package weblogic.xml.crypto.encrypt;

import com.bea.security.utils.random.SecureRandomData;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.XMLStreamWriter;
import weblogic.xml.crypto.api.MarshalException;
import weblogic.xml.crypto.dsig.DigestMethodImpl;
import weblogic.xml.crypto.dsig.WLDigestMethod;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionException;
import weblogic.xml.crypto.encrypt.api.spec.RSAOAEPParameterSpec;
import weblogic.xml.crypto.utils.StaxUtils;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic/xml/crypto/encrypt/KeyWrapRSAOAEP.class */
public final class KeyWrapRSAOAEP extends KeyWrap implements WLEncryptionMethodFactory {
    private static final String ALGORITHM_ID = "RSA/NoPad";
    public static final String TAG_OAEP_PARAMS = "OAEPparams";
    private static final byte[] EMPTY_PARAMS = new byte[0];

    private KeyWrapRSAOAEP() {
        super("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p", null, null);
    }

    private KeyWrapRSAOAEP(Integer num, AlgorithmParameterSpec algorithmParameterSpec) {
        super("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p", num, algorithmParameterSpec);
    }

    public static void init() {
        WLEncryptionMethod.register(new KeyWrapRSAOAEP());
    }

    @Override // weblogic.xml.crypto.encrypt.WLEncryptionMethod
    protected void writeParameters(XMLStreamWriter xMLStreamWriter) throws XMLStreamException {
        byte[] oAEPParams = getOAEPParams(getParams());
        if (oAEPParams != null && oAEPParams.length > 0) {
            StaxUtils.writeElement(xMLStreamWriter, "http://www.w3.org/2001/04/xmlenc#", "OAEPparams", Utils.base64(oAEPParams));
        }
        try {
            getDigestMethod(getParams()).write(xMLStreamWriter);
        } catch (MarshalException e) {
            throw new XMLStreamException(e);
        } catch (XMLEncryptionException e2) {
            throw new XMLStreamException(e2);
        }
    }

    public static byte[] getOAEPParams(RSAOAEPParameterSpec rSAOAEPParameterSpec) {
        byte[] oAEPParams;
        if (rSAOAEPParameterSpec != null && (oAEPParams = rSAOAEPParameterSpec.getOAEPParams()) != null) {
            return oAEPParams;
        }
        return EMPTY_PARAMS;
    }

    private RSAOAEPParameterSpec getParams() {
        return (RSAOAEPParameterSpec) this.params;
    }

    @Override // weblogic.xml.crypto.encrypt.WLEncryptionMethodFactory
    public WLEncryptionMethod getEncryptionMethod(AlgorithmParameterSpec algorithmParameterSpec, Integer num) {
        return getKeyWrap(algorithmParameterSpec, num);
    }

    @Override // weblogic.xml.crypto.encrypt.WLEncryptionMethodFactory
    public KeyWrap getKeyWrap(AlgorithmParameterSpec algorithmParameterSpec, Integer num) {
        return (algorithmParameterSpec == null && num == null) ? this : new KeyWrapRSAOAEP(num, algorithmParameterSpec);
    }

    @Override // weblogic.xml.crypto.encrypt.WLEncryptionMethodFactory
    public EncryptionAlgorithm getEncryptionAlgorithm(AlgorithmParameterSpec algorithmParameterSpec, Integer num) {
        throw new UnsupportedOperationException("Algorithm " + getAlgorithm() + " cannot be used for bulk encryption");
    }

