package com.adobe.internal.pdftoolkit.core.encryption.impl;

import com.adobe.internal.pdftoolkit.core.credentials.impl.RSACredentials;
import com.adobe.internal.pdftoolkit.core.securityframework.CryptoMode;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.OIDContainer;
import com.rsa.certj.CertJ;
import com.rsa.certj.InvalidParameterException;
import com.rsa.certj.InvalidUseException;
import com.rsa.certj.Provider;
import com.rsa.certj.ProviderManagementException;
import com.rsa.certj.cert.CertificateException;
import com.rsa.certj.cert.X509Certificate;
import com.rsa.certj.pkcs7.PKCS7Exception;
import com.rsa.certj.provider.db.MemoryDB;
import com.rsa.certj.provider.path.PKIXCertPath;
import com.rsa.jsafe.JSAFE_AsymmetricCipher;
import com.rsa.jsafe.JSAFE_InvalidParameterException;
import com.rsa.jsafe.JSAFE_InvalidUseException;
import com.rsa.jsafe.JSAFE_MessageDigest;
import com.rsa.jsafe.JSAFE_SecretKey;
import com.rsa.jsafe.JSAFE_SecureRandom;
import com.rsa.jsafe.JSAFE_SymmetricCipher;
import com.rsa.jsafe.JSAFE_UnimplementedException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateEncodingException;
import java.util.Arrays;
import java.util.Vector;

/* loaded from: input_file:com/adobe/internal/pdftoolkit/core/encryption/impl/PKCS7Utils.class */
public class PKCS7Utils {
    private static final byte[] OID_DH_SINGLE_PASS_STDDH_SHA224_KDF = {43, -127, 4, 1, 11, 0};
    private static final byte[] OID_DH_SINGLE_PASS_STDDH_SHA256_KDF = {43, -127, 4, 1, 11, 1};
    private static final byte[] OID_DH_SINGLE_PASS_STDDH_SHA384_KDF = {43, -127, 4, 1, 11, 2};
    private static final byte[] OID_DH_SINGLE_PASS_STDDH_SHA512_KDF = {43, -127, 4, 1, 11, 3};
    private static final byte[] OID_AES128_WRAP = {96, -122, 72, 1, 101, 3, 4, 1, 5};
    private static final byte[] OID_AES192_WRAP = {96, -122, 72, 1, 101, 3, 4, 1, 25};
    private static final byte[] OID_AES256_WRAP = {96, -122, 72, 1, 101, 3, 4, 1, 45};
    private static final byte[] OID_AES128_CBC = {96, -122, 72, 1, 101, 3, 4, 1, 2};
    private static final byte[] OID_AES192_CBC = {96, -122, 72, 1, 101, 3, 4, 1, 22};
    private static final byte[] OID_AES256_CBC = {96, -122, 72, 1, 101, 3, 4, 1, 42};
    private static final byte[] OID_3DES_EDE_CBC = {42, -122, 72, -122, -9, 13, 3, 7};
    private static final byte[] OID_RC4_CBC = {42, -122, 72, -122, -9, 13, 3, 4};
    private static final byte[] OID_RSA_Encryption = {42, -122, 72, -122, -9, 13, 1, 1, 1};
    private static final byte[] OID_EC_PUBLICKEY = {42, -122, 72, -50, 61, 2, 1};
    private static final byte[] OID_EC_PUBLICKEY_PRIME192 = {42, -122, 72, -50, 61, 3, 1, 1};
    private static final byte[] OID_EC_PUBLICKEY_PRIME224 = {43, -127, 4, 0, 33};
    private static final byte[] OID_EC_PUBLICKEY_PRIME256 = {42, -122, 72, -50, 61, 3, 1, 7};
    private static final byte[] OID_EC_PUBLICKEY_PRIME384 = {43, -127, 4, 0, 34};
    private static final byte[] OID_EC_PUBLICKEY_PRIME521 = {43, -127, 4, 0, 35};
    private static final byte[] OID_PKCS7_DATA = {42, -122, 72, -122, -9, 13, 1, 7, 1};
    private static final byte[] OID_ENVELOPEDDATA = {42, -122, 72, -122, -9, 13, 1, 7, 3};

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JSAFE_SymmetricCipher getSymmetricCipher(byte[] bArr) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        if (Arrays.equals(bArr, OID_AES128_CBC)) {
            return JSAFE_SymmetricCipher.getInstance("AES128/CBC/PKCS5Padding", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_AES192_CBC)) {
