package cfca.sadk.menckit.server.helper;

import cfca.sadk.menckit.common.AuthResult;
import cfca.sadk.menckit.common.Constants;
import cfca.sadk.menckit.common.Errcode;
import cfca.sadk.menckit.common.Loggings;
import cfca.sadk.menckit.common.MenckitException;
import cfca.sadk.menckit.common.asn1.SMObjectIdentifiers;
import cfca.sadk.menckit.common.fastasn1.ContentInfoPart;
import cfca.sadk.menckit.common.fastasn1.MessagePart;
import cfca.sadk.menckit.common.helper.Algorithms;
import cfca.sadk.menckit.common.helper.SM4FileHelper;
import cfca.sadk.menckit.common.util.Args;
import cfca.sadk.menckit.common.util.DataHelper;
import cfca.sadk.menckit.common.util.HashHelper;
import cfca.sadk.menckit.common.util.Nonce;
import cfca.sadk.menckit.common.util.Strings;
import cfca.sadk.menckit.server.ISM2Decryptor;
import cfca.sadk.menckit.server.StreamHelper;
import cfca.sadk.menckit.server.api.PlatformInfo;
import cfca.sadk.menckit.server.impl.Agreements;
import cfca.sadk.menckit.server.impl.ServerRandom;
import cfca.sadk.org.bouncycastle.asn1.ASN1OctetString;
import cfca.sadk.org.bouncycastle.asn1.ASN1Set;
import cfca.sadk.org.bouncycastle.asn1.DEROctetString;
import cfca.sadk.org.bouncycastle.asn1.cms.GCMParameters;
import cfca.sadk.org.bouncycastle.asn1.cms.RecipientInfo;
import cfca.sadk.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cfca.sadk.system.SecureRandoms;
import java.io.File;
import java.io.IOException;

/* loaded from: input_file:cfca/sadk/menckit/server/helper/FastStreamHelper.class */
public class FastStreamHelper implements StreamHelper, SMObjectIdentifiers {
    private boolean verifyServerRandom;

    public FastStreamHelper(boolean z) {
        this.verifyServerRandom = z;
    }

    @Override // cfca.sadk.menckit.server.StreamHelper
    public PlatformInfo decryptFile(String str, String str2, String[] strArr, String[] strArr2, ISM2Decryptor iSM2Decryptor) throws MenckitException {
        Args.notNull(str, "encryptDataPath");
        Args.notNull(str2, "outputDataPath");
        Args.notNull(iSM2Decryptor, "decryptor");
        if (strArr2 == null || strArr2.length != 1) {
            throw new MenckitException(Errcode.argumentInvalid, "encryptionKeyHandle=null/length!=1");
        }
        File file = new File(str);
        String absolutePath = file.getAbsolutePath();
        if (!file.exists() || !file.isFile()) {
            Loggings.errorLogger.error("encryptFileInvalid: path={}", absolutePath);
            throw new MenckitException(Errcode.readFileFailed, "encryptFileInvalid=" + absolutePath);
        }
        if (Loggings.systemLogger.isInfoEnabled()) {
            Loggings.systemLogger.info("encryptFile(length=={}, path={})", Long.valueOf(file.length()), absolutePath);
        }
        long length = file.length();
        if (length > 2147483647L) {
            Loggings.errorLogger.error("encryptFileInvalid: path={}, length=", absolutePath, Long.valueOf(length));
            throw new MenckitException(Errcode.readFileFailed, "encryptFileLengthLimited=" + length);
        }
        byte[] readPart = DataHelper.readPart(file);
        try {
            MessagePart messagePart = new MessagePart(readPart);
            ContentInfoPart contentInfo = messagePart.contentInfo();
            if (!contentInfo.isEnveloped()) {
                Loggings.errorLogger.error("encryptFileEncodingInvalid: path={}, length={}, NOT SM2", absolutePath, Long.valueOf(length));
                throw new MenckitException(Errcode.msgDecodeFailed, "encryptFileEncodingInvalid: NOT SM2");
            }
            if (messagePart.getDataLength() + messagePart.getDataOffset() != length) {
                throw new MenckitException(Errcode.sm4DecryptFailed, "decryptFileBySM2: fileLengthInvalid==" + length);
            }
            boolean isServerRandomJoinin = messagePart.isServerRandomJoinin();
            int msgVersion = messagePart.getMsgVersion();
            File file2 = new File(str2);
            PlatformInfo platformInfo = null;
            if (messagePart.getPlatformInfo() != null) {
                cfca.sadk.menckit.common.asn1.PlatformInfo platformInfo2 = cfca.sadk.menckit.common.asn1.PlatformInfo.getInstance(messagePart.getPlatformInfo());
                platformInfo = new PlatformInfo(platformInfo2.getStringPlatformVersion(), platformInfo2.getStringPlatformDetails(), platformInfo2.getPlatformDetails());
            }
            RecipientInfo recipientInfo = RecipientInfo.getInstance(ASN1Set.getInstance(contentInfo.getRecipients()).getObjectAt(0));
            AlgorithmIdentifier algorithmIdentifier = AlgorithmIdentifier.getInstance(contentInfo.getEciAlgorithm());
            boolean equals = sm4GCM.equals(Algorithms.checkOID(algorithmIdentifier.getAlgorithm()));
            int i = equals ? Constants.MODE_GCM : Constants.MODE_CBC;
            AuthResult authResult = new AuthResult(messagePart.getNonce(), messagePart.getNonceHmac(), messagePart.getSourceHmac(), null);
            String form = form(strArr);
            String str3 = null;
            if (form != null) {
                str3 = Strings.encodeBase64(new ServerRandom(form).getServerRandom());
            }
            ServerRandom agreementKey = Agreements.agreementKey(iSM2Decryptor, form, str3, recipientInfo, authResult, isServerRandomJoinin, this.verifyServerRandom, i, msgVersion, false);
            byte[] sessionKey = agreementKey.getSessionKey();
            if (equals) {
                GCMParameters gCMParameters = GCMParameters.getInstance(algorithmIdentifier.getParameters());
                SM4FileHelper.decryptByGCM(sessionKey, gCMParameters.getNonce(), file, file2, messagePart, 8 * gCMParameters.getIcvLen(), null);
            } else {
                SM4FileHelper.decryptBySM4(sessionKey, ASN1OctetString.getInstance(algorithmIdentifier.getParameters()).getOctets(), file, file2, messagePart);
            }
            if (strArr != null && strArr.length != 0) {
                strArr[0] = agreementKey.getkeyHandle().getKeyHandle();
            }
            strArr2[0] = agreementKey.getkeyHandle().getKeyTagHandle();
            return platformInfo;
        } catch (Exception e) {
            Loggings.errorLogger.error("encryptFileEncodingInvalid: path={}, length={}, part={}", new Object[]{absolutePath, Long.valueOf(length), Strings.encodeHex(readPart), e});
            throw new MenckitException(Errcode.msgDecodeFailed, "encryptFileEncodingInvalid", e);
        }
    }

