package com.icbc.hsm.software.basic;

import com.icbc.bcprov.org.bouncycastle.asn1.ASN1EncodableVector;
import com.icbc.bcprov.org.bouncycastle.asn1.ASN1Encoding;
import com.icbc.bcprov.org.bouncycastle.asn1.ASN1Integer;
import com.icbc.bcprov.org.bouncycastle.asn1.ASN1Primitive;
import com.icbc.bcprov.org.bouncycastle.asn1.ASN1Sequence;
import com.icbc.bcprov.org.bouncycastle.asn1.DEROctetString;
import com.icbc.bcprov.org.bouncycastle.asn1.DERSequence;
import com.icbc.bcprov.org.bouncycastle.crypto.AsymmetricBlockCipher;
import com.icbc.bcprov.org.bouncycastle.crypto.CipherParameters;
import com.icbc.bcprov.org.bouncycastle.crypto.InvalidCipherTextException;
import com.icbc.bcprov.org.bouncycastle.crypto.digests.MD5Digest;
import com.icbc.bcprov.org.bouncycastle.crypto.digests.SHA1Digest;
import com.icbc.bcprov.org.bouncycastle.crypto.digests.SHA224Digest;
import com.icbc.bcprov.org.bouncycastle.crypto.digests.SHA256Digest;
import com.icbc.bcprov.org.bouncycastle.crypto.digests.SHA384Digest;
import com.icbc.bcprov.org.bouncycastle.crypto.digests.SHA3Digest;
import com.icbc.bcprov.org.bouncycastle.crypto.digests.SHA512Digest;
import com.icbc.bcprov.org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
import com.icbc.bcprov.org.bouncycastle.crypto.encodings.OAEPEncoding;
import com.icbc.bcprov.org.bouncycastle.crypto.encodings.PKCS1Encoding;
import com.icbc.bcprov.org.bouncycastle.crypto.engines.RSAEngine;
import com.icbc.bcprov.org.bouncycastle.crypto.engines.SM2Engine;
import com.icbc.bcprov.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import com.icbc.bcprov.org.bouncycastle.crypto.params.ECPublicKeyParameters;
import com.icbc.bcprov.org.bouncycastle.crypto.params.ParametersWithRandom;
import com.icbc.hsm.software.exception.ParmErrorException;
import com.icbc.hsm.software.utils.Helper;
import com.icbc.hsm.utils.AlgorithmConstants;
import com.icbc.hsm.utils.encoders.Hex;
import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.spec.PSource;

/* loaded from: input_file:com/icbc/hsm/software/basic/AsymmetricCipher.class */
public class AsymmetricCipher {
    private AsymmetricCipher() {
    }

    public static byte[] encipher(String str, boolean z, CipherParameters cipherParameters, byte[] bArr) throws Exception {
        CipherParameters bCkey = Helper.toBCkey(cipherParameters);
        if (!AlgorithmConstants.SM2.equalsIgnoreCase(str)) {
            return rsaProcess(buildRSAEngine(str), z, bCkey, bArr);
        }
        if (z) {
            if (bCkey instanceof ECPublicKeyParameters) {
                return sm2Encryption((ECPublicKeyParameters) bCkey, bArr);
            }
            throw new ParmErrorException("Cipher key param error, SM2 ECPublicKeyParameters expected");
        }
        if (bCkey instanceof ECPrivateKeyParameters) {
            return sm2Decryption((ECPrivateKeyParameters) bCkey, bArr);
        }
        throw new ParmErrorException("Cipher key param error, SM2 ECPrivateKeyParameters expected");
    }

    private static AsymmetricBlockCipher buildRSAEngine(String str) {
        AsymmetricBlockCipher asymmetricBlockCipher = null;
        RSAEngine rSAEngine = new RSAEngine();
        if ("NOPADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new RSAEngine();
        } else if ("PKCS1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new PKCS1Encoding(rSAEngine);
        } else if ("ISO9796-1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new ISO9796d1Encoding(rSAEngine);
        } else if ("OAEPPadding".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine);
        } else if ("OAEPWITHMD5ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new MD5Digest(), null);
        } else if ("OAEPWITHSHA1ANDMGF1PADDING".equalsIgnoreCase(str) || "OAEPWITHSHA-1ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new SHA1Digest(), null);
        } else if ("OAEPWITHSHA224ANDMGF1PADDING".equalsIgnoreCase(str) || "OAEPWITHSHA-224ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new SHA224Digest(), null);
        } else if ("OAEPWITHSHA256ANDMGF1PADDING".equalsIgnoreCase(str) || "OAEPWITHSHA-256ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new SHA256Digest(), null);
        } else if ("OAEPWITHSHA384ANDMGF1PADDING".equalsIgnoreCase(str) || "OAEPWITHSHA-384ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new SHA384Digest(), null);
        } else if ("OAEPWITHSHA512ANDMGF1PADDING".equalsIgnoreCase(str) || "OAEPWITHSHA-512ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(new RSAEngine(), new SHA512Digest(), null);
        } else if ("OAEPWITHSHA3-224ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new SHA3Digest(224), PSource.PSpecified.DEFAULT.getValue());
        } else if ("OAEPWITHSHA3-256ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new SHA3Digest(256), PSource.PSpecified.DEFAULT.getValue());
        } else if ("OAEPWITHSHA3-384ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new SHA3Digest(384), PSource.PSpecified.DEFAULT.getValue());
        } else if ("OAEPWITHSHA3-512ANDMGF1PADDING".equalsIgnoreCase(str)) {
            asymmetricBlockCipher = new OAEPEncoding(rSAEngine, new SHA3Digest(512), PSource.PSpecified.DEFAULT.getValue());
        }
        return asymmetricBlockCipher;
    }

