package org.bouncycastle.openpgp.operator.jcajce;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.RSAKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHKey;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.cryptlib.CryptlibObjectIdentifiers;
import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.ECNamedCurveTable;
import org.bouncycastle.bcpg.ECDHPublicBCPGKey;
import org.bouncycastle.bcpg.PublicKeyPacket;
import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.operator.PGPDataDecryptor;
import org.bouncycastle.openpgp.operator.PGPPad;
import org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
import org.bouncycastle.openpgp.operator.RFC6637Utils;
import org.bouncycastle.util.Arrays;

/* loaded from: classes4.dex */
public class JcePublicKeyDataDecryptorFactoryBuilder {
    private static final int X25519_KEY_SIZE = 32;
    private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper());
    private OperatorHelper contentHelper = new OperatorHelper(new DefaultJcaJceHelper());
    private JcaPGPKeyConverter keyConverter = new JcaPGPKeyConverter();
    private JcaKeyFingerprintCalculator fingerprintCalculator = new JcaKeyFingerprintCalculator();

    /* JADX INFO: Access modifiers changed from: private */
    public byte[] decryptSessionData(int i, PrivateKey privateKey, int i2, byte[][] bArr) throws PGPException {
        Cipher createPublicKeyCipher = this.helper.createPublicKeyCipher(i);
        try {
            createPublicKeyCipher.init(2, privateKey);
            if (i == 2 || i == 1) {
                updateWithMPI(createPublicKeyCipher, i2, bArr[0]);
            } else {
                updateWithMPI(createPublicKeyCipher, i2, bArr[0]);
                updateWithMPI(createPublicKeyCipher, i2, bArr[1]);
            }
            try {
                return createPublicKeyCipher.doFinal();
            } catch (Exception e) {
                throw new PGPException("exception decrypting session data", e);
            }
        } catch (InvalidKeyException e2) {
            throw new PGPException("error setting asymmetric cipher", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public byte[] decryptSessionData(JcaPGPKeyConverter jcaPGPKeyConverter, PGPPrivateKey pGPPrivateKey, byte[][] bArr) throws PGPException {
        KeyAgreement createKeyAgreement;
        PublicKey publicKey;
        PublicKeyPacket publicKeyPacket = pGPPrivateKey.getPublicKeyPacket();
        ECDHPublicBCPGKey eCDHPublicBCPGKey = (ECDHPublicBCPGKey) publicKeyPacket.getKey();
        byte[] bArr2 = bArr[0];
        int i = ((((bArr2[0] & 255) << 8) + (bArr2[1] & 255)) + 7) / 8;
        int i2 = i + 2;
        int i3 = i + 3;
        if (i3 > bArr2.length) {
            throw new PGPException("encoded length out of range");
        }
        byte[] bArr3 = new byte[i];
        System.arraycopy(bArr2, 2, bArr3, 0, i);
        int i4 = bArr2[i2] & 255;
        if (i3 + i4 > bArr2.length) {
            throw new PGPException("encoded length out of range");
        }
        byte[] bArr4 = new byte[i4];
        System.arraycopy(bArr2, i3, bArr4, 0, i4);
        try {
            if (eCDHPublicBCPGKey.getCurveOID().equals((ASN1Primitive) CryptlibObjectIdentifiers.curvey25519)) {
                createKeyAgreement = this.helper.createKeyAgreement(RFC6637Utils.getXDHAlgorithm(publicKeyPacket));
                KeyFactory createKeyFactory = this.helper.createKeyFactory("XDH");
                if (i != 33 || 64 != bArr3[0]) {
                    throw new IllegalArgumentException("Invalid Curve25519 public key");
                }
                publicKey = createKeyFactory.generatePublic(new X509EncodedKeySpec(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), Arrays.copyOfRange(bArr3, 1, i)).getEncoded()));
            } else {
                ECPoint decodePoint = ECNamedCurveTable.getByOIDLazy(eCDHPublicBCPGKey.getCurveOID()).getCurve().decodePoint(bArr3);
                createKeyAgreement = this.helper.createKeyAgreement(RFC6637Utils.getAgreementAlgorithm(publicKeyPacket));
                publicKey = jcaPGPKeyConverter.getPublicKey(new PGPPublicKey(new PublicKeyPacket(18, new Date(), new ECDHPublicBCPGKey(eCDHPublicBCPGKey.getCurveOID(), decodePoint, eCDHPublicBCPGKey.getHashAlgorithm(), eCDHPublicBCPGKey.getSymmetricKeyAlgorithm())), this.fingerprintCalculator));
            }
            createKeyAgreement.init(jcaPGPKeyConverter.getPrivateKey(pGPPrivateKey), new UserKeyingMaterialSpec(RFC6637Utils.createUserKeyingMaterial(publicKeyPacket, this.fingerprintCalculator)));
            createKeyAgreement.doPhase(publicKey, true);
            SecretKey generateSecret = createKeyAgreement.generateSecret(RFC6637Utils.getKeyEncryptionOID(eCDHPublicBCPGKey.getSymmetricKeyAlgorithm()).getId());
            Cipher createKeyWrapper = this.helper.createKeyWrapper(eCDHPublicBCPGKey.getSymmetricKeyAlgorithm());
            createKeyWrapper.init(4, generateSecret);
            return PGPPad.unpadSessionData(createKeyWrapper.unwrap(bArr4, "Session", 3).getEncoded());
        } catch (IOException e) {
            throw new PGPException("error setting asymmetric cipher", e);
        } catch (InvalidAlgorithmParameterException e2) {
            throw new PGPException("error setting asymmetric cipher", e2);
        } catch (InvalidKeyException e3) {
            throw new PGPException("error setting asymmetric cipher", e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new PGPException("error setting asymmetric cipher", e4);
        } catch (GeneralSecurityException e5) {
            throw new PGPException("error setting asymmetric cipher", e5);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public int getExpectedPayloadSize(PrivateKey privateKey) {
        BigInteger modulus;
        if (privateKey instanceof DHKey) {
            modulus = ((DHKey) privateKey).getParams().getP();
        } else {
            if (!(privateKey instanceof RSAKey)) {
                return -1;
            }
            modulus = ((RSAKey) privateKey).getModulus();
        }
        return (modulus.bitLength() + 7) / 8;
    }

