package com.rsa.cryptoj.c;

import com.rsa.crypto.AlgInputParams;
import com.rsa.crypto.AlgorithmStrings;
import com.rsa.crypto.DSAPrivateKey;
import com.rsa.crypto.ECPrivateKey;
import com.rsa.crypto.ECPublicKey;
import com.rsa.crypto.InvalidAlgorithmParameterException;
import com.rsa.crypto.InvalidKeyException;
import com.rsa.crypto.ParamNames;
import com.rsa.crypto.PrivateKey;
import com.rsa.crypto.PublicKey;
import com.rsa.crypto.RSAPrivateKey;
import com.rsa.crypto.RSAPublicKey;
import com.rsa.crypto.SecretKey;
import java.math.BigInteger;

/* loaded from: input_file:com/rsa/cryptoj/c/cc.class */
public class cc implements cd {
    private static final long serialVersionUID = 7126078004903147652L;
    private static final String e = "Algorithm not allowable in FIPS140 mode: ";
    private final ca f;
    private static final int g = 2048;
    private static final int h = 224;
    private static final int i = 224;
    private static final BigInteger j = new BigInteger("65537");
    public static final int a = 16777216;
    public static final int b = 65536;
    public static final int c = 16384;
    public static final int d = 1024;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/rsa/cryptoj/c/cc$a.class */
    public static class a extends cc {
        private static final long serialVersionUID = 7715351029060942126L;

        public a(ca caVar) {
            super(caVar);
        }

        @Override // com.rsa.cryptoj.c.cc, com.rsa.cryptoj.c.bw
        public void b(String str) {
            if (AlgorithmStrings.MD5.equalsIgnoreCase(str)) {
                return;
            }
            super.b(str);
        }

        @Override // com.rsa.cryptoj.c.cc, com.rsa.cryptoj.c.cd
        public cf a() {
            return cf.a(2, 11);
        }

        @Override // com.rsa.cryptoj.c.cc, com.rsa.cryptoj.c.cd
        public void r(String str) {
        }
    }

    public cc(ca caVar) {
        this.f = caVar;
    }

    @Override // com.rsa.cryptoj.c.bw
    public void e(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void g(String str) {
        if (AlgorithmStrings.SCRYPT.equalsIgnoreCase(str.split("/")[0])) {
            throw new SecurityException(e + str);
        }
    }

    @Override // com.rsa.cryptoj.c.bw
    public void m(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void n(String str) {
    }

    public void q(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void o(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void p(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void h(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void j(String str) {
        if (str.equalsIgnoreCase(AlgorithmStrings.FIPS186RANDOM)) {
            throw new SecurityException(e + str);
        }
    }

    @Override // com.rsa.cryptoj.c.bw
    public void k(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void l(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void i(String str) {
    }

    @Override // com.rsa.cryptoj.c.bw
    public void a(String str) {
        b(str.split("/")[1]);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.rsa.cryptoj.c.bw
    public void c(String str) {
        String[] split = str.split("/");
        Object[] objArr = false;
        if (split.length > 4) {
            objArr = 3;
        }
        if (AlgorithmStrings.DES.equalsIgnoreCase(split[objArr == true ? 1 : 0]) || AlgorithmStrings.DESX.equalsIgnoreCase(split[objArr == true ? 1 : 0]) || AlgorithmStrings.RC2.equalsIgnoreCase(split[objArr == true ? 1 : 0]) || AlgorithmStrings.RC4.equalsIgnoreCase(split[objArr == true ? 1 : 0]) || AlgorithmStrings.RC5.equalsIgnoreCase(split[objArr == true ? 1 : 0]) || (split.length > 1 && AlgorithmStrings.BPS.equalsIgnoreCase(split[1]))) {
            throw new SecurityException(e + str);
        }
    }

    @Override // com.rsa.cryptoj.c.bw
    public void d(String str) {
        if (AlgorithmStrings.ECIES.equalsIgnoreCase(str.split("/")[0])) {
            throw new SecurityException(e + str);
        }
    }

    @Override // com.rsa.cryptoj.c.bw
    public void f(String str) {
        String[] split = str.split("/");
        b(split[0]);
        if (split.length == 4) {
            b(split[3]);
        }
    }

    @Override // com.rsa.cryptoj.c.bw
    public void b(String str) {
        if (AlgorithmStrings.MD5.equalsIgnoreCase(str) && cr.b()) {
            return;
        }
        if (AlgorithmStrings.MD5.equalsIgnoreCase(str) || AlgorithmStrings.MD2.equalsIgnoreCase(str) || AlgorithmStrings.RIPEMD160.equalsIgnoreCase(str)) {
            throw new SecurityException(e + str);
        }
    }

    @Override // com.rsa.cryptoj.c.cd
    public cf a() {
        return cf.a(0, 11);
    }

