package iaik.cms;

import iaik.DebugCMS;
import iaik.asn1.ASN;
import iaik.asn1.ASN1Object;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.structures.AlgorithmID;
import iaik.utils.CryptoUtils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Locale;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:iaik/cms/SecurityProvider.class */
public class SecurityProvider {
    protected SecureRandom random_;
    protected String providerName_;
    private static SecurityProvider a;
    private static final boolean b = true;
    public static final String ALG_CIPHER_RSA_DECRYPT = "RSA/ECB/PKCS1Padding/Decrypt";
    public static final String ALG_CIPHER_RSA_ENCRYPT = "RSA/ECB/PKCS1Padding/Encrypt";
    public static final String ALG_CIPHER_RSA_VERIFY = "RSA/ECB/PKCS1Padding/Verify";
    public static final String ALG_CIPHER_RSA_SIGN = "RSA/ECB/PKCS1Padding/Sign";
    public static final String ALG_CIPHER_RSA = "RSA/ECB/PKCS1Padding";
    public static final String ALG_KEYEX_SSDH = "SSDH";
    public static final String ALG_KEYEX_ESDH = "ESDH";
    public static final String ALG_KEYEX_DH = "DH";
    public static final String ALG_SIGNATURE_RAWRSAPSS = "RawRSASSA-PSS";
    public static final String ALG_SIGNATURE_RAWECDSA_PLAIN = "RawECDSAPlain";
    public static final String ALG_SIGNATURE_RAWECDSA = "RawECDSA";
    public static final String ALG_SIGNATURE_RAWDSA = "RawDSA";
    public static final String ALG_SIGNATURE_SHADSA = "SHA1withDSA";
    public static final String ALG_HMAC_SHA = "HmacSHA1";
    public static final String ALG_HMAC_MD5 = "HmacMD5";
    public static final String ALG_DIGEST_SHA = "SHA";
    public static final String ALG_DIGEST_MD5 = "MD5";
    public static final String IMPLEMENTATION_NAME_PWRI_KEK = "PWRI-KEK";
    public static final String IMPLEMENTATION_NAME_PBKDF2 = "PBKDF2";
    public static final String IMPLEMENTATION_NAME_RSA_OAEP = "RSAES-OAEP";
    public static final String IMPLEMENTATION_NAME_RSA = "RSA";
    public static final String IMPLEMENTATION_NAME_RSA_PSS = "RSASSA-PSS";
    public static final String IMPLEMENTATION_NAME_ECDSA_PLAIN = "ECDSAPlain";
    public static final String IMPLEMENTATION_NAME_ECDSA = "ECDSA";
    public static final String IMPLEMENTATION_NAME_DSA = "SHA-1/DSA";
    public static final int DECOMPRESS = 1;
    public static final int COMPRESS = 0;
    public static final int CIPHER_UNWRAP = 4;
    public static final int CIPHER_WRAP = 3;
    public static final int CIPHER_DECRYPT = 2;
    public static final int CIPHER_ENCRYPT = 1;
    public static final int CIPHER_NONE = 0;
    public static final int SIGNATURE_VERIFY = 2;
    public static final int SIGNATURE_SIGN = 1;
    public static final int SIGNATURE_NONE = 0;
    private static boolean c;

    public byte[] wrapKey(SecretKey secretKey, AlgorithmID algorithmID, Key key, AlgorithmParameters algorithmParameters) throws BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        return getCipher(algorithmID, 3, key, algorithmParameters).wrap(secretKey);
    }

    public boolean verifySignatureFromSignedAttributes(AlgorithmID algorithmID, AlgorithmID algorithmID2, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
        String implementationName = algorithmID.getImplementationName();
        if (implementationName == IMPLEMENTATION_NAME_RSA || implementationName.endsWith("/RSA")) {
            return verifySignatureFromHash(algorithmID, algorithmID2, publicKey, getHash(algorithmID2, bArr), bArr2);
        }
        Signature signature = getSignature(algorithmID, 2, publicKey);
        try {
            AlgorithmParameterSpec algorithmParameterSpec = getAlgorithmParameterSpec(algorithmID);
            if (algorithmParameterSpec != null) {
                signature.setParameter("", algorithmParameterSpec);
            }
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (InvalidParameterSpecException e) {
            throw new NoSuchAlgorithmException(new StringBuffer("Error getting parameters from algorithm ID: ").append(e.toString()).toString());
        }
    }