    @Override // weblogic.xml.crypto.encrypt.WLEncryptionMethod, weblogic.xml.crypto.encrypt.WLEncryptionMethodFactory
    public AlgorithmParameterSpec readParameters(XMLStreamReader xMLStreamReader) throws MarshalException {
        WLDigestMethod wLDigestMethod;
        try {
            String elementValue = StaxUtils.getElementValue(xMLStreamReader, "http://www.w3.org/2001/04/xmlenc#", "OAEPparams");
            byte[] base64 = elementValue != null ? Utils.base64(elementValue) : EMPTY_PARAMS;
            if (xMLStreamReader.isStartElement()) {
                String localName = xMLStreamReader.getLocalName();
                if (!"DigestMethod".equals(localName)) {
                    throw new MarshalException("Unrecognized Element: " + localName);
                }
                try {
                    wLDigestMethod = DigestMethodImpl.newDigestMethod(xMLStreamReader);
                } catch (NoSuchAlgorithmException e) {
                    throw new MarshalException(e);
                } catch (XMLStreamException e2) {
                    throw new MarshalException(e2);
                } catch (MarshalException e3) {
                    throw new MarshalException(e3);
                }
            } else {
                wLDigestMethod = null;
            }
            return new RSAOAEPParameterSpec(wLDigestMethod, base64);
        } catch (XMLStreamException e4) {
            throw new MarshalException(e4);
        }
    }

    @Override // weblogic.xml.crypto.encrypt.KeyWrap
    public byte[] decrypt(Key key, byte[] bArr) throws XMLEncryptionException {
        if (!(key instanceof RSAPrivateKey)) {
            throw new XMLEncryptionException("Invalid key supplied to: " + getAlgorithm() + ", expecting RSAPrivateKey");
        }
        byte[] decrypt = CipherWrapper.getInstance(ALGORITHM_ID, 2, key).decrypt(bArr);
        byte[] bArr2 = new byte[(((RSAPrivateKey) key).getModulus().bitLength() / 8) - 1];
        int min = Math.min(decrypt.length, bArr2.length);
        System.arraycopy(decrypt, decrypt.length - min, bArr2, bArr2.length - min, min);
        return oaepDecode(getDigestMethod(getParams()).getMessageDigest(), bArr2, getOAEPParams(getParams()));
    }

    private static WLDigestMethod getDigestMethod(RSAOAEPParameterSpec rSAOAEPParameterSpec) throws XMLEncryptionException {
        WLDigestMethod wLDigestMethod;
        if (rSAOAEPParameterSpec != null && (wLDigestMethod = (WLDigestMethod) rSAOAEPParameterSpec.getDigestMethod()) != null) {
            return wLDigestMethod;
        }
        return getDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1");
    }

    @Override // weblogic.xml.crypto.encrypt.KeyWrap
    public byte[] encrypt(Key key, byte[] bArr) throws XMLEncryptionException {
        if (!(key instanceof RSAPublicKey)) {
            throw new XMLEncryptionException("Invalid key supplied to: " + getAlgorithm() + ", expecting RSAPublicKey");
        }
        CipherWrapper cipherWrapper = CipherWrapper.getInstance(ALGORITHM_ID, 1, key);
        byte[] oaepEncode = oaepEncode(getDigestMethod(getParams()).getMessageDigest(), bArr, getOAEPParams(getParams()), (((RSAPublicKey) key).getModulus().bitLength() / 8) - 1);
        byte[] bArr2 = new byte[oaepEncode.length + 1];
        System.arraycopy(oaepEncode, 0, bArr2, 1, oaepEncode.length);
        return cipherWrapper.encrypt(bArr2);
    }

