package cfca.sadk.asn1.pkcs;

import cfca.sadk.algorithm.common.PKCSObjectIdentifiers;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.sm2.SM2PrivateKey;
import cfca.sadk.algorithm.sm2.SM2PublicKey;
import cfca.sadk.algorithm.sm2.SM3Digest;
import cfca.sadk.algorithm.sm2.SM4Engine;
import cfca.sadk.asn1.parser.ASN1Parser;
import cfca.sadk.org.bouncycastle.asn1.ASN1Encodable;
import cfca.sadk.org.bouncycastle.asn1.ASN1EncodableVector;
import cfca.sadk.org.bouncycastle.asn1.ASN1InputStream;
import cfca.sadk.org.bouncycastle.asn1.ASN1Integer;
import cfca.sadk.org.bouncycastle.asn1.ASN1OctetString;
import cfca.sadk.org.bouncycastle.asn1.ASN1OutputStream;
import cfca.sadk.org.bouncycastle.asn1.ASN1Primitive;
import cfca.sadk.org.bouncycastle.asn1.ASN1Sequence;
import cfca.sadk.org.bouncycastle.asn1.BERSequence;
import cfca.sadk.org.bouncycastle.asn1.DEROctetString;
import cfca.sadk.org.bouncycastle.asn1.DEROutputStream;
import cfca.sadk.org.bouncycastle.asn1.DERSequence;
import cfca.sadk.org.bouncycastle.crypto.DataLengthException;
import cfca.sadk.org.bouncycastle.crypto.InvalidCipherTextException;
import cfca.sadk.org.bouncycastle.crypto.modes.CBCBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.paddings.PKCS7Padding;
import cfca.sadk.org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.params.KeyParameter;
import cfca.sadk.org.bouncycastle.crypto.params.ParametersWithIV;
import cfca.sadk.system.global.SM2ContextConfig;
import cfca.sadk.util.Base64;
import cfca.sadk.x509.certificate.X509Cert;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.PrivateKey;

/* loaded from: input_file:cfca/sadk/asn1/pkcs/PKCS12_SM2.class */
public class PKCS12_SM2 implements ASN1Encodable, PKCSObjectIdentifiers {
    private ASN1Sequence privateInfo;
    private ASN1Sequence publicInfo;
    private ASN1OctetString pubOctString;
    private ASN1OctetString priOctString;
    private SM2PrivateKey SM2PrivateKey;
    private boolean isDecryped;

    public static PKCS12_SM2 getInstance(Object obj) throws PKIException {
        if (obj == null || (obj instanceof PKCS12_SM2)) {
            return (PKCS12_SM2) obj;
        }
        if (obj instanceof ASN1Sequence) {
            return new PKCS12_SM2((ASN1Sequence) obj);
        }
        throw new IllegalArgumentException(new StringBuffer().append("unknown object in factory ").append(obj.getClass().getName()).toString());
    }

    public PKCS12_SM2() {
        this.privateInfo = null;
        this.publicInfo = null;
        this.isDecryped = false;
    }

    public PKCS12_SM2(ASN1Sequence aSN1Sequence, ASN1Sequence aSN1Sequence2) {
        this.privateInfo = null;
        this.publicInfo = null;
        this.isDecryped = false;
        this.publicInfo = aSN1Sequence;
        this.privateInfo = aSN1Sequence2;
    }

    public void load(byte[] bArr) throws IOException, PKIException {
        if (ASN1Parser.isBase64Compatability(bArr)) {
            bArr = Base64.decode(bArr);
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
        parseSM2((ASN1Sequence) aSN1InputStream.readObject());
        aSN1InputStream.close();
    }

    public void parseSM2(ASN1Sequence aSN1Sequence) throws PKIException {
        if (aSN1Sequence.size() == 3) {
            ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(1);
            ASN1Sequence aSN1Sequence3 = (ASN1Sequence) aSN1Sequence.getObjectAt(2);
            if (aSN1Sequence2.size() != 3) {
                throw new PKIException("the sm2 file is not right format,can not get the private part");
            }
            this.priOctString = (ASN1OctetString) aSN1Sequence2.getObjectAt(2);
            if (aSN1Sequence3.size() != 2) {
                throw new PKIException("the sm2 file is not right format.can not get the public part");
            }
            this.pubOctString = (ASN1OctetString) aSN1Sequence3.getObjectAt(1);
        }
    }

