) {
            throw new InvalidKeyException("OAEP cannot be used to verify signatures");
        }
        if (algorithmParameterSpec == null) {
            e();
            return;
        }
        if (!(algorithmParameterSpec instanceof RSAOaepParameterSpec)) {
            if (!(algorithmParameterSpec instanceof RSAOaepPSourceParameterSpec)) {
                throw new InvalidAlgorithmParameterException("Invalid parameters. Expected RSAOaepParameterSpec or RSAOaepPSourceParameterSpec!");
            }
            e();
            RSAOaepPSourceParameterSpec rSAOaepPSourceParameterSpec = (RSAOaepPSourceParameterSpec) algorithmParameterSpec;
            this.j = rSAOaepPSourceParameterSpec.getPSourceAlgorithm();
            this.k = rSAOaepPSourceParameterSpec.getLabel();
            return;
        }
        RSAOaepParameterSpec rSAOaepParameterSpec = (RSAOaepParameterSpec) algorithmParameterSpec;
        if (e) {
            if (this.b != null) {
                if (this.b instanceof RSAOaepPublicKey) {
                    try {
                        if (!((RSAOaepPublicKey) this.b).validateParameters(algorithmParameterSpec)) {
                            throw new InvalidAlgorithmParameterException("Parameters are not valid for OAEP-Key used with this engine!");
                        }
                    } catch (InvalidParameterSpecException e2) {
                    }
                }
            } else if (this.a != null && (this.a instanceof RSAOaepPrivateKey)) {
                try {
                    if (!((RSAOaepPrivateKey) this.a).validateParameters(algorithmParameterSpec)) {
                        throw new InvalidAlgorithmParameterException("Parameters are not valid for OAEP-Key used with this engine!");
                    }
                } catch (InvalidParameterSpecException e3) {
                }
            }
        }
        a(rSAOaepParameterSpec);
    }

    private void e() throws InvalidAlgorithmParameterException {
        RSAOaepParameterSpec rSAOaepParameterSpec = null;
        if (this.b != null) {
            if (this.b instanceof RSAOaepPublicKey) {
                rSAOaepParameterSpec = (RSAOaepParameterSpec) ((RSAOaepPublicKey) this.b).getParams();
            }
        } else if (this.a != null && (this.a instanceof RSAOaepPrivateKey)) {
            rSAOaepParameterSpec = (RSAOaepParameterSpec) ((RSAOaepPrivateKey) this.a).getParams();
        }
        if (rSAOaepParameterSpec != null) {
            a(rSAOaepParameterSpec);
        }
    }

    private void a(RSAOaepParameterSpec rSAOaepParameterSpec) throws InvalidAlgorithmParameterException {
        this.f = rSAOaepParameterSpec.getHashAlgorithm();
        try {
            this.g = rSAOaepParameterSpec.getHashEngine();
            this.h = rSAOaepParameterSpec.getMaskGenAlgorithm();
            try {
                this.i = rSAOaepParameterSpec.getMGFEngine();
                this.j = rSAOaepParameterSpec.getPSourceAlgorithm();
                this.k = rSAOaepParameterSpec.getLabel();
            } catch (NoSuchAlgorithmException e2) {
                throw new InvalidAlgorithmParameterException(new StringBuffer().append("Cannot set mask generation algorithm parameter; no mgf engine available: ").append(e2.getMessage()).toString());
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new InvalidAlgorithmParameterException(new StringBuffer().append("Cannot set hash algorithm parameter; no hash engine available: ").append(e3.getMessage()).toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // iaik.pkcs.pkcs1.c
    public AlgorithmParameters a() {
        AlgorithmParameters algorithmParameters = null;
        if (this.f != null && this.h != null && this.j != null) {
            if (this.k != null) {
                this.j.setParameter(new OCTET_STRING((byte[]) this.k.clone()));
            }
            try {
                RSAOaepParameterSpec rSAOaepParameterSpec = new RSAOaepParameterSpec(this.f, this.h, this.j);
                algorithmParameters = AlgorithmParameters.getInstance("OAEP", "IAIK");
                algorithmParameters.init(rSAOaepParameterSpec);
                return algorithmParameters;
            } catch (Exception e2) {
            }
        }
        return algorithmParameters;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // iaik.pkcs.pkcs1.c
    public byte[] a(byte[] bArr) throws BadPaddingException {
        if (this.g == null) {
            throw new NullPointerException("Cannot do OAEP padding. Hash engine must not be null!");
        }
        if (this.i == null) {
            throw new NullPointerException("Cannot do OAEP padding. MGF engine must not be null!");
        }
        SecureRandom c = c();
        if (c == null) {
            throw new NullPointerException("Cannot do OAEP padding. No SecureRandom available!");
        }
        if (this.k == null) {
            this.k = new byte[0];
        }
        byte[] digest = this.g.digest(this.k);
        int length = digest.length;
        int i = this.c;
        if (bArr.length > (this.c - (2 * length)) - 2) {
            throw new BadPaddingException("Message to long for OAEP, must be (2*hLen)-2 bytes less than modulus");
        }
        byte[] bArr2 = new byte[length];
        c.nextBytes(bArr2);
        byte[] bArr3 = new byte[i];
        int i2 = (i - length) - 1;
        int i3 = length + 1;
        System.arraycopy(bArr2, 0, bArr3, 1, length);
        System.arraycopy(digest, 0, bArr3, i3, length);
        System.arraycopy(bArr, 0, bArr3, i - bArr.length, bArr.length);
        bArr3[(i - bArr.length) - 1] = 1;
        this.i.mask(bArr3, 1, length, i2, bArr3, i3);
        this.i.mask(bArr3, i3, i2, length, bArr3, 1);
        b();
        return bArr3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // iaik.pkcs.pkcs1.c
    public byte[] b(byte[] bArr) throws BadPaddingException {
        if (this.g == null) {
            throw new NullPointerException("Cannot do OAEP padding. Hash engine must not be null!");
        }
        if (this.i == null) {
            throw new NullPointerException("Cannot do OAEP padding. MGF engine must not be null!");
        }
        int length = bArr.length;
        if (this.k == null) {
            this.k = new byte[0];
        }
        byte[] digest = this.g.digest(this.k);
        int length2 = digest.length;
        if (this.c < (2 * length2) + 2) {
            throw new BadPaddingException("Invalid OAEP: decrypted message too short");
        }
        int i = (length - length2) - 1;
        int i2 = 1 + length2;
        this.i.mask(bArr, i2, i, length2, bArr, 1);
        this.i.mask(bArr, 1, length2, i, bArr, i2);
        int i3 = 0;
        while (i3 < length2) {
            if (bArr[i2 + i3] != digest[i3]) {
                throw new BadPaddingException("Invalid OAEP: parameter hashes do not match!");
            }
            i3++;
        }
        while (i3 < i && bArr[i2 + i3] == 0) {
            i3++;
        }
        if (i3 != i) {
            int i4 = i3;
            int i5 = i3 + 1;
            if (bArr[i2 + i4] == 1) {
                int i6 = i - i5;
                byte[] bArr2 = new byte[i6];
                System.arraycopy(bArr, i2 + i5, bArr2, 0, i6);
                b();
                return bArr2;
            }
        }
        throw new BadPaddingException("Invalid OAEP: invalid padding string!");
    }

    @Override // iaik.pkcs.pkcs1.c
    void b() {
        if (this.g != null) {
            this.g.reset();
        }
        if (this.i != null) {
            this.i.reset();
        }
    }
}
