package oracle.security.crypto.cms;

import java.io.IOException;
import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Enumeration;
import java.util.Vector;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import oracle.security.crypto.asn1.ASN1Integer;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1Utils;
import oracle.security.crypto.cert.AttributeSet;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.core.CBCAlgorithmIdentifier;
import oracle.security.crypto.util.OutputGenerationException;

/* loaded from: input_file:oracle/security/crypto/cms/CMSEnvelopedDataOutputStream.class */
public class CMSEnvelopedDataOutputStream extends CMSOutputStream {
    private ASN1ObjectID enclosedContentType;
    private Cipher cipher;
    private AlgorithmIdentifier contentEncryptionAlgID;
    private ECIOutputStream content_out;
    private boolean writingToConnector;
    private Vector recipients;
    private SecretKey contentEncryptionKey;
    private boolean terminated;
    private boolean writeContent;
    private OriginatorInfo origInfo;
    private AttributeSet unprotectedAttribs;
    private boolean prefaceOutput;

    public CMSEnvelopedDataOutputStream(OutputStream outputStream, AlgorithmIdentifier algorithmIdentifier, Vector vector) throws NoSuchAlgorithmException {
        this(outputStream, CMS.id_data, algorithmIdentifier, vector, true, (OriginatorInfo) null, (AttributeSet) null);
    }

    public CMSEnvelopedDataOutputStream(OutputStream outputStream, ASN1ObjectID aSN1ObjectID, AlgorithmIdentifier algorithmIdentifier, Vector vector) throws NoSuchAlgorithmException {
        this(outputStream, aSN1ObjectID, algorithmIdentifier, vector, true, (OriginatorInfo) null, (AttributeSet) null);
    }

    public CMSEnvelopedDataOutputStream(OutputStream outputStream, ASN1ObjectID aSN1ObjectID, AlgorithmIdentifier algorithmIdentifier, Vector vector, boolean z) throws NoSuchAlgorithmException {
        this(outputStream, aSN1ObjectID, algorithmIdentifier, vector, z, (OriginatorInfo) null, (AttributeSet) null);
    }

    public CMSEnvelopedDataOutputStream(OutputStream outputStream, ASN1ObjectID aSN1ObjectID, AlgorithmIdentifier algorithmIdentifier, Vector vector, boolean z, OriginatorInfo originatorInfo, AttributeSet attributeSet) throws NoSuchAlgorithmException {
        super(outputStream);
        this.terminated = false;
        this.prefaceOutput = false;
        this.enclosedContentType = aSN1ObjectID;
        byte[] bArr = new byte[8];
        SecureRandom secureRandom = new SecureRandom();
        KeyGenerator keyGenerator = KeyGenerator.getInstance(CMSUtils.getAlgoName(algorithmIdentifier, true));
        if (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) {
            keyGenerator.init(CMSUtils.getKeySize(algorithmIdentifier), secureRandom);
        } else {
            keyGenerator.init(secureRandom);
        }
        this.contentEncryptionKey = keyGenerator.generateKey();
        this.cipher = null;
        try {
            String algoName = CMSUtils.getAlgoName(algorithmIdentifier);
            if (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) {
                this.cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            } else {
                this.cipher = Cipher.getInstance(CMSUtils.addPadding(algoName));
            }
            if (algoName.indexOf("CBC") != -1) {
                byte[] generateRandomBytes = (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) ? CMSUtils.generateRandomBytes(16) : CMSUtils.generateRandomBytes(8);
                this.cipher.init(1, this.contentEncryptionKey, new IvParameterSpec(generateRandomBytes));
                this.contentEncryptionAlgID = new CBCAlgorithmIdentifier(algorithmIdentifier.getOID(), generateRandomBytes);
            } else {
                this.cipher.init(1, this.contentEncryptionKey);
                this.contentEncryptionAlgID = algorithmIdentifier;
            }
            this.recipients = vector;
            this.writeContent = z;
            this.origInfo = originatorInfo;
            this.unprotectedAttribs = attributeSet;
            this.writingToConnector = false;
        } catch (InvalidAlgorithmParameterException e) {
            throw new NoSuchAlgorithmException(e.toString());
        } catch (InvalidKeyException e2) {
            throw new NoSuchAlgorithmException(e2.toString());
        } catch (NoSuchPaddingException e3) {
            throw new NoSuchAlgorithmException(e3.toString());
        }
    }

