package mx.gob.sat.sgi.SgiCripto.sobre;

import com.sun.jna.platform.win32.WinError;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import mx.gob.sat.sgi.SgiCripto.AlgSimetrico;
import mx.gob.sat.sgi.SgiCripto.CCifrado;
import mx.gob.sat.sgi.SgiCripto.CCifradoSimetrico;
import mx.gob.sat.sgi.SgiCripto.SgiCertificado;
import mx.gob.sat.sgi.SgiCripto.SgiCripto;
import mx.gob.sat.sgi.SgiCripto.SgiCriptoException;
import mx.gob.sat.sgi.SgiCripto.SgiLlavePrivada;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.cms.EncryptedContentInfo;
import org.bouncycastle.asn1.cms.EnvelopedData;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
import org.bouncycastle.asn1.cms.RecipientIdentifier;
import org.bouncycastle.asn1.cms.RecipientInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.CMSEnvelopedDataStreamGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.util.io.Streams;
import org.eclipse.swt.dnd.DND;

/* loaded from: input_file:mx/gob/sat/sgi/SgiCripto/sobre/Ensobretado.class */
public class Ensobretado {
    private int idenSimetrico;
    private EncryptedContentInfo encryptedContentInfo = null;
    private DERSet destinatios = null;
    private boolean iniciado = false;

    private void ver_Ensobretado() {
    }

    public boolean inicia(DEREncodable dEREncodable) throws SgiCriptoException {
        EnvelopedData envelopedData = new EnvelopedData((ASN1Sequence) dEREncodable);
        this.encryptedContentInfo = envelopedData.getEncryptedContentInfo();
        this.destinatios = (DERSet) envelopedData.getRecipientInfos();
        this.idenSimetrico = getIdenSimetrico(this.encryptedContentInfo);
        this.iniciado = true;
        return true;
    }

    public void procesa(X509CertificateStructure x509CertificateStructure, SgiLlavePrivada sgiLlavePrivada, OutputStream outputStream) throws SgiCriptoException, IOException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Sobre no iniciado.", 2001);
        }
        outputStream.write(getContent(getLlaveSimetrica(x509CertificateStructure, sgiLlavePrivada, getRecipientsInfo(), null), this.encryptedContentInfo));
    }

    private RecipientInfo destinatarioInfo(X509CertificateStructure x509CertificateStructure, AlgorithmIdentifier algorithmIdentifier, ASN1OctetString aSN1OctetString) {
        return new RecipientInfo(new KeyTransRecipientInfo(new RecipientIdentifier(new IssuerAndSerialNumber(x509CertificateStructure.getIssuer(), x509CertificateStructure.getSerialNumber().getValue())), algorithmIdentifier, aSN1OctetString));
    }

    public void generaEnsobretadoMod(SgiCertificado[] sgiCertificadoArr, int i, InputStream inputStream, OutputStream outputStream) throws SgiCriptoException {
        try {
            CMSEnvelopedDataStreamGenerator cMSEnvelopedDataStreamGenerator = new CMSEnvelopedDataStreamGenerator();
            for (SgiCertificado sgiCertificado : sgiCertificadoArr) {
                cMSEnvelopedDataStreamGenerator.addKeyTransRecipient(sgiCertificado.getX509_Certificate());
            }
            OutputStream open = cMSEnvelopedDataStreamGenerator.open(outputStream, AlgSimetrico.getAlgoritmoObjId(i).getId(), "BC");
            Streams.pipeAll(inputStream, open);
            open.close();
        } catch (IOException e) {
            throw new SgiCriptoException(new StringBuffer().append("Error IO. ").append(e.getMessage()).toString(), DND.Drop);
        } catch (NoSuchAlgorithmException e2) {
            throw new SgiCriptoException(new StringBuffer().append("No se encontro algoritmo. ").append(e2.getMessage()).toString(), 2003);
        } catch (NoSuchProviderException e3) {
            throw new SgiCriptoException(new StringBuffer().append("No se encontro algoritmo. ").append(e3.getMessage()).toString(), 2002);
        } catch (CMSException e4) {
            throw new SgiCriptoException(new StringBuffer().append("Error al crear el sobre. ").append(e4.getMessage()).toString(), 2005);
        }
    }

