package cfca.sadk.envelope.rsa;

import cfca.sadk.algorithm.common.CBCParam;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.util.PKCS8ToPKCS1Util;
import cfca.sadk.lib.crypto.jni.JNIRSA;
import cfca.sadk.lib.crypto.jni.JNISymAlg;
import cfca.sadk.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import cfca.sadk.org.bouncycastle.crypto.InvalidCipherTextException;
import cfca.sadk.org.bouncycastle.crypto.KeyGenerationParameters;
import cfca.sadk.org.bouncycastle.crypto.encodings.PKCS1Encoding;
import cfca.sadk.org.bouncycastle.crypto.engines.DESedeEngine;
import cfca.sadk.org.bouncycastle.crypto.engines.RC4Engine;
import cfca.sadk.org.bouncycastle.crypto.engines.RSAEngine;
import cfca.sadk.org.bouncycastle.crypto.generators.DESedeKeyGenerator;
import cfca.sadk.org.bouncycastle.crypto.modes.CBCBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.paddings.PKCS7Padding;
import cfca.sadk.org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import cfca.sadk.org.bouncycastle.crypto.params.KeyParameter;
import cfca.sadk.org.bouncycastle.crypto.params.ParametersWithIV;
import cfca.sadk.org.bouncycastle.crypto.params.RSAKeyParameters;
import cfca.sadk.org.bouncycastle.crypto.util.PrivateKeyFactory;
import cfca.sadk.org.bouncycastle.crypto.util.PublicKeyFactory;
import java.security.Key;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

/* loaded from: input_file:BOOT-INF/lib/sadk-3.2.0.5.jar:cfca/sadk/envelope/rsa/RSASymmetricCryptoUtil.class */
public class RSASymmetricCryptoUtil {
    private static int HEADER_LENGTH = 10;
    private static int DES3_BLOCK_SIZE = 8;

    public static byte[] cryptoUtil(boolean z, boolean z2, byte[] bArr, byte[] bArr2, Mechanism mechanism) throws Exception {
        if (mechanism.getMechanismType().indexOf("RC4") != -1) {
            return useRC4Encrypt(z, z2, bArr, bArr2);
        }
        if (mechanism.getMechanismType().indexOf(Mechanism.DES3_KEY) != -1 && mechanism.getMechanismType().indexOf("CBC") != -1) {
            return useDesedeCBCEncrypt(z, z2, bArr, bArr2, ((CBCParam) mechanism.getParam()).getIv());
        }
        if (mechanism.getMechanismType().indexOf(Mechanism.DES3_KEY) != -1 && mechanism.getMechanismType().indexOf("ECB") != -1) {
            return useDesedeECBEncrypt(z, z2, bArr, bArr2);
        }
        if (mechanism.getMechanismType().indexOf("RSA") != -1) {
            return useRSAECBEncrypt(z2, bArr, bArr2);
        }
        throw new Exception(new StringBuffer().append("can not support this algorithm to crypto:").append(mechanism.getMechanismType()).toString());
    }

    public static byte[] rsaEncrypt(boolean z, Key key, byte[] bArr) throws Exception {
        return useRSAECBEncrypt(z, key.getEncoded(), bArr);
    }

    public static byte[] rsaEncrypt_JNI(boolean z, Key key, byte[] bArr) throws Exception {
        return z ? encrypt_JNI(bArr, key) : decrypt_JNI(bArr, key);
    }

    private static byte[] addPKCS1Padding(byte[] bArr, RSAPublicKey rSAPublicKey) {
        byte[] bArr2 = new byte[(rSAPublicKey.getModulus().bitLength() + 7) / 8];
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.nextBytes(bArr2);
        bArr2[0] = 0;
        bArr2[1] = 2;
        int length = bArr.length;
        for (int i = 2; i != (bArr2.length - length) - 1; i++) {
            while (bArr2[i] == 0) {
                bArr2[i] = (byte) secureRandom.nextInt();
            }
        }
        bArr2[(bArr2.length - length) - 1] = 0;
        System.arraycopy(bArr, 0, bArr2, bArr2.length - length, length);
        return bArr2;
    }

