package cfca.sadk.envelope;

import cfca.sadk.algorithm.common.CBCParam;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.util.SymmetricHelper;
import cfca.sadk.algorithm.util.SymmetricParams;
import cfca.sadk.asn1.parser.ASN1Node;
import cfca.sadk.asn1.parser.EnvelopFileParser;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.org.bouncycastle.asn1.ASN1Encodable;
import cfca.sadk.org.bouncycastle.asn1.ASN1Sequence;
import cfca.sadk.org.bouncycastle.asn1.ASN1Set;
import cfca.sadk.org.bouncycastle.asn1.DEROctetString;
import cfca.sadk.org.bouncycastle.asn1.cms.EncryptedContentInfo;
import cfca.sadk.org.bouncycastle.asn1.cms.EnvelopedData;
import cfca.sadk.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cfca.sadk.org.bouncycastle.cms.CMSEnvelopedData;
import cfca.sadk.system.SADKDebugger;
import cfca.sadk.system.logging.LoggerManager;
import cfca.sadk.util.Base64;
import cfca.sadk.x509.certificate.X509Cert;
import java.io.File;
import java.security.PrivateKey;
import java.util.ArrayList;

/* loaded from: input_file:cfca/sadk/envelope/EnvelopeDecryptHelper.class */
public final class EnvelopeDecryptHelper {
    public static final boolean openEnvelopedFile(String str, String str2, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (str == null) {
            throw new PKIException("openEnvelopedFile failed: missing inEnvelopedFilePath");
        }
        if (str2 == null) {
            throw new PKIException("openEnvelopedFile failed: missing outSourceFilePath");
        }
        if (privateKey == null) {
            throw new PKIException("openEnvelopedFile failed: missing recipientPrivateKey");
        }
        if (x509Cert == null) {
            throw new PKIException("openEnvelopedFile failed: missing recipientCert");
        }
        if (session == null) {
            throw new PKIException("openEnvelopedFile failed: missing session");
        }
        try {
            EnvelopFileParser envelopFileParser = new EnvelopFileParser(new File(str));
            envelopFileParser.parser();
            ASN1Node receiver_node = envelopFileParser.getReceiver_node();
            if (receiver_node == null) {
                throw new PKIException("openEnvelopedFile failed: missing recipientNode");
            }
            ASN1Node encrypted_node = envelopFileParser.getEncrypted_node();
            if (encrypted_node == null) {
                throw new PKIException("openEnvelopedFile failed: missing encryptedNode");
            }
            ArrayList arrayList = encrypted_node.childNodes;
            if (arrayList == null) {
                throw new PKIException("openEnvelopedFile failed: missing encryptedChildNodes");
            }
            if (arrayList.size() < 3) {
                throw new PKIException("openEnvelopedFile failed: encryptedChildNodes less 3-node");
            }
            try {
                return decryptedContext(buildSymmetricEncryptedType((ASN1Node) encrypted_node.childNodes.get(1), decryptRecipientKey(privateKey, x509Cert, receiver_node, session)), (ASN1Node) encrypted_node.childNodes.get(2), str2, session);
            } catch (PKIException e) {
                throw e;
            } catch (Exception e2) {
                throw new PKIException("openEnvelopedFile failed: " + e2.getMessage(), e2);
            } catch (Throwable th) {
                throw new PKIException("openEnvelopedFile failed: " + th.getMessage(), th);
            }
        } catch (Exception e3) {
            throw new PKIException("openEnvelopedFile failed: @parsed EnvelopFile failed", e3);
        }
    }

    public static final byte[] openEnvelopedMessage(byte[] bArr, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (bArr == null) {
            throw new PKIException("openEnvelopedMessage failed: missing base64EnvelopeMessage");
        }
        if (privateKey == null) {
            throw new PKIException("openEnvelopedMessage failed: missing recipientPrivateKey");
        }
        if (x509Cert == null) {
            throw new PKIException("openEnvelopedMessage failed: missing recipientCert");
        }
        if (session == null) {
            throw new PKIException("openEnvelopedMessage failed: missing session");
        }
        try {
            try {
                EnvelopedData envelopedData = EnvelopedData.getInstance(new CMSEnvelopedData(Base64.decode(bArr)).toASN1Structure().getContent());
                try {
                    byte[] decryptRecipientKey = decryptRecipientKey(privateKey, x509Cert, envelopedData.getRecipientInfos(), session);
                    EncryptedContentInfo encryptedContentInfo = envelopedData.getEncryptedContentInfo();
                    return decryptedContext(buildSymmetricEncryptedType(encryptedContentInfo.getContentEncryptionAlgorithm(), decryptRecipientKey), encryptedContentInfo.getEncryptedContent().getOctets(), session);
                } catch (PKIException e) {
                    throw e;
                } catch (Exception e2) {
                    throw new PKIException("openEnvelopedMessage failed: " + e2.getMessage(), e2);
                } catch (Throwable th) {
                    throw new PKIException("openEnvelopedMessage failed: " + th.getMessage(), th);
                }
            } catch (Exception e3) {
                throw new PKIException("openEnvelopedMessage failed: @EnvelopedData decode failed!", e3);
            }
        } catch (Exception e4) {
            throw new PKIException("openEnvelopedMessage failed: @Base64EnvelopedMessage decode failed!", e4);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:28:0x007d, code lost:
    
