package cfca.sadk.lib.crypto.jni;

import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.sm2.SM2PrivateKey;
import cfca.sadk.algorithm.sm2.SM2PublicKey;
import cfca.sadk.algorithm.util.BigFileCipherUtil;
import cfca.sadk.algorithm.util.HashEncoderUtil;
import cfca.sadk.algorithm.util.RSAAndItsCloseSymAlgUtil;
import cfca.sadk.algorithm.util.SM2AndItsCloseSymAlgUtil;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.org.bouncycastle.asn1.cmp.PKIFailureInfo;
import cfca.sadk.org.bouncycastle.crypto.params.ECDomainParameters;
import cfca.sadk.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import cfca.sadk.org.bouncycastle.crypto.params.ECPublicKeyParameters;
import cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.sm.SM2Params;
import cfca.sadk.signature.rsa.RSAPackageUtil;
import cfca.sadk.signature.sm2.SM2PackageUtil;
import cfca.sadk.system.CompatibleAlgorithm;
import cfca.sadk.system.Mechanisms;
import cfca.sadk.system.global.SM2ContextConfig;
import cfca.sadk.util.HashUtil;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:cfca/sadk/lib/crypto/jni/JNISoftLib.class */
public class JNISoftLib implements Session {
    @Override // cfca.sadk.lib.crypto.Session
    public KeyPair generateKeyPair(Mechanism mechanism, int i) throws PKIException {
        try {
            if (!Mechanisms.isSM2Type(mechanism)) {
                if (!Mechanisms.isRSAType(mechanism)) {
                    throw new PKIException(PKIException.JNI_KEY_PAIR, new StringBuffer().append(PKIException.JNI_KEY_PAIR_DES).append(" ").append(PKIException.NOT_SUP_DES).append(mechanism.getMechanismType()).toString());
                }
                try {
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(Mechanism.RSA);
                    if (i != 1024 && i != 2048 && i != 4096) {
                        i = 1024;
                    }
                    keyPairGenerator.initialize(i);
                    return keyPairGenerator.generateKeyPair();
                } catch (Exception e) {
                    return null;
                }
            }
            byte[] bArr = new byte[32];
            byte[] bArr2 = new byte[32];
            byte[] bArr3 = new byte[32];
            try {
                JNISM2.generateKeypair(bArr, bArr2, bArr3);
                ECDomainParameters eCDomainParameters = SM2Params.sm2DomainParameters;
                ECPublicKeyParameters eCPublicKeyParameters = new ECPublicKeyParameters(eCDomainParameters.getCurve().createPoint(new BigInteger(1, bArr2), new BigInteger(1, bArr3)), eCDomainParameters);
                return new KeyPair(new SM2PublicKey(eCPublicKeyParameters), new SM2PrivateKey(new ECPrivateKeyParameters(new BigInteger(1, bArr), eCDomainParameters), eCPublicKeyParameters));
            } catch (PKIException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new PKIException("Generate KeyPair failure", e3);
            }
        } catch (PKIException e4) {
            throw e4;
        } catch (Exception e5) {
            throw new PKIException("Generate KeyPair failure", e5);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] sign(Mechanism mechanism, PrivateKey privateKey, byte[] bArr) throws PKIException {
        if (!Mechanisms.isValid(mechanism)) {
            throw new PKIException(PKIException.SIGN, new StringBuffer().append(PKIException.SIGN_DES).append(" ").append(PKIException.NOT_SUP_DES).append(" ").append(mechanism).toString());
        }
        if (bArr == null) {
            throw new PKIException("the source data is null!");
        }
        try {
            if (!Mechanisms.isSM2WithSM3(mechanism)) {
                return RSAPackageUtil.encryptByJNI(HashUtil.RSAHashMessageByJNI(bArr, mechanism, true), privateKey);
            }
            if (!(privateKey instanceof SM2PrivateKey)) {
                throw new PKIException("The private key type is not sm2 type!");
            }
            SM2PrivateKey sM2PrivateKey = (SM2PrivateKey) privateKey;
            byte[] bArr2 = new byte[32];
            if (SM2ContextConfig.getUseZValue()) {
                SM2HashMessage(sM2PrivateKey.getSM2PublicKey(), true, bArr, bArr2);
            } else {
                SM2HashMessage(null, false, bArr, bArr2);
            }
            return SM2PackageUtil.encryptByJNI(bArr2, sM2PrivateKey.dBigInteger());
        } catch (Exception e) {
            throw new PKIException(PKIException.SIGN, PKIException.SIGN_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] sign(Mechanism mechanism, PrivateKey privateKey, InputStream inputStream) throws PKIException {
        if (!Mechanisms.isValid(mechanism)) {
            throw new PKIException(PKIException.SIGN, new StringBuffer().append(PKIException.SIGN_DES).append(" ").append(PKIException.NOT_SUP_DES).append(" ").append(mechanism).toString());
        }
        try {
            if (!Mechanisms.isSM2WithSM3(mechanism)) {
                return RSAPackageUtil.encryptByJNI(HashUtil.RSAHashFileByJNI(inputStream, mechanism, true), privateKey);
