package com.mixplorer.libs.metadata.pdf.pdfbox.pdmodel.encryption;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import libs.Bj;
import libs.C0014an;
import libs.C0035bk;
import libs.C0131fl;
import libs.C0133fn;
import libs.C0135fp;
import libs.C0155gl;
import libs.C0214j;
import libs.C0368pk;
import libs.C0413rk;
import libs.C0458tj;
import libs.C0505vk;
import libs.C0550xj;
import libs.C0578yo;
import libs.Dh;
import libs.Do;
import libs.Eh;
import libs.Eo;
import libs.Fo;
import libs.Hh;
import libs.Hj;
import libs.Ij;
import libs.InterfaceC0435sj;
import libs.Jn;
import libs.Kj;
import libs.Mh;
import libs.Nl;
import libs.Qk;
import libs.Qo;
import libs.Rk;
import libs.Sk;
import libs.Tk;
import libs.Vh;
import libs.Wt;
import libs.Xo;
import libs.Yj;
import libs.Yk;
import libs.Yo;
import libs.Zo;
import libs._i;

/* loaded from: classes.dex */
public final class PublicKeySecurityHandler extends SecurityHandler {
    public static final String FILTER = "Adobe.PubSec";
    public static final String SUBFILTER = "adbe.pkcs7.s4";
    public PublicKeyProtectionPolicy policy;

    public PublicKeySecurityHandler() {
        this.policy = null;
    }

    public PublicKeySecurityHandler(PublicKeyProtectionPolicy publicKeyProtectionPolicy) {
        this.policy = null;
        this.policy = publicKeyProtectionPolicy;
        this.keyLength = this.policy.getEncryptionKeyLength();
    }

    private void appendCertInfo(StringBuilder sb, Qo qo, X509Certificate x509Certificate, C0578yo c0578yo) {
        BigInteger a = qo.a.a();
        if (a != null) {
            BigInteger serialNumber = x509Certificate.getSerialNumber();
            String bigInteger = serialNumber != null ? serialNumber.toString(16) : "unknown";
            sb.append("serial-#: rid ");
            sb.append(a.toString(16));
            sb.append(" vs. cert ");
            sb.append(bigInteger);
            sb.append(" issuer: rid '");
            sb.append(qo.a.b);
            sb.append("' vs. cert '");
            sb.append(c0578yo == null ? "null" : C0014an.a(c0578yo.a.b.e));
            sb.append("' ");
        }
    }

    private Yk computeRecipientInfo(X509Certificate x509Certificate, byte[] bArr) {
        C0550xj c0550xj = new C0550xj(x509Certificate.getTBSCertificate());
        Jn a = Jn.a(c0550xj.b());
        c0550xj.close();
        C0133fn c0133fn = a.d.a;
        Tk tk = new Tk(a.c, a.b.j());
        try {
            Cipher cipher = Cipher.getInstance(c0133fn.e().b);
            cipher.init(1, x509Certificate.getPublicKey());
            return new Yk(new C0131fl(tk), c0133fn, new C0368pk(cipher.doFinal(bArr)));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
        } catch (NoSuchPaddingException e2) {
            throw new RuntimeException("Could not find a suitable javax.crypto provider", e2);
        }
    }

    private byte[][] computeRecipientsField(byte[] bArr) {
        byte[][] bArr2 = new byte[this.policy.getNumberOfRecipients()];
        Iterator recipientsIterator = this.policy.getRecipientsIterator();
        int i = 0;
        while (recipientsIterator.hasNext()) {
            PublicKeyRecipient publicKeyRecipient = (PublicKeyRecipient) recipientsIterator.next();
            X509Certificate x509 = publicKeyRecipient.getX509();
            int permissionBytesForPublicKey = publicKeyRecipient.getPermission().getPermissionBytesForPublicKey();
            byte[] bArr3 = new byte[24];
            System.arraycopy(bArr, 0, bArr3, 0, 20);
            bArr3[20] = (byte) (permissionBytesForPublicKey >>> 24);
            bArr3[21] = (byte) (permissionBytesForPublicKey >>> 16);
            bArr3[22] = (byte) (permissionBytesForPublicKey >>> 8);
            bArr3[23] = (byte) permissionBytesForPublicKey;
            Hj createDERForRecipient = createDERForRecipient(bArr3, x509);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new C0413rk(byteArrayOutputStream).a(createDERForRecipient);
            bArr2[i] = byteArrayOutputStream.toByteArray();
            i++;
        }
        return bArr2;
    }

