package COSE;

import com.upokecenter.cbor.CBORObject;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:lib/cose-java-1.1.0.jar:COSE/MacCommon.class */
public abstract class MacCommon extends Message {
    protected byte[] rgbTag;
    protected String strContext;
    protected SecureRandom random = new SecureRandom();

    /* JADX INFO: Access modifiers changed from: protected */
    public void CreateWithKey(byte[] bArr) throws CoseException {
        AlgorithmID FromCBOR = AlgorithmID.FromCBOR(findAttribute(CBORObject.FromObject(1)));
        if (this.rgbContent == null) {
            throw new CoseException("No Content Specified");
        }
        switch (FromCBOR) {
            case HMAC_SHA_256_64:
            case HMAC_SHA_256:
            case HMAC_SHA_384:
            case HMAC_SHA_512:
                this.rgbTag = HMAC(FromCBOR, bArr);
                break;
            case AES_CBC_MAC_128_64:
            case AES_CBC_MAC_256_64:
            case AES_CBC_MAC_128_128:
            case AES_CBC_MAC_256_128:
                this.rgbTag = AES_CBC_MAC(FromCBOR, bArr);
                break;
            default:
                throw new CoseException("Unsupported MAC Algorithm");
        }
        ProcessCounterSignatures();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean Validate(byte[] bArr) throws CoseException {
        byte[] AES_CBC_MAC;
        AlgorithmID FromCBOR = AlgorithmID.FromCBOR(findAttribute(CBORObject.FromObject(1)));
        switch (FromCBOR) {
            case HMAC_SHA_256_64:
            case HMAC_SHA_256:
            case HMAC_SHA_384:
            case HMAC_SHA_512:
                AES_CBC_MAC = HMAC(FromCBOR, bArr);
                break;
            case AES_CBC_MAC_128_64:
            case AES_CBC_MAC_256_64:
            case AES_CBC_MAC_128_128:
            case AES_CBC_MAC_256_128:
                AES_CBC_MAC = AES_CBC_MAC(FromCBOR, bArr);
                break;
            default:
                throw new CoseException("Unsupported MAC Algorithm");
        }
        if (AES_CBC_MAC.length != this.rgbTag.length) {
            return false;
        }
        boolean z = true;
        for (int i = 0; i < AES_CBC_MAC.length; i++) {
            z &= AES_CBC_MAC[i] == this.rgbTag[i];
        }
        return z;
    }

    private byte[] BuildContentBytes() {
        CBORObject NewArray = CBORObject.NewArray();
        if (this.rgbProtected == null) {
            if (this.objProtected.size() == 0) {
                this.rgbProtected = new byte[0];
            } else {
                this.rgbProtected = this.objProtected.EncodeToBytes();
            }
        }
        NewArray.Add(this.strContext);
        NewArray.Add(this.rgbProtected);
        if (this.externalData != null) {
            NewArray.Add(CBORObject.FromObject(this.externalData));
        } else {
            NewArray.Add(CBORObject.FromObject(new byte[0]));
        }
        NewArray.Add(this.rgbContent);
        return NewArray.EncodeToBytes();
    }

    protected byte[] AES_CBC_MAC(AlgorithmID algorithmID, byte[] bArr) throws CoseException {
        if (bArr.length != algorithmID.getKeySize() / 8) {
            throw new CoseException("Key is incorrectly sized");
        }
        byte[] bArr2 = new byte[16];
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(1, new SecretKeySpec(bArr, "AES"), new IvParameterSpec(bArr2));
            byte[] BuildContentBytes = BuildContentBytes();
            int blockSize = cipher.getBlockSize();
            int tagSize = algorithmID.getTagSize() / 8;
            int length = BuildContentBytes.length;
            int length2 = 16 - (BuildContentBytes.length % 16);
            if (length2 != 16) {
                length += length2;
            }
            ByteBuffer allocate = ByteBuffer.allocate(length);
            allocate.put(BuildContentBytes);
            allocate.put(bArr2, 0, allocate.remaining());
            allocate.flip();
            ByteBuffer allocate2 = ByteBuffer.allocate(length);
            cipher.doFinal(allocate, allocate2);
            byte[] bArr3 = new byte[algorithmID.getTagSize() / 8];
            allocate2.position(allocate2.limit() - blockSize);
            allocate2.get(bArr3);
            return bArr3;
        } catch (InvalidKeyException e) {
            if (e.getMessage() == "Illegal key size") {
                throw new CoseException("Unsupported key size", e);
            }
            throw new CoseException("Mac failure", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new CoseException("Algorithm not supported", e2);
        } catch (Exception e3) {
            throw new CoseException("Mac failure", e3);
        }
    }

    private byte[] HMAC(AlgorithmID algorithmID, byte[] bArr) throws CoseException {
        String str;
        switch (algorithmID) {
            case HMAC_SHA_256_64:
            case HMAC_SHA_256:
                str = "HmacSHA256";
                break;
            case HMAC_SHA_384:
                str = "HmacSHA384";
                break;
            case HMAC_SHA_512:
                str = "HmacSHA512";
                break;
            default:
                throw new CoseException("Internal Error");
        }
        if (bArr.length != algorithmID.getKeySize() / 8) {
            throw new CoseException("Key is incorrect size");
        }
        try {
            Mac mac = Mac.getInstance(str);
            mac.init(new SecretKeySpec(bArr, str));
            return Arrays.copyOfRange(mac.doFinal(BuildContentBytes()), 0, algorithmID.getTagSize() / 8);
        } catch (NoSuchAlgorithmException e) {
            throw new CoseException("Algorithm not supported", e);
        } catch (Exception e2) {
            throw new CoseException("Mac failure", e2);
        }
    }
}