    public boolean verifySignatureFromHash(AlgorithmID algorithmID, AlgorithmID algorithmID2, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
        boolean equalsBlock;
        String implementationName = algorithmID.getImplementationName();
        if (implementationName == IMPLEMENTATION_NAME_RSA || implementationName.endsWith("/RSA")) {
            try {
                byte[] doFinal = getCipher(ALG_CIPHER_RSA_VERIFY, 2, publicKey, (AlgorithmParameters) null).doFinal(bArr2);
                if (algorithmID2.getParameter() == null) {
                    algorithmID2.encodeAbsentParametersAsNull(false);
                }
                equalsBlock = CryptoUtils.equalsBlock(new DigestInfo(algorithmID2, bArr).toByteArray(), doFinal);
            } catch (Exception e) {
                throw new SignatureException(new StringBuffer("Cannot verify RSA signature: ").append(e.toString()).toString());
            }
        } else if (implementationName.equals(IMPLEMENTATION_NAME_RSA_PSS)) {
            Signature signature = getSignature(ALG_SIGNATURE_RAWRSAPSS, 2, publicKey);
            try {
                AlgorithmParameterSpec algorithmParameterSpec = getAlgorithmParameterSpec(algorithmID);
                if (algorithmParameterSpec != null) {
                    signature.setParameter("", algorithmParameterSpec);
                }
                signature.update(bArr);
                equalsBlock = signature.verify(bArr2);
            } catch (InvalidParameterSpecException e2) {
                throw new NoSuchAlgorithmException(new StringBuffer("Error getting PSS parameters from algorithm ID: ").append(e2.toString()).toString());
            }
        } else if (implementationName.equals(IMPLEMENTATION_NAME_DSA) || implementationName.equals("SHA/DSA") || implementationName.equals("DSA")) {
            Signature signature2 = getSignature(ALG_SIGNATURE_RAWDSA, 2, publicKey);
            signature2.update(bArr);
            equalsBlock = signature2.verify(bArr2);
        } else {
            if (implementationName.indexOf(IMPLEMENTATION_NAME_ECDSA) == -1) {
                throw new NoSuchAlgorithmException(new StringBuffer("Algorithm ").append(algorithmID.getAlgorithm().getName()).append(" not supported!").toString());
            }
            Signature signature3 = implementationName.indexOf(IMPLEMENTATION_NAME_ECDSA_PLAIN) == -1 ? getSignature(ALG_SIGNATURE_RAWECDSA, 2, publicKey) : getSignature(ALG_SIGNATURE_RAWECDSA_PLAIN, 2, publicKey);
            signature3.update(bArr);
            equalsBlock = signature3.verify(bArr2);
        }
        return equalsBlock;
    }

    public SecretKey unwrapKey(byte[] bArr, AlgorithmID algorithmID, Key key, AlgorithmParameters algorithmParameters, String str) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        return (SecretKey) getCipher(algorithmID, 4, key, algorithmParameters).unwrap(bArr, str, 3);
    }

    public static void setSecurityProvider(SecurityProvider securityProvider) {
        a = securityProvider;
    }

    public void setSecureRandom(SecureRandom secureRandom) {
        this.random_ = secureRandom;
    }

    public Signature getSignature(String str, int i, Key key) throws NoSuchAlgorithmException, InvalidKeyException {
        Signature signature = null;
        if (this.providerName_ != null) {
            try {
                signature = Signature.getInstance(str, this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (signature == null) {
            signature = Signature.getInstance(str);
        }
        if (i == 1) {
            signature.initSign((PrivateKey) key);
        } else if (i == 2) {
            signature.initVerify((PublicKey) key);
        }
        return signature;
    }

    public Signature getSignature(AlgorithmID algorithmID, int i, Key key) throws NoSuchAlgorithmException, InvalidKeyException {
        Signature signature = null;
        if (this.providerName_ != null) {
            try {
                signature = algorithmID.getSignatureInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (signature == null) {
            signature = algorithmID.getSignatureInstance();
        }
        if (i == 1) {
            signature.initSign((PrivateKey) key);
        } else if (i == 2) {
            signature.initVerify((PublicKey) key);
        }
        return signature;
    }

    public static SecurityProvider getSecurityProvider() {
        if (a == null) {
            try {
                a = (SecurityProvider) Class.forName("iaik.cms.IaikProvider").newInstance();
            } catch (Throwable unused) {
            }
            if (a == null) {
                a = new SecurityProvider();
            }
        }
        return a;
    }

    public SecureRandom getSecureRandom() {
        SecureRandom secureRandom = this.random_;
        if (secureRandom == null) {
            secureRandom = new SecureRandom();
        }
        return secureRandom;
    }

    public SecretKeyFactory getSecretKeyFactory(AlgorithmID algorithmID) throws NoSuchAlgorithmException {
        if (this.providerName_ != null) {
            try {
                return algorithmID.getSecretKeyFactoryInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        return algorithmID.getSecretKeyFactoryInstance();
    }

    public String getProviderName() {
        return this.providerName_;
    }

    public Key getPBEKey(char[] cArr, AlgorithmID algorithmID) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return getSecretKeyFactory(algorithmID).generateSecret(new PBEKeySpec(cArr));
    }

