package com.unbound.provider;

import com.unbound.client.CipherMode;
import com.unbound.client.CipherOper;
import com.unbound.client.Client;
import com.unbound.client.HashType;
import com.unbound.client.ObjectType;
import com.unbound.client.RSAPrivateKeyObject;
import com.unbound.client.SecretKeyObject;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.ProviderException;
import java.security.SecureRandom;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherSpi;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

/* loaded from: input_file:com/unbound/provider/UBRSACipher.class */
public final class UBRSACipher extends CipherSpi {
    private final CipherOper oper = Client.getInstance().newCipherOperation();
    private OAEPParameterSpec oaepSpec = null;
    private KeyParameters unwrapKeyParameter = null;

    public UBRSACipher() {
        this.oper.mode = CipherMode.RSA_PKCS1;
        this.oper.bufferMode = true;
    }

    private static String paddingTypeToName(CipherMode cipherMode, HashType hashType) {
        return cipherMode == CipherMode.RSA_RAW ? "NOPadding" : cipherMode == CipherMode.RSA_PKCS1 ? "PKCS1Padding" : "OAEPWith" + hashType.getMdName() + "AndMGF1Padding";
    }

    private static HashType oaepPaddingToHashType(String str) throws NoSuchPaddingException {
        String upperCase = str.toUpperCase();
        if (upperCase.equals("OAEPPADDING")) {
            return HashType.SHA1;
        }
        if (!upperCase.startsWith("OAEPWITH") || !upperCase.endsWith("ANDMGF1PADDING")) {
            throw new NoSuchPaddingException("padding not supported: " + upperCase);
        }
        try {
            return HashType.getFromName(upperCase.substring(8, upperCase.length() - 14));
        } catch (InvalidAlgorithmParameterException e) {
            throw new NoSuchPaddingException("padding not supported: " + upperCase);
        }
    }

    private AlgorithmParameterSpec getParameterSpec() throws InvalidAlgorithmParameterException {
        if (this.oaepSpec == null) {
            if (this.oper.mode != CipherMode.RSA_OAEP) {
                return null;
            }
            this.oaepSpec = new OAEPParameterSpec(this.oper.hashType.getMdName(), "MGF1", this.oper.mgfHashType.getMgfSpec(), PSource.PSpecified.DEFAULT);
        }
        return this.oaepSpec;
    }

    private void init(int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        this.oper.reset();
        RSAPublicKey rSAPublicKey = null;
        switch (i) {
            case 1:
            case 3:
                if (key instanceof UBRSAPublicKey) {
                    if (i == 3) {
                        this.oper.keyObject = ((UBRSAPublicKey) key).object;
                    } else {
                        rSAPublicKey = ((UBRSAPublicKey) key).getPublicKey();
                    }
                } else {
                    if (!(key instanceof RSAPublicKey)) {
                        throw new InvalidKeyException("Invalid key type");
                    }
                    rSAPublicKey = (RSAPublicKey) key;
                }
                this.oper.encMode = true;
                break;
            case 2:
            case 4:
                if (!(key instanceof UBRSAPrivateKey)) {
                    throw new InvalidKeyException("Invalid key type");
                }
                this.oper.keyObject = ((UBRSAPrivateKey) key).object;
                this.oper.encMode = false;
                break;
            default:
                throw new InvalidKeyException("Unknown mode: " + i);
        }
        if (algorithmParameterSpec != null) {
            if (this.oper.mode != CipherMode.RSA_OAEP) {
                throw new InvalidAlgorithmParameterException("Wrong padding parameter");
            }
            this.oper.mode.setParams(this.oper, algorithmParameterSpec);
        }
        if (rSAPublicKey != null) {
            try {
                this.oper.swCipher = Cipher.getInstance("RSA/ECB/" + paddingTypeToName(this.oper.mode, this.oper.hashType), "SunJCE");
                this.oper.swCipher.init(i, rSAPublicKey, getParameterSpec(), secureRandom);
            } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e) {
                throw new ProviderException(e);
            }
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineSetMode(String str) throws NoSuchAlgorithmException {
        String upperCase = str.toUpperCase();
        if (!upperCase.equals("NONE") && !upperCase.equals("ECB")) {
            throw new NoSuchAlgorithmException("Mode not supported: " + upperCase);
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineSetPadding(String str) throws NoSuchPaddingException {
        String upperCase = str.toUpperCase();
        if (upperCase.equals("NOPADDING")) {
            this.oper.mode = CipherMode.RSA_RAW;
        } else if (upperCase.equals("PKCS1PADDING")) {
            this.oper.mode = CipherMode.RSA_PKCS1;
        } else if (upperCase.equals("OAEPPADDING")) {
            this.oper.mode = CipherMode.RSA_OAEP;
        } else {
            if (!upperCase.startsWith("OAEPWITH") || !upperCase.endsWith("ANDMGF1PADDING")) {
                throw new NoSuchPaddingException("Unsupported padding: " + upperCase);
            }
            this.oper.mode = CipherMode.RSA_OAEP;
        }
        if (this.oper.mode == CipherMode.RSA_OAEP) {
            this.oper.hashType = oaepPaddingToHashType(upperCase);
            this.oper.mgfHashType = HashType.SHA1;
        }
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetBlockSize() {
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetOutputSize(int i) {
        return ((RSAPrivateKeyObject) this.oper.keyObject).getModulus().bitLength() / 8;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineGetIV() {
        return null;
    }

