package org.jscep.message;

import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.spec.IvParameterSpec;
import org.bouncycastle.asn1.n;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.r0;
import org.bouncycastle.cms.t0;
import org.bouncycastle.operator.m;

/* loaded from: classes.dex */
public final class f {

    /* renamed from: c, reason: collision with root package name */
    private static final e.d.b f2670c = e.d.c.f(f.class);

    /* renamed from: a, reason: collision with root package name */
    private final X509Certificate f2671a;

    /* renamed from: b, reason: collision with root package name */
    private final PrivateKey f2672b;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class a extends org.bouncycastle.cms.a1.i {
        private final PrivateKey g;

        /* renamed from: org.jscep.message.f$a$a, reason: collision with other inner class name */
        /* loaded from: classes.dex */
        class C0071a implements m {

            /* renamed from: a, reason: collision with root package name */
            final /* synthetic */ org.bouncycastle.asn1.o2.a f2673a;

            /* renamed from: b, reason: collision with root package name */
            final /* synthetic */ Cipher f2674b;

            C0071a(a aVar, org.bouncycastle.asn1.o2.a aVar2, Cipher cipher) {
                this.f2673a = aVar2;
                this.f2674b = cipher;
            }

            @Override // org.bouncycastle.operator.m
            public InputStream a(InputStream inputStream) {
                return new CipherInputStream(inputStream, this.f2674b);
            }

            @Override // org.bouncycastle.operator.m
            public org.bouncycastle.asn1.o2.a b() {
                return this.f2673a;
            }
        }

        public a(PrivateKey privateKey) {
            super(privateKey);
            this.g = privateKey;
        }

        private AlgorithmParameterSpec h(org.bouncycastle.asn1.o2.a aVar) {
            return new IvParameterSpec(n.n(aVar.j()).p());
        }

        private Key i(PrivateKey privateKey, byte[] bArr) {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(4, privateKey);
            try {
                return cipher.unwrap(bArr, "DES", 3);
            } catch (InvalidKeyException e2) {
                f.f2670c.e("Cannot unwrap symetric key.  Are you using a valid key pair?");
                throw e2;
            }
        }

        @Override // org.bouncycastle.cms.a1.i, org.bouncycastle.cms.e0
        public t0 a(org.bouncycastle.asn1.o2.a aVar, org.bouncycastle.asn1.o2.a aVar2, byte[] bArr) {
            if (!"1.3.14.3.2.7".equals(aVar2.g().r())) {
                return super.a(aVar, aVar2, bArr);
            }
            try {
                Key i = i(this.g, bArr);
                Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
                cipher.init(2, i, h(aVar2));
                return new t0(new C0071a(this, aVar2, cipher));
            } catch (GeneralSecurityException e2) {
                throw new CMSException("Could not create DES cipher", e2);
            }
        }
    }

    public f(X509Certificate x509Certificate, PrivateKey privateKey) {
        this.f2671a = x509Certificate;
        this.f2672b = privateKey;
    }

    private org.bouncycastle.cms.a1.i c() {
        return new a(this.f2672b);
    }

    private void d(org.bouncycastle.cms.e eVar) {
        org.bouncycastle.asn1.b2.h i = org.bouncycastle.asn1.b2.h.i(eVar.c().g());
        e.d.b bVar = f2670c;
        bVar.i("pkcsPkiEnvelope version: {}", i.m());
        bVar.i("pkcsPkiEnvelope encryptedContentInfo contentType: {}", i.h().h());
    }

    public byte[] b(org.bouncycastle.cms.e eVar) {
        e.d.b bVar = f2670c;
        bVar.f("Decoding pkcsPkiEnvelope");
        d(eVar);
        bVar.c("Decrypting pkcsPkiEnvelope using key belonging to [dn={}; serial={}]", this.f2671a.getSubjectDN(), this.f2671a.getSerialNumber());
        r0 a2 = eVar.b().a(new org.bouncycastle.cms.a1.k(this.f2671a));
        if (a2 == null) {
            throw new MessageDecodingException("Missing expected key transfer recipient " + this.f2671a.getSubjectDN());
        }
        bVar.i("pkcsPkiEnvelope encryption algorithm: {}", a2.c().g());
        try {
            byte[] a3 = a2.a(c());
            bVar.f("Finished decoding pkcsPkiEnvelope");
            return a3;
        } catch (CMSException e2) {
            throw new MessageDecodingException(e2);
        }
    }
}
