package tech.relaycorp.relaynet.wrappers.cms;

import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.spec.MGF1ParameterSpec;
import java.util.Collection;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.KeyTransRecipientId;
import org.bouncycastle.cms.KeyTransRecipientInformation;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.RecipientInformationStore;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.operator.jcajce.JcaAlgorithmParametersConverter;
import org.jetbrains.annotations.NotNull;
import tech.relaycorp.relaynet.CryptoUtils;
import tech.relaycorp.relaynet.SymmetricEncryption;
import tech.relaycorp.relaynet.wrappers.x509.Certificate;

/* compiled from: EnvelopedData.kt */
@Metadata(mv = {1, 1, 16}, bv = {1, 0, 3}, k = 1, d1 = {"��,\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n\u0002\b\u0002\b��\u0018�� \r2\u00020\u0001:\u0001\rB\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0010\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\bH\u0016J\b\u0010\t\u001a\u00020\nH\u0016J\b\u0010\u000b\u001a\u00020\fH\u0016¨\u0006\u000e"}, d2 = {"Ltech/relaycorp/relaynet/wrappers/cms/SessionlessEnvelopedData;", "Ltech/relaycorp/relaynet/wrappers/cms/EnvelopedData;", "bcEnvelopedData", "Lorg/bouncycastle/cms/CMSEnvelopedData;", "(Lorg/bouncycastle/cms/CMSEnvelopedData;)V", "decrypt", "", "privateKey", "Ljava/security/PrivateKey;", "getRecipientKeyId", "Ljava/math/BigInteger;", "validate", "", "Companion", "relaynet"})
/* loaded from: input_file:tech/relaycorp/relaynet/wrappers/cms/SessionlessEnvelopedData.class */
public final class SessionlessEnvelopedData extends EnvelopedData {
    public static final Companion Companion = new Companion(null);