    public OutputStreamMacEngine getOutputStreamMacEngine(AlgorithmID algorithmID, Key key, AlgorithmParameterSpec algorithmParameterSpec, OutputStream outputStream) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, InvalidKeyException {
        if (key == null) {
            throw new NullPointerException("Mac key must not be null!");
        }
        return new u(outputStream, getMac(algorithmID, key, algorithmParameterSpec));
    }

    public OutputStreamHashEngine getOutputStreamHashEngine(AlgorithmID algorithmID, OutputStream outputStream) throws NoSuchAlgorithmException {
        return new h(outputStream, getMessageDigest(algorithmID));
    }

    public OutputStreamCompressEngine getOutputStreamCompressEngine(AlgorithmID algorithmID, OutputStream outputStream, int i) throws NoSuchAlgorithmException {
        if (algorithmID.equals(CMSAlgorithmID.zlib_compress)) {
            return new w(outputStream, i);
        }
        throw new NoSuchAlgorithmException(new StringBuffer("Algorithm ").append(algorithmID.getAlgorithm().getName()).append(" not available!").toString());
    }

    public PublicKey getOriginatorPublicKey(ASN1Object aSN1Object) throws CMSException {
        AlgorithmID algorithmID = null;
        try {
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(DerCoder.encode(aSN1Object));
            algorithmID = new AlgorithmID(aSN1Object.getComponentAt(0));
            return getKeyFactory(algorithmID).generatePublic(x509EncodedKeySpec);
        } catch (CodingException unused) {
            throw new CMSException(new StringBuffer("No KeyFactory for ").append(algorithmID.getAlgorithm().getName()).toString());
        } catch (NoSuchAlgorithmException unused2) {
            throw new CMSException(new StringBuffer("No KeyFactory for ").append(algorithmID.getAlgorithm().getName()).toString());
        } catch (InvalidKeySpecException e) {
            throw new CMSException(new StringBuffer("Invalid key encoding: ").append(e.getMessage()).toString());
        }
    }

    public AlgorithmID[] getMicAlgs(String str) {
        Vector vector = new Vector();
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
            while (stringTokenizer.hasMoreTokens()) {
                AlgorithmID a2 = a(stringTokenizer.nextToken().trim());
                if (a2 != null) {
                    vector.addElement(a2);
                }
            }
        }
        AlgorithmID[] algorithmIDArr = new AlgorithmID[vector.size()];
        vector.copyInto(algorithmIDArr);
        return algorithmIDArr;
    }

    private static AlgorithmID a(String str) {
        AlgorithmID algorithmID = null;
        if (str != null) {
            if (str.equalsIgnoreCase(ALG_DIGEST_SHA) || str.equalsIgnoreCase("SHA-1") || str.equalsIgnoreCase("SHA1") || str.equalsIgnoreCase("RSA-SHA1")) {
                algorithmID = (AlgorithmID) AlgorithmID.sha1.clone();
            } else if (str.equalsIgnoreCase(ALG_DIGEST_MD5) || str.equalsIgnoreCase("RSA-MD5")) {
                algorithmID = (AlgorithmID) AlgorithmID.md5.clone();
            } else {
                algorithmID = AlgorithmID.getAlgorithmID(str.toUpperCase(Locale.US));
                if (algorithmID != null) {
                    algorithmID = (AlgorithmID) algorithmID.clone();
                }
            }
        }
        return algorithmID;
    }

    public MessageDigest getMessageDigest(String str) throws NoSuchAlgorithmException {
        if (this.providerName_ != null) {
            try {
                return MessageDigest.getInstance(str, this.providerName_);
            } catch (Exception unused) {
            }
        }
        return MessageDigest.getInstance(str);
    }

    public MessageDigest getMessageDigest(AlgorithmID algorithmID) throws NoSuchAlgorithmException {
        if (this.providerName_ != null) {
            try {
                return algorithmID.getMessageDigestInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        return algorithmID.getMessageDigestInstance();
    }

    public Mac getMac(String str, Key key, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = null;
        if (this.providerName_ != null) {
            try {
                mac = Mac.getInstance(str, this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (mac == null) {
            mac = Mac.getInstance(str);
        }
        if (key != null) {
            if (algorithmParameterSpec == null) {
                mac.init(key);
            } else {
                mac.init(key, algorithmParameterSpec);
            }
        }
        return mac;
    }

    public Mac getMac(AlgorithmID algorithmID, Key key, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = null;
        if (this.providerName_ != null) {
            try {
                mac = algorithmID.getMacInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (mac == null) {
            mac = algorithmID.getMacInstance();
        }
        if (key != null) {
            if (algorithmParameterSpec == null) {
                mac.init(key);
            } else {
                mac.init(key, algorithmParameterSpec);
            }
        }
        return mac;
    }

    public KeyPairGenerator getKeyPairGenerator(AlgorithmID algorithmID) throws NoSuchAlgorithmException {
        if (this.providerName_ != null) {
            try {
                return algorithmID.getKeyPairGeneratorInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        return algorithmID.getKeyPairGeneratorInstance();
    }