    public CMSEnvelopedDataOutputStream(CMSOutputConnector cMSOutputConnector, ASN1ObjectID aSN1ObjectID, AlgorithmIdentifier algorithmIdentifier, Vector vector, boolean z) throws NoSuchAlgorithmException {
        super(cMSOutputConnector.getOutputStream());
        this.terminated = false;
        this.prefaceOutput = false;
        byte[] bArr = new byte[8];
        SecureRandom secureRandom = new SecureRandom();
        KeyGenerator keyGenerator = KeyGenerator.getInstance(CMSUtils.getAlgoName(algorithmIdentifier, true));
        if (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) {
            keyGenerator.init(CMSUtils.getKeySize(algorithmIdentifier), secureRandom);
        } else {
            keyGenerator.init(secureRandom);
        }
        this.contentEncryptionKey = keyGenerator.generateKey();
        this.cipher = null;
        try {
            String algoName = CMSUtils.getAlgoName(algorithmIdentifier);
            if (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) {
                this.cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            } else {
                this.cipher = Cipher.getInstance(CMSUtils.addPadding(algoName));
            }
            if (algoName.indexOf("CBC") != -1) {
                byte[] generateRandomBytes = (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) ? CMSUtils.generateRandomBytes(16) : CMSUtils.generateRandomBytes(8);
                this.cipher.init(1, this.contentEncryptionKey, new IvParameterSpec(generateRandomBytes));
                this.contentEncryptionAlgID = new CBCAlgorithmIdentifier(algorithmIdentifier.getOID(), generateRandomBytes);
            } else {
                this.cipher.init(1, this.contentEncryptionKey);
                this.contentEncryptionAlgID = algorithmIdentifier;
            }
            this.recipients = vector;
            this.writeContent = z;
            this.enclosedContentType = aSN1ObjectID;
            this.writingToConnector = true;
        } catch (InvalidAlgorithmParameterException e) {
            throw new NoSuchAlgorithmException(e.toString());
        } catch (InvalidKeyException e2) {
            throw new NoSuchAlgorithmException(e2.toString());
        } catch (NoSuchPaddingException e3) {
            throw new NoSuchAlgorithmException(e3.toString());
        }
    }

    public CMSEnvelopedDataOutputStream(CMSOutputConnector cMSOutputConnector, ASN1ObjectID aSN1ObjectID, AlgorithmIdentifier algorithmIdentifier, Vector vector, boolean z, OriginatorInfo originatorInfo, AttributeSet attributeSet) throws NoSuchAlgorithmException {
        super(cMSOutputConnector.getOutputStream());
        this.terminated = false;
        this.prefaceOutput = false;
        this.enclosedContentType = aSN1ObjectID;
        byte[] bArr = new byte[8];
        SecureRandom secureRandom = new SecureRandom();
        KeyGenerator keyGenerator = KeyGenerator.getInstance(CMSUtils.getAlgoName(algorithmIdentifier, true));
        if (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) {
            keyGenerator.init(CMSUtils.getKeySize(algorithmIdentifier), secureRandom);
        } else {
            keyGenerator.init(secureRandom);
        }
        this.contentEncryptionKey = keyGenerator.generateKey();
        this.cipher = null;
        try {
            String algoName = CMSUtils.getAlgoName(algorithmIdentifier);
            if (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) {
                this.cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            } else {
                this.cipher = Cipher.getInstance(CMSUtils.addPadding(algoName));
            }
            if (algoName.indexOf("CBC") != -1) {
                byte[] generateRandomBytes = (algorithmIdentifier.equals(CMS.aes128_cbc) || algorithmIdentifier.equals(CMS.aes192_cbc) || algorithmIdentifier.equals(CMS.aes256_cbc)) ? CMSUtils.generateRandomBytes(16) : CMSUtils.generateRandomBytes(8);
                this.cipher.init(1, this.contentEncryptionKey, new IvParameterSpec(generateRandomBytes));
                this.contentEncryptionAlgID = new CBCAlgorithmIdentifier(algorithmIdentifier.getOID(), generateRandomBytes);
            } else {
                this.cipher.init(1, this.contentEncryptionKey);
                this.contentEncryptionAlgID = algorithmIdentifier;
            }
            this.recipients = vector;
            this.writeContent = z;
            this.origInfo = originatorInfo;
            this.unprotectedAttribs = attributeSet;
            this.writingToConnector = true;
        } catch (InvalidAlgorithmParameterException e) {
            throw new NoSuchAlgorithmException(e.toString());
        } catch (InvalidKeyException e2) {
            throw new NoSuchAlgorithmException(e2.toString());
        } catch (NoSuchPaddingException e3) {
            throw new NoSuchAlgorithmException(e3.toString());
        }
    }