    @Override // com.rsa.cryptoj.c.cd
    public void a(AlgInputParams algInputParams) throws InvalidAlgorithmParameterException {
        if (!a(((Integer) algInputParams.get(ParamNames.SECURITY_STRENGTH)).intValue(), ((Integer) algInputParams.get(ParamNames.MAX_COFACTOR)).intValue())) {
            throw new InvalidAlgorithmParameterException("Invalid max co-factor size");
        }
    }

    public static boolean a(int i2, int i3) {
        switch (i2) {
            case 80:
                return i3 <= 1024;
            case 112:
                return i3 <= 16384;
            case 128:
                return i3 <= 65536;
            case 192:
                return i3 <= 16777216;
            default:
                return true;
        }
    }

    @Override // com.rsa.cryptoj.c.cd
    public void b(AlgInputParams algInputParams) throws InvalidAlgorithmParameterException {
        int intValue = ((Integer) algInputParams.get(ParamNames.KEY_BITS)).intValue();
        BigInteger bigInteger = new BigInteger(1, (byte[]) algInputParams.get(ParamNames.PUB_EXP));
        int intValue2 = ((Integer) algInputParams.get(ParamNames.KEY_TYPE)).intValue();
        if (intValue != 1024 && intValue != 2048 && intValue != 3072) {
            throw new InvalidAlgorithmParameterException("Accepted RSA modulus lengths are 1024, 2048 and 3072.");
        }
        if (bigInteger.compareTo(j) < 0) {
            throw new InvalidAlgorithmParameterException("Public exponent must be greater than 65536");
        }
        if (intValue2 == 3) {
            throw new InvalidAlgorithmParameterException("Strong RSA key pair generation requires 2 primes");
        }
    }

    @Override // com.rsa.cryptoj.c.cd
    public void a(PrivateKey privateKey) {
        int bitLength;
        if (privateKey.getAlg().equals("RSA")) {
            int bitLength2 = ((RSAPrivateKey) privateKey).getN().getBitLength();
            if (bitLength2 < 2048) {
                throw new InvalidKeyException("Invalid RSA key for signing; n (" + bitLength2 + ") < 2048");
            }
        } else if (privateKey.getAlg().equals(AlgorithmStrings.DSA)) {
            int bitLength3 = ((DSAPrivateKey) privateKey).getParams().getQ().getBitLength();
            if (bitLength3 < 224) {
                throw new InvalidKeyException("Invalid DSA key for signing; q (" + bitLength3 + ")  < 224");
            }
        } else if (privateKey.getAlg().equals(AlgorithmStrings.EC) && (bitLength = ((ECPrivateKey) privateKey).getParams().getOrder().getBitLength()) < 224) {
            throw new InvalidKeyException("Invalid EC key for signing; order n (" + bitLength + ") < 224");
        }
    }

    @Override // com.rsa.cryptoj.c.cd
    public void b(PrivateKey privateKey) {
        if (privateKey.getAlg().equals("RSA")) {
            a("RSA", ((RSAPrivateKey) privateKey).getN().getBitLength());
        } else if (privateKey.getAlg().startsWith(AlgorithmStrings.EC)) {
            a(AlgorithmStrings.EC, ((ECPrivateKey) privateKey).getParams().getOrder().getBitLength());
        }
    }

    @Override // com.rsa.cryptoj.c.cd
    public void a(PublicKey publicKey) {
        if (publicKey.getAlg().equals("RSA")) {
            a("RSA", ((RSAPublicKey) publicKey).getN().getBitLength());
        } else if (publicKey.getAlg().startsWith(AlgorithmStrings.EC)) {
            a(AlgorithmStrings.EC, ((ECPublicKey) publicKey).getParams().getOrder().getBitLength());
        }
    }

    @Override // com.rsa.cryptoj.c.cd
    public void a(SecretKey secretKey) {
        if (secretKey != null && secretKey.getAlg() != null && secretKey.getAlg().equals(AlgorithmStrings.DESEDE) && b(secretKey)) {
            throw new InvalidKeyException("Invalid Triple DES key for encrypting");
        }
    }

    @Override // com.rsa.cryptoj.c.cd
    public void r(String str) {
        if (str.startsWith("SHA1")) {
            throw new SecurityException(e + str);
        }
    }

    private void a(String str, int i2) {
        if (str.equals("RSA")) {
            if (i2 < 2048) {
                throw new InvalidKeyException("Invalid RSA key for encrypting; n (" + i2 + ") < 2048");
            }
        } else if (str.equals(AlgorithmStrings.EC) && i2 < 224) {
            throw new InvalidKeyException("Invalid EC key for encrypting; order n (" + i2 + ") < 224");
        }
    }

    private boolean b(SecretKey secretKey) {
        return dp.a(secretKey.getKeyData(), 0, 8, secretKey.getKeyData(), 8, 8) || dp.a(secretKey.getKeyData(), 8, 8, secretKey.getKeyData(), secretKey.getKeyData().length - 8, 8) || dp.a(secretKey.getKeyData(), 0, 8, secretKey.getKeyData(), secretKey.getKeyData().length - 8, 8);
    }
}