    public int getKeyLength(PublicKey publicKey) {
        if (publicKey instanceof RSAPublicKey) {
            return ((RSAPublicKey) publicKey).getModulus().bitLength();
        }
        if (publicKey instanceof DHPublicKey) {
            return ((DHPublicKey) publicKey).getParams().getP().bitLength();
        }
        if (publicKey instanceof DSAPublicKey) {
            return ((DSAPublicKey) publicKey).getParams().getP().bitLength();
        }
        throw new IllegalArgumentException(new StringBuffer("Unsupported public key type: ").append(publicKey.getAlgorithm()).toString());
    }

    public int getKeyLength(PrivateKey privateKey) {
        if (privateKey instanceof RSAPrivateKey) {
            return ((RSAPrivateKey) privateKey).getModulus().bitLength();
        }
        if (privateKey instanceof DHPrivateKey) {
            return ((DHPrivateKey) privateKey).getParams().getP().bitLength();
        }
        if (privateKey instanceof DSAPrivateKey) {
            return ((DSAPrivateKey) privateKey).getParams().getP().bitLength();
        }
        throw new IllegalArgumentException(new StringBuffer("Unsupported private key type: ").append(privateKey.getAlgorithm()).toString());
    }

    public KeyGenerator getKeyGenerator(AlgorithmID algorithmID, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
        KeyGenerator keyGenerator = null;
        if (this.providerName_ != null) {
            try {
                keyGenerator = algorithmID.getKeyGeneratorInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (keyGenerator == null) {
            keyGenerator = algorithmID.getKeyGeneratorInstance();
        }
        keyGenerator.init(algorithmParameterSpec, getSecureRandom());
        return keyGenerator;
    }

    public KeyGenerator getKeyGenerator(AlgorithmID algorithmID, int i) throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = null;
        if (this.providerName_ != null) {
            try {
                keyGenerator = algorithmID.getKeyGeneratorInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (keyGenerator == null) {
            keyGenerator = algorithmID.getKeyGeneratorInstance();
        }
        if (i == -1) {
            if (algorithmID.equals(AlgorithmID.aes256_CBC)) {
                i = 256;
            } else if (algorithmID.equals(AlgorithmID.aes192_CBC)) {
                i = 192;
            } else if (algorithmID.equals(AlgorithmID.aes128_CBC)) {
                i = 128;
            }
        }
        if (i == -1) {
            keyGenerator.init(getSecureRandom());
        } else {
            keyGenerator.init(i, getSecureRandom());
        }
        return keyGenerator;
    }

    public KeyFactory getKeyFactory(AlgorithmID algorithmID) throws NoSuchAlgorithmException {
        if (this.providerName_ != null) {
            try {
                return algorithmID.getKeyFactoryInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        return algorithmID.getKeyFactoryInstance();
    }

    public KeyAgreement getKeyAgreement(AlgorithmID algorithmID, Key key, AlgorithmParameterSpec algorithmParameterSpec) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException {
        KeyAgreement keyAgreement = null;
        if (this.providerName_ != null) {
            try {
                keyAgreement = algorithmID.getKeyAgreementInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (keyAgreement == null) {
            keyAgreement = algorithmID.getKeyAgreementInstance();
        }
        keyAgreement.init(key, algorithmParameterSpec, getSecureRandom());
        return keyAgreement;
    }

    public InputStreamMacEngine getInputStreamMacEngine(AlgorithmID algorithmID, Key key, AlgorithmParameterSpec algorithmParameterSpec, InputStream inputStream) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, InvalidKeyException {
        if (key == null) {
            throw new NullPointerException("Mac key must not be null!");
        }
        return new o(inputStream, getMac(algorithmID, key, algorithmParameterSpec));
    }

    public InputStreamHashEngine getInputStreamHashEngine(AlgorithmID algorithmID, InputStream inputStream) throws NoSuchAlgorithmException {
        return new i(inputStream, getMessageDigest(algorithmID));
    }

    public InputStreamCompressEngine getInputStreamCompressEngine(AlgorithmID algorithmID, InputStream inputStream, int i, int i2) throws NoSuchAlgorithmException {
        if (algorithmID.equals(CMSAlgorithmID.zlib_compress)) {
            return new r(inputStream, i, i2);
        }
        throw new NoSuchAlgorithmException(new StringBuffer("Algorithm ").append(algorithmID.getAlgorithm().getName()).append(" not available!").toString());
    }

    public InputStreamCipherEngine getInputStreamCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        j jVar = new j();
        jVar.initCipher(algorithmID, i, key, algorithmParameterSpec);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = jVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return jVar;
    }

    public InputStreamCipherEngine getInputStreamCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameters algorithmParameters) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        j jVar = new j();
        jVar.initCipher(algorithmID, i, key, algorithmParameters);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = jVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return jVar;
    }