    private void updateWithMPI(Cipher cipher, int i, byte[] bArr) {
        int length;
        int i2 = 2;
        if (i > 0) {
            if (bArr.length - 2 > i) {
                length = bArr.length;
                i2 = 3;
                cipher.update(bArr, i2, length - i2);
            } else if (i > bArr.length - 2) {
                cipher.update(new byte[i - (bArr.length - 2)]);
            }
        }
        length = bArr.length;
        cipher.update(bArr, i2, length - i2);
    }

    public PublicKeyDataDecryptorFactory build(PrivateKey privateKey) {
        return new PublicKeyDataDecryptorFactory(privateKey) { // from class: org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder.1
            final int expectedPayLoadSize;
            final /* synthetic */ PrivateKey val$privKey;

            {
                this.val$privKey = privateKey;
                this.expectedPayLoadSize = JcePublicKeyDataDecryptorFactoryBuilder.this.getExpectedPayloadSize(privateKey);
            }

            @Override // org.bouncycastle.openpgp.operator.PGPDataDecryptorFactory
            public PGPDataDecryptor createDataDecryptor(boolean z, int i, byte[] bArr) throws PGPException {
                return JcePublicKeyDataDecryptorFactoryBuilder.this.contentHelper.createDataDecryptor(z, i, bArr);
            }

            @Override // org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory
            public byte[] recoverSessionData(int i, byte[][] bArr) throws PGPException {
                if (i != 18) {
                    return JcePublicKeyDataDecryptorFactoryBuilder.this.decryptSessionData(i, this.val$privKey, this.expectedPayLoadSize, bArr);
                }
                throw new PGPException("ECDH requires use of PGPPrivateKey for decryption");
            }
        };
    }

    public PublicKeyDataDecryptorFactory build(final PGPPrivateKey pGPPrivateKey) {
        return new PublicKeyDataDecryptorFactory() { // from class: org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder.2
            @Override // org.bouncycastle.openpgp.operator.PGPDataDecryptorFactory
            public PGPDataDecryptor createDataDecryptor(boolean z, int i, byte[] bArr) throws PGPException {
                return JcePublicKeyDataDecryptorFactoryBuilder.this.contentHelper.createDataDecryptor(z, i, bArr);
            }

            @Override // org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory
            public byte[] recoverSessionData(int i, byte[][] bArr) throws PGPException {
                if (i == 18) {
                    JcePublicKeyDataDecryptorFactoryBuilder jcePublicKeyDataDecryptorFactoryBuilder = JcePublicKeyDataDecryptorFactoryBuilder.this;
                    return jcePublicKeyDataDecryptorFactoryBuilder.decryptSessionData(jcePublicKeyDataDecryptorFactoryBuilder.keyConverter, pGPPrivateKey, bArr);
                }
                PrivateKey privateKey = JcePublicKeyDataDecryptorFactoryBuilder.this.keyConverter.getPrivateKey(pGPPrivateKey);
                return JcePublicKeyDataDecryptorFactoryBuilder.this.decryptSessionData(i, privateKey, JcePublicKeyDataDecryptorFactoryBuilder.this.getExpectedPayloadSize(privateKey), bArr);
            }
        };
    }

    public JcePublicKeyDataDecryptorFactoryBuilder setContentProvider(String str) {
        this.contentHelper = new OperatorHelper(new NamedJcaJceHelper(str));
        return this;
    }

    public JcePublicKeyDataDecryptorFactoryBuilder setContentProvider(Provider provider) {
        this.contentHelper = new OperatorHelper(new ProviderJcaJceHelper(provider));
        return this;
    }

    public JcePublicKeyDataDecryptorFactoryBuilder setProvider(String str) {
        this.helper = new OperatorHelper(new NamedJcaJceHelper(str));
        this.keyConverter.setProvider(str);
        this.contentHelper = this.helper;
        return this;
    }

    public JcePublicKeyDataDecryptorFactoryBuilder setProvider(Provider provider) {
        this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
        this.keyConverter.setProvider(provider);
        this.contentHelper = this.helper;
        return this;
    }
}
