package cfca.sadk.menckit.common.helper;

import cfca.sadk.menckit.common.Errcode;
import cfca.sadk.menckit.common.MenckitException;
import cfca.sadk.menckit.common.asn1.SMObjectIdentifiers;
import cfca.sadk.menckit.common.fastasn1.MessagePart;
import cfca.sadk.menckit.common.util.Args;
import cfca.sadk.menckit.common.util.Strings;
import cfca.sadk.org.bouncycastle.crypto.engines.SM4Engine;
import cfca.sadk.org.bouncycastle.crypto.macs.HMac;
import cfca.sadk.org.bouncycastle.crypto.modes.CBCBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.modes.GCMBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.paddings.PKCS7Padding;
import cfca.sadk.org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.params.AEADParameters;
import cfca.sadk.org.bouncycastle.crypto.params.KeyParameter;
import cfca.sadk.org.bouncycastle.crypto.params.ParametersWithIV;
import java.util.Arrays;

/* loaded from: input_file:cfca/sadk/menckit/common/helper/SM4FastHelper.class */
public class SM4FastHelper implements SMObjectIdentifiers {
    private SM4FastHelper() {
    }

    public static byte[] encryptBySM4(byte[] bArr, byte[] bArr2, byte[] bArr3, MessagePart messagePart) throws MenckitException {
        Args.lestLength(16, bArr, "sm4key");
        Args.lestLength(16, bArr2, "sm4Iv");
        Args.notNull(bArr3, "sourceData");
        Args.notNull(messagePart, "messagePart");
        boolean isSourceHmacEnabled = messagePart.isSourceHmacEnabled();
        byte[] encoded = messagePart.encoded();
        byte[] bArr4 = new byte[encoded.length + messagePart.getDataLength()];
        int length = encoded.length;
        try {
            HMac hmac = hmac(bArr);
            byte[] bArr5 = new byte[encoded.length + messagePart.getDataLength()];
            System.arraycopy(encoded, 0, bArr5, 0, encoded.length);
            PaddedBufferedBlockCipher cbcMode = cbcMode(bArr, bArr2, true);
            int length2 = bArr3.length;
            int i = 0;
            while (i < bArr3.length) {
                int i2 = length2 > 65536 ? 65536 : length2;
                length += cbcMode.processBytes(bArr3, i, i2, bArr5, length);
                if (isSourceHmacEnabled) {
                    hmac.update(bArr3, i, i2);
                }
                i += i2;
                length2 -= i2;
            }
            int doFinal = length + cbcMode.doFinal(bArr5, length);
            if (isSourceHmacEnabled) {
                byte[] bArr6 = new byte[hmac.getMacSize()];
                hmac.doFinal(bArr6, 0);
                System.arraycopy(bArr6, 0, bArr5, messagePart.getSourceHmacOffset(), bArr6.length);
            }
            if (doFinal != bArr5.length) {
                throw new MenckitException(Errcode.sm4EncryptFailed, "outputLengthInvalid");
            }
            return bArr5;
        } catch (Exception e) {
            throw new MenckitException(Errcode.sm4EncryptFailed, "encryptBySM4 failed", e);
        }
    }

    public static byte[] decryptBySM4(byte[] bArr, byte[] bArr2, byte[] bArr3, MessagePart messagePart) throws MenckitException {
        Args.lestLength(16, bArr, "sm4key");
        Args.lestLength(16, bArr2, "sm4Iv");
        Args.notNull(bArr3, "encryptData");
        Args.notNull(messagePart, "messagePart");
        int dataLength = messagePart.getDataLength();
        if (dataLength % 16 != 0) {
            throw new MenckitException(Errcode.sm4DecryptFailed, "encryptFileBySM4: dataLength==" + dataLength);
        }
        byte[] bArr4 = null;
        byte[] sourceHmac = messagePart.getSourceHmac();
        boolean z = sourceHmac != null;
        HMac hmac = hmac(bArr);
        int i = 0;
        try {
            byte[] bArr5 = new byte[messagePart.getDataLength()];
            PaddedBufferedBlockCipher cbcMode = cbcMode(bArr, bArr2, false);
            int dataLength2 = messagePart.getDataLength();
            int dataOffset = messagePart.getDataOffset();
            while (dataOffset < bArr3.length) {
                int i2 = dataLength2 > 65536 ? 65536 : dataLength2;
                int processBytes = cbcMode.processBytes(bArr3, dataOffset, i2, bArr5, i);
                if (z) {
                    hmac.update(bArr5, i, processBytes);
                }
                i += processBytes;
                dataOffset += i2;
                dataLength2 -= i2;
            }
            int doFinal = cbcMode.doFinal(bArr5, i);
            if (z) {
                hmac.update(bArr5, i, doFinal);
            }
            int i3 = i + doFinal;
            if (z) {
                bArr4 = new byte[hmac.getMacSize()];
                hmac.doFinal(bArr4, 0);
            }
            if (!Arrays.equals(bArr4, sourceHmac)) {
                throw new MenckitException(Errcode.hashNotMatch, String.format("sourceHmacAct not match(act=%s,msg=%s)", Strings.encodeHex(bArr4), Strings.encodeHex(sourceHmac)));
            }
            byte[] bArr6 = new byte[i3];
            System.arraycopy(bArr5, 0, bArr6, 0, bArr6.length);
            return bArr6;
        } catch (Exception e) {
            throw new MenckitException(Errcode.sm4DecryptFailed, "decryptBySM4Failed", e);
        }
    }