    private static byte[] delPKCS1Padding(byte[] bArr) throws Exception {
        byte b;
        byte b2 = bArr[1];
        if (b2 != 1 && b2 != 2) {
            throw new InvalidCipherTextException("unknown block type");
        }
        int i = 2;
        while (i != bArr.length && (b = bArr[i]) != 0) {
            if (b2 == 1 && b != -1) {
                throw new InvalidCipherTextException("block padding incorrect");
            }
            i++;
        }
        int i2 = i + 1;
        if (i2 > bArr.length || i2 < HEADER_LENGTH) {
            throw new InvalidCipherTextException("no data in block");
        }
        byte[] bArr2 = new byte[bArr.length - i2];
        System.arraycopy(bArr, i2, bArr2, 0, bArr2.length);
        return bArr2;
    }

    private static byte[] encrypt_JNI(byte[] bArr, Key key) throws Exception {
        if (bArr == null) {
            throw new Exception("the source data is null,can not encrypt!!!");
        }
        RSAPublicKey rSAPublicKey = (RSAPublicKey) key;
        byte[] RSAP8ToP1PubKey = PKCS8ToPKCS1Util.RSAP8ToP1PubKey(rSAPublicKey);
        byte[] addPKCS1Padding = addPKCS1Padding(bArr, rSAPublicKey);
        byte[] bArr2 = new byte[(rSAPublicKey.getModulus().bitLength() + 7) / 8];
        JNIRSA.dowithPublicKey(addPKCS1Padding, RSAP8ToP1PubKey, bArr2);
        return bArr2;
    }

    private static byte[] decrypt_JNI(byte[] bArr, Key key) throws Exception {
        if (bArr == null) {
            throw new Exception("the encrypt data is null,can not decrypt!!!");
        }
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) key;
        byte[] RSAP8ToP1PriKey = PKCS8ToPKCS1Util.RSAP8ToP1PriKey(rSAPrivateKey);
        byte[] bArr2 = new byte[(rSAPrivateKey.getModulus().bitLength() + 7) / 8];
        JNIRSA.dowithPrivateKey(bArr, RSAP8ToP1PriKey, bArr2);
        return delPKCS1Padding(bArr2);
    }

    private static byte[] useRC4Encrypt(boolean z, boolean z2, byte[] bArr, byte[] bArr2) throws Exception {
        byte[] bArr3 = new byte[bArr2.length];
        if (!z) {
            RC4Engine rC4Engine = new RC4Engine();
            rC4Engine.init(z2, new KeyParameter(bArr));
            rC4Engine.processBytes(bArr2, 0, bArr2.length, bArr3, 0);
            return bArr3;
        }
        JNISymAlg jNISymAlg = new JNISymAlg();
        if (z2) {
            jNISymAlg.encryptInit(JNISymAlg.NID_rc4, bArr, null);
            byte[] bArr4 = new byte[bArr2.length];
            jNISymAlg.encryptFinal(bArr4, jNISymAlg.encryptProcess(bArr2, 0, bArr2.length, bArr4, 0));
            return bArr4;
        }
        jNISymAlg.decryptInit(JNISymAlg.NID_rc4, bArr, null);
        byte[] bArr5 = new byte[bArr2.length];
        jNISymAlg.decryptFinal(bArr5, jNISymAlg.decryptProcess(bArr2, 0, bArr2.length, bArr5, 0));
        return bArr5;
    }

    private static byte[] useDesedeECBEncrypt(boolean z, boolean z2, byte[] bArr, byte[] bArr2) throws Exception {
        if (!z) {
            PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new DESedeEngine(), new PKCS7Padding());
            paddedBufferedBlockCipher.init(z2, new KeyParameter(bArr));
            int outputSize = paddedBufferedBlockCipher.getOutputSize(bArr2.length);
            byte[] bArr3 = new byte[outputSize];
            int processBytes = paddedBufferedBlockCipher.processBytes(bArr2, 0, bArr2.length, bArr3, 0);
            int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr3, processBytes);
            if (doFinal >= outputSize) {
                return bArr3;
            }
            byte[] bArr4 = new byte[doFinal];
            System.arraycopy(bArr3, 0, bArr4, 0, doFinal);
            return bArr4;
        }
        JNISymAlg jNISymAlg = new JNISymAlg();
        if (z2) {
            jNISymAlg.encryptInit(JNISymAlg.NID_des_ede3_ecb, bArr, null);
            byte[] bArr5 = new byte[bArr2.length + (DES3_BLOCK_SIZE - (bArr2.length % DES3_BLOCK_SIZE))];
            jNISymAlg.encryptFinal(bArr5, jNISymAlg.encryptProcess(bArr2, 0, bArr2.length, bArr5, 0));
            return bArr5;
        }
        jNISymAlg.decryptInit(JNISymAlg.NID_des_ede3_ecb, bArr, null);
        byte[] bArr6 = new byte[bArr2.length];
        int decryptProcess = jNISymAlg.decryptProcess(bArr2, 0, bArr2.length, bArr6, 0);
        int decryptFinal = decryptProcess + jNISymAlg.decryptFinal(bArr6, decryptProcess);
        byte[] bArr7 = new byte[decryptFinal];
        System.arraycopy(bArr6, 0, bArr7, 0, decryptFinal);
        return bArr7;
    }

