package iaik.pkcs.pkcs1;

import iaik.security.random.SecRandom;
import iaik.security.rsa.RSAPrivateKey;
import iaik.security.rsa.RSAPublicKey;
import iaik.utils.CryptoUtils;
import iaik.utils.NumberTheory;
import iaik.utils.Util;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.util.Random;
import javax.crypto.BadPaddingException;
import javax.crypto.CipherSpi;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;

/* loaded from: input_file:iaik_jce.jar:iaik/pkcs/pkcs1/RSACipher.class */
public class RSACipher extends CipherSpi {
    static Class h;
    private ByteArrayOutputStream i;
    private SecureRandom d;
    private int g;
    protected RSAPublicKey pubKey;
    protected RSAPrivateKey privKey;
    private String c;
    private int f;
    private static boolean b = true;
    private a e = new b();
    private boolean a = b;

    static Class a(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    public static void setValidateAgainstOaepKeyParameters(boolean z) {
        c.a(z);
    }

    public static boolean setUseBlindingDefault(boolean z) {
        boolean z2 = b;
        b = z;
        return z2;
    }

    public boolean setUseBlinding(boolean z) {
        boolean z2 = this.a;
        this.a = z;
        return z2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSecureRandom(SecureRandom secureRandom) {
        this.d = secureRandom;
        if (this.e != null) {
            this.e.a(secureRandom);
        }
    }

    public BigInteger rawPublicRSA(BigInteger bigInteger, java.security.interfaces.RSAPublicKey rSAPublicKey) {
        return bigInteger.modPow(rSAPublicKey.getPublicExponent(), rSAPublicKey.getModulus());
    }

    public BigInteger rawPrivateRSA(BigInteger bigInteger, java.security.interfaces.RSAPrivateKey rSAPrivateKey, Random random) {
        RSAPrivateCrtKey rSAPrivateCrtKey;
        BigInteger bigInteger2;
        boolean z;
        BigInteger modPow;
        BigInteger bigInteger3 = null;
        if (rSAPrivateKey instanceof RSAPrivateCrtKey) {
            rSAPrivateCrtKey = (RSAPrivateCrtKey) rSAPrivateKey;
            bigInteger2 = rSAPrivateCrtKey.getPublicExponent();
            if (bigInteger2.bitCount() == 0) {
                bigInteger2 = null;
                z = false;
            } else {
                z = (!this.a || bigInteger2 == null || bigInteger2.equals(NumberTheory.ZERO)) ? false : true;
            }
            if (rSAPrivateCrtKey.getPrimeExponentP().bitCount() == 0) {
                rSAPrivateCrtKey = null;
            }
        } else {
            rSAPrivateCrtKey = null;
            bigInteger2 = null;
            z = false;
        }
        BigInteger modulus = rSAPrivateKey.getModulus();
        if (z) {
            bigInteger3 = new BigInteger(modulus.bitLength() - 1, random != null ? random : SecRandom.getDefault());
            if (bigInteger3.equals(NumberTheory.ZERO) || bigInteger3.equals(NumberTheory.ONE)) {
                throw new ProviderException("Secure random seems to deliver non-random bits. Unable to generate random blinding factor.");
            }
            bigInteger = bigInteger.multiply(bigInteger3.modPow(bigInteger2, modulus)).mod(modulus);
        }
        if (rSAPrivateCrtKey != null) {
            BigInteger primeP = rSAPrivateCrtKey.getPrimeP();
            BigInteger primeQ = rSAPrivateCrtKey.getPrimeQ();
            BigInteger modPow2 = bigInteger.mod(primeP).modPow(rSAPrivateCrtKey.getPrimeExponentP(), primeP);
            BigInteger modPow3 = bigInteger.mod(primeQ).modPow(rSAPrivateCrtKey.getPrimeExponentQ(), primeQ);
            modPow = modPow2.subtract(modPow3).multiply(rSAPrivateCrtKey.getCrtCoefficient()).mod(primeP).multiply(primeQ).add(modPow3);
        } else {
            modPow = bigInteger.modPow(rSAPrivateKey.getPrivateExponent(), modulus);
        }
        if (z) {
            modPow = modPow.multiply(bigInteger3.modInverse(modulus)).mod(modulus);
        }
        return modPow;
    }

