package cfca.sadk.util;

import cfca.sadk.algorithm.common.CBCParam;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.sm2.SM3Digest;
import cfca.sadk.algorithm.sm2.SM4Engine;
import cfca.sadk.algorithm.util.RSAAndItsCloseSymAlgUtil;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.org.bouncycastle.crypto.BlockCipher;
import cfca.sadk.org.bouncycastle.crypto.BufferedBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.engines.DESedeEngine;
import cfca.sadk.org.bouncycastle.crypto.modes.CBCBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.paddings.PKCS7Padding;
import cfca.sadk.org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.params.KeyParameter;
import cfca.sadk.org.bouncycastle.crypto.params.ParametersWithIV;
import cfca.sadk.system.global.FileAndBufferConfig;
import cfca.sadk.x509.certificate.X509Cert;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;

/* loaded from: input_file:cfca/sadk/util/EncryptUtil.class */
public class EncryptUtil {
    private static boolean isHex(String str) {
        if (str == null) {
            return false;
        }
        String lowerCase = str.toLowerCase();
        int length = lowerCase.length();
        for (int i = 0; i < length; i++) {
            if ((lowerCase.charAt(i) < '0' || lowerCase.charAt(i) > '9') && (lowerCase.charAt(i) < 'a' || lowerCase.charAt(i) > 'f')) {
                return false;
            }
        }
        return true;
    }

    private static byte[] HexToByte(String str) throws UnsupportedEncodingException {
        byte[] bArr;
        byte[] bytes = str.toLowerCase().getBytes("UTF-8");
        int length = bytes.length;
        if (length % 2 == 1) {
            length++;
            bArr = new byte[length];
            bArr[0] = 0;
            System.arraycopy(bytes, 0, bArr, 1, length - 1);
        } else {
            byte[] bArr2 = new byte[length];
            bArr = (byte[]) bytes.clone();
        }
        byte[] bArr3 = new byte[length / 2];
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= length) {
                return bArr3;
            }
            if (bArr[i2] < 48 || bArr[i2] > 57) {
                bArr[i2] = (byte) (bArr[i2] - 87);
            } else {
                bArr[i2] = (byte) (bArr[i2] - 48);
            }
            if (bArr[i2 + 1] < 48 || bArr[i2 + 1] > 57) {
                bArr[i2 + 1] = (byte) (bArr[i2 + 1] - 87);
            } else {
                bArr[i2 + 1] = (byte) (bArr[i2 + 1] - 48);
            }
            bArr3[i2 / 2] = (byte) ((bArr[i2] << 4) | bArr[i2 + 1]);
            i = i2 + 2;
        }
    }

    private static byte[] doWithDES3(byte[] bArr, String str, boolean z) throws Exception {
        byte[] HexToByte = HexToByte(str);
        Mechanism mechanism = new Mechanism(Mechanism.DES3_CBC);
        byte[] bArr2 = new byte[8];
        byte[] bArr3 = new byte[24];
        System.arraycopy(HexToByte, 0, bArr2, 0, 8);
        System.arraycopy(HexToByte, 8, bArr3, 0, 24);
        CBCParam cBCParam = new CBCParam();
        cBCParam.setIv(bArr2);
        mechanism.setParam(cBCParam);
        return z ? RSAAndItsCloseSymAlgUtil.crypto(false, true, bArr3, bArr, mechanism) : RSAAndItsCloseSymAlgUtil.crypto(false, false, bArr3, bArr, mechanism);
    }

    private static byte[] doDES3WithCBC(byte[] bArr, byte[] bArr2, byte[] bArr3, boolean z) throws Exception {
        if (bArr2.length != 8 || bArr3.length != 24) {
            throw new PKIException("iv.length must be 8 bytes and key.length must be 24 bytes!");
        }
        Mechanism mechanism = new Mechanism(Mechanism.DES3_CBC);
        CBCParam cBCParam = new CBCParam();
        cBCParam.setIv(bArr2);
        mechanism.setParam(cBCParam);
        return z ? RSAAndItsCloseSymAlgUtil.crypto(false, true, bArr3, bArr, mechanism) : RSAAndItsCloseSymAlgUtil.crypto(false, false, bArr3, bArr, mechanism);
    }