    public InputStreamAuthCipherEngine getInputStreamAuthCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, byte[] bArr) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        cb cbVar = new cb();
        cbVar.setAdditionalAuthData(bArr);
        cbVar.initCipher(algorithmID, i, key, algorithmParameterSpec);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = cbVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return cbVar;
    }

    public InputStreamAuthCipherEngine getInputStreamAuthCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameters algorithmParameters, byte[] bArr) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        cb cbVar = new cb();
        cbVar.setAdditionalAuthData(bArr);
        cbVar.initCipher(algorithmID, i, key, algorithmParameters);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = cbVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return cbVar;
    }

    public byte[] getHash(AlgorithmID algorithmID, byte[] bArr) throws NoSuchAlgorithmException {
        return getMessageDigest(algorithmID).digest(bArr);
    }

    Cipher a(String str, String str2) throws NoSuchAlgorithmException {
        Cipher cipher = null;
        if (this.providerName_ != null) {
            try {
                cipher = Cipher.getInstance(str, this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (cipher == null) {
            try {
                cipher = Cipher.getInstance(str);
            } catch (NoSuchPaddingException e) {
                throw new NoSuchAlgorithmException(e.toString());
            }
        }
        return cipher;
    }

    public Cipher getCipher(String str, int i, Key key, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        if (str.startsWith(ALG_CIPHER_RSA)) {
            str = ALG_CIPHER_RSA;
        }
        Cipher a2 = a(str, this.providerName_);
        if (i != 0) {
            int convertCipherMode = convertCipherMode(i);
            if (algorithmParameterSpec == null) {
                a2.init(convertCipherMode, key, getSecureRandom());
            } else {
                a2.init(convertCipherMode, key, algorithmParameterSpec, getSecureRandom());
            }
        }
        return a2;
    }

    public Cipher getCipher(String str, int i, Key key, AlgorithmParameters algorithmParameters) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        if (str.startsWith(ALG_CIPHER_RSA)) {
            str = ALG_CIPHER_RSA;
        }
        Cipher a2 = a(str, this.providerName_);
        if (i != 0) {
            int convertCipherMode = convertCipherMode(i);
            if (algorithmParameters == null) {
                a2.init(convertCipherMode, key, getSecureRandom());
            } else {
                a2.init(convertCipherMode, key, algorithmParameters, getSecureRandom());
            }
        }
        return a2;
    }

    public Cipher getCipher(AlgorithmID algorithmID, int i, Key key, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        ASN1Object parameter;
        byte[] iv;
        int convertCipherMode = convertCipherMode(i);
        Cipher cipher = null;
        if (this.providerName_ != null) {
            try {
                cipher = algorithmID.getCipherInstance(this.providerName_);
            } catch (Exception unused) {
            }
        }
        if (cipher == null) {
            cipher = algorithmID.getCipherInstance();
        }
        if (i != 0) {
            if (algorithmParameterSpec == null) {
                try {
                    algorithmParameterSpec = getAlgorithmParameterSpec(algorithmID);
                } catch (InvalidParameterSpecException e) {
                    throw new InvalidAlgorithmParameterException(new StringBuffer("Error getting parameters from AlgorithmID: ").append(e.getMessage()).toString());
                }
            }
            if ((i == 2 || i == 4) && algorithmParameterSpec == null && (parameter = algorithmID.getParameter()) != null) {
                if (parameter.isA(ASN.OCTET_STRING)) {
                    algorithmParameterSpec = new IvParameterSpec((byte[]) parameter.getValue());
                } else if (!parameter.isA(ASN.NULL)) {
                    throw new InvalidAlgorithmParameterException("Cannot initialize cipher with unknown parameters from AlgorithmID!");
                }
            }
            cipher.init(convertCipherMode, key, algorithmParameterSpec, getSecureRandom());
            if (i == 1 || i == 3) {
                AlgorithmParameters parameters = cipher.getParameters();
                if (parameters != null) {
                    algorithmID.setAlgorithmParameters(parameters);
                } else if (algorithmID.getParameter() == null && (iv = cipher.getIV()) != null) {
                    algorithmID.setParameter(new OCTET_STRING(iv));
                }
            }
        }
        return cipher;
    }