    public static byte[] encryptByGCM(byte[] bArr, byte[] bArr2, byte[] bArr3, MessagePart messagePart, int i, byte[] bArr4) throws MenckitException {
        Args.lestLength(16, bArr, "sm4key");
        Args.notNull(bArr3, "sourceData");
        Args.notNull(messagePart, "messagePart");
        try {
            byte[] encoded = messagePart.encoded();
            int length = encoded.length;
            try {
                byte[] bArr5 = new byte[encoded.length + messagePart.getDataLength()];
                System.arraycopy(encoded, 0, bArr5, 0, encoded.length);
                GCMBlockCipher gcmMode = gcmMode(bArr, bArr2, i, bArr4, true);
                int length2 = bArr3.length;
                int i2 = 0;
                while (i2 < bArr3.length) {
                    int i3 = length2 > 65536 ? 65536 : length2;
                    length += gcmMode.processBytes(bArr3, i2, i3, bArr5, length);
                    i2 += i3;
                    length2 -= i3;
                }
                if (length + gcmMode.doFinal(bArr5, length) != bArr5.length) {
                    throw new MenckitException(Errcode.sm4EncryptFailed, "outputLengthInvalid");
                }
                return bArr5;
            } catch (Exception e) {
                throw new MenckitException(Errcode.sm4EncryptFailed, "encryptByGCMFailed", e);
            }
        } catch (Exception e2) {
            throw new MenckitException(Errcode.argumentInvalid, "messageEncodedFailed", e2);
        }
    }

    public static byte[] decryptByGCM(byte[] bArr, byte[] bArr2, byte[] bArr3, MessagePart messagePart, int i, byte[] bArr4) throws MenckitException {
        Args.lestLength(16, bArr, "sm4key");
        Args.notNull(bArr3, "encryptData");
        Args.notNull(messagePart, "messagePart");
        int i2 = 0;
        try {
            byte[] bArr5 = new byte[messagePart.getDataLength() - (i / 8)];
            GCMBlockCipher gcmMode = gcmMode(bArr, bArr2, i, bArr4, false);
            int dataLength = messagePart.getDataLength();
            int dataOffset = messagePart.getDataOffset();
            while (dataOffset < bArr3.length) {
                int i3 = dataLength > 65536 ? 65536 : dataLength;
                i2 += gcmMode.processBytes(bArr3, dataOffset, i3, bArr5, i2);
                dataOffset += i3;
                dataLength -= i3;
            }
            if (i2 + gcmMode.doFinal(bArr5, i2) != bArr5.length) {
                throw new MenckitException(Errcode.sm4DecryptFailed, "outputLengthInvalid");
            }
            return bArr5;
        } catch (Exception e) {
            throw new MenckitException(Errcode.sm4DecryptFailed, "decryptByGCMFailed", e);
        }
    }

    private static HMac hmac(byte[] bArr) {
        HMac hMac = new HMac(new SM3Digest());
        hMac.init(new KeyParameter(bArr));
        return hMac;
    }

    private static PaddedBufferedBlockCipher cbcMode(byte[] bArr, byte[] bArr2, boolean z) {
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SM4Engine()), new PKCS7Padding());
        paddedBufferedBlockCipher.init(z, new ParametersWithIV(new KeyParameter(bArr), bArr2));
        return paddedBufferedBlockCipher;
    }

    private static GCMBlockCipher gcmMode(byte[] bArr, byte[] bArr2, int i, byte[] bArr3, boolean z) {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new SM4Engine());
        gCMBlockCipher.init(z, new AEADParameters(new KeyParameter(bArr), i, bArr2, bArr3));
        return gCMBlockCipher;
    }
}