    public static byte[] encryptMessageByDES3(byte[] bArr, String str) throws PKIException {
        if (!isHex(str) || str.length() != 64) {
            throw new PKIException("the pwd is not hex string or length is not 64!");
        }
        try {
            return Base64.encode(doWithDES3(bArr, str, true));
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static byte[] encryptMessageByDES3(byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        try {
            return Base64.encode(doDES3WithCBC(bArr, bArr2, bArr3, true));
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static byte[] decryptMessageByDES3(byte[] bArr, String str) throws PKIException {
        if (!isHex(str) || str.length() != 64) {
            throw new PKIException("the pwd is not hex string or length is not 64!");
        }
        try {
            return doWithDES3(Base64.decode(bArr), str, false);
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static byte[] decryptMessageByDES3(byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        try {
            return doDES3WithCBC(Base64.decode(bArr), bArr2, bArr3, false);
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static byte[] encryptMessageBySM2(byte[] bArr, X509Cert x509Cert, Session session) throws PKIException {
        return encryptMessageBySM2(bArr, x509Cert.getPublicKey(), session);
    }

    public static byte[] encryptMessageBySM2(byte[] bArr, PublicKey publicKey, Session session) throws PKIException {
        return encryptMessage(new Mechanism(Mechanism.SM2), publicKey, bArr, session);
    }

    public static byte[] decryptMessageBySM2(byte[] bArr, PrivateKey privateKey, Session session) throws PKIException {
        return decryptMessage(new Mechanism(Mechanism.SM2), privateKey, bArr, session);
    }

    public static byte[] encryptMessageByRSA(byte[] bArr, X509Cert x509Cert, Session session) throws PKIException {
        return encryptMessageByRSA(bArr, x509Cert.getPublicKey(), session);
    }

    public static byte[] encryptMessageByRSA(byte[] bArr, PublicKey publicKey, Session session) throws PKIException {
        return encrypt(new Mechanism(Mechanism.RSA_PKCS), publicKey, bArr, session);
    }

    public static byte[] decryptMessageByRSA(byte[] bArr, PrivateKey privateKey, Session session) throws PKIException {
        return decrypt(new Mechanism(Mechanism.RSA_PKCS), privateKey, bArr, session);
    }

    public static void encryptFileBySM2(InputStream inputStream, OutputStream outputStream, X509Cert x509Cert, Session session) throws PKIException {
        try {
            byte[] bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
            outputStream.write(encryptMessageBySM2(bArr, x509Cert, session));
        } catch (IOException e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void encryptFileBySM2(InputStream inputStream, OutputStream outputStream, PublicKey publicKey, Session session) throws PKIException {
        try {
            byte[] bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
            outputStream.write(encryptMessageBySM2(bArr, publicKey, session));
        } catch (IOException e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void decryptFileBySM2(InputStream inputStream, OutputStream outputStream, PrivateKey privateKey, Session session) throws PKIException {
        try {
            byte[] bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
            outputStream.write(decryptMessageBySM2(bArr, privateKey, session));
        } catch (IOException e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void encryptFileByDES3(InputStream inputStream, OutputStream outputStream, String str) throws PKIException {
        if (!isHex(str) || str.length() != 64) {
            throw new PKIException("the pwd is not hex string or length is not 64!");
        }
        try {
            byte[] HexToByte = HexToByte(str);
            byte[] bArr = new byte[8];
            byte[] bArr2 = new byte[24];
            System.arraycopy(HexToByte, 0, bArr, 0, 8);
            System.arraycopy(HexToByte, 8, bArr2, 0, 24);
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(bArr);
            bigFileBlockEncrypt(true, bArr2, new DESedeEngine(), cBCParam, inputStream, outputStream);
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void encryptFileByDES3(InputStream inputStream, OutputStream outputStream, byte[] bArr, byte[] bArr2) throws PKIException {
        try {
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(bArr);
            bigFileBlockEncrypt(true, bArr2, new DESedeEngine(), cBCParam, inputStream, outputStream);
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void decryptFileByDES3(InputStream inputStream, OutputStream outputStream, String str) throws PKIException {
        if (!isHex(str) || str.length() != 64) {
            throw new PKIException("the pwd is not hex string or length is not 64!");
        }
        try {
            byte[] HexToByte = HexToByte(str);
            byte[] bArr = new byte[8];
            byte[] bArr2 = new byte[24];
            System.arraycopy(HexToByte, 0, bArr, 0, 8);
            System.arraycopy(HexToByte, 8, bArr2, 0, 24);
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(bArr);
            bigFileBlockEncrypt(false, bArr2, new DESedeEngine(), cBCParam, inputStream, outputStream);
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void decryptFileByDES3(InputStream inputStream, OutputStream outputStream, byte[] bArr, byte[] bArr2) throws PKIException {
        try {
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(bArr);
            bigFileBlockEncrypt(false, bArr2, new DESedeEngine(), cBCParam, inputStream, outputStream);
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static byte[] encryptMessageBySM4(byte[] bArr, String str) throws PKIException {
        return Base64.encode(pbeWithSM4Encrypt(true, str, bArr));
    }