    /* compiled from: EnvelopedData.kt */
    @Metadata(mv = {1, 1, 16}, bv = {1, 0, 3}, k = 1, d1 = {"��*\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J \u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\b2\b\b\u0002\u0010\t\u001a\u00020\nJ\u0010\u0010\u000b\u001a\u00020\f2\u0006\u0010\u0007\u001a\u00020\bH\u0002¨\u0006\r"}, d2 = {"Ltech/relaycorp/relaynet/wrappers/cms/SessionlessEnvelopedData$Companion;", "", "()V", "encrypt", "Ltech/relaycorp/relaynet/wrappers/cms/EnvelopedData;", "plaintext", "", "recipientCertificate", "Ltech/relaycorp/relaynet/wrappers/x509/Certificate;", "symmetricEncryptionAlgorithm", "Ltech/relaycorp/relaynet/SymmetricEncryption;", "makeRecipientInfoGenerator", "Lorg/bouncycastle/cms/jcajce/JceKeyTransRecipientInfoGenerator;", "relaynet"})
    /* loaded from: input_file:tech/relaycorp/relaynet/wrappers/cms/SessionlessEnvelopedData$Companion.class */
    public static final class Companion {
        /*  JADX ERROR: JadxRuntimeException in pass: InlineMethods
            jadx.core.utils.exceptions.JadxRuntimeException: Failed to process method for inline: tech.relaycorp.relaynet.wrappers.cms.EnvelopedDataKt.access$getCmsContentEncryptionAlgorithm$p():java.util.Map
            	at jadx.core.dex.visitors.InlineMethods.processInvokeInsn(InlineMethods.java:74)
            	at jadx.core.dex.visitors.InlineMethods.visit(InlineMethods.java:49)
            Caused by: jadx.core.utils.exceptions.JadxRuntimeException: Class not yet loaded at codegen stage: tech.relaycorp.relaynet.wrappers.cms.EnvelopedDataKt
            	at jadx.core.dex.nodes.ClassNode.reloadAtCodegenStage(ClassNode.java:883)
            	at jadx.core.dex.visitors.InlineMethods.processInvokeInsn(InlineMethods.java:66)
            	... 1 more
            */
        @org.jetbrains.annotations.NotNull
        public final tech.relaycorp.relaynet.wrappers.cms.EnvelopedData encrypt(@org.jetbrains.annotations.NotNull byte[] r7, @org.jetbrains.annotations.NotNull tech.relaycorp.relaynet.wrappers.x509.Certificate r8, @org.jetbrains.annotations.NotNull tech.relaycorp.relaynet.SymmetricEncryption r9) {
            /*
                r6 = this;
                r0 = r7
                java.lang.String r1 = "plaintext"
                kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r0, r1)
                r0 = r8
                java.lang.String r1 = "recipientCertificate"
                kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r0, r1)
                r0 = r9
                java.lang.String r1 = "symmetricEncryptionAlgorithm"
                kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r0, r1)
                org.bouncycastle.cms.CMSEnvelopedDataGenerator r0 = new org.bouncycastle.cms.CMSEnvelopedDataGenerator
                r1 = r0
                r1.<init>()
                r10 = r0
                r0 = r6
                tech.relaycorp.relaynet.wrappers.cms.SessionlessEnvelopedData$Companion r0 = (tech.relaycorp.relaynet.wrappers.cms.SessionlessEnvelopedData.Companion) r0
                r1 = r8
                org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator r0 = r0.makeRecipientInfoGenerator(r1)
                r11 = r0
                r0 = r10
                r1 = r11
                org.bouncycastle.cms.RecipientInfoGenerator r1 = (org.bouncycastle.cms.RecipientInfoGenerator) r1
                r0.addRecipientInfoGenerator(r1)
                org.bouncycastle.cms.CMSProcessableByteArray r0 = new org.bouncycastle.cms.CMSProcessableByteArray
                r1 = r0
                r2 = r7
                r1.<init>(r2)
                r12 = r0
                java.util.Map r0 = tech.relaycorp.relaynet.wrappers.cms.EnvelopedDataKt.access$getCmsContentEncryptionAlgorithm$p()
                r1 = r9
                java.lang.Object r0 = r0.get(r1)
                org.bouncycastle.asn1.ASN1ObjectIdentifier r0 = (org.bouncycastle.asn1.ASN1ObjectIdentifier) r0
                r13 = r0
                org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder r0 = new org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder
                r1 = r0
                r2 = r13
                r1.<init>(r2)
                org.bouncycastle.jce.provider.BouncyCastleProvider r1 = tech.relaycorp.relaynet.CryptoUtils.getBC_PROVIDER()
                java.security.Provider r1 = (java.security.Provider) r1
                org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder r0 = r0.setProvider(r1)
                r14 = r0
                r0 = r10
                r1 = r12
                org.bouncycastle.cms.CMSTypedData r1 = (org.bouncycastle.cms.CMSTypedData) r1
                r2 = r14
                org.bouncycastle.operator.OutputEncryptor r2 = r2.build()
                org.bouncycastle.cms.CMSEnvelopedData r0 = r0.generate(r1, r2)
                r15 = r0
                tech.relaycorp.relaynet.wrappers.cms.SessionlessEnvelopedData r0 = new tech.relaycorp.relaynet.wrappers.cms.SessionlessEnvelopedData
                r1 = r0
                r2 = r15
                r3 = r2
                java.lang.String r4 = "bcEnvelopedData"
                kotlin.jvm.internal.Intrinsics.checkExpressionValueIsNotNull(r3, r4)
                r1.<init>(r2)
                tech.relaycorp.relaynet.wrappers.cms.EnvelopedData r0 = (tech.relaycorp.relaynet.wrappers.cms.EnvelopedData) r0
                return r0
            */
            throw new UnsupportedOperationException("Method not decompiled: tech.relaycorp.relaynet.wrappers.cms.SessionlessEnvelopedData.Companion.encrypt(byte[], tech.relaycorp.relaynet.wrappers.x509.Certificate, tech.relaycorp.relaynet.SymmetricEncryption):tech.relaycorp.relaynet.wrappers.cms.EnvelopedData");
        }

        public static /* synthetic */ EnvelopedData encrypt$default(Companion companion, byte[] bArr, Certificate certificate, SymmetricEncryption symmetricEncryption, int i, Object obj) {
            if ((i & 4) != 0) {
                symmetricEncryption = SymmetricEncryption.AES_128;
            }
            return companion.encrypt(bArr, certificate, symmetricEncryption);
        }

