package com.netflix.msl.crypto;

import com.netflix.msl.MslCryptoException;
import com.netflix.msl.MslEncodingException;
import com.netflix.msl.MslError;
import com.netflix.msl.MslInternalException;
import com.netflix.msl.crypto.MslCiphertextEnvelope;
import com.netflix.msl.io.MslEncoderException;
import com.netflix.msl.io.MslEncoderFactory;
import com.netflix.msl.io.MslEncoderFormat;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: input_file:WEB-INF/lib/msl-core-1.1221.1.jar:com/netflix/msl/crypto/AsymmetricCryptoContext.class */
public abstract class AsymmetricCryptoContext extends ICryptoContext {
    protected static final String NULL_OP = "nullOp";
    protected final String id;
    protected final PrivateKey privateKey;
    protected final PublicKey publicKey;
    private final String transform;
    private final AlgorithmParameterSpec params;
    private final String algo;

    /* JADX INFO: Access modifiers changed from: protected */
    public AsymmetricCryptoContext(String str, PrivateKey privateKey, PublicKey publicKey, String str2, AlgorithmParameterSpec algorithmParameterSpec, String str3) {
        this.id = str;
        this.privateKey = privateKey;
        this.publicKey = publicKey;
        this.transform = str2;
        this.params = algorithmParameterSpec;
        this.algo = str3;
    }

    @Override // com.netflix.msl.crypto.ICryptoContext
    public byte[] encrypt(byte[] bArr, MslEncoderFactory mslEncoderFactory, MslEncoderFormat mslEncoderFormat) throws MslCryptoException {
        if (NULL_OP.equals(this.transform)) {
            return bArr;
        }
        if (this.publicKey == null) {
            throw new MslCryptoException(MslError.ENCRYPT_NOT_SUPPORTED, "no public key");
        }
        try {
            try {
                try {
                    try {
                        try {
                            Cipher cipher = CryptoCache.getCipher(this.transform);
                            cipher.init(1, this.publicKey, this.params);
                            byte[] mslEncoding = new MslCiphertextEnvelope(this.id, (byte[]) null, cipher.doFinal(bArr)).toMslEncoding(mslEncoderFactory, mslEncoderFormat);
                            if (0 != 0) {
                                CryptoCache.resetCipher(this.transform);
                            }
                            return mslEncoding;
                        } catch (MslEncoderException e) {
                            throw new MslCryptoException(MslError.CIPHERTEXT_ENVELOPE_ENCODE_ERROR, e);
                        } catch (NoSuchPaddingException e2) {
                            throw new MslInternalException("Unsupported padding exception.", e2);
                        }
                    } catch (RuntimeException e3) {
                        throw e3;
                    } catch (IllegalBlockSizeException e4) {
                        throw new MslCryptoException(MslError.PLAINTEXT_ILLEGAL_BLOCK_SIZE, "not expected when padding is specified", e4);
                    }
                } catch (InvalidAlgorithmParameterException e5) {
                    throw new MslCryptoException(MslError.INVALID_ALGORITHM_PARAMS, e5);
                } catch (BadPaddingException e6) {
                    throw new MslCryptoException(MslError.PLAINTEXT_BAD_PADDING, "not expected when encrypting", e6);
                }
            } catch (InvalidKeyException e7) {
                throw new MslCryptoException(MslError.INVALID_PUBLIC_KEY, e7);
            } catch (NoSuchAlgorithmException e8) {
                throw new MslInternalException("Invalid cipher algorithm specified.", e8);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                CryptoCache.resetCipher(this.transform);
            }
            throw th;
        }
    }