    public static byte[] encryptMessageBySM4(byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        return Base64.encode(doSM4WithCBC(true, bArr2, bArr3, bArr));
    }

    public static byte[] decryptMessageBySM4(byte[] bArr, String str) throws PKIException {
        return pbeWithSM4Encrypt(false, str, Base64.decode(bArr));
    }

    public static byte[] decryptMessageBySM4(byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        return doSM4WithCBC(false, bArr2, bArr3, Base64.decode(bArr));
    }

    public static void encryptFileBySM4(InputStream inputStream, OutputStream outputStream, String str) throws PKIException {
        try {
            byte[] bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
            outputStream.write(pbeWithSM4Encrypt(true, str, bArr));
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e2) {
            e2.printStackTrace();
        }
    }

    public static void encryptFileBySM4(InputStream inputStream, OutputStream outputStream, byte[] bArr, byte[] bArr2) throws PKIException {
        try {
            byte[] bArr3 = new byte[inputStream.available()];
            inputStream.read(bArr3);
            outputStream.write(doSM4WithCBC(true, bArr, bArr2, bArr3));
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e2) {
            e2.printStackTrace();
        }
    }

    public static void decryptFileBySM4(InputStream inputStream, OutputStream outputStream, String str) throws PKIException {
        try {
            byte[] bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
            outputStream.write(pbeWithSM4Encrypt(false, str, bArr));
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e2) {
            e2.printStackTrace();
        }
    }

    public static void decryptFileBySM4(InputStream inputStream, OutputStream outputStream, byte[] bArr, byte[] bArr2) throws PKIException {
        try {
            byte[] bArr3 = new byte[inputStream.available()];
            inputStream.read(bArr3);
            outputStream.write(doSM4WithCBC(false, bArr, bArr2, bArr3));
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e2) {
            e2.printStackTrace();
        }
    }

    private static void bigFileBlockEncrypt(boolean z, byte[] bArr, BlockCipher blockCipher, CBCParam cBCParam, InputStream inputStream, OutputStream outputStream) throws Exception {
        int read;
        try {
            PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(blockCipher), new PKCS7Padding());
            paddedBufferedBlockCipher.init(z, new ParametersWithIV(new KeyParameter(bArr), cBCParam.getIv()));
            byte[] bArr2 = new byte[FileAndBufferConfig.BIG_FILE_BUFFER];
            byte[] bArr3 = new byte[FileAndBufferConfig.BIG_FILE_BUFFER + 100];
            long j = 0;
            long available = inputStream.available();
            while (true) {
                read = inputStream.read(bArr2);
                if (read <= 0) {
                    break;
                }
                j += read;
                if (read != FileAndBufferConfig.BIG_FILE_BUFFER || j >= available) {
                    break;
                } else {
                    outputStream.write(bArr3, 0, paddedBufferedBlockCipher.processBytes(bArr2, 0, read, bArr3, 0));
                }
            }
            int processBytes = paddedBufferedBlockCipher.processBytes(bArr2, 0, read, bArr3, 0);
            outputStream.write(bArr3, 0, processBytes + paddedBufferedBlockCipher.doFinal(bArr3, processBytes));
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] encrypt(Mechanism mechanism, Key key, byte[] bArr, Session session) throws PKIException {
        try {
            return Base64.encode(session.encrypt(mechanism, key, bArr));
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void encrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream, Session session) throws PKIException {
        session.encrypt(mechanism, key, inputStream, outputStream);
    }