    protected byte[] rawCrypt(byte[] bArr) {
        byte[] byteArray;
        this.d = getSecureRandom();
        BigInteger bigInteger = new BigInteger(1, bArr);
        if (this.pubKey != null) {
            byteArray = rawPublicRSA(bigInteger, this.pubKey).toByteArray();
        } else {
            this.d = getSecureRandom();
            byteArray = rawPrivateRSA(bigInteger, this.privKey, this.d).toByteArray();
        }
        int a = a();
        if (byteArray.length > a) {
            byte[] bArr2 = new byte[a];
            System.arraycopy(byteArray, byteArray.length - a, bArr2, 0, a);
            byteArray = bArr2;
        } else if (byteArray.length < a) {
            byte[] bArr3 = new byte[a];
            System.arraycopy(byteArray, 0, bArr3, a - byteArray.length, byteArray.length);
            byteArray = bArr3;
        }
        return byteArray;
    }

    private byte[] b(byte[] bArr) throws BadPaddingException {
        byte[] a = this.e.a(bArr);
        byte[] rawCrypt = rawCrypt(a);
        CryptoUtils.zeroBlock(a);
        if (rawCrypt.length < this.g) {
            byte[] bArr2 = new byte[this.g];
            System.arraycopy(rawCrypt, 0, bArr2, this.g - rawCrypt.length, rawCrypt.length);
            CryptoUtils.zeroBlock(rawCrypt);
            rawCrypt = bArr2;
        }
        return rawCrypt;
    }

    public static boolean isUseBlindingDefault() {
        return b;
    }

    public boolean isUseBlinding() {
        return this.a;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecureRandom getSecureRandom() {
        if (this.d == null) {
            this.d = SecRandom.getDefault();
        }
        return this.d;
    }

    private int a() {
        return ((this.pubKey != null ? this.pubKey.getModulus() : this.privKey.getModulus()).bitLength() + 7) / 8;
    }

    private static int a(int i) {
        if (i == 3) {
            return 1;
        }
        if (i == 4) {
            return 2;
        }
        return i;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineWrap(Key key) throws InvalidKeyException {
        byte[] encoded = key.getEncoded();
        if (encoded == null || encoded.length == 0) {
            throw new InvalidKeyException("Could not encode key for wrapping!");
        }
        try {
            return engineDoFinal(encoded, 0, encoded.length);
        } catch (BadPaddingException e) {
            throw new InvalidKeyException(new StringBuffer("Could not wrap key: ").append(e.toString()).toString());
        }
    }

    @Override // javax.crypto.CipherSpi
    protected int engineUpdate(byte[] bArr, int i, int i2, byte[] bArr2, int i3) {
        if (this.i == null) {
            if (this.g <= 0) {
                throw new IllegalStateException("Cipher not initialized!");
            }
            this.i = new ByteArrayOutputStream(this.g);
        }
        this.i.write(bArr, i, i2);
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineUpdate(byte[] bArr, int i, int i2) {
        if (this.i == null) {
            if (this.g <= 0) {
                throw new IllegalStateException("Cipher not initialized!");
            }
            this.i = new ByteArrayOutputStream(this.g);
        }
        this.i.write(bArr, i, i2);
        return null;
    }