    private static byte[] useDesedeCBCEncrypt(boolean z, boolean z2, byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        if (!z) {
            PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()), new PKCS7Padding());
            paddedBufferedBlockCipher.init(z2, new ParametersWithIV(new KeyParameter(bArr), bArr3));
            int outputSize = paddedBufferedBlockCipher.getOutputSize(bArr2.length);
            byte[] bArr4 = new byte[outputSize];
            int processBytes = paddedBufferedBlockCipher.processBytes(bArr2, 0, bArr2.length, bArr4, 0);
            int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr4, processBytes);
            if (doFinal >= outputSize) {
                return bArr4;
            }
            byte[] bArr5 = new byte[doFinal];
            System.arraycopy(bArr4, 0, bArr5, 0, doFinal);
            return bArr5;
        }
        JNISymAlg jNISymAlg = new JNISymAlg();
        if (z2) {
            jNISymAlg.encryptInit(JNISymAlg.NID_des_ede3_cbc, bArr, bArr3);
            byte[] bArr6 = new byte[bArr2.length + (DES3_BLOCK_SIZE - (bArr2.length % DES3_BLOCK_SIZE))];
            jNISymAlg.encryptFinal(bArr6, jNISymAlg.encryptProcess(bArr2, 0, bArr2.length, bArr6, 0));
            return bArr6;
        }
        jNISymAlg.decryptInit(JNISymAlg.NID_des_ede3_cbc, bArr, bArr3);
        byte[] bArr7 = new byte[bArr2.length];
        int decryptProcess = jNISymAlg.decryptProcess(bArr2, 0, bArr2.length, bArr7, 0);
        int decryptFinal = decryptProcess + jNISymAlg.decryptFinal(bArr7, decryptProcess);
        byte[] bArr8 = new byte[decryptFinal];
        System.arraycopy(bArr7, 0, bArr8, 0, decryptFinal);
        return bArr8;
    }

    private static byte[] useRSAECBEncrypt(boolean z, byte[] bArr, byte[] bArr2) throws Exception {
        if (z) {
            RSAKeyParameters rSAKeyParameters = (RSAKeyParameters) PublicKeyFactory.createKey(SubjectPublicKeyInfo.getInstance(bArr));
            PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
            pKCS1Encoding.init(true, rSAKeyParameters);
            return pKCS1Encoding.processBlock(bArr2, 0, bArr2.length);
        }
        RSAKeyParameters rSAKeyParameters2 = (RSAKeyParameters) PrivateKeyFactory.createKey(bArr);
        PKCS1Encoding pKCS1Encoding2 = new PKCS1Encoding(new RSAEngine());
        pKCS1Encoding2.init(false, rSAKeyParameters2);
        return pKCS1Encoding2.processBlock(bArr2, 0, bArr2.length);
    }

    public static byte[] generateSecretKey(String str) throws Exception {
        String upperCase = str.toUpperCase();
        SecureRandom secureRandom = new SecureRandom();
        if (upperCase.indexOf("RC4") != -1) {
            byte[] bArr = new byte[16];
            secureRandom.nextBytes(bArr);
            return bArr;
        }
        if (upperCase.indexOf("DESEDE") == -1) {
            throw new Exception(new StringBuffer().append("can not generate such key:").append(upperCase).toString());
        }
        DESedeKeyGenerator dESedeKeyGenerator = new DESedeKeyGenerator();
        dESedeKeyGenerator.init(new KeyGenerationParameters(secureRandom, 192));
        return dESedeKeyGenerator.generateKey();
    }

    public static byte[] generateIV() {
        byte[] bArr = new byte[8];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }
}
