package org.xipki.security.pkcs12;

import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import org.bouncycastle.asn1.cms.GCMParameters;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.util.Arrays;
import org.xipki.security.SignAlgo;
import org.xipki.security.XiContentSigner;
import org.xipki.security.XiSecurityException;
import org.xipki.util.Args;
import org.xipki.util.IoUtil;

/* loaded from: input_file:WEB-INF/lib/security-6.3.1.jar:org/xipki/security/pkcs12/AESGmacContentSigner.class */
public class AESGmacContentSigner implements XiContentSigner {
    private static final int tagByteLen = 12;
    private static final int nonceLen = 12;
    private final byte[] nonce = new byte[12];
    private final SecureRandom random;
    private final SignAlgo signAlgo;
    private final Cipher cipher;
    private final SecretKey signingKey;
    private final OutputStream outputStream;
    private final byte[] sigAlgIdTemplate;
    private final int nonceOffset;

    /* loaded from: input_file:WEB-INF/lib/security-6.3.1.jar:org/xipki/security/pkcs12/AESGmacContentSigner$AESGmacOutputStream.class */
    private class AESGmacOutputStream extends OutputStream {
        private AESGmacOutputStream() {
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            AESGmacContentSigner.this.cipher.updateAAD(new byte[]{(byte) i});
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr) throws IOException {
            AESGmacContentSigner.this.cipher.updateAAD(bArr);
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            AESGmacContentSigner.this.cipher.updateAAD(bArr, i, i2);
        }
    }

    public AESGmacContentSigner(SignAlgo signAlgo, SecretKey secretKey) throws XiSecurityException {
        Cipher cipher;
        this.signAlgo = (SignAlgo) Args.notNull(signAlgo, "signAlgo");
        this.signingKey = (SecretKey) Args.notNull(secretKey, "signingKey");
        try {
            cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
        } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e) {
            try {
                cipher = Cipher.getInstance("AES/GCM/NoPadding");
            } catch (NoSuchAlgorithmException | NoSuchPaddingException e2) {
                throw new XiSecurityException(e2);
            }
        }
        this.cipher = cipher;
        this.random = new SecureRandom();
        this.outputStream = new AESGmacOutputStream();
        try {
            this.sigAlgIdTemplate = new AlgorithmIdentifier(signAlgo.getOid(), new GCMParameters(this.nonce, 12)).getEncoded();
            this.nonceOffset = IoUtil.getIndex(this.sigAlgIdTemplate, this.nonce);
            int length = secretKey.getEncoded().length;
            if (length == 16) {
                if (SignAlgo.GMAC_AES128 != signAlgo) {
                    throw new XiSecurityException("oid and singingKey do not match");
                }
            } else if (length == 24) {
                if (SignAlgo.GMAC_AES192 != signAlgo) {
                    throw new XiSecurityException("oid and singingKey do not match");
                }
            } else {
                if (length != 32) {
                    throw new XiSecurityException("invalid AES key length: " + length);
                }
                if (SignAlgo.GMAC_AES256 != signAlgo) {
                    throw new XiSecurityException("oid and singingKey do not match");
                }
            }
            try {
                this.cipher.init(1, secretKey, new GCMParameterSpec(96, this.nonce));
            } catch (InvalidAlgorithmParameterException | InvalidKeyException e3) {
                throw new XiSecurityException(e3);
            }
        } catch (IOException e4) {
            throw new XiSecurityException("could not encode AlgorithmIdentifier", e4);
        }
    }

    public AlgorithmIdentifier getAlgorithmIdentifier() {
        return new AlgorithmIdentifier(this.signAlgo.getOid(), new GCMParameters(this.nonce, 12));
    }

    @Override // org.xipki.security.XiContentSigner
    public byte[] getEncodedAlgorithmIdentifier() {
        byte[] copyOf = Arrays.copyOf(this.sigAlgIdTemplate, this.sigAlgIdTemplate.length);
        System.arraycopy(this.nonce, 0, copyOf, this.nonceOffset, 12);
        return copyOf;
    }

    public OutputStream getOutputStream() {
        this.random.nextBytes(this.nonce);
        try {
            this.cipher.init(1, this.signingKey, new GCMParameterSpec(96, this.nonce));
            return this.outputStream;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException e) {
            throw new IllegalStateException(e);
        }
    }

    public byte[] getSignature() {
        try {
            return this.cipher.doFinal();
        } catch (BadPaddingException e) {
            throw new IllegalStateException("BadPaddingException: " + e.getMessage());
        } catch (IllegalBlockSizeException e2) {
            throw new IllegalStateException("IllegalBlockSizeException: " + e2.getMessage());
        }
    }
}
