package iaik.pkcs.pkcs1;

import iaik.security.random.SecRandom;
import iaik.security.rsa.RSAPrivateKey;
import iaik.security.rsa.RSAPublicKey;
import iaik.utils.CriticalObject;
import iaik.utils.CryptoUtils;
import iaik.utils.Util;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.BadPaddingException;
import javax.crypto.CipherSpi;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;

/* loaded from: input_file:115766-06/SUNWamsci/reloc/SUNWam/lib/iaik_jce_full.jar:iaik/pkcs/pkcs1/RSACipher.class */
public class RSACipher extends CipherSpi {
    private byte[] m;
    private byte[] r;
    private byte[] o;
    private MessageDigest n;
    private SecureRandom a;
    protected RSAPublicKey pubKey;
    protected RSAPrivateKey privKey;
    private int e;
    private static final int q = 4;
    private static final int g = 3;
    private static final int h = 2;
    private static final int i = 1;
    private static final String p = "OAEP";
    private static final String j = "PKCS1PaddingSSL2";
    private static final String k = "PKCS1Padding";
    private static final String l = "NoPadding";
    private int d = 2;
    private int f = -1;

    protected byte[] rawCrypt(byte[] bArr) {
        BigInteger bigInteger = new BigInteger(1, bArr);
        byte[] byteArray = this.pubKey != null ? this.pubKey.crypt(bigInteger).toByteArray() : this.privKey.crypt(bigInteger).toByteArray();
        if (byteArray[0] == 0) {
            byte[] bArr2 = new byte[byteArray.length - 1];
            System.arraycopy(byteArray, 1, bArr2, 0, byteArray.length - 1);
            CriticalObject.destroy(byteArray);
            byteArray = bArr2;
        }
        return byteArray;
    }

    private byte[] b(byte[] bArr) throws BadPaddingException {
        int i2;
        int nextInt;
        int length = bArr.length;
        int a = a();
        int i3 = (a - 3) - length;
        if (i3 < 8) {
            throw new BadPaddingException("PKCS#1 requires data at least 11 bytes shorter than the modulus!");
        }
        int i4 = this.f;
        if (i4 == -1) {
            i4 = this.pubKey != null ? 2 : 1;
        }
        byte[] bArr2 = new byte[a];
        int i5 = 0 + 1;
        bArr2[0] = 0;
        int i6 = i5 + 1;
        bArr2[i5] = (byte) i4;
        if (i4 == 2) {
            if (this.a == null) {
                this.a = SecRandom.getDefault();
            }
            for (int i7 = 0; i7 < i3; i7++) {
                if (this.d != 3 || i3 - i7 > 8) {
                    do {
                        nextInt = this.a.nextInt() & 255;
                    } while (nextInt == 0);
                } else {
                    nextInt = 3;
                }
                int i8 = i6;
                i6++;
                bArr2[i8] = (byte) nextInt;
            }
        } else {
            if (i4 == 0) {
                i2 = 0;
                if (bArr[0] == 0) {
                    throw new BadPaddingException("For block type 0 data must begin with nonzero value");
                }
            } else {
                i2 = 255;
            }
            for (int i9 = 0; i9 < i3; i9++) {
                int i10 = i6;
                i6++;
                bArr2[i10] = (byte) i2;
            }
        }
        bArr2[i6] = 0;
        System.arraycopy(bArr, 0, bArr2, i6 + 1, length);
        byte[] rawCrypt = rawCrypt(bArr2);
        CriticalObject.destroy(bArr2);
        if (rawCrypt.length < a) {
            byte[] bArr3 = new byte[a];
            System.arraycopy(rawCrypt, 0, bArr3, a - rawCrypt.length, rawCrypt.length);
            CriticalObject.destroy(rawCrypt);
            rawCrypt = bArr3;
        }
        return rawCrypt;
    }