            return JSAFE_SymmetricCipher.getInstance("AES192/CBC/PKCS5Padding", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_AES256_CBC)) {
            return JSAFE_SymmetricCipher.getInstance("AES256/CBC/PKCS5Padding", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_3DES_EDE_CBC)) {
            return JSAFE_SymmetricCipher.getInstance("3DES_EDE/CBC/NoPad", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_RC4_CBC)) {
            return JSAFE_SymmetricCipher.getInstance("RC4/CBC/PKCS5Padding", "Native/Java");
        }
        throw new JSAFE_UnimplementedException("data encryption algorithm OID is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JSAFE_SecretKey getJSAFE_SecretKey(byte[] bArr) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        if (Arrays.equals(bArr, OID_3DES_EDE_CBC)) {
            return JSAFE_SecretKey.getInstance("3DES_EDE", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_AES128_WRAP)) {
            return JSAFE_SecretKey.getInstance("AES128", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_AES192_WRAP)) {
            return JSAFE_SecretKey.getInstance("AES192", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_AES256_WRAP)) {
            return JSAFE_SecretKey.getInstance("AES256", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_RC4_CBC)) {
            return JSAFE_SecretKey.getInstance("RC4", "Native/Java");
        }
        throw new JSAFE_UnimplementedException("Key encryption OID is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JSAFE_MessageDigest getKDFHash(byte[] bArr) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        if (Arrays.equals(bArr, OID_DH_SINGLE_PASS_STDDH_SHA224_KDF)) {
            return JSAFE_MessageDigest.getInstance("SHA224", "Java");
        }
        if (Arrays.equals(bArr, OID_DH_SINGLE_PASS_STDDH_SHA256_KDF)) {
            return JSAFE_MessageDigest.getInstance("SHA256", "Java");
        }
        if (Arrays.equals(bArr, OID_DH_SINGLE_PASS_STDDH_SHA384_KDF)) {
            return JSAFE_MessageDigest.getInstance("SHA384", "Java");
        }
        if (Arrays.equals(bArr, OID_DH_SINGLE_PASS_STDDH_SHA512_KDF)) {
            return JSAFE_MessageDigest.getInstance("SHA512", "Java");
        }
        throw new JSAFE_UnimplementedException("KDF SHA is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getCurveStrength(byte[] bArr) throws JSAFE_UnimplementedException {
        if (Arrays.equals(bArr, OID_AES128_WRAP) || Arrays.equals(bArr, OID_AES256_WRAP)) {
            return "FIPS186Random";
        }
        throw new JSAFE_UnimplementedException("Elliptic curve strength is not defined.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JSAFE_AsymmetricCipher getAsymmetricCipher(byte[] bArr) throws JSAFE_UnimplementedException, JSAFE_InvalidParameterException {
        if (Arrays.equals(bArr, OID_RSA_Encryption)) {
            return JSAFE_AsymmetricCipher.getInstance("RSA/PKCS1Block02Pad", "Java");
        }
        if (Arrays.equals(bArr, OID_AES128_CBC)) {
            return JSAFE_AsymmetricCipher.getInstance("AES128/CBC/PKCS5Padding", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_AES192_CBC)) {
            return JSAFE_AsymmetricCipher.getInstance("AES192/CBC/PKCS5Padding", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_AES256_CBC)) {
            return JSAFE_AsymmetricCipher.getInstance("AES256/CBC/PKCS5Padding", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_3DES_EDE_CBC)) {
