package cfca.sadk.menckit.client.helper;

import cfca.sadk.menckit.client.MessageHelper;
import cfca.sadk.menckit.client.SM2Cert;
import cfca.sadk.menckit.client.impl.Agreementkey;
import cfca.sadk.menckit.client.impl.ClientRandom;
import cfca.sadk.menckit.client.impl.Recipients;
import cfca.sadk.menckit.client.impl.SM2EnvelopeRecipient;
import cfca.sadk.menckit.common.Constants;
import cfca.sadk.menckit.common.Debugger;
import cfca.sadk.menckit.common.Environment;
import cfca.sadk.menckit.common.Errcode;
import cfca.sadk.menckit.common.LRUCache;
import cfca.sadk.menckit.common.Loggings;
import cfca.sadk.menckit.common.MenckitException;
import cfca.sadk.menckit.common.asn1.SMObjectIdentifiers;
import cfca.sadk.menckit.common.fastasn1.ContentInfoPart;
import cfca.sadk.menckit.common.fastasn1.MessagePart;
import cfca.sadk.menckit.common.helper.Algorithms;
import cfca.sadk.menckit.common.helper.SM4FastHelper;
import cfca.sadk.menckit.common.util.Args;
import cfca.sadk.menckit.common.util.DataHelper;
import cfca.sadk.menckit.common.util.HashHelper;
import cfca.sadk.menckit.common.util.Nonce;
import cfca.sadk.menckit.common.util.Strings;
import cfca.sadk.org.bouncycastle.asn1.ASN1OctetString;
import cfca.sadk.org.bouncycastle.asn1.DEROctetString;
import cfca.sadk.org.bouncycastle.asn1.cms.GCMParameters;
import cfca.sadk.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cfca.sadk.org.bouncycastle.util.Arrays;
import cfca.sadk.system.SecureRandoms;
import java.io.IOException;

/* loaded from: input_file:cfca/sadk/menckit/client/helper/FastMessageHelper.class */
public class FastMessageHelper implements MessageHelper, SMObjectIdentifiers {
    private final String sharkPin;
    private final LRUCache<String, ClientRandom> cacheLRU;
    private final SM2Cert sm2Cert;
    private final SM2EnvelopeRecipient recipient;
    private int mode;
    private int msgVersion;

    public FastMessageHelper(String str, LRUCache<String, ClientRandom> lRUCache, SM2Cert sM2Cert, SM2EnvelopeRecipient sM2EnvelopeRecipient, int i) {
        this.msgVersion = 1;
        this.sharkPin = str;
        this.cacheLRU = lRUCache;
        this.sm2Cert = sM2Cert;
        this.recipient = sM2EnvelopeRecipient;
        this.mode = i;
        this.msgVersion = 1;
    }

    public void setMode(int i) {
        this.mode = i;
    }

    @Override // cfca.sadk.menckit.client.MessageHelper
    public byte[] encrypt(String str, String str2, byte[] bArr) throws MenckitException {
        int i;
        byte[] genBytes;
        AlgorithmIdentifier algorithmIdentifier;
        Args.notNull(str, "clientRandom");
        Args.notNull(bArr, "sourceData");
        long currentTimeMillis = System.currentTimeMillis();
        int length = bArr.length;
        if (Loggings.systemLogger.isInfoEnabled()) {
            Loggings.systemLogger.info("encryptBySM2: clientRandom={}, serverRandom={}，sourceLength={}", new Object[]{str, str2, Integer.valueOf(length)});
        }
        if (this.msgVersion == 0) {
            throw new MenckitException(Errcode.argumentInvalid, "V1DoNotSupport");
        }
        Agreementkey agreement = Agreementkey.agreement(this.cacheLRU, this.sharkPin, this.sm2Cert, str, str2);
        this.sm2Cert.validate();
        if (length > 2147479551) {
            Loggings.errorLogger.error("sourceFileInvalid: length=", Integer.valueOf(length));
            throw new MenckitException(Errcode.readFileFailed, "sourceFileLengthLimited=" + length);
        }
        byte[] agreementKey = Agreementkey.agreementKey(this.cacheLRU, this.sharkPin, str, str2);
        byte[] nonce = Nonce.INSTANCE.nonce(this.msgVersion);
        byte[] auth = HashHelper.auth(nonce, agreementKey);
        int i2 = Constants.GCM_ICVLENGTH;
        int i3 = i2 / 8;
        if (this.mode == Constants.MODE_GCM) {
            i = length + i3;
            genBytes = SecureRandoms.getInstance().genBytes(i3);
            algorithmIdentifier = new AlgorithmIdentifier(sm4GCM.getId(), new GCMParameters(genBytes, i3));
        } else {
            i = 16 + ((length >> 4) << 4);
            genBytes = SecureRandoms.getInstance().genBytes(16);
            algorithmIdentifier = new AlgorithmIdentifier(sm4Encrypt.getId(), new DEROctetString(genBytes));
        }
        try {
            byte[] encoded = algorithmIdentifier.getEncoded();
            try {
                byte[] encoded2 = Environment.INSTANCE.PLATFORM.getEncoded();
                boolean z = this.mode != Constants.MODE_GCM;
                byte[] buildRecipients = Recipients.buildRecipients(agreement.clientRandom.getClientRandomSM2Cipher(), this.recipient.getRecipientIdentifier());
                MessagePart messagePart = new MessagePart(encoded2, agreement.serverRandomJoinin, true, z, i);
                messagePart.setNonce(nonce);
                messagePart.setNonceHmac(auth);
                messagePart.contentInfo().setRecipients(buildRecipients);
                messagePart.contentInfo().setEciAlgorithm(encoded);
                byte[] encryptBySM4 = z ? SM4FastHelper.encryptBySM4(agreementKey, genBytes, bArr, messagePart) : SM4FastHelper.encryptByGCM(agreementKey, genBytes, bArr, messagePart, i2, null);
                long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
                if (Loggings.systemLogger.isInfoEnabled()) {
                    Loggings.systemLogger.info("encryptBySM2: sucessfully runtime={}, sourceLength={}, outputLength={}", new Object[]{Long.valueOf(currentTimeMillis2), Integer.valueOf(length), Integer.valueOf(encryptBySM4.length)});
                }
                return encryptBySM4;
            } catch (IOException e) {
                throw new MenckitException(Errcode.argumentInvalid, "platformInfoInvalid", e);
            }
        } catch (IOException e2) {
            throw new MenckitException(Errcode.argumentInvalid, "algorithmInvalid", e2);
        }
    }

