package com.adobe.internal.pdftoolkit.core.encryption.impl;

import com.adobe.internal.pdftoolkit.core.credentials.impl.RSACredentials;
import com.adobe.internal.pdftoolkit.core.types.ASName;
import com.adobe.internal.pdftoolkit.pdf.interactive.forms.PDFFieldText;
import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.BitStringContainer;
import com.rsa.asn1.ChoiceContainer;
import com.rsa.asn1.EncodedContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.IntegerContainer;
import com.rsa.asn1.OIDContainer;
import com.rsa.asn1.OctetStringContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.asn1.SetContainer;
import com.rsa.certj.CertJException;
import com.rsa.certj.cert.CertificateException;
import com.rsa.certj.cert.NameException;
import com.rsa.certj.cert.X500Name;
import com.rsa.certj.cert.X509Certificate;
import com.rsa.certj.cms.CMSException;
import com.rsa.certj.cms.InfoObjectFactory;
import com.rsa.certj.cms.KeyAgreeRecipientInfo;
import com.rsa.jsafe.JSAFE_Exception;
import com.rsa.jsafe.JSAFE_IVException;
import com.rsa.jsafe.JSAFE_InputException;
import com.rsa.jsafe.JSAFE_InvalidKeyException;
import com.rsa.jsafe.JSAFE_InvalidParameterException;
import com.rsa.jsafe.JSAFE_InvalidUseException;
import com.rsa.jsafe.JSAFE_KeyAgree;
import com.rsa.jsafe.JSAFE_PaddingException;
import com.rsa.jsafe.JSAFE_PrivateKey;
import com.rsa.jsafe.JSAFE_PublicKey;
import com.rsa.jsafe.JSAFE_SecretKey;
import com.rsa.jsafe.JSAFE_SymmetricCipher;
import com.rsa.jsafe.JSAFE_UnimplementedException;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.util.Map;
import java.util.Random;

@Deprecated
/* loaded from: input_file:com/adobe/internal/pdftoolkit/core/encryption/impl/CMSEnvelopedDataEncryptor.class */
public class CMSEnvelopedDataEncryptor {
    private JSAFE_PublicKey originator_PublicKey = null;
    private JSAFE_PrivateKey originator_PrivateKey = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] encryptEnvelopedData(RSACredentials[] rSACredentialsArr, X509Certificate[] x509CertificateArr, byte[] bArr, String[] strArr, Map map) throws GeneralSecurityException, JSAFE_Exception, CertJException, IOException, ASN_Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = 0;
        while (i < rSACredentialsArr.length) {
            try {
                try {
                    int i2 = i;
                    i++;
                    byteArrayOutputStream.write(createEncryptedEnvelopedData(bArr, x509CertificateArr[i2], strArr, map));
                } catch (Exception e) {
                    throw new CertificateEncodingException(" Issue while encoding the enveloped data. " + e);
                }
            } finally {
                this.originator_PrivateKey.clearSensitiveData();
                this.originator_PublicKey.clearSensitiveData();
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] createEncryptedEnvelopedData(byte[] bArr, X509Certificate x509Certificate, String[] strArr, Map map) throws ASN_Exception, NameException, JSAFE_Exception, CertificateException, NoSuchAlgorithmException, IOException {
        Map map2 = (Map) ((Map) map.get(ASName.k_CF.asString())).get("DefaultCryptFilter");
        int intValue = ((Integer) map2.get("Length")).intValue();
        String str = (String) map2.get("CFM");
        byte[] eCDHSharedSecret = getECDHSharedSecret(x509Certificate, intValue);
        KeyAgreeRecipientInfo newKeyAgreeRecipientInfo = InfoObjectFactory.newKeyAgreeRecipientInfo(this.originator_PublicKey, this.originator_PrivateKey, x509Certificate);
        byte[] recipientSerialNumber = newKeyAgreeRecipientInfo.getRecipientSerialNumber();
        byte[] dEREncodedRecipientIdentifier = getDEREncodedRecipientIdentifier(newKeyAgreeRecipientInfo);
        byte[] fillWithRandom = fillWithRandom(8);
        ASN1Container octetStringContainer = new OctetStringContainer(0, true, 0, fillWithRandom, 0, fillWithRandom.length);
        ASN1Container eCPublicKeyOID = PKCS7Utils.getECPublicKeyOID();
        ASN1Container eCPublicKeyPrimeOID = PKCS7Utils.getECPublicKeyPrimeOID(strArr[0]);
        byte[] bArr2 = this.originator_PublicKey.getKeyData("ECPublicKeyValue")[0];
        ASN1Container bitStringContainer = new BitStringContainer(0, true, 0, bArr2, 0, bArr2.length);
        byte[] ecdhoid = PKCS7Utils.getECDHOID(Integer.valueOf(intValue));
        ASN1Container oIDContainer = new OIDContainer(PDFFieldText.kComb, true, 0, ecdhoid, 0, ecdhoid.length);
        byte[] keyEncryptionAlgorithmOid = PKCS7Utils.getKeyEncryptionAlgorithmOid(str);
        ASN1Container oIDContainer2 = new OIDContainer(PDFFieldText.kComb, true, 5, keyEncryptionAlgorithmOid, 0, keyEncryptionAlgorithmOid.length);
        KDFDataDecryptor kDFDataDecryptor = new KDFDataDecryptor(null, keyEncryptionAlgorithmOid, octetStringContainer, ecdhoid);
        byte[] applyKDFWrap = kDFDataDecryptor.applyKDFWrap(eCDHSharedSecret);
        JSAFE_SecretKey generateRandomSecretkey = generateRandomSecretkey(Math.abs(intValue));
        byte[] encryptKey = kDFDataDecryptor.encryptKey(applyKDFWrap, generateRandomSecretkey);
        ASN1Container octetStringContainer2 = new OctetStringContainer(0, true, 0, encryptKey, 0, encryptKey.length);
        byte[] dataEncryptionAlgorithmOid = PKCS7Utils.getDataEncryptionAlgorithmOid(str);
        ASN1Container pKCS7DataOID = PKCS7Utils.getPKCS7DataOID();
        ASN1Container oIDContainer3 = new OIDContainer(0, true, 0, dataEncryptionAlgorithmOid, 0, dataEncryptionAlgorithmOid.length);
        byte[] fillWithRandom2 = fillWithRandom(16);
        ASN1Container octetStringContainer3 = new OctetStringContainer(0, true, 0, fillWithRandom2, 0, fillWithRandom2.length);
        byte[] encryptedData = encryptedData(generateRandomSecretkey, fillWithRandom2, bArr, dataEncryptionAlgorithmOid);
        ASN1Container octetStringContainer4 = new OctetStringContainer(8454144, true, 0, encryptedData, 0, encryptedData.length);
        ASN1Container envelopedDataOID = PKCS7Utils.getEnvelopedDataOID();
        generateRandomSecretkey.clearSensitiveData();
        return ASN1.derEncode(new ASN1Container[]{new SequenceContainer(0), envelopedDataOID, new ChoiceContainer(10551040), new SequenceContainer(0), new IntegerContainer(0, true, 0, 0), new SetContainer(0), new ChoiceContainer(10551041), new SequenceContainer(0), new IntegerContainer(0, true, 0, 3), new ChoiceContainer(10551040), new ChoiceContainer(10551041), new SequenceContainer(0), new SequenceContainer(0), eCPublicKeyOID, eCPublicKeyPrimeOID, new EndContainer(), bitStringContainer, new EndContainer(), new EndContainer(), new EndContainer(), new ChoiceContainer(10551041), octetStringContainer, new EndContainer(), new SequenceContainer(0), oIDContainer, new SequenceContainer(0), oIDContainer2, new EndContainer(), new EndContainer(), new SequenceContainer(0), new SequenceContainer(0), new SequenceContainer(0), new EncodedContainer(0, true, 48, dEREncodedRecipientIdentifier, 3, dEREncodedRecipientIdentifier.length - 3), new IntegerContainer(0, true, 0, recipientSerialNumber, 0, recipientSerialNumber.length, true), new EndContainer(), octetStringContainer2, new EndContainer(), new EndContainer(), new EndContainer(), new EndContainer(), new EndContainer(), new SequenceContainer(0), pKCS7DataOID, new SequenceContainer(0), oIDContainer3, octetStringContainer3, new EndContainer(), octetStringContainer4, new EndContainer(), new EndContainer(), new EndContainer(), new EndContainer()});
    }