            return JSAFE_AsymmetricCipher.getInstance("3DES_EDE/CBC/NoPad", "Native/Java");
        }
        if (Arrays.equals(bArr, OID_RC4_CBC)) {
            return JSAFE_AsymmetricCipher.getInstance("RC4/CBC/PKCS5Padding", "Native/Java");
        }
        throw new JSAFE_UnimplementedException("data encryption algorithm OID is not supported.");
    }

    public static CertJ createCertJContext(RSACredentials[] rSACredentialsArr, CryptoMode cryptoMode) throws CertificateEncodingException, CertificateException, JSAFE_UnimplementedException, InvalidParameterException, ProviderManagementException, InvalidUseException, PKCS7Exception, JSAFE_InvalidUseException {
        Vector vector = new Vector();
        Vector vector2 = new Vector();
        Vector vector3 = new Vector();
        Vector vector4 = new Vector();
        for (int i = 0; i < rSACredentialsArr.length; i++) {
            X509Certificate rSAX509Cert = rSACredentialsArr[i].getRSAX509Cert();
            vector.add(rSAX509Cert);
            vector3.add(rSACredentialsArr[i].getJSAFEPrivateKey());
            vector4.add(rSAX509Cert.getSubjectPublicKey("Java"));
        }
        CertJ certJ = new CertJ(new Provider[]{new MemoryDB("Gibson DB", vector, vector2, vector3, vector4), new PKIXCertPath("PKIX Cert Path Verifier")});
        if (CertJ.isFIPS140Compliant()) {
            if (cryptoMode == CryptoMode.NON_FIPS_MODE) {
                CertJ.setRole(10);
                CertJ.setMode(1);
                CertJ.setRole(11);
            } else if (cryptoMode == CryptoMode.FIPS_MODE) {
                CertJ.setRole(10);
                CertJ.setMode(0);
                CertJ.setRole(11);
            }
        }
        return certJ;
    }

    static OIDContainer getECDHOIDContainer(String str) throws ASN_Exception, JSAFE_UnimplementedException {
        if (str.equalsIgnoreCase("SHA224")) {
            return new OIDContainer(0, true, 0, OID_DH_SINGLE_PASS_STDDH_SHA224_KDF, 0, OID_DH_SINGLE_PASS_STDDH_SHA224_KDF.length);
        }
        if (str.equalsIgnoreCase("SHA256")) {
            return new OIDContainer(0, true, 0, OID_DH_SINGLE_PASS_STDDH_SHA256_KDF, 0, OID_DH_SINGLE_PASS_STDDH_SHA256_KDF.length);
        }
        if (str.equalsIgnoreCase("SHA384")) {
            return new OIDContainer(0, true, 0, OID_DH_SINGLE_PASS_STDDH_SHA384_KDF, 0, OID_DH_SINGLE_PASS_STDDH_SHA384_KDF.length);
        }
        if (str.equalsIgnoreCase("SHA512")) {
            return new OIDContainer(0, true, 0, OID_DH_SINGLE_PASS_STDDH_SHA512_KDF, 0, OID_DH_SINGLE_PASS_STDDH_SHA512_KDF.length);
        }
        throw new JSAFE_UnimplementedException("ECDH algorithm OID is not supported.");
    }

    static OIDContainer getKeyEncryptionAlgorithmContainer(String str) throws ASN_Exception, JSAFE_UnimplementedException {
        if (str.equalsIgnoreCase("AES128")) {
            return new OIDContainer(0, true, 0, OID_AES128_WRAP, 0, OID_AES128_WRAP.length);
        }
        if (str.equalsIgnoreCase("AES192")) {
            return new OIDContainer(0, true, 0, OID_AES192_WRAP, 0, OID_AES192_WRAP.length);
        }
        if (str.equalsIgnoreCase("AES256")) {
            return new OIDContainer(0, true, 0, OID_AES256_WRAP, 0, OID_AES256_WRAP.length);
        }
        throw new JSAFE_UnimplementedException("Key Encryption algorithm OID is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OIDContainer getPKCS7DataOID() throws ASN_Exception {