    public void generaEnsobretado(SgiCertificado[] sgiCertificadoArr, int i, InputStream inputStream, OutputStream outputStream) throws SgiCriptoException {
        Key generaLlaveSimetrica = generaLlaveSimetrica(i);
        DERSequence envelopedData = getEnvelopedData(getRecipientsInfo(sgiCertificadoArr, i, generaLlaveSimetrica), getEncryptedContentInfo(inputStream, generaLlaveSimetrica, i));
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(PKCSObjectIdentifiers.envelopedData);
        aSN1EncodableVector.add(new DERTaggedObject(true, 0, envelopedData));
        try {
            outputStream.write(new DERSequence(aSN1EncodableVector).getDEREncoded());
            outputStream.close();
        } catch (IOException e) {
            throw new SgiCriptoException(new StringBuffer().append("Error al escribir en la salida. ").append(e.getMessage()).toString(), 2003);
        }
    }

    public ASN1EncodableVector getRecipientsInfo(SgiCertificado[] sgiCertificadoArr, int i, Key key) throws SgiCriptoException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        ASN1EncodableVector certificados = Util.certificados(sgiCertificadoArr);
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, null);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(key.getEncoded());
        for (int i2 = 0; i2 < sgiCertificadoArr.length; i2++) {
            CCifrado inicia = SgiCripto.inicia(sgiCertificadoArr[i2], (SgiLlavePrivada) null);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            inicia.cifra(byteArrayInputStream, byteArrayOutputStream);
            aSN1EncodableVector.add(destinatarioInfo((X509CertificateStructure) certificados.get(i2), algorithmIdentifier, new DEROctetString(byteArrayOutputStream.toByteArray())));
        }
        return aSN1EncodableVector;
    }

    public DERSequence getEncryptedContentInfo(InputStream inputStream, Key key, int i) throws SgiCriptoException {
        CCifradoSimetrico cCifradoSimetrico = new CCifradoSimetrico();
        cCifradoSimetrico.iniciaPk7(i);
        try {
            byte[] bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
            return getEncryptedContentInfo(new AlgorithmIdentifier(AlgSimetrico.getAlgoritmoObjId(i), new DEROctetString(cCifradoSimetrico.getPk7IV())), cCifradoSimetrico.cifrarPk7(key, bArr));
        } catch (IOException e) {
            throw new SgiCriptoException("Sobre no iniciado.", 2004);
        }
    }

    public DERSequence getEncryptedContentInfo(AlgorithmIdentifier algorithmIdentifier, byte[] bArr) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(PKCSObjectIdentifiers.data);
        aSN1EncodableVector.add(algorithmIdentifier);
        aSN1EncodableVector.add(new DERTaggedObject(false, 0, new DEROctetString(bArr)));
        return new DERSequence(aSN1EncodableVector);
    }

    public DERSequence getEnvelopedData(ASN1EncodableVector aSN1EncodableVector, DERSequence dERSequence) {
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(new DERInteger(0));
        aSN1EncodableVector2.add(new DERSet(aSN1EncodableVector));
        aSN1EncodableVector2.add(dERSequence);
        return new DERSequence(aSN1EncodableVector2);
    }

    public Key generaLlaveSimetrica(int i) throws SgiCriptoException {
        try {
            String[] algoritmo = AlgSimetrico.getAlgoritmo(i);
            KeyGenerator keyGenerator = KeyGenerator.getInstance(algoritmo[0]);
            keyGenerator.init(Integer.parseInt(algoritmo[2]));
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            throw new SgiCriptoException(new StringBuffer().append("Algoritmo no encontrado. ").append(e.getMessage()).toString(), 2005);
        }
    }

    private DEROctetString getLlaveCifradaDest(X509CertificateStructure x509CertificateStructure, ASN1EncodableVector aSN1EncodableVector) {
        DEROctetString dEROctetString = null;
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(x509CertificateStructure.getIssuer(), x509CertificateStructure.getSerialNumber().getValue());
        int i = 0;
        while (true) {
            if (i >= aSN1EncodableVector.size()) {
                break;
            }
            ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(((RecipientInfo) aSN1EncodableVector.get(i)).toASN1Object());
            if (Util.verifUser(issuerAndSerialNumber, new IssuerAndSerialNumber((ASN1Sequence) aSN1Sequence.getObjectAt(1)))) {
                dEROctetString = (DEROctetString) aSN1Sequence.getObjectAt(3);
                break;
            }
            i++;
        }
        return dEROctetString;
    }

