package iaik.pkcs.pkcs11.provider.ciphers;

import com.lowagie.text.html.Markup;
import iaik.pkcs.pkcs11.Mechanism;
import iaik.pkcs.pkcs11.MechanismInfo;
import iaik.pkcs.pkcs11.TokenException;
import iaik.pkcs.pkcs11.objects.Key;
import iaik.pkcs.pkcs11.objects.PrivateKey;
import iaik.pkcs.pkcs11.objects.PublicKey;
import iaik.pkcs.pkcs11.objects.RSAPrivateKey;
import iaik.pkcs.pkcs11.objects.RSAPublicKey;
import iaik.pkcs.pkcs11.parameters.RSAPkcsOaepParameters;
import iaik.pkcs.pkcs11.provider.IAIKPkcs11Exception;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11Key;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11PrivateKey;
import iaik.pkcs.pkcs11.provider.keys.IAIKPKCS11PublicKey;
import java.io.ByteArrayOutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Hashtable;
import java.util.Vector;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.spi.Configurator;

/* loaded from: classes.dex */
public class RsaCipher extends PKCS11Cipher {
    protected static final String CIPHER_NAME = "RSA";
    private static final boolean DEBUG = false;
    protected static final Mechanism DEFAULT_MECHANISM = Mechanism.RSA_PKCS;
    protected static final String DEFAULT_MODE = "ECB";
    protected static final String DEFAULT_PADDING = "PKCS1Padding";
    protected static final int PKCS11_OPERATION_ENCRYPT_DECRYPT = 2;
    protected static final int PKCS11_OPERATION_SIGN_VERIFY = 1;
    protected static Hashtable cipherModePaddingMechansims_;
    protected static Vector supportedModes_;
    protected static Vector supportedPaddings_;
    protected ByteArrayOutputStream buffer_;
    protected Hashtable modePaddingMechanisms_ = getModePaddingMechanisms();
    protected int pkcs11Operation_;

    public RsaCipher() {
        this.mode_ = getDefaultMode();
        this.padding_ = getDefaultPadding();
        this.buffer_ = new ByteArrayOutputStream(128);
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected void checkKeyObject(Key key) throws InvalidKeyException {
        if (key == null) {
            throw new NullPointerException("Argument \"keyObject\" must not be null.");
        }
        if (!(key instanceof RSAPrivateKey) && !(key instanceof RSAPublicKey)) {
            throw new InvalidKeyException("PKCS#11 key object inside IAIKPKCS11Key must be of type RSA");
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher, javax.crypto.CipherSpi
    protected int engineGetKeySize(java.security.Key key) throws InvalidKeyException {
        if (key instanceof IAIKPKCS11Key) {
            return pkcs11GetKeySize(key);
        }
        if (key instanceof java.security.interfaces.RSAPrivateKey) {
            return ((java.security.interfaces.RSAPrivateKey) key).getModulus().bitLength();
        }
        if (key instanceof java.security.interfaces.RSAPublicKey) {
            return ((java.security.interfaces.RSAPublicKey) key).getModulus().bitLength();
        }
        throw new UnsupportedOperationException(new StringBuffer("Cannot determine size of software key. Key is not a RSA key. Key is of class: ").append(key != null ? key.getClass().toString() : Configurator.NULL).toString());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    public String getAlgorithmName() {
        return "RSA";
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected Mechanism getDefaultMechanism() {
        return DEFAULT_MECHANISM;
    }

    protected String getDefaultMode() {
        return DEFAULT_MODE;
    }

    protected String getDefaultPadding() {
        return DEFAULT_PADDING;
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected Mechanism getMechanism() {
        if (this.modeChanged_ || this.paddingChanged_) {
            try {
                this.mechanism_ = getMechanismForModeAndPadding();
            } catch (NoSuchAlgorithmException e) {
                this.mechanism_ = null;
            }
            this.modeChanged_ = false;
            this.paddingChanged_ = false;
        }
        return this.mechanism_;
    }