        r12 = r0.getEncryptedKey();
        r13 = r0.getKeyEncryptionAlgorithm();
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static final byte[] decryptRecipientKey(java.security.PrivateKey r7, cfca.sadk.x509.certificate.X509Cert r8, cfca.sadk.org.bouncycastle.asn1.ASN1Set r9, cfca.sadk.lib.crypto.Session r10) throws cfca.sadk.algorithm.common.PKIException {
        /*
            Method dump skipped, instructions count: 371
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: cfca.sadk.envelope.EnvelopeDecryptHelper.decryptRecipientKey(java.security.PrivateKey, cfca.sadk.x509.certificate.X509Cert, cfca.sadk.org.bouncycastle.asn1.ASN1Set, cfca.sadk.lib.crypto.Session):byte[]");
    }

    private static final byte[] decryptRecipientKey(PrivateKey privateKey, X509Cert x509Cert, ASN1Node aSN1Node, Session session) throws PKIException {
        if (aSN1Node == null) {
            throw new PKIException("openEnvelopedFailed@decryptRecipientKey->required recipientNode not null");
        }
        try {
            return decryptRecipientKey(privateKey, x509Cert, ASN1Set.getInstance(aSN1Node.getData()), session);
        } catch (Exception e) {
            throw new PKIException("openEnvelopedFailed@decryptRecipientKey->decoded recipientNode failed!", e);
        }
    }

    private static final SymmetricParams buildSymmetricEncryptedType(AlgorithmIdentifier algorithmIdentifier, byte[] bArr) throws PKIException {
        if (algorithmIdentifier == null) {
            throw new PKIException("openEnvelopedFailed@buildSymmetricEncryptedType->required symmetricEncryptedAlgorithm not null");
        }
        if (bArr == null) {
            throw new PKIException("openEnvelopedFailed@buildSymmetricEncryptedType->required symmetricKey not null");
        }
        String symmetricAlgorithmName = SymmetricParams.getSymmetricAlgorithmName(algorithmIdentifier.getAlgorithm());
        if (symmetricAlgorithmName == null) {
            throw new PKIException("openEnvelopedFailed@buildSymmetricEncryptedType->do not support symmetricEncryptedAlgorithmOID=" + algorithmIdentifier.getAlgorithm());
        }
        byte[] bArr2 = null;
        ASN1Encodable parameters = algorithmIdentifier.getParameters();
        if (parameters != null && (parameters instanceof DEROctetString)) {
            bArr2 = ((DEROctetString) parameters).getOctets();
        }
        return new SymmetricParams(symmetricAlgorithmName, bArr, bArr2);
    }

    private static final SymmetricParams buildSymmetricEncryptedType(ASN1Node aSN1Node, byte[] bArr) throws PKIException {
        if (aSN1Node == null) {
            throw new PKIException("openEnvelopedFailed@buildSymmetricEncryptedType->required symmetricEncryptedAlgorithmNode not null");
        }
        try {
            return buildSymmetricEncryptedType(AlgorithmIdentifier.getInstance(ASN1Sequence.getInstance(aSN1Node.getData())), bArr);
        } catch (Exception e) {
            throw new PKIException("openEnvelopedFailed@buildSymmetricEncryptedType->decoded symmetricEncryptedAlgorithm failed!", e);
        }
    }

    private static byte[] decryptedContext(SymmetricParams symmetricParams, byte[] bArr, Session session) throws PKIException {
        if (symmetricParams == null) {
            throw new PKIException("openEnvelopedFailed@decryptedContext->required mechanismKey not null!");
        }
        if (symmetricParams.mechanismType == null) {
            throw new PKIException("openEnvelopedFailed@decryptedContext->required mechanismType not null!");
        }
        if (symmetricParams.symmetricKey == null) {
            throw new PKIException("openEnvelopedFailed@decryptedContext->required symmetricKey not null!");
        }
        String str = symmetricParams.mechanismType;
        byte[] bArr2 = symmetricParams.symmetricKey;
        byte[] bArr3 = symmetricParams.iv;
        boolean z = session != null && session.useJniNativeOperation();
        Mechanism mechanism = new Mechanism(str, new CBCParam(bArr3));
        try {
            return SymmetricHelper.dataDecrypt(z, mechanism, bArr2, bArr);
        } catch (Exception e) {
            LoggerManager.exceptionLogger.error("openEnvelopedFailed@decryptedContext symmetricDecryptFailed: forJNILib={},mechanism={},symmetricKey={},symmetricEncryptedContextBytes={}", new Object[]{Boolean.valueOf(z), mechanism, SADKDebugger.dump(bArr2), SADKDebugger.dump(bArr), e});
            throw new PKIException("openEnvelopedFailed@decryptedContext symmetricDecryptFailed", e);
        } catch (Throwable th) {
            LoggerManager.exceptionLogger.error("openEnvelopedFailed@decryptedContext symmetricDecryptFailed: forJNILib={},mechanism={},symmetricKey={},symmetricEncryptedContextBytes={}", new Object[]{Boolean.valueOf(z), mechanism, SADKDebugger.dump(bArr2), SADKDebugger.dump(bArr), th});
            throw new PKIException("openEnvelopedFailed@decryptedContext symmetricDecryptFailed", th);
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:40:0x029b
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private static boolean decryptedContext(cfca.sadk.algorithm.util.SymmetricParams r6, cfca.sadk.asn1.parser.ASN1Node r7, java.lang.String r8, cfca.sadk.lib.crypto.Session r9) throws cfca.sadk.algorithm.common.PKIException {
        /*
            Method dump skipped, instructions count: 671
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: cfca.sadk.envelope.EnvelopeDecryptHelper.decryptedContext(cfca.sadk.algorithm.util.SymmetricParams, cfca.sadk.asn1.parser.ASN1Node, java.lang.String, cfca.sadk.lib.crypto.Session):boolean");
    }
}