    public Cipher getCipher(AlgorithmID algorithmID, int i, Key key, AlgorithmParameters algorithmParameters) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        Cipher cipher = null;
        if (algorithmParameters == null) {
            algorithmParameters = getAlgorithmParameters(algorithmID);
        }
        if (algorithmParameters == null) {
            cipher = getCipher(algorithmID, i, key, (AlgorithmParameterSpec) null);
        } else {
            if (this.providerName_ != null) {
                try {
                    cipher = algorithmID.getCipherInstance(this.providerName_);
                } catch (Exception unused) {
                }
            }
            if (cipher == null) {
                cipher = algorithmID.getCipherInstance();
            }
            if (i != 0) {
                cipher.init(convertCipherMode(i), key, algorithmParameters, getSecureRandom());
                if (i == 1 || i == 3) {
                    AlgorithmParameters parameters = cipher.getParameters();
                    if (parameters != null) {
                        algorithmID.setAlgorithmParameters(parameters);
                    } else if (algorithmID.getParameter() == null) {
                        if (algorithmParameters != null) {
                            algorithmID.setAlgorithmParameters(algorithmParameters);
                        } else {
                            byte[] iv = cipher.getIV();
                            if (iv != null) {
                                algorithmID.setParameter(new OCTET_STRING(iv));
                            }
                        }
                    }
                }
            }
        }
        return cipher;
    }

    public ByteArrayCipherEngine getByteArrayCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        l lVar = new l();
        lVar.initCipher(algorithmID, i, key, algorithmParameterSpec);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = lVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return lVar;
    }

    public ByteArrayCipherEngine getByteArrayCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameters algorithmParameters) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        l lVar = new l();
        lVar.initCipher(algorithmID, i, key, algorithmParameters);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = lVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return lVar;
    }

    public ByteArrayAuthCipherEngine getByteArrayAuthCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, byte[] bArr) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        db dbVar = new db();
        dbVar.setAdditionalAuthData(bArr);
        dbVar.initCipher(algorithmID, i, key, algorithmParameterSpec);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = dbVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return dbVar;
    }

    public ByteArrayAuthCipherEngine getByteArrayAuthCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameters algorithmParameters, byte[] bArr) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        db dbVar = new db();
        dbVar.setAdditionalAuthData(bArr);
        dbVar.initCipher(algorithmID, i, key, algorithmParameters);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = dbVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return dbVar;
    }

    public AuthCipherEngine getAuthCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, byte[] bArr) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        y yVar = new y();
        yVar.setAdditionalAuthData(bArr);
        yVar.initCipher(algorithmID, i, key, algorithmParameterSpec);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = yVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return yVar;
    }

    public AuthCipherEngine getAuthCipherEngine(AlgorithmID algorithmID, int i, Key key, AlgorithmParameters algorithmParameters, byte[] bArr) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        AlgorithmParameters parameters;
        y yVar = new y();
        yVar.setAdditionalAuthData(bArr);
        yVar.initCipher(algorithmID, i, key, algorithmParameters);
        if ((i == 1 || i == 3) && algorithmID.getParameter() == null && (parameters = yVar.getParameters()) != null) {
            algorithmID.setAlgorithmParameters(parameters);
        }
        return yVar;
    }

    public AlgorithmParameters getAlgorithmParameters(String str) throws NoSuchAlgorithmException {
        AlgorithmParameters algorithmParameters = null;
        if (this.providerName_ != null) {
            try {
                algorithmParameters = AlgorithmParameters.getInstance(str, this.providerName_);
            } catch (Exception unused) {
                algorithmParameters = AlgorithmParameters.getInstance(str);
            }
        }
        return algorithmParameters;
    }

    public AlgorithmParameters getAlgorithmParameters(AlgorithmID algorithmID, String str) throws NoSuchAlgorithmException {
        return algorithmID.getAlgorithmParameters(str, this.providerName_);
    }

    public AlgorithmParameters getAlgorithmParameters(AlgorithmID algorithmID) throws NoSuchAlgorithmException {
        if (this.providerName_ != null) {
            try {
                return algorithmID.getAlgorithmParameters(null, this.providerName_);
            } catch (Exception unused) {
            }
        }
        return algorithmID.getAlgorithmParameters();
    }

    public AlgorithmParameterSpec getAlgorithmParameterSpec(AlgorithmID algorithmID) throws InvalidParameterSpecException {
        return null;
    }

    public ASN1Object getASN1OriginatorPublicKey(PublicKey publicKey) throws CMSException {
        try {
            return DerCoder.decode(publicKey.getEncoded());
        } catch (CodingException e) {
            throw new CMSException(e.toString());
        }
    }

    public KeyPair generateKeyAgreementKeyPair(AlgorithmID algorithmID, PublicKey publicKey) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        throw new NoSuchAlgorithmException("Cannot provider independently init key agreement key pair generator with parameters from public key!");
    }

    public SecretKey generateKey(AlgorithmID algorithmID, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
        return getKeyGenerator(algorithmID, algorithmParameterSpec).generateKey();
    }

    public SecretKey generateKey(AlgorithmID algorithmID, int i) throws NoSuchAlgorithmException {
        return getKeyGenerator(algorithmID, i).generateKey();
    }