    protected Mechanism getMechanismForModeAndPadding() throws NoSuchAlgorithmException {
        Mechanism mechanism;
        Mechanism mechanism2;
        StringBuffer stringBuffer = new StringBuffer(16);
        stringBuffer.append(this.mode_);
        stringBuffer.append(IOUtils.DIR_SEPARATOR_UNIX);
        stringBuffer.append(this.padding_);
        String lowerCase = stringBuffer.toString().toLowerCase();
        if (!this.modePaddingMechanisms_.containsKey(lowerCase)) {
            throw new NoSuchAlgorithmException(new StringBuffer("Combination of mode and padding not supported: ").append(lowerCase).toString());
        }
        Mechanism mechanism3 = (Mechanism) this.modePaddingMechanisms_.get(lowerCase);
        if (mechanism3 == null) {
            throw new NoSuchAlgorithmException(new StringBuffer("Combination of mode and padding not supported: ").append(lowerCase).toString());
        }
        Mechanism mechanism4 = (Mechanism) mechanism3.clone();
        if (mechanism4.equals(Mechanism.RSA_PKCS_OAEP)) {
            String lowerCase2 = this.padding_.toLowerCase();
            if (lowerCase2.startsWith("oaepwith")) {
                String substring = lowerCase2.substring("oaepwith".length());
                if (substring.startsWith("sha-1") || substring.startsWith("sha1")) {
                    mechanism2 = Mechanism.SHA_1;
                } else if (substring.startsWith("md5")) {
                    mechanism2 = Mechanism.MD5;
                } else if (substring.startsWith("md2")) {
                    mechanism2 = Mechanism.MD2;
                } else if (substring.startsWith("ripemd128") || substring.startsWith("ripemd-128")) {
                    mechanism2 = Mechanism.RIPEMD128;
                } else {
                    if (!substring.startsWith("ripemd160") && !substring.startsWith("ripemd-160")) {
                        throw new NoSuchAlgorithmException(new StringBuffer("Requested hash algorithm for padding not supported: ").append(lowerCase).toString());
                    }
                    mechanism2 = Mechanism.RIPEMD160;
                }
                if (!substring.endsWith("andmgf1padding")) {
                    throw new NoSuchAlgorithmException(new StringBuffer("Unknown message generation function (MGF) in requested padding: ").append(lowerCase).toString());
                }
                mechanism = mechanism2;
            } else {
                mechanism = Mechanism.SHA_1;
            }
            mechanism4.setParameters(new RSAPkcsOaepParameters(mechanism, 1L, 1L, null));
        }
        return mechanism4;
    }