    @Override // javax.crypto.CipherSpi
    protected AlgorithmParameters engineGetParameters() {
        try {
            AlgorithmParameterSpec parameterSpec = getParameterSpec();
            if (parameterSpec == null) {
                return null;
            }
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("OAEP");
            algorithmParameters.init(parameterSpec);
            return algorithmParameters;
        } catch (Throwable th) {
            throw new RuntimeException("Invalid algorithm parameters not supported");
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, SecureRandom secureRandom) throws InvalidKeyException {
        try {
            init(i, key, null, secureRandom);
        } catch (InvalidAlgorithmParameterException e) {
            throw new InvalidKeyException("Wrong parameters", e);
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        if (!(algorithmParameterSpec instanceof com.dyadicsec.provider.KeyGenSpec)) {
            this.unwrapKeyParameter = null;
        } else {
            if (i != 4) {
                throw new InvalidAlgorithmParameterException("KeyParameter is supported only in UNWRAP_MODE");
            }
            this.unwrapKeyParameter = ((com.dyadicsec.provider.KeyGenSpec) algorithmParameterSpec).getKeyParams();
            algorithmParameterSpec = ((com.dyadicsec.provider.KeyGenSpec) algorithmParameterSpec).getOriginal();
        }
        init(i, key, algorithmParameterSpec, secureRandom);
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, AlgorithmParameters algorithmParameters, SecureRandom secureRandom) throws InvalidKeyException, InvalidAlgorithmParameterException {
        OAEPParameterSpec oAEPParameterSpec = null;
        if (algorithmParameters != null) {
            try {
                oAEPParameterSpec = (OAEPParameterSpec) algorithmParameters.getParameterSpec(OAEPParameterSpec.class);
            } catch (InvalidParameterSpecException e) {
                throw new InvalidKeyException("Wrong parameters", e);
            }
        }
        init(i, key, oAEPParameterSpec, secureRandom);
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineUpdate(byte[] bArr, int i, int i2) {
        return this.oper.update(bArr, i, i2);
    }

    @Override // javax.crypto.CipherSpi
    protected int engineUpdate(byte[] bArr, int i, int i2, byte[] bArr2, int i3) throws ShortBufferException {
        return this.oper.update(bArr, i, i2, bArr2, i3);
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineDoFinal(byte[] bArr, int i, int i2) throws IllegalBlockSizeException, BadPaddingException {
        return this.oper.finalEncDec(bArr, i, i2);
    }

    @Override // javax.crypto.CipherSpi
    protected int engineDoFinal(byte[] bArr, int i, int i2, byte[] bArr2, int i3) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException {
        return this.oper.finalEncDec(bArr, i, i2, bArr2, i3);
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineWrap(Key key) throws InvalidKeyException, IllegalBlockSizeException {
        return key instanceof UBSecretKey ? this.oper.wrap(((UBSecretKey) key).object) : this.oper.swWrap(key);
    }

    @Override // javax.crypto.CipherSpi
    protected Key engineUnwrap(byte[] bArr, String str, int i) throws InvalidKeyException, NoSuchAlgorithmException {
        if (i != 3) {
            throw new UnsupportedOperationException("wrappedKeyType == " + i);
        }
        return (this.unwrapKeyParameter == null || !this.unwrapKeyParameter.isToken()) ? this.oper.swUnwrap(bArr, str, i) : new UBSecretKey((SecretKeyObject) this.oper.unwrap(bArr, null, ObjectType.get(str), this.unwrapKeyParameter));
    }
}