    public byte[] encryptKey(SecretKey secretKey, AlgorithmID algorithmID, PublicKey publicKey) throws BadPaddingException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException {
        try {
            return (algorithmID.getImplementationName() == IMPLEMENTATION_NAME_RSA ? getCipher(ALG_CIPHER_RSA_ENCRYPT, 1, publicKey, (AlgorithmParameters) null) : getCipher(algorithmID, 1, publicKey, (AlgorithmParameters) null)).doFinal(secretKey.getEncoded());
        } catch (InvalidAlgorithmParameterException e) {
            throw new InvalidKeyException(new StringBuffer("Invalid parameters: ").append(e.getMessage()).toString());
        } catch (IllegalBlockSizeException e2) {
            throw new InvalidKeyException(new StringBuffer("Illegal block size: ").append(e2.getMessage()).toString());
        }
    }

    public Key deriveKey(char[] cArr, AlgorithmID algorithmID, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
        if (algorithmID == null) {
            throw new NullPointerException("Cannot derive key with null key derivation function!");
        }
        return getKeyGenerator(algorithmID, algorithmParameterSpec).generateKey();
    }

    public SecretKey decryptKey(byte[] bArr, AlgorithmID algorithmID, PrivateKey privateKey, String str) throws BadPaddingException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException {
        try {
            return new SecretKeySpec((algorithmID.getImplementationName() == IMPLEMENTATION_NAME_RSA ? getCipher(ALG_CIPHER_RSA_DECRYPT, 2, privateKey, (AlgorithmParameters) null) : getCipher(algorithmID, 2, privateKey, (AlgorithmParameters) null)).doFinal(bArr), str);
        } catch (InvalidAlgorithmParameterException e) {
            throw new InvalidKeyException(new StringBuffer("Invalid parameters: ").append(e.getMessage()).toString());
        } catch (IllegalBlockSizeException e2) {
            throw new InvalidKeyException(new StringBuffer("Illegal block size: ").append(e2.getMessage()).toString());
        }
    }

    public SecretKey decryptKey(byte[] bArr, AlgorithmID algorithmID, PrivateKey privateKey) throws BadPaddingException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException {
        return decryptKey(bArr, algorithmID, privateKey, "RAW");
    }

    public SecretKey createSharedKeyEncryptionKey(AlgorithmID algorithmID, PrivateKey privateKey, PublicKey publicKey, AlgorithmID algorithmID2, int i, byte[] bArr, String str) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException {
        if (algorithmID.equals(AlgorithmID.esdhKeyAgreement)) {
            throw new NoSuchAlgorithmException("Cannot provider independently init ESDH key agreement ESDHKEKParameterSpec! You may use the IaikProvider");
        }
        throw new NoSuchAlgorithmException(new StringBuffer("Key Agreement method ").append(algorithmID.getAlgorithm().getName()).append(" not supported!").toString());
    }

    public static int convertCipherMode(int i) {
        switch (i) {
            case 1:
                return 1;
            case 2:
                return 2;
            case 3:
                return 3;
            case 4:
                return 4;
            default:
                return -1;
        }
    }

    public byte[] compress(AlgorithmID algorithmID, byte[] bArr, int i) throws IOException, NoSuchAlgorithmException {
        byte[] bArr2 = null;
        if (bArr != null) {
            InputStreamCompressEngine inputStreamCompressEngine = getInputStreamCompressEngine(algorithmID, new ByteArrayInputStream(bArr), i, 1024);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            Utils.copyStream(inputStreamCompressEngine.getInputStream(), byteArrayOutputStream, null);
            bArr2 = byteArrayOutputStream.toByteArray();
        }
        return bArr2;
    }

    public void checkDomainParameters(PrivateKey privateKey, PublicKey publicKey) throws InvalidParameterException {
        ASN1Object parameter;
        if (!privateKey.getAlgorithm().equalsIgnoreCase(ALG_KEYEX_DH)) {
            try {
                ASN1Object parameter2 = new AlgorithmID(DerCoder.decode(privateKey.getEncoded()).getComponentAt(1)).getParameter();
                if (parameter2 == null || (parameter = new AlgorithmID(DerCoder.decode(publicKey.getEncoded()).getComponentAt(0)).getParameter()) == null || CryptoUtils.equalsBlock(DerCoder.encode(parameter2), DerCoder.encode(parameter))) {
                    return;
                } else {
                    throw new InvalidParameterException(new StringBuffer("Different domain parameters for ").append(privateKey.getAlgorithm()).toString());
                }
            } catch (Exception unused) {
                throw new InvalidParameterException(new StringBuffer("Different domain parameters for ").append(privateKey.getAlgorithm()).toString());
            }
        }
        DHParameterSpec params = ((DHPrivateKey) privateKey).getParams();
        DHParameterSpec params2 = ((DHPublicKey) publicKey).getParams();
        if (params != null && params2 != null && !params.getP().equals(params2.getP()) && !params.getG().equals(params2.getG())) {
            throw new InvalidParameterException("Different domain parameters for DH!");
        }
    }