    protected Hashtable getModePaddingMechanisms() {
        if (cipherModePaddingMechansims_ == null) {
            Hashtable hashtable = new Hashtable(15);
            hashtable.put("ecb/nopadding", Mechanism.RSA_X_509);
            hashtable.put("none/nopadding", Mechanism.RSA_X_509);
            hashtable.put("ecb/pkcs1padding", Mechanism.RSA_PKCS);
            hashtable.put("none/pkcs1padding", Mechanism.RSA_PKCS);
            hashtable.put("ecb/oaeppadding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaeppadding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaep", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaep", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaepwithmd5andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaepwithmd5andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaepwithmd2andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaepwithmd2andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaepwithsha1andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaepwithsha1andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaepwithsha-1andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaepwithsha-1andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaepwithripemd128andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaepwithripemd128andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaepwithripemd-128andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaepwithripemd-128andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaepwithripemd160andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaepwithripemd160andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/oaepwithripemd-160andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("none/oaepwithripemd-160andmgf1padding", Mechanism.RSA_PKCS_OAEP);
            hashtable.put("ecb/iso9796padding", Mechanism.RSA_9796);
            hashtable.put("none/iso9796padding", Mechanism.RSA_9796);
            hashtable.put("ecb/iso9796", Mechanism.RSA_9796);
            hashtable.put("none/iso9796", Mechanism.RSA_9796);
            hashtable.put("ecb/rawx509", Mechanism.RSA_X_509);
            hashtable.put("none/rawx509", Mechanism.RSA_X_509);
            cipherModePaddingMechansims_ = hashtable;
        }
        return cipherModePaddingMechansims_;
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected MechanismInfo[][] getUsedMechanismFeatures() {
        if (this.usedMechanismInfos_ == null) {
            MechanismInfo mechanismInfo = new MechanismInfo();
            mechanismInfo.setEncrypt(true);
            MechanismInfo mechanismInfo2 = new MechanismInfo();
            mechanismInfo2.setDecrypt(true);
            MechanismInfo mechanismInfo3 = new MechanismInfo();
            mechanismInfo3.setSign(true);
            MechanismInfo mechanismInfo4 = new MechanismInfo();
            mechanismInfo4.setVerifyRecover(true);
            MechanismInfo mechanismInfo5 = new MechanismInfo();
            mechanismInfo5.setWrap(true);
            MechanismInfo mechanismInfo6 = new MechanismInfo();
            mechanismInfo6.setUnwrap(true);
            this.usedMechanismInfos_ = new MechanismInfo[][]{new MechanismInfo[]{mechanismInfo, mechanismInfo2, mechanismInfo3, mechanismInfo4, mechanismInfo5, mechanismInfo6}, new MechanismInfo[]{mechanismInfo, mechanismInfo2, mechanismInfo3, mechanismInfo4, mechanismInfo5, mechanismInfo6}, new MechanismInfo[]{mechanismInfo, mechanismInfo2, mechanismInfo5, mechanismInfo6}, new MechanismInfo[]{mechanismInfo3, mechanismInfo4}};
        }
        return this.usedMechanismInfos_;
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected Mechanism[] getUsedMechanisms() {
        if (this.usedMechanisms_ == null) {
            this.usedMechanisms_ = new Mechanism[]{Mechanism.RSA_PKCS, Mechanism.RSA_X_509, Mechanism.RSA_PKCS_OAEP, Mechanism.RSA_9796};
        }
        return this.usedMechanisms_;
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected void initializePkcs11Operation() throws InvalidAlgorithmParameterException, InvalidKeyException {
        initializeSession();
        try {
            Key keyObject = this.key_.getKeyObject();
            if (this.operationMode_ == 2) {
                if (keyObject instanceof PublicKey) {
                    this.session_.verifyRecoverInit(this.mechanism_, keyObject);
                    this.pkcs11Operation_ = 1;
                } else {
                    this.session_.decryptInit(this.mechanism_, this.key_.getKeyObject());
                    this.pkcs11Operation_ = 2;
                }
            } else if (this.operationMode_ == 1) {
                if (keyObject instanceof PrivateKey) {
                    this.session_.signInit(this.mechanism_, keyObject);
                    this.pkcs11Operation_ = 1;
                } else {
                    this.session_.encryptInit(this.mechanism_, keyObject);
                    this.pkcs11Operation_ = 2;
                }
            }
            this.updateUsed_ = false;
            this.pkcs11OperationInitialized_ = true;
        } catch (TokenException e) {
            throw new InvalidKeyException(new StringBuffer("Error initializing the PKCS#11 RSA cipher: ").append(e.toString()).toString());
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected boolean isModeSupported(String str) {
        if (str == null) {
            return false;
        }
        if (supportedModes_ == null) {
            Vector vector = new Vector(1);
            vector.add("ecb");
            vector.add(Markup.CSS_VALUE_NONE);
            supportedModes_ = vector;
        }
        return supportedModes_.contains(str.toLowerCase());
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected boolean isPaddingSupported(String str) {
        if (str == null) {
            return false;
        }
        if (supportedPaddings_ == null) {
            Vector vector = new Vector(15);
            vector.add("nopadding");
            vector.add("pkcs1padding");
            vector.add("oaeppadding");
            vector.add("oaep");
            vector.add("oaepwithmd5andmgf1padding");
            vector.add("oaepwithmd2andmgf1padding");
            vector.add("oaepwithsha1andmgf1padding");
            vector.add("oaepwithsha-1andmgf1padding");
            vector.add("oaepwithripemd128andmgf1padding");
            vector.add("oaepwithripemd-128andmgf1padding");
            vector.add("oaepwithripemd160andmgf1padding");
            vector.add("oaepwithripemd-160andmgf1padding");
