package com.cryptoarmgost_mobile.Pkcs11Caller.bcprimitives;

import com.cryptoarmgost_mobile.Pkcs11Caller.CK_GOSTR3410_DERIVE_PARAMS_JRT;
import com.cryptoarmgost_mobile.Pkcs11Caller.RtPkcs11Library;
import com.cryptoarmgost_mobile.Pkcs11Caller.UtilsPkcs11;
import com.cryptoarmgost_mobile.Pkcs11Caller.exception.Pkcs11Exception;
import com.sun.jna.Memory;
import com.sun.jna.NativeLong;
import com.sun.jna.ptr.NativeLongByReference;
import java.io.IOException;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
import org.bouncycastle.asn1.cryptopro.GostR3410KeyTransport;
import org.bouncycastle.asn1.cryptopro.GostR3410TransportParameters;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.KeyTransRecipient;
import org.bouncycastle.cms.RecipientOperator;
import org.bouncycastle.util.Arrays;
import ru.rutoken.pkcs11jna.CK_ATTRIBUTE;
import ru.rutoken.pkcs11jna.CK_MECHANISM;
import ru.rutoken.pkcs11jna.Pkcs11Constants;
import ru.rutoken.pkcs11jna.RtPkcs11;

/* loaded from: classes.dex */
public class RtGostKeyTransEnvelopedRecipient implements KeyTransRecipient {
    private static final long CKD_CPDIVERSIFY_KDF_JRT = -1879048183;
    private final long mKeyHandle;
    private final long mSessionHandle;

    public RtGostKeyTransEnvelopedRecipient(long j, long j2) {
        this.mSessionHandle = j;
        this.mKeyHandle = j2;
    }

    private CK_MECHANISM makeDeriveMechanism(GostR3410TransportParameters gostR3410TransportParameters) throws IOException {
        byte[] octets = ASN1OctetString.getInstance(gostR3410TransportParameters.getEphemeralPublicKey().parsePublicKey()).getOctets();
        byte[] ukm = gostR3410TransportParameters.getUkm();
        if (!CryptoProObjectIdentifiers.gostR3410_2001.equals((ASN1Primitive) gostR3410TransportParameters.getEphemeralPublicKey().getAlgorithm().getAlgorithm())) {
            Memory allocateDeriveParamsGOSTR3410_2012 = UtilsPkcs11.allocateDeriveParamsGOSTR3410_2012(-734916571, octets, ukm);
            return new CK_MECHANISM(3560050695L, allocateDeriveParamsGOSTR3410_2012, allocateDeriveParamsGOSTR3410_2012.size());
        }
        CK_GOSTR3410_DERIVE_PARAMS_JRT ck_gostr3410_derive_params_jrt = new CK_GOSTR3410_DERIVE_PARAMS_JRT(new NativeLong(CKD_CPDIVERSIFY_KDF_JRT), new NativeLong(octets.length), octets, new NativeLong(ukm.length), ukm);
        ck_gostr3410_derive_params_jrt.write();
        return new CK_MECHANISM(Pkcs11Constants.CKM_GOSTR3410_DERIVE, ck_gostr3410_derive_params_jrt.getPointer(), ck_gostr3410_derive_params_jrt.size());
    }

    @Override // org.bouncycastle.cms.KeyTransRecipient
    public RecipientOperator getRecipientOperator(AlgorithmIdentifier algorithmIdentifier, AlgorithmIdentifier algorithmIdentifier2, byte[] bArr) throws CMSException {
        try {
            RtPkcs11 pkcs = RtPkcs11Library.getInstance().getPkcs();
            GostR3410KeyTransport gostR3410KeyTransport = GostR3410KeyTransport.getInstance(bArr);
            GostR3410TransportParameters transportParameters = gostR3410KeyTransport.getTransportParameters();
            CK_ATTRIBUTE[] ck_attributeArr = (CK_ATTRIBUTE[]) new CK_ATTRIBUTE().toArray(4);
            ck_attributeArr[0].setAttr(0L, 4L);
            ck_attributeArr[1].setAttr(256L, 50L);
            ck_attributeArr[2].setAttr(1L, false);
            ck_attributeArr[3].setAttr(594L, transportParameters.getEncryptionParamSet().getEncoded());
            NativeLongByReference nativeLongByReference = new NativeLongByReference();
            Pkcs11Exception.throwIfNotOk("C_DeriveKey failed", pkcs.C_DeriveKey(new NativeLong(this.mSessionHandle), makeDeriveMechanism(transportParameters), new NativeLong(this.mKeyHandle), ck_attributeArr, new NativeLong(ck_attributeArr.length), nativeLongByReference));
            NativeLong value = nativeLongByReference.getValue();
            Memory memory = new Memory(transportParameters.getUkm().length);
            memory.write(0L, transportParameters.getUkm(), 0, transportParameters.getUkm().length);
            CK_MECHANISM ck_mechanism = new CK_MECHANISM(Pkcs11Constants.CKM_GOST28147_KEY_WRAP, memory, memory.size());
            byte[] concatenate = Arrays.concatenate(gostR3410KeyTransport.getSessionEncryptedKey().getEncryptedKey(), gostR3410KeyTransport.getSessionEncryptedKey().getMacKey());
            GOST28147Parameters gOST28147Parameters = GOST28147Parameters.getInstance(algorithmIdentifier2.getParameters());
            CK_ATTRIBUTE[] ck_attributeArr2 = (CK_ATTRIBUTE[]) new CK_ATTRIBUTE().toArray(6);
            ck_attributeArr2[0].setAttr(0L, 4L);
            ck_attributeArr2[1].setAttr(256L, 50L);
            ck_attributeArr2[2].setAttr(1L, false);
            ck_attributeArr2[3].setAttr(259L, false);
            ck_attributeArr2[4].setAttr(354L, true);
            ck_attributeArr2[5].setAttr(594L, gOST28147Parameters.getEncryptionParamSet().getEncoded());
            NativeLongByReference nativeLongByReference2 = new NativeLongByReference();
            Pkcs11Exception.throwIfNotOk("C_UnwrapKey failed", pkcs.C_UnwrapKey(new NativeLong(this.mSessionHandle), ck_mechanism, value, concatenate, new NativeLong(concatenate.length), ck_attributeArr2, new NativeLong(ck_attributeArr2.length), nativeLongByReference2));
            return new RecipientOperator(new RtInputDecryptor(this.mSessionHandle, nativeLongByReference2.getValue().longValue(), algorithmIdentifier2));
        } catch (Pkcs11Exception | IOException e) {
            throw new CMSException("CMS decrypt error", e);
        }
    }
}