    @Override // cfca.sadk.menckit.client.MessageHelper
    public byte[] decrypt(String str, String str2, byte[] bArr) throws MenckitException {
        byte[] decryptBySM4;
        Args.notNull(str, "clientRandom");
        Args.notNull(bArr, "encryptData");
        long currentTimeMillis = System.currentTimeMillis();
        int length = bArr.length;
        if (Loggings.systemLogger.isInfoEnabled()) {
            Loggings.systemLogger.info("decryptBySM4(length=={})", Integer.valueOf(length));
        }
        if (length > 2147483647L) {
            Loggings.errorLogger.error("encryptLengthInvalid: length=", Integer.valueOf(length));
            throw new MenckitException(Errcode.readFileFailed, "encryptLengthLimited=" + length);
        }
        byte[] readPart = DataHelper.readPart(bArr);
        try {
            MessagePart messagePart = new MessagePart(readPart);
            ContentInfoPart contentInfo = messagePart.contentInfo();
            if (contentInfo.isEnveloped()) {
                Loggings.errorLogger.error("encryptEncodingInvalid: length={}, NOT SM4", Integer.valueOf(length));
                throw new MenckitException(Errcode.msgDecodeFailed, "encryptEncodingInvalid: NOT SM4");
            }
            if (messagePart.getDataLength() + messagePart.getDataOffset() != length) {
                throw new MenckitException(Errcode.sm4DecryptFailed, "decryptFileBySM4: fileLengthInvalid==" + length);
            }
            if (messagePart.isServerRandomJoinin() && str2 == null) {
                Loggings.errorLogger.error("decryptBySM4 failed: serverRandomJoinin=true&serverRandom==null");
                throw new MenckitException(Errcode.dataLengthInvalid);
            }
            byte[] agreementKey = Agreementkey.agreementKey(this.cacheLRU, this.sharkPin, str, str2);
            AlgorithmIdentifier algorithmIdentifier = AlgorithmIdentifier.getInstance(contentInfo.getEciAlgorithm());
            boolean equals = sm4GCM.equals(Algorithms.checkOID(algorithmIdentifier.getAlgorithm()));
            byte[] auth = HashHelper.auth(messagePart.getNonce(), agreementKey);
            if (!Arrays.areEqual(auth, messagePart.getNonceHmac())) {
                Loggings.errorLogger.error("decryptBySM4 failed: authExp={}, authResult={}", Debugger.dump(auth), messagePart.getNonceHmac());
                throw new MenckitException(Errcode.nonceInvalid, "nonceAuthFailed");
            }
            if (equals) {
                GCMParameters gCMParameters = GCMParameters.getInstance(algorithmIdentifier.getParameters());
                decryptBySM4 = SM4FastHelper.decryptByGCM(agreementKey, gCMParameters.getNonce(), bArr, messagePart, 8 * gCMParameters.getIcvLen(), null);
            } else {
                decryptBySM4 = SM4FastHelper.decryptBySM4(agreementKey, ASN1OctetString.getInstance(algorithmIdentifier.getParameters()).getOctets(), bArr, messagePart);
            }
            long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
            if (Loggings.systemLogger.isInfoEnabled()) {
                Loggings.systemLogger.info("decryptBySM4: sucessfully runtime={}, encryptLength={}, outputLength={}", new Object[]{Long.valueOf(currentTimeMillis2), Integer.valueOf(bArr.length), Integer.valueOf(decryptBySM4.length)});
            }
            return decryptBySM4;
        } catch (Exception e) {
            Loggings.errorLogger.error("encryptEncodingInvalid: length={}, part={}", new Object[]{Integer.valueOf(length), Strings.encodeHex(readPart), e});
            throw new MenckitException(Errcode.msgDecodeFailed, "encryptEncodingInvalid", e);
        }
    }
}
