package com.cryptoarmgost_mobile.Pkcs11Caller.bcprimitives;

import com.cryptoarmgost_mobile.Pkcs11Caller.RtPkcs11Library;
import com.cryptoarmgost_mobile.Pkcs11Caller.exception.Pkcs11Exception;
import com.sun.jna.NativeLong;
import com.sun.jna.Pointer;
import com.sun.jna.ptr.NativeLongByReference;
import java.io.InputStream;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import net.lingala.zip4j.util.InternalZipConstants;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.KeyTransRecipient;
import org.bouncycastle.cms.RecipientOperator;
import org.bouncycastle.jcajce.io.CipherInputStream;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.DefaultAlgorithmNameFinder;
import org.bouncycastle.operator.InputDecryptor;
import ru.CryptoPro.JCSP.JCSP;
import ru.rutoken.pkcs11jna.CK_MECHANISM;
import ru.rutoken.pkcs11jna.RtPkcs11;

/* loaded from: classes.dex */
public class RtRsaKeyTransEnvelopedRecipient implements KeyTransRecipient {
    private final String mCipherTransformation;
    private final byte[] mIv;
    private final long mKeyHandle;
    private final String mSecretKeySpecAlgorithm;
    private final long mSessionHandle;

    public RtRsaKeyTransEnvelopedRecipient(long j, long j2, byte[] bArr, AlgorithmIdentifier algorithmIdentifier) {
        this.mSessionHandle = j;
        this.mKeyHandle = j2;
        this.mIv = bArr;
        if (algorithmIdentifier.getAlgorithm() == CMSAlgorithm.DES_CBC) {
            this.mCipherTransformation = "DES/CBC/PKCS5Padding";
            this.mSecretKeySpecAlgorithm = JCSP.DES_NAME;
        } else {
            String algorithmName = new DefaultAlgorithmNameFinder().getAlgorithmName(algorithmIdentifier);
            this.mCipherTransformation = getCipherTransformation(algorithmName);
            this.mSecretKeySpecAlgorithm = getSecretKeySpecAlgorithmName(algorithmName);
        }
    }

    private static String getCipherTransformation(String str) {
        String[] split = str.split(InternalZipConstants.ZIP_FILE_SEPARATOR);
        return split[0].split("-")[0] + InternalZipConstants.ZIP_FILE_SEPARATOR + split[1] + "/PKCS5Padding";
    }

    private static String getSecretKeySpecAlgorithmName(String str) {
        return str.split(InternalZipConstants.ZIP_FILE_SEPARATOR)[0].split("-")[0];
    }

    @Override // org.bouncycastle.cms.KeyTransRecipient
    public RecipientOperator getRecipientOperator(AlgorithmIdentifier algorithmIdentifier, final AlgorithmIdentifier algorithmIdentifier2, byte[] bArr) throws CMSException {
        try {
            RtPkcs11 pkcs = RtPkcs11Library.getInstance().getPkcs();
            Pkcs11Exception.throwIfNotOk("C_DecryptInit failed", pkcs.C_DecryptInit(new NativeLong(this.mSessionHandle), new CK_MECHANISM(1L, (Pointer) null, 0L), new NativeLong(this.mKeyHandle)));
            NativeLongByReference nativeLongByReference = new NativeLongByReference();
            Pkcs11Exception.throwIfNotOk("C_Decrypt failed", pkcs.C_Decrypt(new NativeLong(this.mSessionHandle), bArr, new NativeLong(bArr.length), null, nativeLongByReference));
            int intValue = nativeLongByReference.getValue().intValue();
            byte[] bArr2 = new byte[intValue];
            Pkcs11Exception.throwIfNotOk("C_Decrypt failed", pkcs.C_Decrypt(new NativeLong(this.mSessionHandle), bArr, new NativeLong(bArr.length), bArr2, nativeLongByReference));
            final Cipher cipher = Cipher.getInstance(this.mCipherTransformation, BouncyCastleProvider.PROVIDER_NAME);
            cipher.init(2, new SecretKeySpec(bArr2, 0, intValue, this.mSecretKeySpecAlgorithm), new IvParameterSpec(this.mIv));
            return new RecipientOperator(new InputDecryptor() { // from class: com.cryptoarmgost_mobile.Pkcs11Caller.bcprimitives.RtRsaKeyTransEnvelopedRecipient.1
                @Override // org.bouncycastle.operator.InputDecryptor
                public AlgorithmIdentifier getAlgorithmIdentifier() {
                    return algorithmIdentifier2;
                }

                @Override // org.bouncycastle.operator.InputDecryptor
                public InputStream getInputStream(InputStream inputStream) {
                    return new CipherInputStream(inputStream, cipher);
                }
            });
        } catch (Exception e) {
            throw new CMSException("CMS decrypt error", e);
        }
    }
}