            }
            if (!(privateKey instanceof SM2PrivateKey)) {
                throw new PKIException("The private key type is not sm2 type!");
            }
            SM2PrivateKey sM2PrivateKey = (SM2PrivateKey) privateKey;
            byte[] bArr = new byte[32];
            if (SM2ContextConfig.getUseZValue()) {
                SM2HashFile(sM2PrivateKey.getSM2PublicKey(), true, inputStream, bArr);
            } else {
                SM2HashFile(null, false, inputStream, bArr);
            }
            return SM2PackageUtil.encryptByJNI(bArr, sM2PrivateKey.dBigInteger());
        } catch (Exception e) {
            throw new PKIException(PKIException.SIGN, PKIException.SIGN_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public boolean verify(Mechanism mechanism, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws PKIException {
        if (!Mechanisms.isValid(mechanism)) {
            throw new PKIException(PKIException.SIGN, new StringBuffer().append(PKIException.SIGN_DES).append(" ").append(PKIException.NOT_SUP_DES).append(" ").append(mechanism).toString());
        }
        try {
            if (!Mechanisms.isSM2WithSM3(mechanism)) {
                return RSAPackageUtil.isRSAHashEqual(RSAPackageUtil.decryptByJNI(bArr2, publicKey), HashUtil.RSAHashMessageByJNI(bArr, mechanism, true));
            }
            SM2PublicKey sM2PublicKey = (SM2PublicKey) publicKey;
            byte[] xBytes = sM2PublicKey.xBytes();
            byte[] yBytes = sM2PublicKey.yBytes();
            byte[] bArr3 = new byte[32];
            SM2HashMessage(sM2PublicKey, true, bArr, bArr3);
            boolean verifyByJNI = SM2PackageUtil.verifyByJNI(bArr3, bArr2, xBytes, yBytes);
            if (CompatibleAlgorithm.isCompatibleSM2WithoutZ() && !verifyByJNI) {
                SM2HashMessage(sM2PublicKey, false, bArr, bArr3);
                verifyByJNI = SM2PackageUtil.verifyByJNI(bArr3, bArr2, xBytes, yBytes);
            }
            return verifyByJNI;
        } catch (Exception e) {
            throw new PKIException(PKIException.VERIFY_SIGN, PKIException.VERIFY_SIGN_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public boolean verify(Mechanism mechanism, PublicKey publicKey, InputStream inputStream, byte[] bArr) throws PKIException {
        if (!Mechanisms.isValid(mechanism)) {
            throw new PKIException(PKIException.SIGN, new StringBuffer().append(PKIException.SIGN_DES).append(" ").append(PKIException.NOT_SUP_DES).append(" ").append(mechanism).toString());
        }
        try {
            if (!Mechanisms.isSM2WithSM3(mechanism)) {
                return RSAPackageUtil.isRSAHashEqual(RSAPackageUtil.decryptByJNI(bArr, publicKey), HashUtil.RSAHashFileByJNI(inputStream, mechanism, true));
            }
            SM2PublicKey sM2PublicKey = (SM2PublicKey) publicKey;
            byte[] xBytes = sM2PublicKey.xBytes();
            byte[] yBytes = sM2PublicKey.yBytes();
            boolean isCompatibleSM2WithoutZ = CompatibleAlgorithm.isCompatibleSM2WithoutZ();
            byte[] bArr2 = new byte[32];
            byte[] bArr3 = new byte[32];
            SM2HashFile(sM2PublicKey, isCompatibleSM2WithoutZ, inputStream, bArr2, bArr3);
            boolean verifyByJNI = SM2PackageUtil.verifyByJNI(bArr2, bArr, xBytes, yBytes);
            if (isCompatibleSM2WithoutZ && !verifyByJNI) {
                verifyByJNI = SM2PackageUtil.verifyByJNI(bArr3, bArr, xBytes, yBytes);
            }
            return verifyByJNI;
        } catch (Exception e) {
            throw new PKIException(PKIException.VERIFY_SIGN, PKIException.VERIFY_SIGN_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] encrypt(Mechanism mechanism, Key key, byte[] bArr) throws PKIException {
        try {
            String mechanismType = mechanism.getMechanismType();
            if (mechanismType.equals(Mechanism.SM2)) {
                return SM2AndItsCloseSymAlgUtil.sm2EncryptByJNI(true, key, bArr);
            }
            if (mechanismType.equals(Mechanism.RSA_PKCS)) {
                return RSAAndItsCloseSymAlgUtil.rsaEncryptByJNI(true, key, bArr);
            }
            if (mechanismType.equals(Mechanism.DES3_CBC) || mechanismType.equals(Mechanism.DES3_ECB) || mechanismType.equals("RC4")) {
                return RSAAndItsCloseSymAlgUtil.crypto(true, true, key.getEncoded(), bArr, mechanism);
            }
            if (mechanismType.equals(Mechanism.SM4_ECB) || mechanismType.equals(Mechanism.SM4_CBC)) {
                return SM2AndItsCloseSymAlgUtil.crypto(true, true, key.getEncoded(), bArr, mechanism);
            }
            throw new PKIException(PKIException.ENCRYPT, new StringBuffer().append(PKIException.ENCRYPT_DES).append(" ").append(PKIException.NOT_SUP_DES).append(mechanismType).toString());
        } catch (Exception e) {
            throw new PKIException(PKIException.ENCRYPT, PKIException.ENCRYPT_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] decrypt(Mechanism mechanism, Key key, byte[] bArr) throws PKIException {
