package cn.com.gfa.pki.cms;

import cn.com.gfa.pki.crypto.CryptoToken;
import cn.com.gfa.pki.crypto.PKICryptoException;
import cn.com.gfa.pki.crypto.params.CipherParams;
import cn.com.gfa.pki.x509.cert.X509Cert;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
import org.bouncycastle.asn1.cms.RecipientIdentifier;
import org.bouncycastle.asn1.cms.RecipientInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;

/* loaded from: classes2.dex */
public class EnvelopedRecipientCipher {
    X509Cert a = null;
    CryptoToken b;

    /* JADX INFO: Access modifiers changed from: package-private */
    public EnvelopedRecipientCipher(CryptoToken cryptoToken) {
        this.b = null;
        this.b = cryptoToken;
    }

    public SecretKey getSecretKey(RecipientInfo recipientInfo, PrivateKey privateKey, String str) {
        try {
            return new SecretKeySpec(this.b.decrypt(CipherParams.getInstance(CipherParams.CIPHER_RSA_PKCS, privateKey), ((KeyTransRecipientInfo) recipientInfo.getInfo()).getEncryptedKey().getOctets()), str);
        } catch (PKICryptoException e) {
            e.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public RecipientInfo toRecipientInfo(X509Cert x509Cert, Key key) {
        this.a = x509Cert;
        try {
            return new RecipientInfo(new KeyTransRecipientInfo(new RecipientIdentifier(new IssuerAndSerialNumber(new X500Name(this.a.getSubjectDN()), this.a.getX509Certificate().getSerialNumber())), new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new DEROctetString(this.b.encrypt(CipherParams.getInstance(CipherParams.CIPHER_RSA_PKCS, x509Cert.getPublicKey()), key.getEncoded()))));
        } catch (PKICryptoException e) {
            e.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        }
    }
}