    private byte[] a(byte[] bArr) throws BadPaddingException {
        if (this.d == 3) {
            throw new BadPaddingException("SSL2 variant of PKCS#1 padding not supported in decryption mode!");
        }
        int a = a();
        if (bArr.length != a) {
            throw new BadPaddingException("Invalid PKCS#1 padding: encrypted message is not k OCTETS long!");
        }
        byte[] rawCrypt = rawCrypt(bArr);
        int length = rawCrypt.length;
        if (length >= a) {
            throw new BadPaddingException("Invalid PKCS#1 padding: no leading zero!");
        }
        if (length < a - 1) {
            if (this.privKey != null) {
                throw new BadPaddingException("Invalid PKCS#1 block type 0 for private key decryption!");
            }
            if (this.f == -1 || this.f == 0) {
                return rawCrypt;
            }
            throw new BadPaddingException("PKCS#1 padding type does not match specified type!");
        }
        int i2 = 0;
        byte b = rawCrypt[0];
        if (b == 1) {
            if (this.privKey != null) {
                throw new BadPaddingException("Invalid PKCS#1 block type 1 for private key decryption!");
            }
        } else {
            if (b != 2) {
                throw new BadPaddingException(new StringBuffer("Invalid PKCS#1 block type ").append((int) b).append("!").toString());
            }
            if (this.pubKey != null) {
                throw new BadPaddingException("Invalid PKCS#1 block type 2 for public key decryption!");
            }
        }
        if (this.f != -1 && this.f != b) {
            throw new BadPaddingException("PKCS#1 padding type does not match specified type!");
        }
        while (true) {
            i2++;
            int i3 = rawCrypt[i2] & 255;
            if (i3 == 0) {
                if (i2 - 1 < 8) {
                    throw new BadPaddingException("Padding string must be at least 8 octets long!");
                }
                byte[] bArr2 = new byte[(length - i2) - 1];
                System.arraycopy(rawCrypt, i2 + 1, bArr2, 0, (length - i2) - 1);
                CriticalObject.destroy(rawCrypt);
                return bArr2;
            }
            if (i2 >= length) {
                throw new BadPaddingException("Encryption block has wrong format!");
            }
            if (b == 1 && i3 != 255) {
                throw new BadPaddingException(new StringBuffer("Invalid block type 1 padding byte ").append(i3).append("!").toString());
            }
        }
    }

    private byte[] f(byte[] bArr) throws BadPaddingException {
        byte[] b = b();
        int length = b.length;
        int a = a();
        int i2 = a - 1;
        if (bArr.length > (i2 - 1) - (2 * length)) {
            throw new BadPaddingException("Message to long for OAEP, must be 42 bytes less than modulus");
        }
        if (this.a == null) {
            this.a = SecRandom.getDefault();
        }
        if (this.m == null) {
            this.m = new byte[length];
        }
        this.a.nextBytes(this.m);
        byte[] bArr2 = new byte[i2];
        int length2 = bArr2.length - length;
        System.arraycopy(this.m, 0, bArr2, 0, length);
        System.arraycopy(b, 0, bArr2, length, b.length);
        System.arraycopy(bArr, 0, bArr2, i2 - bArr.length, bArr.length);
        bArr2[(i2 - bArr.length) - 1] = 1;
        a(bArr2, 0, length, length2, bArr2, length);
        a(bArr2, length, length2, length, bArr2, 0);
        byte[] rawCrypt = rawCrypt(bArr2);
        if (rawCrypt.length < a) {
            byte[] bArr3 = new byte[a];
            System.arraycopy(rawCrypt, 0, bArr3, a - rawCrypt.length, rawCrypt.length);
            CriticalObject.destroy(rawCrypt);
            rawCrypt = bArr3;
        }
        return rawCrypt;
    }

    private byte[] e(byte[] bArr) throws BadPaddingException {
        if (bArr.length != a()) {
            throw new BadPaddingException("Invalid OAEP: encrypted message and modulus lengths do not match!");
        }
        byte[] rawCrypt = rawCrypt(bArr);
        int length = rawCrypt.length;
        byte[] b = b();
        int length2 = b.length;
        if (length < (2 * length2) + 1) {
            throw new BadPaddingException("Invalid OAEP: decrypted message too short");
        }
        int i2 = length - length2;
        a(rawCrypt, length2, i2, length2, rawCrypt, 0);
        a(rawCrypt, 0, length2, i2, rawCrypt, length2);
        int i3 = 0;
        while (i3 < length2) {
            if (rawCrypt[length2 + i3] != b[i3]) {
                throw new BadPaddingException("Invalid OAEP: parameter hashes do not match!");
            }
            i3++;
        }
        while (i3 < i2 && rawCrypt[length2 + i3] == 0) {
            i3++;
        }
        if (i3 != i2) {
            int i4 = i3;
            int i5 = i3 + 1;
            if (rawCrypt[length2 + i4] == 1) {
                int i6 = i2 - i5;
                byte[] bArr2 = new byte[i6];
                System.arraycopy(rawCrypt, length2 + i5, bArr2, 0, i6);
                return bArr2;
            }
        }
        throw new BadPaddingException("Invalid OAEP: invalid padding string!");
    }

