package de.governikus.jce.provider.safe;

import de.bos_bremen.ci.Hex;
import de.bos_bremen.gov2.jca_provider.OCFPrivateKey;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherSpi;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:de/governikus/jce/provider/safe/DSPCipher.class */
public class DSPCipher extends CipherSpi {
    private String mode;
    private String padding;
    private Key key;
    private Cipher delegate;
    private static final Log LOG = LogFactory.getLog(DSPCipher.class);
    private static final byte[] NULLEN = {0, 0, 0};

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, SecureRandom secureRandom) throws InvalidKeyException {
        LOG.debug("mode=" + mode2String(i) + ", key=" + key.getClass().getName());
        this.key = key;
        this.delegate = createDelegate();
        this.delegate.init(i, key, secureRandom);
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        LOG.debug("mode=" + mode2String(i) + ", key=" + key.getClass().getName() + ", param=" + algorithmParameterSpec);
        this.key = key;
        this.delegate = createDelegate();
        this.delegate.init(i, key, algorithmParameterSpec, secureRandom);
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, AlgorithmParameters algorithmParameters, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        LOG.debug("mode=" + mode2String(i) + ", key=" + key.getClass().getName() + ", param=" + algorithmParameters);
        this.key = key;
        this.delegate = createDelegate();
        this.delegate.init(i, key, algorithmParameters, secureRandom);
    }

    private Cipher createDelegate() throws InvalidKeyException {
        try {
            return Cipher.getInstance("RSA/" + this.mode + "/" + this.padding, this.key instanceof OCFPrivateKey ? "OCF" : "BC");
        } catch (NoSuchAlgorithmException e) {
            LOG.error("", e);
            throw new InvalidKeyException(e);
        } catch (NoSuchProviderException e2) {
            LOG.error("", e2);
            throw new InvalidKeyException(e2);
        } catch (NoSuchPaddingException e3) {
            LOG.error("", e3);
            throw new InvalidKeyException(e3);
        }
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineUpdate(byte[] bArr, int i, int i2) {
        LOG.debug("");
        return this.delegate.update(bArr, i, i2);
    }

    @Override // javax.crypto.CipherSpi
    protected int engineUpdate(byte[] bArr, int i, int i2, byte[] bArr2, int i3) throws ShortBufferException {
        LOG.debug("");
        return this.delegate.update(bArr, i, i2, bArr2, i3);
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineDoFinal(byte[] bArr, int i, int i2) throws IllegalBlockSizeException, BadPaddingException {
        LOG.debug("");
        return this.delegate.doFinal(bArr, i, i2);
    }

    @Override // javax.crypto.CipherSpi
    protected int engineDoFinal(byte[] bArr, int i, int i2, byte[] bArr2, int i3) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException {
        LOG.debug("");
        return this.delegate.doFinal(bArr, i, i2, bArr2, i3);
    }

    @Override // javax.crypto.CipherSpi
    protected Key engineUnwrap(byte[] bArr, String str, int i) throws InvalidKeyException, NoSuchAlgorithmException {
        LOG.debug("alg=" + str + ", type=" + keyType2String(i));
        LOG.debug("wrappedKey: " + Hex.hexify(bArr, false, true));
        try {
            this.delegate.init(2, this.key);
            byte[] doFinal = this.delegate.doFinal(bArr);
            LOG.debug("unwrappedKey: " + Hex.hexify(doFinal, false, true));
            byte[] unpaddingOAEP = doFinal.length < 256 ? doFinal : unpaddingOAEP(doFinal);
            LOG.debug("unpaddedKey: " + Hex.hexify(unpaddingOAEP, false, true));
            return new SecretKeySpec(unpaddingOAEP, str);
        } catch (Exception e) {
            LOG.error("", e);
            return null;
        }
    }

