package cn.org.bjca.wsecx.core.pkcs7.encode;

import cn.org.bjca.wsecx.core.asn1.ASN1Object;
import cn.org.bjca.wsecx.core.asn1.ASN1OctetString;
import cn.org.bjca.wsecx.core.asn1.DEROctetString;
import cn.org.bjca.wsecx.core.asn1.cms.IssuerAndSerialNumber;
import cn.org.bjca.wsecx.core.asn1.cms.KeyTransRecipientInfo;
import cn.org.bjca.wsecx.core.asn1.cms.RecipientIdentifier;
import cn.org.bjca.wsecx.core.asn1.cms.RecipientInfo;
import cn.org.bjca.wsecx.core.asn1.x509.AlgorithmIdentifier;
import cn.org.bjca.wsecx.core.asn1.x509.SubjectPublicKeyInfo;
import cn.org.bjca.wsecx.core.asn1.x509.TBSCertificateStructure;
import cn.org.bjca.wsecx.core.asn1.x509.X509CertificateStructure;
import cn.org.bjca.wsecx.core.pkcs7.sign.CMSUtils;
import cn.org.bjca.wsecx.interfaces.WSecurityEngineException;
import cn.org.bjca.wsecx.outter.WSecXAppInterface;
import cn.org.bjca.wsecx.outter.encoder.Base64;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class KeyRecipientInfoBuilder {
    private X509CertificateStructure cert;
    private SubjectPublicKeyInfo info;
    private X509Certificate recipientCert;
    private TBSCertificateStructure recipientTBSCert;
    private ASN1OctetString subjectKeyIdentifier;

    public RecipientInfo generate(byte[] bArr, SecureRandom secureRandom, WSecXAppInterface wSecXAppInterface) throws GeneralSecurityException {
        AlgorithmIdentifier algorithmId = this.info.getAlgorithmId();
        try {
            DEROctetString dEROctetString = new DEROctetString(this.recipientCert != null ? wSecXAppInterface.pubKeyEncrypt(Base64.encode(this.recipientCert.getEncoded()), bArr) : wSecXAppInterface.pubKeyEncrypt(Base64.encode(this.cert.getEncoded()), bArr));
            TBSCertificateStructure tBSCertificateStructure = this.recipientTBSCert;
            return new RecipientInfo(new KeyTransRecipientInfo(tBSCertificateStructure != null ? new RecipientIdentifier(new IssuerAndSerialNumber(tBSCertificateStructure.getIssuer(), this.recipientTBSCert.getSerialNumber().getValue())) : new RecipientIdentifier(this.subjectKeyIdentifier), algorithmId, dEROctetString));
        } catch (Exception e) {
            throw new WSecurityEngineException(1040, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setRecipientCert(X509CertificateStructure x509CertificateStructure) {
        this.cert = x509CertificateStructure;
        this.recipientTBSCert = x509CertificateStructure.getTBSCertificate();
        this.info = x509CertificateStructure.getSubjectPublicKeyInfo();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setRecipientCert(X509Certificate x509Certificate) {
        try {
            this.recipientCert = x509Certificate;
            this.recipientTBSCert = CMSUtils.getTBSCertificateStructure(x509Certificate);
            this.info = this.recipientTBSCert.getSubjectPublicKeyInfo();
        } catch (CertificateEncodingException unused) {
            throw new IllegalArgumentException("can't extract TBS structure from this cert");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setRecipientPublicKey(PublicKey publicKey) {
        try {
            this.info = SubjectPublicKeyInfo.getInstance(ASN1Object.fromByteArray(publicKey.getEncoded()));
        } catch (IOException unused) {
            throw new IllegalArgumentException("can't extract key algorithm from this key");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSubjectKeyIdentifier(ASN1OctetString aSN1OctetString) {
        this.subjectKeyIdentifier = aSN1OctetString;
    }
}