        try {
            String mechanismType = mechanism.getMechanismType();
            if (mechanismType.equals(Mechanism.SM2)) {
                return SM2AndItsCloseSymAlgUtil.sm2EncryptByJNI(false, key, bArr);
            }
            if (mechanismType.equals(Mechanism.RSA_PKCS)) {
                return RSAAndItsCloseSymAlgUtil.rsaEncryptByJNI(false, key, bArr);
            }
            if (mechanismType.equals(Mechanism.DES3_CBC) || mechanismType.equals(Mechanism.DES3_ECB) || mechanismType.equals("RC4")) {
                return RSAAndItsCloseSymAlgUtil.crypto(true, false, key.getEncoded(), bArr, mechanism);
            }
            if (mechanismType.equals(Mechanism.SM4_ECB) || mechanismType.equals(Mechanism.SM4_CBC)) {
                return SM2AndItsCloseSymAlgUtil.crypto(true, false, key.getEncoded(), bArr, mechanism);
            }
            throw new PKIException(PKIException.DECRYPT, new StringBuffer().append(PKIException.DECRYPT_DES).append(" ").append(PKIException.NOT_SUP_DES).append(mechanismType).toString());
        } catch (Exception e) {
            throw new PKIException(PKIException.DECRYPT, PKIException.DECRYPT_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] signByHash(Mechanism mechanism, PrivateKey privateKey, byte[] bArr) throws PKIException {
        if (!Mechanisms.isValid(mechanism)) {
            throw new PKIException(PKIException.SIGN, new StringBuffer().append(PKIException.SIGN_DES).append(" ").append(PKIException.NOT_SUP_DES).append(" ").append(mechanism).toString());
        }
        if (bArr == null) {
            throw new PKIException("the hash data is null!");
        }
        try {
            if (!Mechanisms.isSM2WithSM3(mechanism)) {
                return RSAPackageUtil.encryptByJNI(HashEncoderUtil.derEncoder(mechanism, bArr), privateKey);
            }
            if (privateKey instanceof SM2PrivateKey) {
                return SM2PackageUtil.encryptByJNI(bArr, ((SM2PrivateKey) privateKey).dBigInteger());
            }
            throw new PKIException("The private key type is not sm2 type!");
        } catch (Exception e) {
            throw new PKIException(PKIException.SIGN, PKIException.SIGN_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public boolean verifyByHash(Mechanism mechanism, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws PKIException {
        if (!Mechanisms.isValid(mechanism)) {
            throw new PKIException(PKIException.SIGN, new StringBuffer().append(PKIException.SIGN_DES).append(" ").append(PKIException.NOT_SUP_DES).append(" ").append(mechanism).toString());
        }
        try {
            if (!Mechanisms.isSM2WithSM3(mechanism)) {
                return RSAPackageUtil.isRSAHashEqual(RSAPackageUtil.decryptByJNI(bArr2, publicKey), HashEncoderUtil.derEncoder(mechanism, bArr));
            }
            SM2PublicKey sM2PublicKey = (SM2PublicKey) publicKey;
            return SM2PackageUtil.verifyByJNI(bArr, bArr2, sM2PublicKey.xBytes(), sM2PublicKey.yBytes());
        } catch (Exception e) {
            throw new PKIException(PKIException.VERIFY_SIGN, PKIException.VERIFY_SIGN_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public void encrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream) throws PKIException {
        try {
            BigFileCipherUtil.bigFileBlockCipher(true, mechanism, key.getEncoded(), inputStream, outputStream);
        } catch (PKIException e) {
            throw e;
        } catch (Exception e2) {
            throw new PKIException("Encrypt failure", e2);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public void decrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream) throws PKIException {
        try {
            BigFileCipherUtil.bigFileBlockCipher(false, mechanism, key.getEncoded(), inputStream, outputStream);
        } catch (PKIException e) {
            throw e;
        } catch (Exception e2) {
            throw new PKIException("Decrypt failure", e2);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public Key generateKey(Mechanism mechanism) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        SecureRandom secureRandom = new SecureRandom();
        if (mechanismType.equals(Mechanism.DES3_KEY)) {
            byte[] bArr = new byte[24];
            secureRandom.nextBytes(bArr);
            return new SecretKeySpec(bArr, mechanismType);
        }
        if (mechanismType.equals(Mechanism.SM4_KEY)) {
            byte[] bArr2 = new byte[16];
            secureRandom.nextBytes(bArr2);
            return new SecretKeySpec(bArr2, mechanismType);
        }
        if (!mechanismType.equals("RC4")) {
            throw new PKIException(new StringBuffer().append("do not support this key type:").append(mechanismType).toString());
        }
        byte[] bArr3 = new byte[16];
        secureRandom.nextBytes(bArr3);
        return new SecretKeySpec(bArr3, mechanismType);
    }