    private static final byte[] unpaddingOAEP(byte[] bArr) throws Exception {
        byte[] bArr2 = new byte[bArr.length - 21];
        byte[] bArr3 = new byte[20];
        System.arraycopy(bArr, 21, bArr2, 0, bArr.length - 21);
        byte[] mgf = mgf(bArr2, 20);
        for (int i = 0; i < 20; i++) {
            bArr3[i] = (byte) (mgf[i] ^ bArr[i + 1]);
        }
        byte[] mgf2 = mgf(bArr3, bArr2.length);
        for (int i2 = 0; i2 < bArr2.length; i2++) {
            bArr2[i2] = (byte) (mgf2[i2] ^ bArr2[i2]);
        }
        int i3 = 20;
        while (i3 < bArr2.length) {
            if (bArr2[i3] != 0 && bArr2[i3] != 1) {
                throw new Exception("Incorrect OAEP padding!");
            }
            if (bArr2[i3] == 1) {
                break;
            }
            i3++;
        }
        if (i3 == bArr2.length - 1 && bArr[i3] != 1) {
            throw new Exception("Incorrect OAEP padding!");
        }
        if (bArr2.length - (i3 + 1) < 0) {
            LOG.debug("debugger stop");
        }
        byte[] bArr4 = new byte[bArr2.length - (i3 + 1)];
        System.arraycopy(bArr2, i3 + 1, bArr4, 0, bArr4.length);
        return bArr4;
    }

    private static final byte[] mgf(byte[] bArr, int i) throws Exception {
        int i2 = i / 20;
        byte b = 0;
        byte[] bArr2 = new byte[i];
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
        for (int i3 = 0; i3 < i2; i3++) {
            messageDigest.update(bArr);
            messageDigest.update(NULLEN);
            messageDigest.update(b);
            System.arraycopy(messageDigest.digest(), 0, bArr2, i3 * 20, 20);
            b = (byte) (b + 1);
        }
        messageDigest.update(bArr);
        messageDigest.update(NULLEN);
        messageDigest.update(b);
        if (i - (i2 * 20) > 0) {
            System.arraycopy(messageDigest.digest(), 0, bArr2, i2 * 20, i - (i2 * 20));
        }
        return bArr2;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException {
        LOG.debug("key=" + key.getClass().getName());
        return this.delegate.wrap(key);
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetBlockSize() {
        LOG.debug(" (" + this.delegate.getBlockSize() + ")");
        return this.delegate.getBlockSize();
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineGetIV() {
        LOG.debug(" (" + Hex.hexify(this.delegate.getIV()) + ")");
        return this.delegate.getIV();
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetOutputSize(int i) {
        LOG.debug(" (" + this.delegate.getOutputSize(i) + ")");
        return this.delegate.getOutputSize(i);
    }

    @Override // javax.crypto.CipherSpi
    protected AlgorithmParameters engineGetParameters() {
        LOG.debug(" (" + this.delegate.getParameters() + ")");
        return this.delegate.getParameters();
    }

    @Override // javax.crypto.CipherSpi
    protected void engineSetMode(String str) throws NoSuchAlgorithmException {
        LOG.debug("mode=" + str);
        this.mode = str;
    }

    @Override // javax.crypto.CipherSpi
    protected void engineSetPadding(String str) throws NoSuchPaddingException {
        LOG.debug("padding=" + str);
        this.padding = str;
    }

    private static String mode2String(int i) {
        switch (i) {
            case 1:
                return "ENCRYPT_MODE";
            case 2:
                return "DECRYPT_MODE";
            case 3:
                return "WRAP_MODE";
            case 4:
                return "UNWRAP_MODE";
            default:
                return Integer.toString(i);
        }
    }

    private static String keyType2String(int i) {
        switch (i) {
            case 1:
                return "PUBLIC_KEY";
            case 2:
                return "PRIVATE_KEY";
            case 3:
                return "SECRET_KEY";
            default:
                return Integer.toString(i);
        }
    }
}