    public PKCS12_SM2(ASN1Sequence aSN1Sequence) throws PKIException {
        this.privateInfo = null;
        this.publicInfo = null;
        this.isDecryped = false;
        parseSM2(aSN1Sequence);
    }

    private static byte[] KDF(byte[] bArr) {
        byte[] bArr2 = {0, 0, 0, 1};
        SM3Digest sM3Digest = new SM3Digest();
        sM3Digest.update(bArr, 0, bArr.length);
        sM3Digest.update(bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[32];
        sM3Digest.doFinal(bArr3, 0);
        return bArr3;
    }

    public PrivateKey getPrivateKey() throws PKIException {
        if (this.isDecryped) {
            return this.SM2PrivateKey;
        }
        throw new PKIException(PKIException.DECRYPT_P12_ERR, PKIException.DECRYPT_P12_ERR_DES);
    }

    public SM2PrivateKey getPrivateKey(String str) throws Exception {
        decrypt(str);
        return this.SM2PrivateKey;
    }

    public void decrypt(String str) throws PKIException, UnsupportedEncodingException, DataLengthException, IllegalStateException, InvalidCipherTextException {
        if (str == null) {
            throw new PKIException("the pass word should not be null");
        }
        byte[] KDF = KDF(str.getBytes("UTF8"));
        byte[] bArr = new byte[16];
        System.arraycopy(KDF, 0, bArr, 0, 16);
        byte[] bArr2 = new byte[16];
        System.arraycopy(KDF, 16, bArr2, 0, 16);
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SM4Engine()), new PKCS7Padding());
        paddedBufferedBlockCipher.init(false, new ParametersWithIV(new KeyParameter(bArr2), bArr));
        byte[] octets = this.priOctString.getOctets();
        if (ASN1Parser.isBase64Compatability(octets)) {
            octets = Base64.decode(octets);
        }
        int outputSize = paddedBufferedBlockCipher.getOutputSize(octets.length);
        byte[] bArr3 = new byte[outputSize];
        int processBytes = paddedBufferedBlockCipher.processBytes(octets, 0, octets.length, bArr3, 0);
        int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr3, processBytes);
        SM2PublicKey sM2PublicKey = (SM2PublicKey) getPublicCert()[0].getPublicKey();
        byte[] pubXByBytes = sM2PublicKey.getPubXByBytes();
        byte[] pubYByBytes = sM2PublicKey.getPubYByBytes();
        if (doFinal < outputSize) {
            byte[] bArr4 = new byte[doFinal];
            System.arraycopy(bArr3, 0, bArr4, 0, doFinal);
            this.SM2PrivateKey = new SM2PrivateKey(bArr4, pubXByBytes, pubYByBytes);
        } else {
            this.SM2PrivateKey = new SM2PrivateKey(bArr3, pubXByBytes, pubYByBytes);
        }
        this.isDecryped = true;
    }

    public X509Cert[] getPublicCert() throws PKIException {
        return new X509Cert[]{new X509Cert(this.pubOctString.getOctets())};
    }

