package cfca.sadk.menckit.common.util;

import cfca.sadk.algorithm.common.CBCParam;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.menckit.common.helper.SM3Digest;
import cfca.sadk.system.SecureRandoms;
import java.security.Key;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:cfca/sadk/menckit/common/util/Passwords.class */
public enum Passwords {
    INSTACEN;

    private final Session session;
    private final String prefix;
    private final byte[] hardcode;
    public static final String masterKey = buildSystemkey();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:cfca/sadk/menckit/common/util/Passwords$IvK.class */
    public class IvK {
        final CBCParam iv;
        final Key key;

        IvK(byte[] bArr) {
            this.iv = new CBCParam(Passwords.this.copyOfRange(bArr, 0, 16));
            this.key = new SecretKeySpec(Passwords.this.copyOfRange(bArr, 16, 32), "SM4");
        }
    }

    Passwords() {
        try {
            this.prefix = "ENCRYPT@";
            this.session = SessionLibs.INSTACE.session();
            this.hardcode = Strings.decodeBase64("8hdNBYqqn38zBcI0TVHlzEX68gW3/hsjrIp+hq9fuYM=");
        } catch (Exception e) {
            throw new IllegalArgumentException("Passwords build failed", e);
        }
    }

    public String restorePassword(String str, String str2) throws Exception {
        return restorePassword(masterKey, str, str2);
    }

    public String restorePassword(String str, String str2, String str3) throws Exception {
        Args.notNull(str2, "password");
        try {
            return decryptPassword(str, str2);
        } catch (Exception e) {
            throw new Exception(str3 + " restored password failure: " + str2, e);
        }
    }

    public String encryptPassword(String str, String str2) throws Exception {
        Args.notNull(str2, "plainPassword");
        return this.prefix + Strings.encodeBase64(encryptMessage(str, Strings.toUTF8ByteArray(str2)));
    }

    public String decryptPassword(String str, String str2) throws Exception {
        Args.notNull(str2, "base64EncryptPassword");
        return str2.startsWith(this.prefix) ? Strings.fromUTF8ByteArray(decryptMessage(str, Strings.decodeBase64(str2.substring(this.prefix.length())))) : str2;
    }

    public byte[] encryptMessage(String str, byte[] bArr) throws Exception {
        Args.notNull(str, "masterKey");
        Args.notNull(bArr, "sourceData");
        byte[] genBytes = SecureRandoms.getInstance().genBytes(8);
        IvK kdf = kdf(str, genBytes);
        byte[] encrypt = this.session.encrypt(new Mechanism(Mechanism.SM4_CBC, kdf.iv), kdf.key, bArr);
        byte[] bArr2 = new byte[genBytes.length + encrypt.length];
        System.arraycopy(genBytes, 0, bArr2, 0, genBytes.length);
        System.arraycopy(encrypt, 0, bArr2, genBytes.length, encrypt.length);
        return bArr2;
    }

    public byte[] decryptMessage(String str, byte[] bArr) throws Exception {
        Args.notNull(str, "masterKey");
        Args.notNull(bArr, "encryptData");
        IvK kdf = kdf(str, copyOfRange(bArr, 0, 8));
        return this.session.decrypt(new Mechanism(Mechanism.SM4_CBC, kdf.iv), kdf.key, copyOfRange(bArr, 8, bArr.length));
    }

    public String encryptRandom(String str, String str2) throws Exception {
        Args.notNull(str, "masterKey");
        Args.notNull(str2, "randomData");
        return this.prefix + Strings.encodeBase64(encryptMessage(str, Strings.decodeBase64(str2)));
    }

    public String decryptRandom(String str, String str2) throws Exception {
        Args.notNull(str, "masterKey");
        Args.notNull(str2, "randomData");
        return str2.startsWith(this.prefix) ? Strings.encodeBase64(decryptMessage(str, Strings.decodeBase64(str2.substring(this.prefix.length())))) : str2;
    }

    private IvK kdf(String str, byte[] bArr) throws Exception {
        byte[] uTF8ByteArray = Strings.toUTF8ByteArray(str);
        byte[] bArr2 = {0, 0, 0, 1};
        SM3Digest sM3Digest = new SM3Digest();
        sM3Digest.update(bArr, 0, bArr.length);
        sM3Digest.update(this.hardcode, 0, this.hardcode.length);
        sM3Digest.update(uTF8ByteArray, 0, uTF8ByteArray.length);
        sM3Digest.update(bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[32];
        sM3Digest.doFinal(bArr3, 0);
        return new IvK(bArr3);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public byte[] copyOfRange(byte[] bArr, int i, int i2) {
        byte[] bArr2 = new byte[i2 - i];
        System.arraycopy(bArr, i, bArr2, 0, bArr2.length);
        return bArr2;
    }

    public static String buildSystemkey() {
        String systemkey = JVMArgs.INSTACE.getSystemkey();
        return systemkey == null ? "menckit@S3f2LOzVFOjl2fWN%He&&LONG" : "menckit@S3f2LOzVFOjl2fWN%He&&LONG" + systemkey;
    }

    public static void main(String[] strArr) throws Exception {
        if (strArr.length != 1) {
            System.err.println("command: password.sh <password>");
            return;
        }
        String encryptPassword = INSTACEN.encryptPassword(masterKey, strArr[0]);
        String decryptPassword = INSTACEN.decryptPassword(masterKey, encryptPassword);
        if (decryptPassword.equals(strArr[0])) {
            System.err.println(encryptPassword);
        } else {
            System.err.println("encrypt password failed: " + decryptPassword);
        }
    }
}
