package com.tom_roush.pdfbox.pdmodel.encryption;

import S5.A;
import S5.AbstractC0285s;
import S5.AbstractC0289w;
import S5.AbstractC0292z;
import S5.C0275h;
import S5.C0279l;
import S5.O;
import S5.c0;
import S5.f0;
import S5.r0;
import T5.a;
import V5.c;
import V5.d;
import V5.e;
import V5.j;
import V5.r;
import V5.s;
import com.tom_roush.pdfbox.cos.COSArray;
import com.tom_roush.pdfbox.cos.COSBase;
import com.tom_roush.pdfbox.cos.COSName;
import com.tom_roush.pdfbox.cos.COSString;
import com.tom_roush.pdfbox.pdmodel.PDDocument;
import i6.InterfaceC2692a;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import m6.C2922c;
import o6.C2967a;
import o6.g;
import q6.C3068b;
import s6.k;

/* loaded from: classes.dex */
public final class PublicKeySecurityHandler extends SecurityHandler {
    public static final String FILTER = "Adobe.PubSec";
    private static final String SUBFILTER4 = "adbe.pkcs7.s4";
    private static final String SUBFILTER5 = "adbe.pkcs7.s5";

    public PublicKeySecurityHandler() {
    }

    public PublicKeySecurityHandler(PublicKeyProtectionPolicy publicKeyProtectionPolicy) {
        setProtectionPolicy(publicKeyProtectionPolicy);
        setKeyLength(publicKeyProtectionPolicy.getEncryptionKeyLength());
    }

    private void appendCertInfo(StringBuilder sb, k kVar, X509Certificate x509Certificate, C3068b c3068b) {
        BigInteger bigInteger = kVar.f26075a.f25867c;
        if (bigInteger != null) {
            BigInteger serialNumber = x509Certificate.getSerialNumber();
            String bigInteger2 = serialNumber != null ? serialNumber.toString(16) : "unknown";
            sb.append("serial-#: rid ");
            sb.append(bigInteger.toString(16));
            sb.append(" vs. cert ");
            sb.append(bigInteger2);
            sb.append(" issuer: rid '");
            sb.append(kVar.f26075a.f25866b);
            sb.append("' vs. cert '");
            sb.append(c3068b == null ? "null" : C2922c.q(c3068b.f25232a.f24772b.f24786e));
            sb.append("' ");
        }
    }

    /* JADX WARN: Type inference failed for: r6v4, types: [S5.s, S5.c0] */
    private j computeRecipientInfo(X509Certificate x509Certificate, byte[] bArr) {
        C0279l c0279l = new C0279l(x509Certificate.getTBSCertificate());
        g q8 = g.q(c0279l.f());
        c0279l.close();
        C2967a c2967a = q8.f24790i.f24780a;
        e eVar = new e(q8.f24786e, q8.f24784c.D());
        try {
            Cipher cipher = Cipher.getInstance(c2967a.f24769a.f5122a, SecurityProvider.getProvider());
            cipher.init(1, x509Certificate.getPublicKey());
            return new j(new r(eVar), c2967a, new AbstractC0285s(cipher.doFinal(bArr)));
        } catch (NoSuchAlgorithmException e8) {
            throw new RuntimeException("Could not find a suitable javax.crypto provider", e8);
        } catch (NoSuchPaddingException e9) {
            throw new RuntimeException("Could not find a suitable javax.crypto provider", e9);
        }
    }