    public static byte[] encryptMessage(Mechanism mechanism, PublicKey publicKey, byte[] bArr, Session session) throws PKIException {
        try {
            return Base64.encode(session.encryptMessage(mechanism, publicKey, bArr));
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static byte[] decrypt(Mechanism mechanism, Key key, byte[] bArr, Session session) throws PKIException {
        try {
            return session.decrypt(mechanism, key, Base64.decode(bArr));
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void decrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream, Session session) throws PKIException {
        session.decrypt(mechanism, key, inputStream, outputStream);
    }

    public static byte[] decryptMessage(Mechanism mechanism, Key key, byte[] bArr, Session session) throws PKIException {
        try {
            return session.decryptMessage(mechanism, key, Base64.decode(bArr));
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    private static byte[] KDF(byte[] bArr) {
        byte[] bArr2 = {0, 0, 0, 1};
        SM3Digest sM3Digest = new SM3Digest();
        sM3Digest.update(bArr, 0, bArr.length);
        sM3Digest.update(bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[32];
        sM3Digest.doFinal(bArr3, 0);
        return bArr3;
    }

    private static byte[] pbeWithSM4Encrypt(boolean z, String str, byte[] bArr) throws PKIException {
        try {
            byte[] KDF = KDF(str.getBytes("UTF8"));
            byte[] bArr2 = new byte[16];
            System.arraycopy(KDF, 0, bArr2, 0, 16);
            byte[] bArr3 = new byte[16];
            System.arraycopy(KDF, 16, bArr3, 0, 16);
            PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SM4Engine()), new PKCS7Padding());
            paddedBufferedBlockCipher.init(z, new ParametersWithIV(new KeyParameter(bArr3), bArr2));
            int outputSize = paddedBufferedBlockCipher.getOutputSize(bArr.length);
            byte[] bArr4 = new byte[outputSize];
            int processBytes = paddedBufferedBlockCipher.processBytes(bArr, 0, bArr.length, bArr4, 0);
            int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr4, processBytes);
            if (doFinal >= outputSize) {
                return bArr4;
            }
            byte[] bArr5 = new byte[doFinal];
            System.arraycopy(bArr4, 0, bArr5, 0, doFinal);
            return bArr5;
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    private static byte[] doSM4WithCBC(boolean z, byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        if (bArr.length != 16 || bArr2.length != 16) {
            throw new PKIException("iv.length and key.length must be 16 bytes!");
        }
        try {
            PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SM4Engine()), new PKCS7Padding());
            paddedBufferedBlockCipher.init(z, new ParametersWithIV(new KeyParameter(bArr2), bArr));
            int outputSize = paddedBufferedBlockCipher.getOutputSize(bArr3.length);
            byte[] bArr4 = new byte[outputSize];
            int processBytes = paddedBufferedBlockCipher.processBytes(bArr3, 0, bArr3.length, bArr4, 0);
            int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr4, processBytes);
            if (doFinal >= outputSize) {
                return bArr4;
            }
            byte[] bArr5 = new byte[doFinal];
            System.arraycopy(bArr4, 0, bArr5, 0, doFinal);
            return bArr5;
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    private static byte[] doSM4WithNoPadding(boolean z, byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        BufferedBlockCipher bufferedBlockCipher;
        try {
            if (bArr3 != null) {
                ParametersWithIV parametersWithIV = new ParametersWithIV(new KeyParameter(bArr2), bArr3);
                bufferedBlockCipher = new BufferedBlockCipher(new CBCBlockCipher(new SM4Engine()));
                bufferedBlockCipher.init(z, parametersWithIV);
            } else {
                KeyParameter keyParameter = new KeyParameter(bArr2);
                bufferedBlockCipher = new BufferedBlockCipher(new SM4Engine());
                bufferedBlockCipher.init(z, keyParameter);
            }
            int outputSize = bufferedBlockCipher.getOutputSize(bArr.length);
            byte[] bArr4 = new byte[outputSize];
            int processBytes = bufferedBlockCipher.processBytes(bArr, 0, bArr.length, bArr4, 0);
            int doFinal = processBytes + bufferedBlockCipher.doFinal(bArr4, processBytes);
            if (doFinal >= outputSize) {
                return bArr4;
            }
            byte[] bArr5 = new byte[doFinal];
            System.arraycopy(bArr4, 0, bArr5, 0, doFinal);
            return bArr5;
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }
}