    private static byte[] rsaProcess(AsymmetricBlockCipher asymmetricBlockCipher, boolean z, CipherParameters cipherParameters, byte[] bArr) throws ParmErrorException, InvalidCipherTextException, Exception {
        asymmetricBlockCipher.init(z, cipherParameters);
        if (z) {
            if (asymmetricBlockCipher instanceof RSAEngine) {
                if (bArr.length > asymmetricBlockCipher.getInputBlockSize() + 1) {
                    throw new ParmErrorException("Cipher input exceed max length:" + asymmetricBlockCipher.getInputBlockSize());
                }
            } else if (bArr.length > asymmetricBlockCipher.getInputBlockSize()) {
                throw new ParmErrorException("Cipher input exceed max length:" + asymmetricBlockCipher.getInputBlockSize());
            }
        }
        try {
            return asymmetricBlockCipher.processBlock(bArr, 0, bArr.length);
        } catch (InvalidCipherTextException e) {
            throw e;
        }
    }

    private static byte[] sm2Encryption(CipherParameters cipherParameters, byte[] bArr) throws Exception {
        SM2Engine sM2Engine = new SM2Engine(SM2Engine.Mode.C1C3C2);
        ParametersWithRandom parametersWithRandom = new ParametersWithRandom(cipherParameters, new SecureRandom());
        byte[] bArr2 = null;
        int i = 0;
        while (true) {
            int i2 = i;
            i++;
            if (i2 >= 5 || bArr2 != null) {
                break;
            }
            sM2Engine.init(true, parametersWithRandom);
            bArr2 = encode(sM2Engine.processBlock(bArr, 0, bArr.length));
        }
        return bArr2;
    }

    private static byte[] sm2Decryption(CipherParameters cipherParameters, byte[] bArr) throws Exception {
        byte[] decode = decode(bArr);
        SM2Engine sM2Engine = new SM2Engine(SM2Engine.Mode.C1C3C2);
        sM2Engine.init(false, cipherParameters);
        return sM2Engine.processBlock(decode, 0, decode.length);
    }

    private static byte[] encode(byte[] bArr) throws Exception {
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 1, 33);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 33, 65);
        byte[] copyOfRange3 = Arrays.copyOfRange(bArr, 65, 97);
        byte[] copyOfRange4 = Arrays.copyOfRange(bArr, 97, bArr.length);
        String substring = Hex.toHexString(copyOfRange).substring(0, 3);
        String substring2 = Hex.toHexString(copyOfRange2).substring(0, 3);
        if (Integer.parseInt(substring, 16) < 8 || Integer.parseInt(substring2, 16) < 8) {
            return null;
        }
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(new BigInteger(1, copyOfRange)));
        aSN1EncodableVector.add(new ASN1Integer(new BigInteger(1, copyOfRange2)));
        aSN1EncodableVector.add(new DEROctetString(copyOfRange3));
        aSN1EncodableVector.add(new DEROctetString(copyOfRange4));
        return new DERSequence(aSN1EncodableVector).getEncoded(ASN1Encoding.DER);
    }

    private static byte[] decode(byte[] bArr) throws Exception {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) ASN1Primitive.fromByteArray(bArr);
        if (aSN1Sequence.size() != 4) {
            throw new Exception("encrypted data error!");
        }
        byte[] byteArray = ((ASN1Integer) aSN1Sequence.getObjectAt(0)).getValue().toByteArray();
        if (byteArray.length == 33) {
            byteArray = Arrays.copyOfRange(byteArray, 1, byteArray.length);
        }
        byte[] byteArray2 = ((ASN1Integer) aSN1Sequence.getObjectAt(1)).getValue().toByteArray();
        if (byteArray2.length == 33) {
            byteArray2 = Arrays.copyOfRange(byteArray2, 1, byteArray2.length);
        }
        byte[] octets = ((DEROctetString) aSN1Sequence.getObjectAt(2)).getOctets();
        byte[] octets2 = ((DEROctetString) aSN1Sequence.getObjectAt(3)).getOctets();
        byte[] bArr2 = new byte[1 + byteArray.length + byteArray2.length + octets.length + octets2.length];
        System.arraycopy(Hex.decode("04"), 0, bArr2, 0, 1);
        System.arraycopy(byteArray, 0, bArr2, 1, byteArray.length);
        System.arraycopy(byteArray2, 0, bArr2, 1 + byteArray.length, byteArray2.length);
        System.arraycopy(octets, 0, bArr2, 1 + byteArray.length + byteArray2.length, octets.length);
        System.arraycopy(octets2, 0, bArr2, 1 + byteArray.length + byteArray2.length + octets.length, octets2.length);
        return bArr2;
    }
}