    static byte[] oaepDecode(MessageDigest messageDigest, byte[] bArr, byte[] bArr2) throws XMLEncryptionException {
        int digestLength = messageDigest.getDigestLength();
        if (bArr.length < (2 * digestLength) + 1) {
            throw new XMLEncryptionException("decoding error");
        }
        byte[] bArr3 = new byte[digestLength];
        System.arraycopy(bArr, 0, bArr3, 0, digestLength);
        byte[] bArr4 = new byte[bArr.length - digestLength];
        System.arraycopy(bArr, digestLength, bArr4, 0, bArr.length - digestLength);
        byte[] bArr5 = new byte[digestLength];
        MessageDigest messageDigest2 = getDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1").getMessageDigest();
        mgf1(messageDigest2, bArr4, bArr5);
        for (int i = 0; i < digestLength; i++) {
            int i2 = i;
            bArr3[i2] = (byte) (bArr3[i2] ^ bArr5[i]);
        }
        messageDigest2.reset();
        byte[] bArr6 = new byte[bArr.length - digestLength];
        mgf1(messageDigest2, bArr3, bArr6);
        for (int i3 = 0; i3 < bArr4.length; i3++) {
            int i4 = i3;
            bArr4[i4] = (byte) (bArr4[i4] ^ bArr6[i3]);
        }
        messageDigest.update(bArr2);
        byte[] digest = messageDigest.digest();
        for (int i5 = 0; i5 < digest.length; i5++) {
            if (digest[i5] != bArr4[i5]) {
                throw new XMLEncryptionException("decoding error");
            }
        }
        int i6 = -1;
        int i7 = digestLength;
        while (true) {
            if (i7 >= bArr4.length) {
                break;
            }
            if (bArr4[i7] == 1) {
                i6 = i7 + 1;
                break;
            }
            i7++;
        }
        if (i6 == -1) {
            throw new XMLEncryptionException("decoding error");
        }
        byte[] bArr7 = new byte[bArr4.length - i6];
        System.arraycopy(bArr4, i6, bArr7, 0, bArr7.length);
        return bArr7;
    }

    static byte[] oaepEncode(MessageDigest messageDigest, byte[] bArr, byte[] bArr2, int i) throws XMLEncryptionException {
        int digestLength = messageDigest.getDigestLength();
        if (bArr.length > (i - (2 * digestLength)) - 1) {
            throw new XMLEncryptionException("Export strength certificates not supported");
        }
        byte[] bArr3 = new byte[i - digestLength];
        System.arraycopy(messageDigest.digest(bArr2), 0, bArr3, 0, digestLength);
        int length = bArr3.length - bArr.length;
        System.arraycopy(bArr, 0, bArr3, length, bArr.length);
        bArr3[length - 1] = 1;
        byte[] randomBytes = SecureRandomData.getInstance().getRandomBytes(digestLength);
        byte[] bArr4 = new byte[bArr3.length];
        MessageDigest messageDigest2 = getDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1").getMessageDigest();
        mgf1(messageDigest2, randomBytes, bArr4);
        for (int i2 = 0; i2 < bArr3.length; i2++) {
            int i3 = i2;
            bArr4[i3] = (byte) (bArr4[i3] ^ bArr3[i2]);
        }
        byte[] bArr5 = new byte[digestLength];
        messageDigest2.reset();
        mgf1(messageDigest2, bArr4, bArr5);
        for (int i4 = 0; i4 < bArr5.length; i4++) {
            int i5 = i4;
            bArr5[i5] = (byte) (bArr5[i5] ^ randomBytes[i4]);
        }
        byte[] bArr6 = new byte[bArr5.length + bArr3.length];
        System.arraycopy(bArr5, 0, bArr6, 0, bArr5.length);
        System.arraycopy(bArr4, 0, bArr6, bArr5.length, bArr4.length);
        return bArr6;
    }

    static void mgf1(MessageDigest messageDigest, byte[] bArr, byte[] bArr2) {
        int length = bArr2.length;
        int digestLength = messageDigest.getDigestLength();
        int i = 0;
        int i2 = (length / digestLength) + (1 % digestLength > 0 ? 1 : 0);
        for (int i3 = 0; i3 < i2; i3++) {
            messageDigest.update(bArr);
            messageDigest.update(i2osp(i3));
            byte[] digest = messageDigest.digest();
            int min = Math.min(digestLength, length - i);
            System.arraycopy(digest, 0, bArr2, i, min);
            i += min;
        }
    }

    private static WLDigestMethod getDigestMethod(String str) throws XMLEncryptionException {
        try {
            return DigestMethodImpl.newDigestMethod(str);
        } catch (NoSuchAlgorithmException e) {
            throw new XMLEncryptionException(e);
        }
    }

    static byte[] i2osp(int i) {
        return new byte[]{(byte) (i >>> 24), (byte) (i >>> 16), (byte) (i >>> 8), (byte) (i >>> 0)};
    }
}