    private Hj createDERForRecipient(byte[] bArr, X509Certificate x509Certificate) {
        try {
            AlgorithmParameterGenerator algorithmParameterGenerator = AlgorithmParameterGenerator.getInstance("1.2.840.113549.3.2");
            KeyGenerator keyGenerator = KeyGenerator.getInstance("1.2.840.113549.3.2", "SC");
            Cipher cipher = Cipher.getInstance("1.2.840.113549.3.2", "SC");
            AlgorithmParameters generateParameters = algorithmParameterGenerator.generateParameters();
            C0550xj c0550xj = new C0550xj(generateParameters.getEncoded("ASN.1"));
            Hj b = c0550xj.b();
            c0550xj.close();
            keyGenerator.init(128);
            SecretKey generateKey = keyGenerator.generateKey();
            cipher.init(1, generateKey, generateParameters);
            byte[] doFinal = cipher.doFinal(bArr);
            Qk qk = new Qk(Nl.N, new Sk(null, new C0505vk(new C0155gl(computeRecipientInfo(x509Certificate, generateKey.getEncoded()))), new Rk(Nl.L, new C0133fn(new Bj("1.2.840.113549.3.2"), b), new C0368pk(doFinal)), null));
            C0458tj c0458tj = new C0458tj();
            c0458tj.a.addElement(qk.c);
            InterfaceC0435sj interfaceC0435sj = qk.d;
            if (interfaceC0435sj != null) {
                c0458tj.a.addElement(new C0035bk(0, interfaceC0435sj));
            }
            return new Yj(c0458tj);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
        } catch (NoSuchPaddingException e2) {
            throw new RuntimeException("Could not find a suitable javax.crypto provider", e2);
        }
    }

    @Override // com.mixplorer.libs.metadata.pdf.pdfbox.pdmodel.encryption.SecurityHandler
    public boolean hasProtectionPolicy() {
        return this.policy != null;
    }

    @Override // com.mixplorer.libs.metadata.pdf.pdfbox.pdmodel.encryption.SecurityHandler
    public void prepareDocumentForEncryption(_i _iVar) {
        if (this.keyLength == 256) {
            throw new IOException("256 bit key length is not supported yet for public key security");
        }
        try {
            Security.addProvider(new Wt());
            PDEncryption e = _iVar.e();
            if (e == null) {
                e = new PDEncryption();
            }
            e.setFilter(FILTER);
            e.setLength(this.keyLength);
            e.setVersion(2);
            e.removeV45filters();
            e.setSubFilter(SUBFILTER);
            byte[] bArr = new byte[20];
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                keyGenerator.init(192, new SecureRandom());
                System.arraycopy(keyGenerator.generateKey().getEncoded(), 0, bArr, 0, 20);
                e.setRecipients(computeRecipientsField(bArr));
                int length = bArr.length;
                for (int i = 0; i < e.getRecipientsLength(); i++) {
                    length += e.getRecipientStringAt(i).c.length;
                }
                byte[] bArr2 = new byte[length];
                System.arraycopy(bArr, 0, bArr2, 0, 20);
                int i2 = 20;
                for (int i3 = 0; i3 < e.getRecipientsLength(); i3++) {
                    Vh recipientStringAt = e.getRecipientStringAt(i3);
                    System.arraycopy(recipientStringAt.c, 0, bArr2, i2, recipientStringAt.c.length);
                    i2 += recipientStringAt.c.length;
                }
                byte[] digest = MessageDigests.getSHA1().digest(bArr2);
                this.encryptionKey = new byte[this.keyLength / 8];
                System.arraycopy(digest, 0, this.encryptionKey, 0, this.keyLength / 8);
                _iVar.d = e;
                Hh hh = _iVar.a;
                hh.e.a(Mh.I, (Eh) e.getCOSDictionary());
            } catch (NoSuchAlgorithmException e2) {
                throw new RuntimeException(e2);
            }
        } catch (GeneralSecurityException e3) {
            throw new IOException(e3);
        }
    }

