package com.amazon.coral.internal.org.bouncycastle.cms;

import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1EncodableVector;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1ObjectIdentifier;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$DEROctetString;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$DERSequence;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$PasswordRecipientInfo;
import com.amazon.coral.internal.org.bouncycastle.asn1.cms.C$RecipientInfo;
import com.amazon.coral.internal.org.bouncycastle.asn1.pkcs.C$PBKDF2Params;
import com.amazon.coral.internal.org.bouncycastle.asn1.pkcs.C$PKCSObjectIdentifiers;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$AlgorithmIdentifier;
import com.amazon.coral.internal.org.bouncycastle.operator.C$GenericKey;
import java.security.SecureRandom;

/* renamed from: com.amazon.coral.internal.org.bouncycastle.cms.$PasswordRecipientInfoGenerator, reason: invalid class name */
/* loaded from: classes3.dex */
public abstract class C$PasswordRecipientInfoGenerator implements C$RecipientInfoGenerator {
    private int blockSize;
    private C$ASN1ObjectIdentifier kekAlgorithm;
    private C$AlgorithmIdentifier keyDerivationAlgorithm;
    private int keySize;
    protected char[] password;
    private SecureRandom random;
    private int schemeID;

    /* JADX INFO: Access modifiers changed from: protected */
    public C$PasswordRecipientInfoGenerator(C$ASN1ObjectIdentifier c$ASN1ObjectIdentifier, char[] cArr) {
        this(c$ASN1ObjectIdentifier, cArr, getKeySize(c$ASN1ObjectIdentifier), ((Integer) C$PasswordRecipientInformation.BLOCKSIZES.get(c$ASN1ObjectIdentifier)).intValue());
    }

    protected C$PasswordRecipientInfoGenerator(C$ASN1ObjectIdentifier c$ASN1ObjectIdentifier, char[] cArr, int i, int i2) {
        this.password = cArr;
        this.schemeID = 1;
        this.kekAlgorithm = c$ASN1ObjectIdentifier;
        this.keySize = i;
        this.blockSize = i2;
    }

    private static int getKeySize(C$ASN1ObjectIdentifier c$ASN1ObjectIdentifier) {
        Integer num = (Integer) C$PasswordRecipientInformation.KEYSIZES.get(c$ASN1ObjectIdentifier);
        if (num == null) {
            throw new IllegalArgumentException("cannot find key size for algorithm: " + c$ASN1ObjectIdentifier);
        }
        return num.intValue();
    }

    protected abstract byte[] calculateDerivedKey(int i, C$AlgorithmIdentifier c$AlgorithmIdentifier, int i2) throws C$CMSException;

    @Override // com.amazon.coral.internal.org.bouncycastle.cms.C$RecipientInfoGenerator
    public C$RecipientInfo generate(C$GenericKey c$GenericKey) throws C$CMSException {
        byte[] bArr = new byte[this.blockSize];
        if (this.random == null) {
            this.random = new SecureRandom();
        }
        this.random.nextBytes(bArr);
        if (this.keyDerivationAlgorithm == null) {
            byte[] bArr2 = new byte[20];
            this.random.nextBytes(bArr2);
            this.keyDerivationAlgorithm = new C$AlgorithmIdentifier(C$PKCSObjectIdentifiers.id_PBKDF2, new C$PBKDF2Params(bArr2, 1024));
        }
        C$DEROctetString c$DEROctetString = new C$DEROctetString(generateEncryptedBytes(new C$AlgorithmIdentifier(this.kekAlgorithm, new C$DEROctetString(bArr)), calculateDerivedKey(this.schemeID, this.keyDerivationAlgorithm, this.keySize), c$GenericKey));
        C$ASN1EncodableVector c$ASN1EncodableVector = new C$ASN1EncodableVector();
        c$ASN1EncodableVector.add(this.kekAlgorithm);
        c$ASN1EncodableVector.add(new C$DEROctetString(bArr));
        return new C$RecipientInfo(new C$PasswordRecipientInfo(this.keyDerivationAlgorithm, new C$AlgorithmIdentifier(C$PKCSObjectIdentifiers.id_alg_PWRI_KEK, new C$DERSequence(c$ASN1EncodableVector)), c$DEROctetString));
    }

    protected abstract byte[] generateEncryptedBytes(C$AlgorithmIdentifier c$AlgorithmIdentifier, byte[] bArr, C$GenericKey c$GenericKey) throws C$CMSException;

    public C$PasswordRecipientInfoGenerator setPasswordConversionScheme(int i) {
        this.schemeID = i;
        return this;
    }

    public C$PasswordRecipientInfoGenerator setSaltAndIterationCount(byte[] bArr, int i) {
        this.keyDerivationAlgorithm = new C$AlgorithmIdentifier(C$PKCSObjectIdentifiers.id_PBKDF2, new C$PBKDF2Params(bArr, i));
        return this;
    }

    public C$PasswordRecipientInfoGenerator setSecureRandom(SecureRandom secureRandom) {
        this.random = secureRandom;
        return this;
    }
}