    private static byte[] d(byte[] bArr) {
        int i2 = 0;
        do {
            int i3 = i2;
            i2++;
            byte b = (byte) (bArr[i3] + 1);
            bArr[i3] = b;
            if (b != 0) {
                break;
            }
        } while (i2 < bArr.length);
        return bArr;
    }

    private MessageDigest c() {
        if (this.n == null) {
            try {
                this.n = MessageDigest.getInstance("SHA1", "IAIK");
            } catch (Exception e) {
                throw new RuntimeException(new StringBuffer("MessageDigest SHA not available: ").append(e.toString()).toString());
            }
        }
        return this.n;
    }

    protected AlgorithmParameters getParameters() {
        throw new RuntimeException("Method not supported.");
    }

    private int a() {
        return ((this.pubKey != null ? this.pubKey.getModulus() : this.privKey.getModulus()).bitLength() + 7) / 8;
    }

    private byte[] b() {
        if (this.o == null) {
            this.o = c().digest();
        }
        return this.o;
    }

    private static int a(int i2) {
        if (i2 == 3) {
            return 1;
        }
        if (i2 == 4) {
            return 2;
        }
        return i2;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineWrap(Key key) throws InvalidKeyException, IllegalBlockSizeException {
        byte[] encoded = key.getEncoded();
        if (encoded == null || encoded.length == 0) {
            throw new InvalidKeyException("Could not encode key for wrapping!");
        }
        try {
            return engineDoFinal(encoded, 0, encoded.length);
        } catch (BadPaddingException e) {
            throw new InvalidKeyException(new StringBuffer("Could not wrap key: ").append(e.toString()).toString());
        }
    }

    @Override // javax.crypto.CipherSpi
    protected int engineUpdate(byte[] bArr, int i2, int i3, byte[] bArr2, int i4) {
        throw new RuntimeException("Method not supported.");
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineUpdate(byte[] bArr, int i2, int i3) {
        throw new RuntimeException("Method not supported.");
    }

    @Override // javax.crypto.CipherSpi
    protected Key engineUnwrap(byte[] bArr, String str, int i2) throws NoSuchAlgorithmException, InvalidKeyException {
        try {
            return Util.decodeKey(i2, str, engineDoFinal(bArr, 0, bArr.length));
        } catch (BadPaddingException e) {
            throw new InvalidKeyException(new StringBuffer("Could not unwrap key: ").append(e.toString()).toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineSetPadding(String str) throws NoSuchPaddingException {
        if (str.equalsIgnoreCase(k)) {
            this.d = 2;
            return;
        }
        if (str.equalsIgnoreCase(l)) {
            this.d = 1;
        } else if (str.equalsIgnoreCase(j)) {
            this.d = 3;
        } else {
            if (!str.toUpperCase().startsWith(p)) {
                throw new NoSuchPaddingException(new StringBuffer("Unknown padding: ").append(str).toString());
            }
            this.d = 4;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineSetMode(String str) throws NoSuchAlgorithmException {
        if (str.equals("ECB")) {
            this.f = -1;
            return;
        }
        try {
            int parseInt = Integer.parseInt(str);
            if (parseInt != 0 && parseInt != 1 && parseInt != 2) {
                throw new NoSuchAlgorithmException("Block type must be 0, 1 or 2.");
            }
            this.f = parseInt;
        } catch (NumberFormatException unused) {
            throw new NoSuchAlgorithmException("Bad block type for PKCS1Padding");
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i2, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException {
        engineInit(i2, key, secureRandom);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public void engineInit(int i2, Key key, SecureRandom secureRandom) throws InvalidKeyException {
        int a = a(i2);
        this.e = a;
        this.a = secureRandom;
        this.pubKey = null;
        this.privKey = null;
        if (key == null) {
            throw new NullPointerException("Key is null!");
        }
        try {
            this.pubKey = Util.getRSAPublicKey(key);
        } catch (InvalidKeyException unused) {
            try {
                this.privKey = Util.getRSAPrivateKey(key);
            } catch (InvalidKeyException unused2) {
                throw new InvalidKeyException(new StringBuffer("Class does not represent an RSA key: ").append(key.getClass().getName()).toString());
            }
        } catch (Exception e) {
            if (!(e instanceof InvalidKeyException)) {
                throw new InvalidKeyException(new StringBuffer("Unable to init RSA key: ").append(e.toString()).toString());
            }
            throw ((InvalidKeyException) e);
        }
        if (this.d == 2 && this.f != -1) {
            if (a == 1) {
                if (this.f == 2) {
                    if (this.privKey != null) {
                        throw new InvalidKeyException("Must use public key for encryption with block type 2!");
                    }
                } else if (this.pubKey != null) {
                    throw new InvalidKeyException("Must use private key for encryption with block type 0 and 1!");
                }
            } else if (this.f == 2) {
                if (this.pubKey != null) {
                    throw new InvalidKeyException("Must use private key for decryption with block type 2!");
                }
            } else if (this.privKey != null) {
                throw new InvalidKeyException("Must use public key for decryption with block type 0 and 1!");
            }
        }
        if (this.d == 2) {
            if (a() < 41) {
                throw new InvalidKeyException("PKCS#1 requires a modulus of at least 328 bits!");
            }
        } else if (this.d == 4) {
            if (a() < 42) {
                throw new InvalidKeyException("OAEP requires a modulus of at least 336 bits!");
            }
            if (a == 1) {
                if (this.pubKey == null) {
                    throw new InvalidKeyException("OAEP cannot be used to generate signatures");
                }
            } else if (this.privKey == null) {
                throw new InvalidKeyException("OAEP cannot be used to verify signatures");
            }
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i2, Key key, AlgorithmParameters algorithmParameters, SecureRandom secureRandom) throws InvalidKeyException {
        engineInit(i2, key, secureRandom);
    }

