package de.gematik.rbellogger.util.email_crypto.elliptic_curve;

import java.security.SecureRandom;
import java.security.Security;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import lombok.Generated;
import org.bouncycastle.crypto.MultiBlockCipher;
import org.bouncycastle.crypto.engines.AESEngine;
import org.bouncycastle.crypto.engines.DESEngine;
import org.bouncycastle.crypto.macs.CMac;
import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/tiger-rbel-3.7.4.jar:de/gematik/rbellogger/util/email_crypto/elliptic_curve/BCSymmetric.class */
public final class BCSymmetric {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) BCSymmetric.class);

    private BCSymmetric() {
    }

    public static SessionKeyInfo keyDerivation(DerivationAlgorithm derivationAlgorithm, byte[] bArr, byte[] bArr2) throws BcException {
        MathTools.xor(bArr, bArr2);
        return new SessionKeyInfo(derivationAlgorithm, derivationAlgorithm.equals(DerivationAlgorithm.DESEDE) ? Tools.mgf(bArr, 64, 1) : Tools.keyDerivationAes(bArr, derivationAlgorithm));
    }

    public static byte[] cipherOperationECB(EncryptionAlgorithmIdentifier encryptionAlgorithmIdentifier, byte[] bArr, boolean z, byte[] bArr2, int i, int i2) throws BcException {
        byte[] bArr3 = new byte[i2];
        System.arraycopy(bArr2, i, bArr3, 0, bArr3.length);
        Security.addProvider(new BouncyCastleProvider());
        String algorithmString = getAlgorithmString(encryptionAlgorithmIdentifier);
        try {
            Cipher cipher = Cipher.getInstance(algorithmString + "/ECB/NOPADDING", BouncyCastleProvider.PROVIDER_NAME);
            int i3 = 1;
            if (!z) {
                i3 = 2;
            }
            cipher.init(i3, new SecretKeySpec(bArr, 0, bArr.length, algorithmString));
            return cipher.doFinal(bArr3);
        } catch (Exception e) {
            throw new BcException(BCSymmetric.class.getName() + " : Error occured during symmetric cipher operation - Reason : " + e.getMessage());
        }
    }

    public static byte[] cipherOperation(EncryptionAlgorithmIdentifier encryptionAlgorithmIdentifier, byte[] bArr, boolean z, byte[] bArr2, int i, int i2, byte[] bArr3) throws BcException {
        byte[] bArr4 = new byte[i2];
        System.arraycopy(bArr2, i, bArr4, 0, bArr4.length);
        byte[] bArr5 = bArr3;
        Security.addProvider(new BouncyCastleProvider());
        String algorithmString = getAlgorithmString(encryptionAlgorithmIdentifier);
        try {
            Cipher cipher = Cipher.getInstance(algorithmString + "/CBC/NOPADDING", BouncyCastleProvider.PROVIDER_NAME);
            int i3 = 1;
            if (!z) {
                i3 = 2;
            }
            log.debug(String.format("algorithm: %s encryptionAlgorithm: %s cipherMode: %s", algorithmString, encryptionAlgorithmIdentifier, Integer.valueOf(i3)));
            if (bArr5 == null) {
                bArr5 = (encryptionAlgorithmIdentifier.equals(EncryptionAlgorithmIdentifier.DES) || encryptionAlgorithmIdentifier.equals(EncryptionAlgorithmIdentifier.DESEDE)) ? new byte[8] : new byte[16];
                new SecureRandom().nextBytes(bArr5);
            }
            cipher.init(i3, new SecretKeySpec(bArr, 0, bArr.length, algorithmString), new IvParameterSpec(bArr5));
            return cipher.doFinal(bArr4);
        } catch (Exception e) {
            throw new BcException(BCSymmetric.class.getName() + " : Error occured during symmetric cipher operation - Reason : " + e.getMessage());
        }
    }

    public static byte[] generateMac(MacMode macMode, PaddingMode paddingMode, byte[] bArr, byte[] bArr2) throws BcException {
        byte[] bArr3;
        log.debug(String.format("macMode: %s macPadding: %s, macKey: %s, plain: %s", macMode, paddingMode, Arrays.toString(bArr), Arrays.toString(bArr2)));
        switch (macMode) {
            case CFB:
                ISO9797Alg3Mac iSO9797Alg3Mac = new ISO9797Alg3Mac(new DESEngine());
                bArr3 = new byte[8];
                KeyParameter keyParameter = new KeyParameter(bArr);
                byte[] addIsoPadding = Padding.addIsoPadding(bArr2, 8);
                iSO9797Alg3Mac.reset();
                iSO9797Alg3Mac.init(keyParameter);
                iSO9797Alg3Mac.update(addIsoPadding, 0, addIsoPadding.length);
                iSO9797Alg3Mac.doFinal(bArr3, 0);
                break;
            case CMAC:
                MultiBlockCipher newInstance = AESEngine.newInstance();
                CMac cMac = new CMac(newInstance, newInstance.getBlockSize() * 8);
                byte[] addIsoPadding2 = Padding.addIsoPadding(bArr2, newInstance.getBlockSize());
                cMac.init(new KeyParameter(bArr));
                cMac.update(addIsoPadding2, 0, addIsoPadding2.length);
                bArr3 = new byte[cMac.getMacSize()];
                cMac.doFinal(bArr3, 0);
                break;
            case CMAC_NO_PADDING:
                MultiBlockCipher newInstance2 = AESEngine.newInstance();
                CMac cMac2 = new CMac(newInstance2, newInstance2.getBlockSize() * 8);
                cMac2.init(new KeyParameter(bArr));
                cMac2.update(bArr2, 0, bArr2.length);
                bArr3 = new byte[cMac2.getMacSize()];
                cMac2.doFinal(bArr3, 0);
                break;
            default:
                throw new BcException(BCSymmetric.class.getName() + " : MAC calculation algorithm unknown : " + String.valueOf(macMode));
        }
        return bArr3;
    }

    private static String getAlgorithmString(EncryptionAlgorithmIdentifier encryptionAlgorithmIdentifier) {
        switch (encryptionAlgorithmIdentifier) {
            case AES128:
            case AES192:
            case AES256:
                return "AES";
            case DES:
                return "DES";
            case DESEDE:
                return "DESEDE";
            default:
                throw new IncompatibleClassChangeError();
        }
    }
}
