package org.bouncycastle.cms;

import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.cms.KEKIdentifier;
import org.bouncycastle.asn1.cms.KEKRecipientInfo;
import org.bouncycastle.asn1.cms.RecipientInfo;
import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.jruby.ext.openssl.CipherStrings;
import org.jruby.ext.openssl.impl.ASN1Registry;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/classes/ruby/support/bundled-gems.jar:gems/bouncy-castle-java-1.5.0145.2/lib/bcmail-jdk15-145.jar:org/bouncycastle/cms/KEKRecipientInfoGenerator.class */
public class KEKRecipientInfoGenerator implements RecipientInfoGenerator {
    private SecretKey wrapKey;
    private KEKIdentifier secKeyId;
    private AlgorithmIdentifier keyEncAlg;

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setWrapKey(SecretKey secretKey) {
        this.wrapKey = secretKey;
        this.keyEncAlg = determineKeyEncAlg(secretKey);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setKEKIdentifier(KEKIdentifier kEKIdentifier) {
        this.secKeyId = kEKIdentifier;
    }

    @Override // org.bouncycastle.cms.RecipientInfoGenerator
    public RecipientInfo generate(SecretKey secretKey, SecureRandom secureRandom, Provider provider) throws GeneralSecurityException {
        Cipher createAsymmetricCipher = CMSEnvelopedHelper.INSTANCE.createAsymmetricCipher(this.keyEncAlg.getObjectId().getId(), provider);
        createAsymmetricCipher.init(3, this.wrapKey, secureRandom);
        return new RecipientInfo(new KEKRecipientInfo(this.secKeyId, this.keyEncAlg, new DEROctetString(createAsymmetricCipher.wrap(secretKey))));
    }

    private static AlgorithmIdentifier determineKeyEncAlg(SecretKey secretKey) {
        DERObjectIdentifier dERObjectIdentifier;
        DERObjectIdentifier dERObjectIdentifier2;
        String algorithm = secretKey.getAlgorithm();
        if (algorithm.startsWith(CipherStrings.SSL_TXT_DES)) {
            return new AlgorithmIdentifier(new DERObjectIdentifier(ASN1Registry.OBJ_id_smime_alg_CMS3DESwrap), new DERNull());
        }
        if (algorithm.startsWith(CipherStrings.SSL_TXT_RC2)) {
            return new AlgorithmIdentifier(new DERObjectIdentifier(ASN1Registry.OBJ_id_smime_alg_CMSRC2wrap), new DERInteger(58));
        }
        if (algorithm.startsWith(CipherStrings.SSL_TXT_AES)) {
            int length = secretKey.getEncoded().length * 8;
            if (length == 128) {
                dERObjectIdentifier2 = NISTObjectIdentifiers.id_aes128_wrap;
            } else if (length == 192) {
                dERObjectIdentifier2 = NISTObjectIdentifiers.id_aes192_wrap;
            } else {
                if (length != 256) {
                    throw new IllegalArgumentException("illegal keysize in AES");
                }
                dERObjectIdentifier2 = NISTObjectIdentifiers.id_aes256_wrap;
            }
            return new AlgorithmIdentifier(dERObjectIdentifier2);
        }
        if (algorithm.startsWith("SEED")) {
            return new AlgorithmIdentifier(KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap);
        }
        if (!algorithm.startsWith("Camellia")) {
            throw new IllegalArgumentException("unknown algorithm");
        }
        int length2 = secretKey.getEncoded().length * 8;
        if (length2 == 128) {
            dERObjectIdentifier = NTTObjectIdentifiers.id_camellia128_wrap;
        } else if (length2 == 192) {
            dERObjectIdentifier = NTTObjectIdentifiers.id_camellia192_wrap;
        } else {
            if (length2 != 256) {
                throw new IllegalArgumentException("illegal keysize in Camellia");
            }
            dERObjectIdentifier = NTTObjectIdentifiers.id_camellia256_wrap;
        }
        return new AlgorithmIdentifier(dERObjectIdentifier);
    }
}