    public byte[] calculateSignatureFromSignedAttributes(AlgorithmID algorithmID, AlgorithmID algorithmID2, PrivateKey privateKey, byte[] bArr) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
        String implementationName = algorithmID.getImplementationName();
        if (implementationName == IMPLEMENTATION_NAME_RSA || implementationName.endsWith("/RSA")) {
            return calculateSignatureFromHash(algorithmID, algorithmID2, privateKey, getHash(algorithmID2, bArr));
        }
        Signature signature = getSignature(algorithmID, 1, privateKey);
        try {
            AlgorithmParameterSpec algorithmParameterSpec = getAlgorithmParameterSpec(algorithmID);
            if (algorithmParameterSpec != null) {
                signature.setParameter("", algorithmParameterSpec);
            }
            if (algorithmParameterSpec == null) {
                try {
                    Object parameter = signature.getParameter("");
                    if (parameter != null && (parameter instanceof AlgorithmParameters)) {
                        algorithmID.setAlgorithmParameters((AlgorithmParameters) parameter);
                    }
                } catch (Exception e) {
                    if (c) {
                        System.out.println("Error getting and setting signature algorithm parameters: ");
                        e.printStackTrace();
                    }
                }
            }
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidParameterSpecException e2) {
            throw new NoSuchAlgorithmException(new StringBuffer("Error getting parameters from algorithm ID: ").append(e2.toString()).toString());
        }
    }

    public byte[] calculateSignatureFromHash(AlgorithmID algorithmID, AlgorithmID algorithmID2, PrivateKey privateKey, byte[] bArr) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
        byte[] doFinal;
        String implementationName = algorithmID.getImplementationName();
        if (implementationName == IMPLEMENTATION_NAME_RSA || implementationName.endsWith("/RSA")) {
            try {
                doFinal = getCipher(ALG_CIPHER_RSA_SIGN, 1, privateKey, (AlgorithmParameters) null).doFinal(new DigestInfo(algorithmID2, bArr).toByteArray());
            } catch (Exception e) {
                throw new SignatureException(new StringBuffer("Cannot calculate RSA siganture: ").append(e.toString()).toString());
            }
        } else if (implementationName.equals(IMPLEMENTATION_NAME_RSA_PSS)) {
            Signature signature = getSignature(ALG_SIGNATURE_RAWRSAPSS, 1, privateKey);
            try {
                AlgorithmParameterSpec algorithmParameterSpec = getAlgorithmParameterSpec(algorithmID);
                if (algorithmParameterSpec != null) {
                    signature.setParameter("", algorithmParameterSpec);
                }
                if (algorithmParameterSpec == null) {
                    try {
                        Object parameter = signature.getParameter("");
                        if (parameter != null && (parameter instanceof AlgorithmParameters)) {
                            algorithmID.setAlgorithmParameters((AlgorithmParameters) parameter);
                        }
                    } catch (Exception e2) {
                        if (c) {
                            System.out.println("Error getting and setting PSS algorithm parameters: ");
                            e2.printStackTrace();
                        }
                    }
                }
                signature.update(bArr);
                doFinal = signature.sign();
            } catch (InvalidParameterSpecException e3) {
                throw new NoSuchAlgorithmException(new StringBuffer("Error getting PSS parameters from algorithm ID: ").append(e3.toString()).toString());
            }
        } else if (implementationName.equals(IMPLEMENTATION_NAME_DSA) || implementationName.equals("SHA/DSA") || implementationName.equals("DSA")) {
            Signature signature2 = getSignature(ALG_SIGNATURE_RAWDSA, 1, privateKey);
            signature2.update(bArr);
            doFinal = signature2.sign();
        } else {
            if (implementationName.indexOf(IMPLEMENTATION_NAME_ECDSA) == -1) {
                throw new NoSuchAlgorithmException(new StringBuffer("Algorithm ").append(algorithmID.getAlgorithm().getName()).append(" not supported!").toString());
            }
            Signature signature3 = implementationName.indexOf(IMPLEMENTATION_NAME_ECDSA_PLAIN) == -1 ? getSignature(ALG_SIGNATURE_RAWECDSA, 1, privateKey) : getSignature(ALG_SIGNATURE_RAWECDSA_PLAIN, 1, privateKey);
            signature3.update(bArr);
            doFinal = signature3.sign();
        }
        return doFinal;
    }

    public byte[] calculateMac(AlgorithmID algorithmID, Key key, AlgorithmParameterSpec algorithmParameterSpec, byte[] bArr) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, InvalidKeyException {
        if (key == null) {
            throw new NullPointerException("Mac key must not be null!");
        }
        if (bArr == null) {
            throw new NullPointerException("Cannot calculate MAC from null data!");
        }
        return getMac(algorithmID, key, algorithmParameterSpec).doFinal(bArr);
    }

    public SecurityProvider(String str) {
        this.providerName_ = str;
    }

    public SecurityProvider() {
        this(null);
    }

    static {
        c = DebugCMS.getDebugMode() && c;
    }
}