    private final void SM2HashFile(SM2PublicKey sM2PublicKey, boolean z, InputStream inputStream, byte[] bArr, byte[] bArr2) throws Exception {
        byte[] bArr3;
        byte[] bArr4 = new byte[PKIFailureInfo.notAuthorized];
        JNIDigest jNIDigest = new JNIDigest();
        jNIDigest.init(JNIDigest.NID_ChinaSM3);
        jNIDigest.update(sM2PublicKey.getDefaultZ());
        JNIDigest jNIDigest2 = null;
        if (z) {
            jNIDigest2 = new JNIDigest();
            jNIDigest2.init(JNIDigest.NID_ChinaSM3);
        }
        while (true) {
            int read = inputStream.read(bArr4, 0, bArr4.length);
            if (read == -1) {
                break;
            }
            if (read < bArr4.length) {
                bArr3 = new byte[read];
                System.arraycopy(bArr4, 0, bArr3, 0, bArr3.length);
            } else {
                bArr3 = bArr4;
            }
            jNIDigest.update(bArr3);
            if (z) {
                jNIDigest2.update(bArr3);
            }
        }
        jNIDigest.doFinal(bArr);
        if (z) {
            jNIDigest2.doFinal(bArr2);
        }
    }

    private final void SM2HashFile(SM2PublicKey sM2PublicKey, boolean z, InputStream inputStream, byte[] bArr) throws Exception {
        byte[] bArr2;
        byte[] bArr3 = new byte[PKIFailureInfo.notAuthorized];
        JNIDigest jNIDigest = new JNIDigest();
        jNIDigest.init(JNIDigest.NID_ChinaSM3);
        if (z) {
            jNIDigest.update(sM2PublicKey.getDefaultZ());
        }
        while (true) {
            int read = inputStream.read(bArr3, 0, bArr3.length);
            if (read == -1) {
                jNIDigest.doFinal(bArr);
                return;
            }
            if (read < bArr3.length) {
                bArr2 = new byte[read];
                System.arraycopy(bArr3, 0, bArr2, 0, bArr2.length);
            } else {
                bArr2 = bArr3;
            }
            jNIDigest.update(bArr2);
        }
    }

    private final void SM2HashMessage(SM2PublicKey sM2PublicKey, boolean z, byte[] bArr, byte[] bArr2) throws Exception {
        JNIDigest jNIDigest = new JNIDigest();
        jNIDigest.init(JNIDigest.NID_ChinaSM3);
        if (z) {
            jNIDigest.update(sM2PublicKey.getDefaultZ());
        }
        jNIDigest.update(bArr);
        jNIDigest.doFinal(bArr2);
    }

    @Override // cfca.sadk.lib.crypto.Session
    public Key generateKey(Mechanism mechanism, byte[] bArr) throws PKIException {
        return null;
    }

    @Override // cfca.sadk.lib.crypto.Session
    public Provider getProvider() {
        return null;
    }

    @Override // cfca.sadk.lib.crypto.Session
    public String getProviderName() {
        return null;
    }
}