    @Override // com.netflix.msl.crypto.ICryptoContext
    public byte[] decrypt(byte[] bArr, MslEncoderFactory mslEncoderFactory) throws MslCryptoException {
        if (NULL_OP.equals(this.transform)) {
            return bArr;
        }
        if (this.privateKey == null) {
            throw new MslCryptoException(MslError.DECRYPT_NOT_SUPPORTED, "no private key");
        }
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                try {
                                    try {
                                        try {
                                            try {
                                                MslCiphertextEnvelope mslCiphertextEnvelope = new MslCiphertextEnvelope(mslEncoderFactory.parseObject(bArr), MslCiphertextEnvelope.Version.V1);
                                                Cipher cipher = CryptoCache.getCipher(this.transform);
                                                cipher.init(2, this.privateKey, this.params);
                                                byte[] doFinal = cipher.doFinal(mslCiphertextEnvelope.getCiphertext());
                                                if (0 != 0) {
                                                    CryptoCache.resetCipher(this.transform);
                                                }
                                                return doFinal;
                                            } catch (MslEncodingException e) {
                                                throw new MslCryptoException(MslError.CIPHERTEXT_ENVELOPE_PARSE_ERROR, e);
                                            }
                                        } catch (MslEncoderException e2) {
                                            throw new MslCryptoException(MslError.CIPHERTEXT_ENVELOPE_PARSE_ERROR, e2);
                                        }
                                    } catch (RuntimeException e3) {
                                        throw e3;
                                    }
                                } catch (BadPaddingException e4) {
                                    throw new MslCryptoException(MslError.CIPHERTEXT_BAD_PADDING, e4);
                                }
                            } catch (NoSuchPaddingException e5) {
                                throw new MslInternalException("Unsupported padding exception.", e5);
                            }
                        } catch (NoSuchAlgorithmException e6) {
                            throw new MslInternalException("Invalid cipher algorithm specified.", e6);
                        }
                    } catch (IllegalBlockSizeException e7) {
                        throw new MslCryptoException(MslError.CIPHERTEXT_ILLEGAL_BLOCK_SIZE, e7);
                    }
                } catch (InvalidAlgorithmParameterException e8) {
                    throw new MslCryptoException(MslError.INVALID_ALGORITHM_PARAMS, e8);
                }
            } catch (InvalidKeyException e9) {
                throw new MslCryptoException(MslError.INVALID_PRIVATE_KEY, e9);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                CryptoCache.resetCipher(this.transform);
            }
            throw th;
        }
    }

    @Override // com.netflix.msl.crypto.ICryptoContext
    public byte[] wrap(byte[] bArr, MslEncoderFactory mslEncoderFactory, MslEncoderFormat mslEncoderFormat) throws MslCryptoException {
        throw new MslCryptoException(MslError.WRAP_NOT_SUPPORTED);
    }

    @Override // com.netflix.msl.crypto.ICryptoContext
    public byte[] unwrap(byte[] bArr, MslEncoderFactory mslEncoderFactory) throws MslCryptoException {
        throw new MslCryptoException(MslError.UNWRAP_NOT_SUPPORTED);
    }

    @Override // com.netflix.msl.crypto.ICryptoContext
    public byte[] sign(byte[] bArr, MslEncoderFactory mslEncoderFactory, MslEncoderFormat mslEncoderFormat) throws MslCryptoException {
        if (NULL_OP.equals(this.algo)) {
            return new byte[0];
        }
        if (this.privateKey == null) {
            throw new MslCryptoException(MslError.SIGN_NOT_SUPPORTED, "no private key.");
        }
        try {
            Signature signature = CryptoCache.getSignature(this.algo);
            signature.initSign(this.privateKey);
            signature.update(bArr);
            return new MslSignatureEnvelope(signature.sign()).getBytes(mslEncoderFactory, mslEncoderFormat);
        } catch (MslEncoderException e) {
            throw new MslCryptoException(MslError.SIGNATURE_ENVELOPE_ENCODE_ERROR, e);
        } catch (InvalidKeyException e2) {
            throw new MslCryptoException(MslError.INVALID_PRIVATE_KEY, e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new MslInternalException("Invalid signature algorithm specified.", e3);
        } catch (SignatureException e4) {
            throw new MslCryptoException(MslError.SIGNATURE_ERROR, e4);
        }
    }

    @Override // com.netflix.msl.crypto.ICryptoContext
    public boolean verify(byte[] bArr, byte[] bArr2, MslEncoderFactory mslEncoderFactory) throws MslCryptoException {
        if (NULL_OP.equals(this.algo)) {
            return true;
        }
        if (this.publicKey == null) {
            throw new MslCryptoException(MslError.VERIFY_NOT_SUPPORTED, "no public key.");
        }
        try {
            MslSignatureEnvelope parse = MslSignatureEnvelope.parse(bArr2, mslEncoderFactory);
            Signature signature = CryptoCache.getSignature(this.algo);
            signature.initVerify(this.publicKey);
            signature.update(bArr);
            return signature.verify(parse.getSignature());
        } catch (MslEncodingException e) {
            throw new MslCryptoException(MslError.SIGNATURE_ENVELOPE_PARSE_ERROR, e);
        } catch (InvalidKeyException e2) {
            throw new MslCryptoException(MslError.INVALID_PUBLIC_KEY, e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new MslInternalException("Invalid signature algorithm specified.", e3);
        } catch (SignatureException e4) {
            throw new MslCryptoException(MslError.SIGNATURE_ERROR, e4);
        }
    }
}