    @Override // javax.crypto.CipherSpi
    protected Key engineUnwrap(byte[] bArr, String str, int i) throws NoSuchAlgorithmException, InvalidKeyException {
        try {
            return Util.decodeKey(i, str, engineDoFinal(bArr, 0, bArr.length));
        } catch (BadPaddingException e) {
            throw new InvalidKeyException(new StringBuffer("Could not unwrap key: ").append(e.toString()).toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineSetPadding(String str) throws NoSuchPaddingException {
        if (str.equalsIgnoreCase("PKCS1Padding") || str.equalsIgnoreCase("PKCS1PaddingSSL2")) {
            this.e = new b(str, this.c);
        } else if (str.toUpperCase().startsWith("OAEP")) {
            this.e = c.a(str);
        } else {
            if (!str.equalsIgnoreCase("NoPadding")) {
                throw new NoSuchPaddingException(new StringBuffer("Unknown padding: ").append(str).toString());
            }
            this.e = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineSetMode(String str) {
        this.c = str;
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        SecureRandom secureRandom2;
        this.f = a(i);
        this.d = secureRandom;
        this.i = null;
        this.pubKey = null;
        this.privKey = null;
        if (key == null) {
            throw new NullPointerException("Key is null!");
        }
        try {
            this.pubKey = Util.getRSAPublicKey(key);
        } catch (InvalidKeyException unused) {
            try {
                this.privKey = Util.getRSAPrivateKey(key);
            } catch (InvalidKeyException unused2) {
                throw new InvalidKeyException(new StringBuffer("Class does not represent an RSA key: ").append(key.getClass().getName()).toString());
            }
        } catch (Exception e) {
            if (!(e instanceof InvalidKeyException)) {
                throw new InvalidKeyException(new StringBuffer("Unable to init RSA key: ").append(e.toString()).toString());
            }
            throw ((InvalidKeyException) e);
        }
        this.g = a();
        if (this.e != null) {
            Key key2 = this.pubKey;
            if (key2 == null) {
                key2 = this.privKey;
            }
            if (algorithmParameterSpec != null) {
                if (!this.e.d().toUpperCase().startsWith("OAEP")) {
                    throw new InvalidAlgorithmParameterException("Parameters are only allowed for OAEP padding.");
                }
                if ((algorithmParameterSpec instanceof PKCS1AlgorithmParameterSpec) && (secureRandom2 = ((PKCS1AlgorithmParameterSpec) algorithmParameterSpec).getSecureRandom()) != null) {
                    this.d = secureRandom2;
                }
            }
            this.e.a(this.f, key2, this.g, algorithmParameterSpec, this.d);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineInit(int i, Key key, SecureRandom secureRandom) throws InvalidKeyException {
        try {
            engineInit(i, key, (AlgorithmParameterSpec) null, secureRandom);
        } catch (InvalidAlgorithmParameterException unused) {
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, AlgorithmParameters algorithmParameters, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        Class a;
        AlgorithmParameterSpec algorithmParameterSpec = null;
        if (algorithmParameters != null) {
            if (this.e == null || !this.e.d().toUpperCase().startsWith("OAEP")) {
                throw new InvalidAlgorithmParameterException("Parameters are only allowed for OAEP padding.");
            }
            try {
                if (h != null) {
                    a = h;
                } else {
                    a = a("iaik.pkcs.pkcs1.RSAOaepParameterSpec");
                    h = a;
                }
                algorithmParameterSpec = algorithmParameters.getParameterSpec(a);
            } catch (InvalidParameterSpecException unused) {
                throw new InvalidAlgorithmParameterException("Only RSAOaepParameters allowed.");
            }
        }
        engineInit(i, key, algorithmParameterSpec, secureRandom);
    }

    @Override // javax.crypto.CipherSpi
    protected AlgorithmParameters engineGetParameters() {
        AlgorithmParameters algorithmParameters = null;
        if (this.e != null) {
            algorithmParameters = this.e.a();
        }
        return algorithmParameters;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetOutputSize(int i) {
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetKeySize(Key key) throws InvalidKeyException {
        try {
            return Util.getRSAPublicKey(key).getModulus().bitLength();
        } catch (InvalidKeyException unused) {
            try {
                return Util.getRSAPrivateKey(key).getModulus().bitLength();
            } catch (InvalidKeyException unused2) {
                throw new InvalidKeyException("Not an RSA key!");
            }
        }
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineGetIV() {
        return null;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetBlockSize() {
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineDoFinal(byte[] bArr, int i, int i2, byte[] bArr2, int i3) throws BadPaddingException, ShortBufferException {
        byte[] engineDoFinal = engineDoFinal(bArr, i, i2);
        try {
            System.arraycopy(engineDoFinal, 0, bArr2, i3, engineDoFinal.length);
            CryptoUtils.zeroBlock(engineDoFinal);
            return engineDoFinal.length;
        } catch (Exception unused) {
            throw new ShortBufferException("Buffer to short to hold result.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public byte[] engineDoFinal(byte[] bArr, int i, int i2) throws BadPaddingException {
        byte[] bArr2 = null;
        if (this.i != null && this.i.size() > 0) {
            if (bArr != null) {
                this.i.write(bArr, i, i2);
            }
            bArr2 = this.i.toByteArray();
        } else if (bArr != null) {
            if (i == 0 && i2 == bArr.length) {
                bArr2 = bArr;
            } else {
                bArr2 = new byte[i2];
                System.arraycopy(bArr, i, bArr2, 0, i2);
            }
        }
        if (bArr2 == null) {
            throw new NullPointerException("Null data to process!");
        }
        byte[] rawCrypt = this.e == null ? rawCrypt(bArr2) : this.f == 1 ? b(bArr2) : a(bArr2);
        if (this.i != null) {
            this.i.reset();
        }
        return rawCrypt;
    }

    private byte[] a(byte[] bArr) throws BadPaddingException {
        if (bArr.length != a()) {
            throw new BadPaddingException("Invalid PKCS#1 padding: encrypted message and modulus lengths do not match!");
        }
        byte[] rawCrypt = rawCrypt(bArr);
        byte[] b2 = this.e.b(rawCrypt);
        CryptoUtils.zeroBlock(rawCrypt);
        return b2;
    }

    static {
        Util.toString(null, -1, 1);
    }
}
