package org.jscep.message;

import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.cms.EncryptedContentInfo;
import org.bouncycastle.asn1.cms.EnvelopedData;
import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
import org.bouncycastle.asn1.cms.RecipientInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.jscep.util.AlgorithmDictionary;
import org.jscep.util.LoggingUtil;
import org.slf4j.Logger;

/* loaded from: input_file:org/jscep/message/PkcsPkiEnvelopeDecoder.class */
public class PkcsPkiEnvelopeDecoder {
    private static Logger LOGGER = LoggingUtil.getLogger((Class<?>) PkcsPkiEnvelopeDecoder.class);
    private final PrivateKey priKey;

    public PkcsPkiEnvelopeDecoder(PrivateKey privateKey) {
        this.priKey = privateKey;
    }

    public ASN1Encodable decode(EnvelopedData envelopedData) throws IOException {
        LOGGER.debug("Decrypting message: {}", envelopedData.getDEREncoded());
        EncryptedContentInfo encryptedContentInfo = envelopedData.getEncryptedContentInfo();
        AlgorithmIdentifier contentEncryptionAlgorithm = encryptedContentInfo.getContentEncryptionAlgorithm();
        String cipherName = getCipherName(contentEncryptionAlgorithm);
        String fromTransformation = AlgorithmDictionary.fromTransformation(cipherName);
        LOGGER.debug("Decrypting using {}", fromTransformation);
        try {
            Cipher cipher = Cipher.getInstance(cipherName);
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(fromTransformation);
            algorithmParameters.init(contentEncryptionAlgorithm.getParameters().getEncoded());
            ASN1Set recipientInfos = envelopedData.getRecipientInfos();
            if (recipientInfos.size() == 0) {
                throw new IOException("Invalid RecipientInfos");
            }
            byte[] octets = encryptedContentInfo.getEncryptedContent().getOctets();
            byte[] octets2 = KeyTransRecipientInfo.getInstance(RecipientInfo.getInstance(recipientInfos.getObjectAt(0)).getInfo()).getEncryptedKey().getOctets();
            try {
                Cipher cipher2 = Cipher.getInstance("RSA");
                cipher2.init(4, this.priKey);
                cipher.init(2, (SecretKey) cipher2.unwrap(octets2, fromTransformation, 3), algorithmParameters);
                byte[] doFinal = cipher.doFinal(octets);
                LOGGER.debug("Decrypted to: {}", doFinal);
                return ASN1Object.fromByteArray(doFinal);
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        } catch (GeneralSecurityException e2) {
            throw new IOException(e2);
        }
    }

    private String getCipherName(AlgorithmIdentifier algorithmIdentifier) {
        return AlgorithmDictionary.lookup(algorithmIdentifier);
    }
}
