package de.gematik.rbellogger.util.email_crypto;

import de.gematik.rbellogger.util.email_crypto.elliptic_curve.BCElc;
import de.gematik.rbellogger.util.email_crypto.elliptic_curve.BcException;
import de.gematik.rbellogger.util.email_crypto.elliptic_curve.ElcDomainParameter;
import de.gematik.rbellogger.util.email_crypto.elliptic_curve.ParseException;
import de.gematik.rbellogger.util.email_crypto.elliptic_curve.PrivateElcKeyBody;
import de.gematik.rbellogger.util.email_crypto.elliptic_curve.StringTools;
import java.io.IOException;
import java.math.BigInteger;
import java.security.Key;
import java.security.PrivateKey;
import java.security.interfaces.ECPrivateKey;
import javax.crypto.spec.SecretKeySpec;
import javax.naming.directory.InvalidAttributesException;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.x9.ECNamedCurveTable;

/* loaded from: input_file:BOOT-INF/lib/tiger-rbel-3.2.4.jar:de/gematik/rbellogger/util/email_crypto/TransportKeyDecryptor.class */
public class TransportKeyDecryptor {
    private static final int NUMBER_OF_CHARACTERS_PER_BYTE = 2;
    private static final String OID_TAG = "06";
    private static final int TWO_DIGITS = 2;
    private static final String LEADING_ZERO = "0";
    private final ECPrivateKey privateKey;

    public TransportKeyDecryptor(PrivateKey privateKey) {
        this.privateKey = (ECPrivateKey) privateKey;
    }

    public byte[] decryptTransportKey(byte[] bArr) throws IOException, BcException, ParseException, InvalidAttributesException, DecoderException {
        TransportKeyEncoder transportKeyEncoder = new TransportKeyEncoder(bArr);
        return determineTransportKey(Hex.encodeHexString(transportKeyEncoder.getOid()), Hex.encodeHexString(transportKeyEncoder.getKey()), Hex.encodeHexString(transportKeyEncoder.getCipher()), Hex.encodeHexString(transportKeyEncoder.getMac())).getEncoded();
    }

    private String decipher(PrivateElcKeyBody privateElcKeyBody, ElcDomainParameter elcDomainParameter, String str, String str2, String str3) throws BcException {
        return StringTools.toHexString(BCElc.elcDec(privateElcKeyBody, elcDomainParameter, StringTools.toByteArray(str), StringTools.toByteArray(str2), StringTools.toByteArray(str3)));
    }

    private Key determineTransportKey(String str, String str2, String str3, String str4) throws InvalidAttributesException, BcException, DecoderException, IOException, ParseException {
        BigInteger s = this.privateKey.getS();
        ElcDomainParameter elcDomainParameter = new ElcDomainParameter(ECNamedCurveTable.getName(determineAsn1ObjectIdentifier(str)));
        return determineKeyFromHexstring(decipher(new PrivateElcKeyBody(s, elcDomainParameter), elcDomainParameter, str2, str3, str4));
    }

    private ASN1ObjectIdentifier determineAsn1ObjectIdentifier(String str) throws DecoderException, IOException {
        ASN1ObjectIdentifier aSN1ObjectIdentifier = null;
        if (str != null && str.length() > 0) {
            int length = str.length() / 2;
            StringBuilder sb = new StringBuilder();
            sb.append(OID_TAG);
            String hexString = Integer.toHexString(length);
            sb.append(hexString.length() < 2 ? "0" + hexString : hexString);
            sb.append(str);
            aSN1ObjectIdentifier = (ASN1ObjectIdentifier) ASN1Primitive.fromByteArray(Hex.decodeHex(sb.toString()));
        }
        return aSN1ObjectIdentifier;
    }

    private Key determineKeyFromHexstring(String str) throws DecoderException {
        return new SecretKeySpec(Hex.decodeHex(str), "AES");
    }
}