    private void ensurePrefaceOutput() throws IOException {
        if (this.prefaceOutput) {
            return;
        }
        if (!this.writingToConnector) {
            ASN1Utils.outputHeader(this.out, 16, 0);
            CMS.id_envelopedData.output(this.out);
            ASN1Utils.outputHeader(this.out, 0, 128);
        }
        ASN1Utils.outputHeader(this.out, 16, 0);
        boolean z = true;
        if (this.origInfo != null) {
            z = false;
        }
        Enumeration elements = this.recipients.elements();
        while (z && elements.hasMoreElements()) {
            CMSRecipientInfoSpec cMSRecipientInfoSpec = (CMSRecipientInfoSpec) elements.nextElement();
            if (!(cMSRecipientInfoSpec instanceof CMSKeyTransRecipientInfoSpec)) {
                z = false;
            } else if (((CMSKeyTransRecipientInfoSpec) cMSRecipientInfoSpec).getSPKI() != null) {
                z = false;
            }
        }
        if (this.unprotectedAttribs != null) {
            z = false;
        }
        if (z) {
            ASN1Integer.outputValue(this.out, 0);
        } else {
            ASN1Integer.outputValue(this.out, 2);
        }
        if (this.origInfo != null) {
            ASN1Utils.addImplicitTag(this.origInfo, 0).output(this.out);
        }
        ASN1Utils.outputHeader(this.out, 17, 0);
        try {
            Enumeration elements2 = this.recipients.elements();
            while (elements2.hasMoreElements()) {
                CMSRecipientInfoSpec cMSRecipientInfoSpec2 = (CMSRecipientInfoSpec) elements2.nextElement();
                if (cMSRecipientInfoSpec2 instanceof CMSKeyTransRecipientInfoSpec) {
                    CMSKeyTransRecipientInfoSpec cMSKeyTransRecipientInfoSpec = (CMSKeyTransRecipientInfoSpec) cMSRecipientInfoSpec2;
                    if (cMSKeyTransRecipientInfoSpec.getSPKI() == null) {
                        new CMSKeyTransRecipientInfo(this.contentEncryptionKey, cMSKeyTransRecipientInfoSpec.getRecipientKey(), cMSKeyTransRecipientInfoSpec.getIASN(), cMSKeyTransRecipientInfoSpec.getKeyEncryptionAlgID()).output(this.out);
                    } else {
                        new CMSKeyTransRecipientInfo(this.contentEncryptionKey, cMSKeyTransRecipientInfoSpec.getRecipientKey(), cMSKeyTransRecipientInfoSpec.getSPKI(), cMSKeyTransRecipientInfoSpec.getKeyEncryptionAlgID()).output(this.out);
                    }
                } else {
                    if (!(cMSRecipientInfoSpec2 instanceof CMSKEKRecipientInfoSpec)) {
                        throw new IOException("unknown CMSRecipientInfo ");
                    }
                    ASN1Utils.addImplicitTag(new CMSKEKRecipientInfo(this.contentEncryptionKey, (CMSKEKRecipientInfoSpec) cMSRecipientInfoSpec2), 2).output(this.out);
                }
            }
            ASN1Utils.outputEndOfContents(this.out);
            this.content_out = new ECIOutputStream(this.out, this.cipher, this.enclosedContentType, this.contentEncryptionAlgID);
            this.content_out.writeInitial(this.writeContent);
            this.prefaceOutput = true;
        } catch (InvalidAlgorithmParameterException e) {
            throw new OutputGenerationException(e);
        } catch (InvalidKeyException e2) {
            throw new OutputGenerationException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new OutputGenerationException(e3);
        } catch (InvalidKeySpecException e4) {
            throw new OutputGenerationException(e4);
        } catch (BadPaddingException e5) {
            throw new OutputGenerationException(e5);
        } catch (IllegalBlockSizeException e6) {
            throw new OutputGenerationException(e6);
        } catch (NoSuchPaddingException e7) {
            throw new OutputGenerationException(e7);
        }
    }

    @Override // oracle.security.crypto.cms.CMSOutputStream
    public void terminate() throws IOException {
        ensurePrefaceOutput();
        this.content_out.writeFinal();
        if (this.unprotectedAttribs != null) {
            ASN1Utils.addImplicitTag(this.unprotectedAttribs, 1).output(this.out);
        }
        ASN1Utils.outputEndOfContents(this.out);
        if (this.writingToConnector) {
            ((CMSOutputStream) this.out).terminate();
        } else {
            ASN1Utils.outputEndOfContents(this.out);
            ASN1Utils.outputEndOfContents(this.out);
        }
        this.terminated = true;
    }

    @Override // java.io.FilterOutputStream, java.io.OutputStream
    public void write(int i) throws IOException {
        ensurePrefaceOutput();
        this.content_out.write(i);
    }

    @Override // java.io.FilterOutputStream, java.io.OutputStream
    public void write(byte[] bArr, int i, int i2) throws IOException {
        ensurePrefaceOutput();
        this.content_out.write(bArr, i, i2);
    }

    @Override // java.io.FilterOutputStream, java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        if (!this.terminated) {
            terminate();
        }
        super.close();
    }

    @Override // oracle.security.crypto.cms.CMSOutputStream
    public ASN1ObjectID getExposedContentType() {
        return CMS.id_envelopedData;
    }
}
