package weblogic.xml.security.encryption;

import java.security.Key;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import weblogic.xml.security.signature.DSIGConstants;
import weblogic.xml.security.signature.DSIGReader;
import weblogic.xml.security.signature.DigestMethod;
import weblogic.xml.security.utils.StreamUtils;
import weblogic.xml.security.utils.XMLSecurityException;
import weblogic.xml.stream.XMLInputStream;
import weblogic.xml.stream.XMLOutputStream;
import weblogic.xml.stream.XMLStreamException;

/* loaded from: input_file:weblogic.jar:weblogic/xml/security/encryption/KeyWrapRSAOAEP.class */
public class KeyWrapRSAOAEP extends KeyWrap implements KeyWrapFactory, XMLEncConstants, DSIGConstants {
    public static final String URI = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
    private static final String ALGORITHM_ID = "RSA/NoPadding";
    private static final String KEY_FACTORY_ID = "RSA";
    private final String uri;
    private byte[] oaepParams = new byte[0];
    private DigestMethod digestMethod;

    private KeyWrapRSAOAEP(String str) {
        this.uri = str;
    }

    @Override // weblogic.xml.security.encryption.EncryptionMethod, weblogic.xml.security.encryption.EncryptionMethodFactory
    public String getURI() {
        return this.uri;
    }

    @Override // weblogic.xml.security.encryption.KeyWrap, weblogic.xml.security.encryption.KeyWrapFactory
    public String getAlgorithm() {
        return "RSA";
    }

    public static void init() {
        EncryptionMethod.register(new KeyWrapRSAOAEP("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"));
    }

    public byte[] getOAEPParams() {
        return this.oaepParams;
    }

    public void setOAEPParams(byte[] bArr) {
        this.oaepParams = bArr;
    }

    public void setDigestMethod(String str) throws XMLSecurityException {
        this.digestMethod = DigestMethod.get(str);
    }

    @Override // weblogic.xml.security.encryption.EncryptionMethod
    protected void toXMLInternal(XMLOutputStream xMLOutputStream, String str, int i) throws XMLStreamException {
        if (this.oaepParams == null || this.oaepParams.length <= 0) {
            return;
        }
        StreamUtils.addElement(xMLOutputStream, str, XMLEncConstants.TAG_OAEP_PARAMS, Utils.base64(this.oaepParams), i + 2);
        this.digestMethod.toXML(xMLOutputStream, str, i + 2);
    }

    @Override // weblogic.xml.security.encryption.EncryptionMethod
    public void fromXMLInternal(XMLInputStream xMLInputStream, String str) throws XMLStreamException {
        String value = StreamUtils.getValue(xMLInputStream, str, XMLEncConstants.TAG_OAEP_PARAMS);
        if (value != null) {
            this.oaepParams = Utils.base64(value);
        }
        this.digestMethod = (DigestMethod) DSIGReader.read(xMLInputStream, 2);
    }

    @Override // weblogic.xml.security.encryption.EncryptionMethodFactory
    public EncryptionMethod newEncryptionMethod() {
        return new KeyWrapRSAOAEP("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
    }

    @Override // weblogic.xml.security.encryption.KeyWrapFactory
    public KeyWrap newKeyWrap() {
        return new KeyWrapRSAOAEP("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
    }

    @Override // weblogic.xml.security.encryption.KeyWrap
    public byte[] unwrap(Key key, byte[] bArr) throws EncryptionException {
        if (!(key instanceof RSAPrivateKey)) {
            throw new EncryptionException(new StringBuffer().append("Invalid key supplied to: ").append(getURI()).append(", expecting RSAPrivateKey").toString());
        }
        byte[] decrypt = CipherWrapper.getInstance(ALGORITHM_ID, 2, key).decrypt(bArr);
        byte[] bArr2 = new byte[(((RSAPrivateKey) key).getModulus().bitLength() / 8) - 1];
        int min = Math.min(decrypt.length, bArr2.length);
        System.arraycopy(decrypt, decrypt.length - min, bArr2, bArr2.length - min, min);
        if (this.digestMethod == null) {
            this.digestMethod = getDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1");
        }
        return oaepDecode(this.digestMethod.getMessageDigest(), bArr2, this.oaepParams);
    }

    @Override // weblogic.xml.security.encryption.KeyWrap
    public byte[] wrap(Key key, byte[] bArr) throws EncryptionException {
        if (!(key instanceof RSAPublicKey)) {
            throw new EncryptionException(new StringBuffer().append("Invalid key supplied to: ").append(getURI()).append(", expecting RSAPublicKey").toString());
        }
        CipherWrapper cipherWrapper = CipherWrapper.getInstance(ALGORITHM_ID, 1, key);
        int bitLength = ((RSAPublicKey) key).getModulus().bitLength() / 8;
        if (this.digestMethod == null) {
            this.digestMethod = getDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1");
        }
        byte[] oaepEncode = oaepEncode(this.digestMethod.getMessageDigest(), bArr, this.oaepParams, bitLength - 1);
        byte[] bArr2 = new byte[oaepEncode.length + 1];
        System.arraycopy(oaepEncode, 0, bArr2, 1, oaepEncode.length);
        return cipherWrapper.encrypt(bArr2);
    }