    @Override // com.mixplorer.libs.metadata.pdf.pdfbox.pdmodel.encryption.SecurityHandler
    public void prepareForDecryption(PDEncryption pDEncryption, Dh dh, DecryptionMaterial decryptionMaterial) {
        if (!(decryptionMaterial instanceof PublicKeyDecryptionMaterial)) {
            throw new IOException("Provided decryption material is not compatible with the document");
        }
        setDecryptMetadata(pDEncryption.isEncryptMetaData());
        if (pDEncryption.getLength() != 0) {
            this.keyLength = pDEncryption.getLength();
        }
        PublicKeyDecryptionMaterial publicKeyDecryptionMaterial = (PublicKeyDecryptionMaterial) decryptionMaterial;
        try {
            byte[][] bArr = new byte[pDEncryption.getRecipientsLength()];
            StringBuilder sb = new StringBuilder();
            int i = 0;
            boolean z = false;
            byte[] bArr2 = null;
            int i2 = 0;
            while (i < pDEncryption.getRecipientsLength()) {
                byte[] bArr3 = pDEncryption.getRecipientStringAt(i).c;
                try {
                    try {
                        InterfaceC0435sj interfaceC0435sj = Qk.a(new C0550xj(bArr3).b()).d;
                        Sk sk = interfaceC0435sj instanceof Sk ? (Sk) interfaceC0435sj : interfaceC0435sj != null ? new Sk(Ij.a(interfaceC0435sj)) : null;
                        if (sk.e() != null) {
                            sk.e();
                        }
                        Kj kj = sk.c;
                        Rk rk = sk.d;
                        C0133fn c0133fn = rk.b;
                        Zo a = C0214j.a(kj, c0133fn, new Do(c0133fn, new Fo(rk.c.i())));
                        Kj kj2 = sk.e;
                        Iterator it = a.a().iterator();
                        int i3 = 0;
                        while (true) {
                            if (it.hasNext()) {
                                Yo yo = (Yo) it.next();
                                X509Certificate certificate = publicKeyDecryptionMaterial.getCertificate();
                                C0578yo c0578yo = certificate != null ? new C0578yo(certificate.getEncoded()) : null;
                                Xo xo = yo.a;
                                if (xo.a(c0578yo) && !z) {
                                    C0135fp c0135fp = new C0135fp((PrivateKey) publicKeyDecryptionMaterial.getPrivateKey());
                                    c0135fp.a("SC");
                                    bArr2 = yo.a(c0135fp);
                                    z = true;
                                    break;
                                }
                                i3++;
                                if (certificate != null) {
                                    sb.append('\n');
                                    sb.append(i3);
                                    sb.append(": ");
                                    if (xo instanceof Qo) {
                                        appendCertInfo(sb, (Qo) xo, certificate, c0578yo);
                                    }
                                }
                            }
                        }
                        bArr[i] = bArr3;
                        i2 += bArr3.length;
                        i++;
                    } catch (ClassCastException e) {
                        throw new Eo("Malformed content.", e);
                    } catch (IllegalArgumentException e2) {
                        throw new Eo("Malformed content.", e2);
                    }
                } catch (IOException e3) {
                    throw new Eo("IOException reading content.", e3);
                } catch (ClassCastException e4) {
                    throw new Eo("Malformed content.", e4);
                } catch (IllegalArgumentException e5) {
                    throw new Eo("Malformed content.", e5);
                }
            }
            if (!z || bArr2 == null) {
                throw new IOException("The certificate matches none of " + i + " recipient entries" + sb.toString());
            }
            if (bArr2.length != 24) {
                throw new IOException("The enveloped data does not contain 24 bytes");
            }
            byte[] bArr4 = new byte[4];
            System.arraycopy(bArr2, 20, bArr4, 0, 4);
            AccessPermission accessPermission = new AccessPermission(bArr4);
            accessPermission.setReadOnly();
            setCurrentAccessPermission(accessPermission);
            byte[] bArr5 = new byte[i2 + 20];
            int i4 = 0;
            System.arraycopy(bArr2, 0, bArr5, 0, 20);
            int length = bArr.length;
            int i5 = 0;
            int i6 = 20;
            while (i5 < length) {
                byte[] bArr6 = bArr[i5];
                System.arraycopy(bArr6, i4, bArr5, i6, bArr6.length);
                i6 += bArr6.length;
                i5++;
                i4 = 0;
            }
            byte[] digest = MessageDigests.getSHA1().digest(bArr5);
            this.encryptionKey = new byte[this.keyLength / 8];
            System.arraycopy(digest, 0, this.encryptionKey, 0, this.keyLength / 8);
        } catch (KeyStoreException e6) {
            throw new IOException(e6);
        } catch (CertificateEncodingException e7) {
            throw new IOException(e7);
        } catch (Eo e8) {
            throw new IOException(e8);
        }
    }
}