    public static void generateSM2File(X509Cert x509Cert, PrivateKey privateKey, String str, String str2) throws PKIException, IOException, DataLengthException, IllegalStateException, InvalidCipherTextException {
        FileOutputStream fileOutputStream;
        DEROutputStream dEROutputStream;
        PKCS12_SM2 generateSM2 = generateSM2(x509Cert, privateKey, str);
        FileOutputStream fileOutputStream2 = null;
        ByteArrayOutputStream byteArrayOutputStream = null;
        ASN1OutputStream aSN1OutputStream = null;
        try {
            try {
                File file = new File(str2);
                if (!file.exists()) {
                    file.createNewFile();
                }
                if (SM2ContextConfig.getBase64State()) {
                    fileOutputStream = new FileOutputStream(file);
                    byteArrayOutputStream = new ByteArrayOutputStream();
                    dEROutputStream = new DEROutputStream(byteArrayOutputStream);
                    dEROutputStream.writeObject(generateSM2);
                    Base64.encode(byteArrayOutputStream.toByteArray(), fileOutputStream);
                } else {
                    fileOutputStream = new FileOutputStream(file);
                    dEROutputStream = new DEROutputStream(fileOutputStream);
                    dEROutputStream.writeObject(generateSM2);
                }
                if (dEROutputStream != null) {
                    try {
                        dEROutputStream.close();
                    } catch (Exception e) {
                        throw new PKIException(e.getMessage());
                    }
                }
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                if (byteArrayOutputStream != null) {
                    byteArrayOutputStream.close();
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        aSN1OutputStream.close();
                    } catch (Exception e2) {
                        throw new PKIException(e2.getMessage());
                    }
                }
                if (0 != 0) {
                    fileOutputStream2.close();
                }
                if (0 != 0) {
                    byteArrayOutputStream.close();
                }
                throw th;
            }
        } catch (Exception e3) {
            throw new PKIException(new StringBuffer().append("can not create sm2 file: ").append(e3.getMessage()).toString());
        }
    }

    public static byte[] generateSM2Data(X509Cert x509Cert, PrivateKey privateKey, String str) throws IOException, PKIException, DataLengthException, IllegalStateException, InvalidCipherTextException {
        PKCS12_SM2 generateSM2 = generateSM2(x509Cert, privateKey, str);
        if (SM2ContextConfig.getBase64State()) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new DEROutputStream(byteArrayOutputStream).writeObject(generateSM2);
            return Base64.encode(byteArrayOutputStream.toByteArray());
        }
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        new DEROutputStream(byteArrayOutputStream2).writeObject(generateSM2);
        return byteArrayOutputStream2.toByteArray();
    }

    private static PKCS12_SM2 generateSM2(X509Cert x509Cert, PrivateKey privateKey, String str) throws IOException, PKIException, DataLengthException, IllegalStateException, InvalidCipherTextException {
        byte[] bArr;
        if ("".equals(str)) {
            throw new PKIException("the pass word should not be null");
        }
        byte[] KDF = KDF(str.getBytes("UTF8"));
        byte[] bArr2 = new byte[16];
        System.arraycopy(KDF, 0, bArr2, 0, 16);
        byte[] bArr3 = new byte[16];
        System.arraycopy(KDF, 16, bArr3, 0, 16);
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SM4Engine()), new PKCS7Padding());
        paddedBufferedBlockCipher.init(true, new ParametersWithIV(new KeyParameter(bArr3), bArr2));
        if (!(privateKey instanceof SM2PrivateKey)) {
            throw new PKIException("priKey is not SM2PrivateKey, SM2PrivateKey expected!");
        }
        byte[] dByBytes = ((SM2PrivateKey) privateKey).getDByBytes();
        int outputSize = paddedBufferedBlockCipher.getOutputSize(dByBytes.length);
        byte[] bArr4 = new byte[outputSize];
        int processBytes = paddedBufferedBlockCipher.processBytes(dByBytes, 0, dByBytes.length, bArr4, 0);
        int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr4, processBytes);
        if (doFinal < outputSize) {
            byte[] bArr5 = new byte[doFinal];
            System.arraycopy(bArr4, 0, bArr5, 0, doFinal);
            bArr = bArr5;
        } else {
            bArr = bArr4;
        }
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(PKCSObjectIdentifiers.sm2Data);
        aSN1EncodableVector.add(new DEROctetString(x509Cert.getCertStructure().getEncoded()));
        DERSequence dERSequence = new DERSequence(aSN1EncodableVector);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(PKCSObjectIdentifiers.sm2Data);
        aSN1EncodableVector2.add(PKCSObjectIdentifiers.SM4_CBC);
        aSN1EncodableVector2.add(new DEROctetString(bArr));
        return new PKCS12_SM2(dERSequence, new DERSequence(aSN1EncodableVector2));
    }

    @Override // cfca.sadk.org.bouncycastle.asn1.ASN1Encodable
    public ASN1Primitive toASN1Primitive() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(1L));
        aSN1EncodableVector.add(this.privateInfo);
        aSN1EncodableVector.add(this.publicInfo);
        return new BERSequence(aSN1EncodableVector);
    }
}