    private byte[][] computeRecipientsField(byte[] bArr) {
        PublicKeyProtectionPolicy publicKeyProtectionPolicy = (PublicKeyProtectionPolicy) getProtectionPolicy();
        byte[][] bArr2 = new byte[publicKeyProtectionPolicy.getNumberOfRecipients()];
        Iterator<PublicKeyRecipient> recipientsIterator = publicKeyProtectionPolicy.getRecipientsIterator();
        int i3 = 0;
        while (recipientsIterator.hasNext()) {
            PublicKeyRecipient next = recipientsIterator.next();
            X509Certificate x509 = next.getX509();
            int permissionBytesForPublicKey = next.getPermission().getPermissionBytesForPublicKey();
            byte[] bArr3 = new byte[24];
            System.arraycopy(bArr, 0, bArr3, 0, 20);
            bArr3[20] = (byte) (permissionBytesForPublicKey >>> 24);
            bArr3[21] = (byte) (permissionBytesForPublicKey >>> 16);
            bArr3[22] = (byte) (permissionBytesForPublicKey >>> 8);
            bArr3[23] = (byte) permissionBytesForPublicKey;
            AbstractC0289w createDERForRecipient = createDERForRecipient(bArr3, x509);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            createDERForRecipient.u(byteArrayOutputStream);
            bArr2[i3] = byteArrayOutputStream.toByteArray();
            i3++;
        }
        return bArr2;
    }

    /* JADX WARN: Type inference failed for: r1v4, types: [S5.A, S5.g0] */
    /* JADX WARN: Type inference failed for: r5v3, types: [S5.s, S5.c0] */
    /* JADX WARN: Type inference failed for: r7v6, types: [S5.r0, S5.z, S5.w] */
    private AbstractC0289w createDERForRecipient(byte[] bArr, X509Certificate x509Certificate) {
        String str = InterfaceC2692a.f23147j.f5122a;
        try {
            Provider provider = SecurityProvider.getProvider();
            AlgorithmParameterGenerator algorithmParameterGenerator = AlgorithmParameterGenerator.getInstance(str, provider);
            KeyGenerator keyGenerator = KeyGenerator.getInstance(str, provider);
            Cipher cipher = Cipher.getInstance(str, provider);
            AlgorithmParameters generateParameters = algorithmParameterGenerator.generateParameters();
            C0279l c0279l = new C0279l(generateParameters.getEncoded("ASN.1"));
            AbstractC0289w f8 = c0279l.f();
            c0279l.close();
            keyGenerator.init(128);
            SecretKey generateKey = keyGenerator.generateKey();
            boolean z8 = true;
            cipher.init(1, generateKey, generateParameters);
            byte[] doFinal = cipher.doFinal(bArr);
            ?? a8 = new A(new s(computeRecipientInfo(x509Certificate, generateKey.getEncoded())));
            a8.f5088d = -1;
            d dVar = new d(a8, new c(InterfaceC2692a.f23157t, new C2967a(new S5.r(str), f8), new AbstractC0285s(doFinal)));
            S5.r rVar = InterfaceC2692a.f23158u;
            AbstractC0289w n8 = dVar.n();
            if (!(n8 instanceof c0) && !(n8 instanceof r0) && !(n8 instanceof f0)) {
                z8 = false;
            }
            C0275h c0275h = new C0275h(2);
            c0275h.a(rVar);
            c0275h.a(z8 ? new O(dVar, 2) : new O(dVar, 0));
            if (!z8) {
                return new AbstractC0292z(c0275h);
            }
            ?? abstractC0292z = new AbstractC0292z(c0275h);
            abstractC0292z.f5124c = -1;
            return abstractC0292z;
        } catch (NoSuchAlgorithmException e8) {
            throw new IOException(a.q("Could not find a suitable javax.crypto provider for algorithm ", str, "; possible reason: using an unsigned .jar file"), e8);
        } catch (NoSuchPaddingException e9) {
            throw new RuntimeException("Could not find a suitable javax.crypto provider", e9);
        }
    }