        return new OIDContainer(16777216, true, 0, OID_PKCS7_DATA, 0, OID_PKCS7_DATA.length);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OIDContainer getEnvelopedDataOID() throws ASN_Exception {
        return new OIDContainer(16777216, true, 0, OID_ENVELOPEDDATA, 0, OID_ENVELOPEDDATA.length);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OIDContainer getECPublicKeyOID() throws ASN_Exception {
        return new OIDContainer(0, true, 0, OID_EC_PUBLICKEY, 0, OID_EC_PUBLICKEY.length);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OIDContainer getECPublicKeyPrimeOID(String str) throws ASN_Exception, JSAFE_UnimplementedException {
        if (str.equalsIgnoreCase("SHA192")) {
            return new OIDContainer(0, true, 0, OID_EC_PUBLICKEY_PRIME192, 0, OID_EC_PUBLICKEY_PRIME192.length);
        }
        if (str.equalsIgnoreCase("SHA224")) {
            return new OIDContainer(0, true, 0, OID_EC_PUBLICKEY_PRIME224, 0, OID_EC_PUBLICKEY_PRIME224.length);
        }
        if (str.equalsIgnoreCase("SHA256")) {
            return new OIDContainer(0, true, 0, OID_EC_PUBLICKEY_PRIME256, 0, OID_EC_PUBLICKEY_PRIME256.length);
        }
        if (str.equalsIgnoreCase("SHA384")) {
            return new OIDContainer(0, true, 0, OID_EC_PUBLICKEY_PRIME384, 0, OID_EC_PUBLICKEY_PRIME384.length);
        }
        if (str.equalsIgnoreCase("SHA512")) {
            return new OIDContainer(0, true, 0, OID_EC_PUBLICKEY_PRIME521, 0, OID_EC_PUBLICKEY_PRIME521.length);
        }
        throw new JSAFE_UnimplementedException("EC Public Key Prime algorithm OID is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getECDHOID(Integer num) throws ASN_Exception, JSAFE_UnimplementedException {
        if (num.intValue() == 128) {
            return OID_DH_SINGLE_PASS_STDDH_SHA256_KDF;
        }
        if (num.intValue() == -128) {
            return OID_DH_SINGLE_PASS_STDDH_SHA384_KDF;
        }
        if (num.intValue() == 256) {
            return OID_DH_SINGLE_PASS_STDDH_SHA512_KDF;
        }
        throw new JSAFE_UnimplementedException("ECDH SHA algorithm OID is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getKeyEncryptionAlgorithmOid(String str) throws JSAFE_UnimplementedException, ASN_Exception {
        if (str.equalsIgnoreCase("V2")) {
            return OID_AES128_WRAP;
        }
        if (str.equalsIgnoreCase("AESV2")) {
            return OID_AES192_WRAP;
        }
        if (str.equalsIgnoreCase("AESV3")) {
            return OID_AES256_WRAP;
        }
        throw new JSAFE_UnimplementedException("key Encryption algorithm OID is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getDataEncryptionAlgorithmOid(String str) throws JSAFE_UnimplementedException, ASN_Exception {
        if (str.equalsIgnoreCase("V2")) {
            return OID_AES128_CBC;
        }
        if (str.equalsIgnoreCase("AESV2")) {
            return OID_AES192_CBC;
        }
        if (str.equalsIgnoreCase("AESV3")) {
            return OID_AES256_CBC;
        }
        throw new JSAFE_UnimplementedException("Data Encryption algorithm OID is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecureRandom getSecureRandom(int i) throws NoSuchAlgorithmException, JSAFE_UnimplementedException {
        if (i != 0) {
            return JSAFE_SecureRandom.getInstance("FIPS186Random", "Java");
        }
        throw new JSAFE_UnimplementedException("Secure random FIPS186Random is not supported.");
    }
}