    public Key getLlaveSimetrica(X509CertificateStructure x509CertificateStructure, SgiLlavePrivada sgiLlavePrivada, ASN1EncodableVector aSN1EncodableVector, EncryptedContentInfo encryptedContentInfo) throws SgiCriptoException {
        DEROctetString llaveCifradaDest = getLlaveCifradaDest(x509CertificateStructure, aSN1EncodableVector);
        if (llaveCifradaDest == null) {
            throw new SgiCriptoException("El certificado dado no se encuentra entre los destinatarios.", DND.DropAccept);
        }
        CCifrado inicia = SgiCripto.inicia((SgiCertificado) null, sgiLlavePrivada);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        inicia.descifra(llaveCifradaDest.getOctetStream(), byteArrayOutputStream);
        if (encryptedContentInfo != null) {
            this.idenSimetrico = getIdenSimetrico(encryptedContentInfo);
        }
        return new SecretKeySpec(byteArrayOutputStream.toByteArray(), AlgSimetrico.getAlgoritmo(this.idenSimetrico)[0]);
    }

    public byte[] getContent(Key key, EncryptedContentInfo encryptedContentInfo) throws SgiCriptoException {
        AlgorithmIdentifier contentEncryptionAlgorithm = encryptedContentInfo.getContentEncryptionAlgorithm();
        DEROctetString dEROctetString = (DEROctetString) contentEncryptionAlgorithm.getParameters().getDERObject();
        int algoritmoId = AlgSimetrico.getAlgoritmoId(contentEncryptionAlgorithm);
        byte[] octets = dEROctetString.getOctets();
        CCifradoSimetrico cCifradoSimetrico = new CCifradoSimetrico();
        cCifradoSimetrico.iniciaPk7(algoritmoId);
        return cCifradoSimetrico.descifrarPk7(key, octets, encryptedContentInfo.getEncryptedContent().getOctets());
    }

    public ASN1EncodableVector getRecipientsInfo() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        for (int i = 0; i < this.destinatios.size(); i++) {
            aSN1EncodableVector.add(new RecipientInfo(this.destinatios.getObjectAt(i).getDERObject()));
        }
        return aSN1EncodableVector;
    }

    private int getIdenSimetrico(EncryptedContentInfo encryptedContentInfo) throws SgiCriptoException {
        return AlgSimetrico.getAlgoritmoId(encryptedContentInfo.getContentEncryptionAlgorithm());
    }

    public CMSEnvelopedData getEnvelopedData(SgiCertificado[] sgiCertificadoArr, int i, InputStream inputStream) throws SgiCriptoException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CMSEnvelopedDataStreamGenerator cMSEnvelopedDataStreamGenerator = new CMSEnvelopedDataStreamGenerator();
            for (SgiCertificado sgiCertificado : sgiCertificadoArr) {
                cMSEnvelopedDataStreamGenerator.addKeyTransRecipient(sgiCertificado.getX509_Certificate());
            }
            OutputStream open = cMSEnvelopedDataStreamGenerator.open(byteArrayOutputStream, AlgSimetrico.getAlgoritmoObjId(i).getId(), "BC");
            Streams.pipeAll(inputStream, open);
            open.close();
            return new CMSEnvelopedData(new BufferedInputStream(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())));
        } catch (IOException e) {
            throw new SgiCriptoException(new StringBuffer().append("Error IO. ").append(e.getMessage()).toString(), WinError.ERROR_INVALID_CMM);
        } catch (NoSuchAlgorithmException e2) {
            throw new SgiCriptoException(new StringBuffer().append("No se encontro el algoritmo. ").append(e2.getMessage()).toString(), DND.DropAccept);
        } catch (NoSuchProviderException e3) {
            throw new SgiCriptoException(new StringBuffer().append("No se cargó proveedor. ").append(e3.getMessage()).toString(), DND.DragStart);
        } catch (CMSException e4) {
            throw new SgiCriptoException(new StringBuffer().append("No se creo el sobre ensobretado. ").append(e4.getMessage()).toString(), 2009);
        }
    }

    public DERSequence getEncryptedContentInfo(ASN1Sequence aSN1Sequence, DERTaggedObject dERTaggedObject) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(PKCSObjectIdentifiers.data);
        aSN1EncodableVector.add(aSN1Sequence);
        aSN1EncodableVector.add(dERTaggedObject);
        return new DERSequence(aSN1EncodableVector);
    }
}