    static byte[] oaepDecode(MessageDigest messageDigest, byte[] bArr, byte[] bArr2) throws EncryptionException {
        int digestLength = messageDigest.getDigestLength();
        if (bArr.length < (2 * digestLength) + 1) {
            throw new EncryptionException("decoding error");
        }
        byte[] bArr3 = new byte[digestLength];
        System.arraycopy(bArr, 0, bArr3, 0, digestLength);
        byte[] bArr4 = new byte[bArr.length - digestLength];
        System.arraycopy(bArr, digestLength, bArr4, 0, bArr.length - digestLength);
        byte[] bArr5 = new byte[digestLength];
        MessageDigest messageDigest2 = getDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1").getMessageDigest();
        mgf1(messageDigest2, bArr4, bArr5);
        for (int i = 0; i < digestLength; i++) {
            int i2 = i;
            bArr3[i2] = (byte) (bArr3[i2] ^ bArr5[i]);
        }
        messageDigest2.reset();
        byte[] bArr6 = new byte[bArr.length - digestLength];
        mgf1(messageDigest2, bArr3, bArr6);
        for (int i3 = 0; i3 < bArr4.length; i3++) {
            int i4 = i3;
            bArr4[i4] = (byte) (bArr4[i4] ^ bArr6[i3]);
        }
        messageDigest.update(bArr2);
        byte[] digest = messageDigest.digest();
        for (int i5 = 0; i5 < digest.length; i5++) {
            if (digest[i5] != bArr4[i5]) {
                throw new EncryptionException("decoding error");
            }
        }
        int i6 = -1;
        int i7 = digestLength;
        while (true) {
            if (i7 >= bArr4.length) {
                break;
            }
            if (bArr4[i7] == 1) {
                i6 = i7 + 1;
                break;
            }
            i7++;
        }
        if (i6 == -1) {
            throw new EncryptionException("decoding error");
        }
        byte[] bArr7 = new byte[bArr4.length - i6];
        System.arraycopy(bArr4, i6, bArr7, 0, bArr7.length);
        return bArr7;
    }

    static byte[] oaepEncode(MessageDigest messageDigest, byte[] bArr, byte[] bArr2, int i) throws EncryptionException {
        int digestLength = messageDigest.getDigestLength();
        if (bArr.length > (i - (2 * digestLength)) - 1) {
            throw new EncryptionException("Export strength certificates not supported");
        }
        byte[] bArr3 = new byte[i - digestLength];
        System.arraycopy(messageDigest.digest(bArr2), 0, bArr3, 0, digestLength);
        int length = bArr3.length - bArr.length;
        System.arraycopy(bArr, 0, bArr3, length, bArr.length);
        bArr3[length - 1] = 1;
        byte[] bArr4 = new byte[digestLength];
        new SecureRandom().nextBytes(bArr4);
        byte[] bArr5 = new byte[bArr3.length];
        MessageDigest messageDigest2 = getDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1").getMessageDigest();
        mgf1(messageDigest2, bArr4, bArr5);
        for (int i2 = 0; i2 < bArr3.length; i2++) {
            int i3 = i2;
            bArr5[i3] = (byte) (bArr5[i3] ^ bArr3[i2]);
        }
        byte[] bArr6 = new byte[digestLength];
        messageDigest2.reset();
        mgf1(messageDigest2, bArr5, bArr6);
        for (int i4 = 0; i4 < bArr6.length; i4++) {
            int i5 = i4;
            bArr6[i5] = (byte) (bArr6[i5] ^ bArr4[i4]);
        }
        byte[] bArr7 = new byte[bArr6.length + bArr3.length];
        System.arraycopy(bArr6, 0, bArr7, 0, bArr6.length);
        System.arraycopy(bArr5, 0, bArr7, bArr6.length, bArr5.length);
        return bArr7;
    }

    static void mgf1(MessageDigest messageDigest, byte[] bArr, byte[] bArr2) {
        int length = bArr2.length;
        int digestLength = messageDigest.getDigestLength();
        int i = 0;
        int i2 = (length / digestLength) + (1 % digestLength > 0 ? 1 : 0);
        byte[] bArr3 = new byte[bArr.length + 4];
        for (int i3 = 0; i3 < i2; i3++) {
            messageDigest.update(bArr);
            messageDigest.update(i2osp(i3));
            byte[] digest = messageDigest.digest();
            int min = Math.min(digestLength, length - i);
            System.arraycopy(digest, 0, bArr2, i, min);
            i += min;
        }
    }

    private static DigestMethod getDigestMethod(String str) throws EncryptionException {
        try {
            return DigestMethod.get(str);
        } catch (XMLSecurityException e) {
            throw new EncryptionException(new StringBuffer().append("DigestMethod: ").append(str).append(" not available").toString());
        }
    }

    static byte[] i2osp(int i) {
        return new byte[]{(byte) (i >>> 24), (byte) (i >>> 16), (byte) (i >>> 8), (byte) (i >>> 0)};
    }
}