    private void prepareEncryptionDictAES(PDEncryption pDEncryption, COSName cOSName, byte[][] bArr) {
        PDCryptFilterDictionary pDCryptFilterDictionary = new PDCryptFilterDictionary();
        pDCryptFilterDictionary.setCryptFilterMethod(cOSName);
        pDCryptFilterDictionary.setLength(getKeyLength());
        COSArray cOSArray = new COSArray();
        for (byte[] bArr2 : bArr) {
            cOSArray.add((COSBase) new COSString(bArr2));
        }
        pDCryptFilterDictionary.getCOSObject().setItem(COSName.RECIPIENTS, (COSBase) cOSArray);
        cOSArray.setDirect(true);
        pDEncryption.setDefaultCryptFilterDictionary(pDCryptFilterDictionary);
        COSName cOSName2 = COSName.DEFAULT_CRYPT_FILTER;
        pDEncryption.setStreamFilterName(cOSName2);
        pDEncryption.setStringFilterName(cOSName2);
        pDCryptFilterDictionary.getCOSObject().setDirect(true);
        setAES(true);
    }

    @Override // com.tom_roush.pdfbox.pdmodel.encryption.SecurityHandler
    public void prepareDocumentForEncryption(PDDocument pDDocument) {
        byte[] digest;
        COSName cOSName;
        try {
            PDEncryption encryption = pDDocument.getEncryption();
            if (encryption == null) {
                encryption = new PDEncryption();
            }
            encryption.setFilter(FILTER);
            encryption.setLength(getKeyLength());
            int computeVersionNumber = computeVersionNumber();
            encryption.setVersion(computeVersionNumber);
            encryption.removeV45filters();
            int i3 = 20;
            byte[] bArr = new byte[20];
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                keyGenerator.init(192, new SecureRandom());
                System.arraycopy(keyGenerator.generateKey().getEncoded(), 0, bArr, 0, 20);
                byte[][] computeRecipientsField = computeRecipientsField(bArr);
                int i5 = 20;
                for (byte[] bArr2 : computeRecipientsField) {
                    i5 += bArr2.length;
                }
                byte[] bArr3 = new byte[i5];
                System.arraycopy(bArr, 0, bArr3, 0, 20);
                for (byte[] bArr4 : computeRecipientsField) {
                    System.arraycopy(bArr4, 0, bArr3, i3, bArr4.length);
                    i3 += bArr4.length;
                }
                if (computeVersionNumber == 4) {
                    encryption.setSubFilter(SUBFILTER5);
                    digest = MessageDigests.getSHA1().digest(bArr3);
                    cOSName = COSName.AESV2;
                } else {
                    if (computeVersionNumber != 5) {
                        encryption.setSubFilter(SUBFILTER4);
                        digest = MessageDigests.getSHA1().digest(bArr3);
                        encryption.setRecipients(computeRecipientsField);
                        setEncryptionKey(new byte[getKeyLength() / 8]);
                        System.arraycopy(digest, 0, getEncryptionKey(), 0, getKeyLength() / 8);
                        pDDocument.setEncryptionDictionary(encryption);
                        pDDocument.getDocument().setEncryptionDictionary(encryption.getCOSObject());
                    }
                    encryption.setSubFilter(SUBFILTER5);
                    digest = MessageDigests.getSHA256().digest(bArr3);
                    cOSName = COSName.AESV3;
                }
                prepareEncryptionDictAES(encryption, cOSName, computeRecipientsField);
                setEncryptionKey(new byte[getKeyLength() / 8]);
