package org.eclipse.californium.cose;

import com.upokecenter.cbor.CBORObject;
import com.upokecenter.cbor.CBORType;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.spec.SecretKeySpec;
import org.eclipse.californium.elements.util.Bytes;
import org.eclipse.californium.scandium.dtls.cipher.CCMBlockCipher;

/* loaded from: input_file:org/eclipse/californium/cose/EncryptCommon.class */
public abstract class EncryptCommon extends Message {
    private static final int AES_CCM_16_IV_LENGTH = 13;
    private static final int AES_CCM_64_IV_LENGTH = 7;
    protected String context;
    protected byte[] rgbEncrypt;

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] decryptWithKey(byte[] bArr) throws CoseException {
        AlgorithmID FromCBOR = AlgorithmID.FromCBOR(findAttribute(HeaderKeys.Algorithm));
        if (this.rgbEncrypt == null) {
            throw new CoseException("No Encrypted Content Specified");
        }
        if (!isSupportedAesCcm(FromCBOR)) {
            throw new CoseException("Unsupported Algorithm Specified");
        }
        AES_CCM_Decrypt(FromCBOR, bArr);
        return this.rgbContent;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void encryptWithKey(byte[] bArr) throws CoseException, IllegalStateException {
        AlgorithmID FromCBOR = AlgorithmID.FromCBOR(findAttribute(HeaderKeys.Algorithm));
        if (this.rgbContent == null) {
            throw new CoseException("No Content Specified");
        }
        if (!isSupportedAesCcm(FromCBOR)) {
            throw new CoseException("Unsupported Algorithm Specified");
        }
        AES_CCM_Encrypt(FromCBOR, bArr);
    }

    private byte[] getAADBytes() {
        CBORObject NewArray = CBORObject.NewArray();
        NewArray.Add(this.context);
        if (this.objProtected.size() == 0) {
            NewArray.Add(CBORObject.FromObject(Bytes.EMPTY));
        } else {
            NewArray.Add(this.objProtected.EncodeToBytes());
        }
        NewArray.Add(CBORObject.FromObject(this.externalData));
        return NewArray.EncodeToBytes();
    }

    private void AES_CCM_Decrypt(AlgorithmID algorithmID, byte[] bArr) throws CoseException, IllegalStateException {
        if (bArr.length != algorithmID.getKeySize() / 8) {
            throw new CoseException("Key Size is incorrect");
        }
        int ivLength = ivLength(algorithmID);
        CBORObject findAttribute = findAttribute(HeaderKeys.IV);
        if (findAttribute == null) {
            throw new CoseException("Missing IV during decryption");
        }
        if (findAttribute.getType() != CBORType.ByteString) {
            throw new CoseException("IV is incorrectly formed");
        }
        if (findAttribute.GetByteString().length != ivLength) {
            throw new CoseException("IV size is incorrect");
        }
        try {
            this.rgbContent = CCMBlockCipher.decrypt(new SecretKeySpec(bArr, "AES"), findAttribute.GetByteString(), getAADBytes(), getEncryptedContent(), algorithmID.getTagSize() / 8);
        } catch (InvalidKeyException e) {
            if (!e.getMessage().equals("Illegal key size")) {
                throw new CoseException("Decryption failure", e);
            }
            throw new CoseException("Unsupported key size", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new CoseException("Algorithm not supported", e2);
        } catch (Exception e3) {
            e3.printStackTrace();
            throw new CoseException("Decryption failure", e3);
        }
    }

    private void AES_CCM_Encrypt(AlgorithmID algorithmID, byte[] bArr) throws CoseException, IllegalStateException {
        SecureRandom secureRandom = new SecureRandom();
        if (bArr.length != algorithmID.getKeySize() / 8) {
            throw new CoseException("Key Size is incorrect");
        }
        CBORObject findAttribute = findAttribute(HeaderKeys.IV);
        int ivLength = ivLength(algorithmID);
        if (findAttribute == null) {
            byte[] bArr2 = new byte[ivLength];
            secureRandom.nextBytes(bArr2);
            findAttribute = CBORObject.FromObject(bArr2);
            addAttribute(HeaderKeys.IV, findAttribute, 2);
        } else {
            if (findAttribute.getType() != CBORType.ByteString) {
                throw new CoseException("IV is incorreclty formed.");
            }
            if (findAttribute.GetByteString().length > ivLength) {
                throw new CoseException("IV is too long.");
            }
        }
        try {
            this.rgbEncrypt = CCMBlockCipher.encrypt(new SecretKeySpec(bArr, "AES"), findAttribute.GetByteString(), getAADBytes(), GetContent(), algorithmID.getTagSize() / 8);
        } catch (NoSuchAlgorithmException e) {
            throw new CoseException("Algorithm not supported", e);
        } catch (Exception e2) {
            throw new CoseException("Encryption failure", e2);
        }
    }

    public byte[] getEncryptedContent() throws CoseException {
        if (this.rgbEncrypt == null) {
            throw new CoseException("No Encrypted Content Specified");
        }
        return this.rgbEncrypt;
    }

    public void setEncryptedContent(byte[] bArr) {
        this.rgbEncrypt = bArr;
    }

    public static int ivLength(AlgorithmID algorithmID) {
        switch (algorithmID) {
            case AES_CCM_16_64_128:
            case AES_CCM_16_128_128:
                return 13;
            case AES_CCM_64_64_128:
            case AES_CCM_64_128_128:
                return 7;
            default:
                return -1;
        }
    }

    public static boolean isSupportedAesCcm(AlgorithmID algorithmID) {
        return ivLength(algorithmID) != -1;
    }
}