    @Override // javax.crypto.CipherSpi
    protected AlgorithmParameters engineGetParameters() {
        return null;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetOutputSize(int i2) {
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetKeySize(Key key) throws InvalidKeyException {
        try {
            return Util.getRSAPublicKey(key).getModulus().bitLength();
        } catch (InvalidKeyException unused) {
            try {
                return Util.getRSAPrivateKey(key).getModulus().bitLength();
            } catch (InvalidKeyException unused2) {
                throw new InvalidKeyException("Not an RSA key!");
            }
        }
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineGetIV() {
        throw new RuntimeException("Method not supported.");
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetBlockSize() {
        throw new RuntimeException("Method not supported.");
    }

    @Override // javax.crypto.CipherSpi
    protected int engineDoFinal(byte[] bArr, int i2, int i3, byte[] bArr2, int i4) throws BadPaddingException, ShortBufferException {
        byte[] engineDoFinal = engineDoFinal(bArr, i2, i3);
        try {
            System.arraycopy(engineDoFinal, 0, bArr2, i4, engineDoFinal.length);
            CriticalObject.destroy(engineDoFinal);
            return engineDoFinal.length;
        } catch (Exception unused) {
            throw new ShortBufferException("Buffer to short to hold result.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.crypto.CipherSpi
    public byte[] engineDoFinal(byte[] bArr, int i2, int i3) throws BadPaddingException {
        byte[] bArr2;
        if (i2 == 0 && i3 == bArr.length) {
            bArr2 = bArr;
        } else {
            bArr2 = new byte[i3];
            System.arraycopy(bArr, i2, bArr2, 0, i3);
        }
        switch (this.d) {
            case 1:
                return rawCrypt(bArr2);
            case 4:
                return this.e == 1 ? f(bArr2) : e(bArr2);
            default:
                return this.e == 1 ? b(bArr2) : a(bArr2);
        }
    }

    private void a(byte[] bArr, int i2, int i3, int i4, byte[] bArr2, int i5) {
        MessageDigest c = c();
        if (this.r == null) {
            this.r = new byte[4];
        } else {
            this.r[0] = 0;
            this.r[1] = 0;
            this.r[2] = 0;
            this.r[3] = 0;
        }
        int i6 = 0;
        while (i6 < i4) {
            c.update(bArr, i2, i3);
            c.update(this.r);
            byte[] digest = c.digest();
            CryptoUtils.increment(this.r);
            int i7 = 0;
            while (i7 < digest.length && i6 < i4) {
                int i8 = i5;
                i5++;
                int i9 = i7;
                i7++;
                bArr2[i8] = (byte) (bArr2[i8] ^ digest[i9]);
                i6++;
            }
        }
    }
}