    private String form(String[] strArr) {
        if (strArr == null || strArr.length == 0) {
            return null;
        }
        return strArr[0];
    }

    @Override // cfca.sadk.menckit.server.StreamHelper
    public void encryptFile(String str, String str2, String str3) throws MenckitException {
        int i;
        byte[] genBytes;
        AlgorithmIdentifier algorithmIdentifier;
        Args.notNull(str, "sourceDataPath");
        Args.notNull(str2, "outputDataPath");
        Args.notNull(str3, "encryptionKeyHandle");
        long currentTimeMillis = System.currentTimeMillis();
        Loggings.systemLogger.info("encryptMessageBySM4: keyHandle={}, sourceDataPath={}, outputDataPath={}", str3, str2);
        ServerRandom serverRandom = new ServerRandom(str3);
        int msgVersion = serverRandom.getMsgVersion();
        if (msgVersion == 0) {
            throw new MenckitException(Errcode.argumentInvalid, "V1DoNotSupport");
        }
        File file = new File(str);
        String absolutePath = file.getAbsolutePath();
        if (!file.exists() || !file.isFile()) {
            Loggings.errorLogger.error("sourceFileInvalid: path={}", absolutePath);
            throw new MenckitException(Errcode.readFileFailed, "sourceFileInvalid=" + absolutePath);
        }
        if (Loggings.systemLogger.isInfoEnabled()) {
            Loggings.systemLogger.info("sourceFile(length=={}, path={})", Long.valueOf(file.length()), absolutePath);
        }
        long length = file.length();
        if (length > 2147479551) {
            Loggings.errorLogger.error("sourceFileInvalid: path={}, length=", absolutePath, Long.valueOf(length));
            throw new MenckitException(Errcode.readFileFailed, "sourceFileLengthLimited=" + length);
        }
        File file2 = new File(str2);
        byte[] keyTag = serverRandom.getKeyTag();
        byte[] sessionKey = serverRandom.getSessionKey();
        int encryptMode = serverRandom.getEncryptMode();
        byte[] nonce = Nonce.INSTANCE.nonce(msgVersion);
        byte[] auth = HashHelper.auth(nonce, sessionKey);
        int i2 = Constants.GCM_ICVLENGTH;
        int i3 = i2 / 8;
        if (encryptMode == Constants.MODE_GCM) {
            i = (int) (length + i3);
            genBytes = SecureRandoms.getInstance().genBytes(i3);
            algorithmIdentifier = new AlgorithmIdentifier(sm4GCM.getId(), new GCMParameters(genBytes, i3));
        } else {
            i = (int) (16 + ((length >> 4) << 4));
            genBytes = SecureRandoms.getInstance().genBytes(16);
            algorithmIdentifier = new AlgorithmIdentifier(sm4Encrypt.getId(), new DEROctetString(genBytes));
        }
        try {
            byte[] encoded = algorithmIdentifier.getEncoded();
            boolean z = encryptMode != Constants.MODE_GCM;
            MessagePart messagePart = new MessagePart(null, serverRandom.serverRandomJoinin(), false, z, i);
            messagePart.setKeyTag(keyTag);
            messagePart.setNonce(nonce);
            messagePart.setNonceHmac(auth);
            messagePart.contentInfo().setEciAlgorithm(encoded);
            if (z) {
                SM4FileHelper.encryptBySM4(sessionKey, genBytes, file, file2, messagePart);
            } else {
                SM4FileHelper.encryptByGCM(sessionKey, genBytes, file, file2, messagePart, i2, null);
            }
            long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
            if (Loggings.systemLogger.isInfoEnabled()) {
                Loggings.systemLogger.info("encryptMessageBySM4: sucessfully runtime=[all:{}], serverRandom={}, outputResult={}", new Object[]{Long.valueOf(currentTimeMillis2), serverRandom, str2});
            }
        } catch (IOException e) {
            throw new MenckitException(Errcode.argumentInvalid, "algorithmInvalid", e);
        }
    }
}