                System.arraycopy(digest, 0, getEncryptionKey(), 0, getKeyLength() / 8);
                pDDocument.setEncryptionDictionary(encryption);
                pDDocument.getDocument().setEncryptionDictionary(encryption.getCOSObject());
            } catch (NoSuchAlgorithmException e8) {
                throw new RuntimeException(e8);
            }
        } catch (GeneralSecurityException e9) {
            throw new IOException(e9);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:13:0x003e A[Catch: CertificateEncodingException -> 0x0048, KeyStoreException -> 0x004b, d -> 0x004e, TryCatch #2 {KeyStoreException -> 0x004b, CertificateEncodingException -> 0x0048, d -> 0x004e, blocks: (B:11:0x0037, B:13:0x003e, B:14:0x0052, B:17:0x0060, B:19:0x006a, B:20:0x0079, B:22:0x007f, B:23:0x00a1, B:25:0x00a7, B:27:0x00b5, B:30:0x00bb, B:33:0x00cd, B:35:0x00d1, B:37:0x00e2, B:32:0x00ea, B:46:0x00f6, B:48:0x00fb, B:50:0x011b, B:52:0x0127, B:54:0x012f, B:57:0x0137, B:58:0x018c, B:61:0x0140, B:63:0x0146, B:64:0x015c, B:66:0x0163, B:67:0x0167, B:69:0x0173, B:71:0x017f, B:75:0x0189, B:76:0x016c, B:77:0x01a6, B:78:0x01ad, B:79:0x01ae, B:80:0x01d4, B:81:0x01d5, B:82:0x01dc), top: B:10:0x0037 }] */
    /* JADX WARN: Removed duplicated region for block: B:19:0x006a A[Catch: CertificateEncodingException -> 0x0048, KeyStoreException -> 0x004b, d -> 0x004e, TryCatch #2 {KeyStoreException -> 0x004b, CertificateEncodingException -> 0x0048, d -> 0x004e, blocks: (B:11:0x0037, B:13:0x003e, B:14:0x0052, B:17:0x0060, B:19:0x006a, B:20:0x0079, B:22:0x007f, B:23:0x00a1, B:25:0x00a7, B:27:0x00b5, B:30:0x00bb, B:33:0x00cd, B:35:0x00d1, B:37:0x00e2, B:32:0x00ea, B:46:0x00f6, B:48:0x00fb, B:50:0x011b, B:52:0x0127, B:54:0x012f, B:57:0x0137, B:58:0x018c, B:61:0x0140, B:63:0x0146, B:64:0x015c, B:66:0x0163, B:67:0x0167, B:69:0x0173, B:71:0x017f, B:75:0x0189, B:76:0x016c, B:77:0x01a6, B:78:0x01ad, B:79:0x01ae, B:80:0x01d4, B:81:0x01d5, B:82:0x01dc), top: B:10:0x0037 }] */
    /* JADX WARN: Removed duplicated region for block: B:81:0x01d5 A[Catch: CertificateEncodingException -> 0x0048, KeyStoreException -> 0x004b, d -> 0x004e, TryCatch #2 {KeyStoreException -> 0x004b, CertificateEncodingException -> 0x0048, d -> 0x004e, blocks: (B:11:0x0037, B:13:0x003e, B:14:0x0052, B:17:0x0060, B:19:0x006a, B:20:0x0079, B:22:0x007f, B:23:0x00a1, B:25:0x00a7, B:27:0x00b5, B:30:0x00bb, B:33:0x00cd, B:35:0x00d1, B:37:0x00e2, B:32:0x00ea, B:46:0x00f6, B:48:0x00fb, B:50:0x011b, B:52:0x0127, B:54:0x012f, B:57:0x0137, B:58:0x018c, B:61:0x0140, B:63:0x0146, B:64:0x015c, B:66:0x0163, B:67:0x0167, B:69:0x0173, B:71:0x017f, B:75:0x0189, B:76:0x016c, B:77:0x01a6, B:78:0x01ad, B:79:0x01ae, B:80:0x01d4, B:81:0x01d5, B:82:0x01dc), top: B:10:0x0037 }] */
    /* JADX WARN: Removed duplicated region for block: B:83:0x0051  */
    @Override // com.tom_roush.pdfbox.pdmodel.encryption.SecurityHandler
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void prepareForDecryption(com.tom_roush.pdfbox.pdmodel.encryption.PDEncryption r20, com.tom_roush.pdfbox.cos.COSArray r21, com.tom_roush.pdfbox.pdmodel.encryption.DecryptionMaterial r22) {
        /*
            Method dump skipped, instructions count: 510
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tom_roush.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareForDecryption(com.tom_roush.pdfbox.pdmodel.encryption.PDEncryption, com.tom_roush.pdfbox.cos.COSArray, com.tom_roush.pdfbox.pdmodel.encryption.DecryptionMaterial):void");
    }
}