            vector.add("iso9796padding");
            vector.add("iso9796");
            vector.add("rawx509");
            supportedPaddings_ = vector;
        }
        return supportedPaddings_.contains(str.toLowerCase());
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected byte[] pkcs11DoFinal(byte[] bArr, int i, int i2) throws BadPaddingException, IllegalBlockSizeException {
        byte[] verifyRecover;
        if (!this.initialized_ || this.key_ == null) {
            throw new IllegalStateException("Cipher not initialized.");
        }
        if (bArr != null && i + i2 > bArr.length) {
            throw new NullPointerException("Arguments must satisfy ((inputOffset + inputLength) <= input.length).");
        }
        if (!this.pkcs11OperationInitialized_) {
            try {
                initializePkcs11Operation();
            } catch (InvalidAlgorithmParameterException e) {
                finalizePkcs11Operation();
                throw new IAIKPkcs11Exception(new StringBuffer("Could not reinitialize PKCS#11 cipher for next cipher operation: ").append(e.toString()).toString());
            } catch (InvalidKeyException e2) {
                finalizePkcs11Operation();
                throw new IAIKPkcs11Exception(new StringBuffer("Could not reinitialize PKCS#11 cipher for next cipher operation: ").append(e2.toString()).toString());
            }
        }
        if (bArr != null) {
            this.buffer_.write(bArr, i, i2);
        }
        byte[] byteArray = this.buffer_.toByteArray();
        this.buffer_.reset();
        try {
            try {
                if (this.operationMode_ == 1) {
                    verifyRecover = this.pkcs11Operation_ == 1 ? this.session_.sign(byteArray) : this.session_.encrypt(byteArray);
                } else {
                    if (this.operationMode_ != 2) {
                        throw new UnsupportedOperationException("Method only supported in state encrypt or decrypt.");
                    }
                    verifyRecover = this.pkcs11Operation_ == 1 ? this.session_.verifyRecover(byteArray) : this.session_.decrypt(byteArray);
                }
                this.pkcs11OperationInitialized_ = false;
                return verifyRecover;
            } catch (TokenException e3) {
                throw new IAIKPkcs11Exception(new StringBuffer("Error finishing cipher operation: ").append(e3).toString());
            }
        } finally {
            finalizePkcs11Operation();
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected int pkcs11GetBlockSize() {
        return pkcs11GetOutputSize(1);
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected int pkcs11GetKeySize(java.security.Key key) throws InvalidKeyException {
        if (key == null) {
            throw new NullPointerException("Argument \"key\" must not be null.");
        }
        if (key instanceof IAIKPKCS11PrivateKey) {
            return ((RSAPrivateKey) ((IAIKPKCS11PrivateKey) key).getKeyObject()).getModulus().getByteArrayValue().length << 3;
        }
        if (key instanceof IAIKPKCS11PublicKey) {
            return ((RSAPublicKey) ((IAIKPKCS11PublicKey) key).getKeyObject()).getModulusBits().getLongValue().intValue();
        }
        if (key instanceof java.security.interfaces.RSAPrivateKey) {
            return ((java.security.interfaces.RSAPrivateKey) key).getModulus().bitLength();
        }
        if (key instanceof java.security.interfaces.RSAPublicKey) {
            return ((java.security.interfaces.RSAPublicKey) key).getModulus().bitLength();
        }
        throw new InvalidKeyException(new StringBuffer("The provided key must be an IAIKPKCS11PrivateKey or an IAIKPKCS11PublicKey but it is : ").append(key.toString()).toString());
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected int pkcs11GetOutputSize(int i) {
        if (!this.initialized_) {
            throw new IAIKPkcs11Exception("Cipher object not initialized.");
        }
        try {
            return (pkcs11GetKeySize(this.key_) + 7) >> 3;
        } catch (InvalidKeyException e) {
            throw new IAIKPkcs11Exception(e.toString());
        }
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected void pkcs11Init(int i, java.security.Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException, InvalidKeyException {
        this.currentKeyIsSoftwareKey_ = false;
        if (i != 1 && i != 2 && i != 4 && i != 3) {
            throw new IAIKPkcs11Exception(new StringBuffer("Unknown operation mode: ").append(i).toString());
        }
        this.operationMode_ = i;
        if (algorithmParameterSpec != null) {
            throw new InvalidAlgorithmParameterException(new StringBuffer("AlgorithmParameterSpec not supported: ").append(algorithmParameterSpec).toString());
        }
        this.key_ = (IAIKPKCS11Key) key;
        this.keyObject_ = this.key_.getKeyObject();
        checkKeyObject(this.keyObject_);
        this.mechanism_ = getMechanism();
        if (this.mechanism_ == null) {
            throw new IAIKPkcs11Exception(new StringBuffer("The currently selected combination of mode and padding is not supported: ").append(this.mode_).append("/").append(this.padding_).toString());
        }
        initialize();
    }

    @Override // iaik.pkcs.pkcs11.provider.ciphers.PKCS11Cipher
    protected byte[] pkcs11Update(byte[] bArr, int i, int i2) {
        if (!this.initialized_ || this.key_ == null) {
            throw new IllegalStateException("Cipher not initialized.");
        }
        if (bArr == null) {
            throw new NullPointerException("Argument \"data\" must not be null.");
        }
        if (i + i2 > bArr.length) {
            throw new NullPointerException("Arguments must satisfy ((offset + length) <= data.length).");
        }
        if (!this.pkcs11OperationInitialized_) {
            try {
                initializePkcs11Operation();
            } catch (InvalidAlgorithmParameterException e) {
                finalizePkcs11Operation();
                throw new IAIKPkcs11Exception(new StringBuffer("Could not reinitialize PKCS#11 cipher for next cipher operation: ").append(e.toString()).toString());
            } catch (InvalidKeyException e2) {
                finalizePkcs11Operation();
                throw new IAIKPkcs11Exception(new StringBuffer("Could not reinitialize PKCS#11 cipher for next cipher operation: ").append(e2.toString()).toString());
            }
        }
        this.buffer_.write(bArr, i, i2);
        return null;
    }
}