    byte[] encryptedData(JSAFE_SecretKey jSAFE_SecretKey, byte[] bArr, byte[] bArr2, byte[] bArr3) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException, JSAFE_InvalidUseException, JSAFE_InvalidKeyException, JSAFE_IVException, JSAFE_InputException, JSAFE_PaddingException, IOException {
        JSAFE_SymmetricCipher symmetricCipher = PKCS7Utils.getSymmetricCipher(bArr3);
        symmetricCipher.setIV(bArr, 0, bArr.length);
        symmetricCipher.encryptInit(jSAFE_SecretKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(symmetricCipher.encryptUpdate(bArr2, 0, bArr2.length));
        byteArrayOutputStream.write(symmetricCipher.encryptFinal());
        return byteArrayOutputStream.toByteArray();
    }

    private JSAFE_SecretKey generateRandomSecretkey(int i) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException, JSAFE_InvalidUseException, NoSuchAlgorithmException {
        JSAFE_SecretKey jSAFE_SecretKey = JSAFE_SecretKey.getInstance("AES", "Java");
        jSAFE_SecretKey.generateInit(new int[]{i}, PKCS7Utils.getSecureRandom(i));
        jSAFE_SecretKey.generate();
        return jSAFE_SecretKey;
    }

    private byte[] getECDHSharedSecret(X509Certificate x509Certificate, int i) throws JSAFE_InvalidKeyException, JSAFE_InvalidUseException, JSAFE_UnimplementedException, JSAFE_InvalidParameterException, NoSuchAlgorithmException, CertificateException {
        JSAFE_PublicKey subjectPublicKey = x509Certificate.getSubjectPublicKey("Java");
        JSAFE_KeyAgree jSAFE_KeyAgree = JSAFE_KeyAgree.getInstance("ECDH", "Java");
        jSAFE_KeyAgree.keyAgreeInit(subjectPublicKey, PKCS7Utils.getSecureRandom(i));
        this.originator_PublicKey = jSAFE_KeyAgree.generateMyPublicValue();
        this.originator_PrivateKey = jSAFE_KeyAgree.getPrivateValueAsKey();
        return jSAFE_KeyAgree.generateSharedSecret();
    }

    private byte[] fillWithRandom(int i) {
        byte[] bArr = new byte[i];
        new Random().nextBytes(bArr);
        return bArr;
    }

    private byte[] getDEREncodedRecipientIdentifier(KeyAgreeRecipientInfo keyAgreeRecipientInfo) throws CMSException, NameException {
        X500Name recipientIssuer = keyAgreeRecipientInfo.getRecipientIssuer();
        byte[] bArr = new byte[recipientIssuer.getDERLen(0) + 3];
        recipientIssuer.getDEREncoding(bArr, 0, 10485760);
        return bArr;
    }

    public void closeQuietly(Closeable closeable) {
        if (closeable == null) {
            return;
        }
        try {
            closeable.close();
        } catch (IOException e) {
        }
    }
}