        private final JceKeyTransRecipientInfoGenerator makeRecipientInfoGenerator(Certificate certificate) {
            JceKeyTransRecipientInfoGenerator provider = new JceKeyTransRecipientInfoGenerator(new JcaX509CertificateConverter().getCertificate(certificate.getCertificateHolder()), new JcaAlgorithmParametersConverter().getAlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT))).setProvider(CryptoUtils.getBC_PROVIDER());
            Intrinsics.checkExpressionValueIsNotNull(provider, "JceKeyTransRecipientInfo….setProvider(BC_PROVIDER)");
            return provider;
        }

        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    @Override // tech.relaycorp.relaynet.wrappers.cms.EnvelopedData
    @NotNull
    public byte[] decrypt(@NotNull PrivateKey privateKey) throws EnvelopedDataException {
        Intrinsics.checkParameterIsNotNull(privateKey, "privateKey");
        RecipientInformationStore recipientInfos = getBcEnvelopedData().getRecipientInfos();
        Intrinsics.checkExpressionValueIsNotNull(recipientInfos, "bcEnvelopedData.recipientInfos");
        Collection recipients = recipientInfos.getRecipients();
        Intrinsics.checkExpressionValueIsNotNull(recipients, "recipients");
        Object first = CollectionsKt.first(recipients);
        if (first == null) {
            throw new TypeCastException("null cannot be cast to non-null type org.bouncycastle.cms.KeyTransRecipientInformation");
        }
        try {
            byte[] content = ((KeyTransRecipientInformation) first).getContent(new JceKeyTransEnvelopedRecipient(privateKey).setProvider(CryptoUtils.getBC_PROVIDER()));
            Intrinsics.checkExpressionValueIsNotNull(content, "recipientInfo.getContent(recipient)");
            return content;
        } catch (Exception e) {
            throw new EnvelopedDataException("Could not decrypt value", e);
        }
    }

    @Override // tech.relaycorp.relaynet.wrappers.cms.EnvelopedData
    @NotNull
    public BigInteger getRecipientKeyId() {
        Iterable recipientInfos = getBcEnvelopedData().getRecipientInfos();
        Intrinsics.checkExpressionValueIsNotNull(recipientInfos, "bcEnvelopedData.recipientInfos");
        Object first = CollectionsKt.first(recipientInfos);
        Intrinsics.checkExpressionValueIsNotNull(first, "bcEnvelopedData.recipientInfos.first()");
        KeyTransRecipientId rid = ((RecipientInformation) first).getRID();
        if (rid == null) {
            throw new TypeCastException("null cannot be cast to non-null type org.bouncycastle.cms.KeyTransRecipientId");
        }
        BigInteger serialNumber = rid.getSerialNumber();
        Intrinsics.checkExpressionValueIsNotNull(serialNumber, "rid.serialNumber");
        return serialNumber;
    }

    @Override // tech.relaycorp.relaynet.wrappers.cms.EnvelopedData
    public void validate() throws EnvelopedDataException {
        Iterable recipientInfos = getBcEnvelopedData().getRecipientInfos();
        Intrinsics.checkExpressionValueIsNotNull(recipientInfos, "bcEnvelopedData.recipientInfos");
        Object first = CollectionsKt.first(recipientInfos);
        Intrinsics.checkExpressionValueIsNotNull(first, "bcEnvelopedData.recipientInfos.first()");
        KeyTransRecipientId rid = ((RecipientInformation) first).getRID();
        if (rid == null) {
            throw new TypeCastException("null cannot be cast to non-null type org.bouncycastle.cms.KeyTransRecipientId");
        }
        if (rid.getSerialNumber() == null) {
            throw new EnvelopedDataException("Required recipient key id to be IssuerAndSerialNumber (got SubjectKeyIdentifier)", null, 2, null);
        }
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public SessionlessEnvelopedData(@NotNull CMSEnvelopedData cMSEnvelopedData) {
        super(cMSEnvelopedData, null);
        Intrinsics.checkParameterIsNotNull(cMSEnvelopedData, "bcEnvelopedData");
    }
}
