package cfca.sadk.lib.crypto.hard;

import cfca.sadk.algorithm.common.CBCParam;
import cfca.sadk.algorithm.common.GenKeyAttribute;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.util.HashEncoderUtil;
import cfca.sadk.lib.crypto.JCrypto;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.signature.rsa.RSAPackageUtil;
import cfca.sadk.system.global.FileAndBufferConfig;
import cfca.sadk.util.EncryptUtil;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/sadk-3.2.0.5.jar:cfca/sadk/lib/crypto/hard/HardLib.class */
public class HardLib implements Session {
    private static String signByHash_ALG = "SimuSM2";
    private String providerName;
    private Provider provider;

    public HardLib(String str) throws PKIException {
        try {
            this.provider = (Provider) Class.forName((str == null || str.trim().equals("")) ? "com.sansec.jce.provider.SwxaProvider" : str).newInstance();
            this.providerName = this.provider.getName();
        } catch (Exception e) {
            throw new PKIException(PKIException.INIT, new StringBuffer().append(PKIException.INIT_DES).append(StringUtils.SPACE).append(this.providerName).toString(), e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] sign(Mechanism mechanism, PrivateKey privateKey, byte[] bArr) throws PKIException {
        try {
            Signature signature = Signature.getInstance(mechanism.getMechanismType(), this.providerName);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (Exception e) {
            throw new PKIException(PKIException.SIGN, PKIException.SIGN_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] sign(Mechanism mechanism, PrivateKey privateKey, InputStream inputStream) throws PKIException {
        BufferedInputStream bufferedInputStream = null;
        try {
            try {
                Signature signature = Signature.getInstance(mechanism.getMechanismType(), this.providerName);
                signature.initSign(privateKey);
                byte[] bArr = new byte[FileAndBufferConfig.BIG_FILE_BUFFER];
                bufferedInputStream = new BufferedInputStream(inputStream);
                while (true) {
                    int read = bufferedInputStream.read(bArr);
                    if (read <= 0) {
                        break;
                    }
                    signature.update(bArr, 0, read);
                }
                byte[] sign = signature.sign();
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (IOException e) {
                        throw new PKIException(e.getMessage());
                    }
                }
                return sign;
            } catch (Exception e2) {
                throw new PKIException(PKIException.SIGN, PKIException.SIGN_DES, e2);
            }
        } catch (Throwable th) {
            if (bufferedInputStream != null) {
                try {
                    bufferedInputStream.close();
                } catch (IOException e3) {
                    throw new PKIException(e3.getMessage());
                }
            }
            throw th;
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public boolean verify(Mechanism mechanism, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        try {
            Signature signature = Signature.getInstance(mechanismType, this.providerName);
            if (mechanismType.equals(Mechanism.SM3_SM2)) {
                publicKey = getSM2HardPublicKey(publicKey);
            }
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e) {
            throw new PKIException(PKIException.VERIFY_SIGN, PKIException.VERIFY_SIGN_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public boolean verify(Mechanism mechanism, PublicKey publicKey, InputStream inputStream, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        BufferedInputStream bufferedInputStream = null;
        try {
            try {
                if (mechanismType.equals(Mechanism.SM3_SM2)) {
                    publicKey = getSM2HardPublicKey(publicKey);
                }
                Signature signature = Signature.getInstance(mechanismType, this.providerName);
                signature.initVerify(publicKey);
                byte[] bArr2 = new byte[FileAndBufferConfig.BIG_FILE_BUFFER];
                bufferedInputStream = new BufferedInputStream(inputStream);
                while (true) {
                    int read = bufferedInputStream.read(bArr2);
                    if (read <= 0) {
                        break;
                    }
                    signature.update(bArr2, 0, read);
                }
                boolean verify = signature.verify(bArr);
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (IOException e) {
                        throw new PKIException(e.getMessage());
                    }
                }
                return verify;
            } catch (Exception e2) {
                throw new PKIException(PKIException.VERIFY_SIGN, PKIException.VERIFY_SIGN_DES, e2);
            }
        } catch (Throwable th) {
            if (bufferedInputStream != null) {
                try {
                    bufferedInputStream.close();
                } catch (IOException e3) {
                    throw new PKIException(e3.getMessage());
                }
            }
            throw th;
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] encrypt(Mechanism mechanism, Key key, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        try {
            Cipher cipher = Cipher.getInstance(mechanismType, this.providerName);
            if (mechanismType.indexOf("CBC") != -1) {
                cipher.init(1, key, new IvParameterSpec(((CBCParam) mechanism.getParam()).getIv()));
            } else {
                cipher.init(1, key);
            }
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new PKIException(PKIException.ENCRYPT, PKIException.ENCRYPT_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] decrypt(Mechanism mechanism, Key key, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        try {
            Cipher cipher = Cipher.getInstance(mechanismType, this.providerName);
            if (mechanismType.indexOf("CBC") != -1) {
                cipher.init(2, key, new IvParameterSpec(((CBCParam) mechanism.getParam()).getIv()));
            } else {
                cipher.init(2, key);
            }
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new PKIException(PKIException.DECRYPT, PKIException.DECRYPT_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public KeyPair generateKeyPair(Mechanism mechanism, int i) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        boolean z = true;
        int i2 = 0;
        Object param = mechanism.getParam();
        if (param != null) {
            GenKeyAttribute genKeyAttribute = (GenKeyAttribute) param;
            z = genKeyAttribute.isExport;
            if (!z) {
                i2 = genKeyAttribute.keyNum;
            }
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(mechanismType, this.providerName);
            if (z) {
                keyPairGenerator.initialize(i);
            } else {
                keyPairGenerator.initialize(i2 << 16);
            }
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new PKIException(PKIException.HARD_KEY_PAIR, PKIException.HARD_KEY_PAIR_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public byte[] signByHash(Mechanism mechanism, PrivateKey privateKey, byte[] bArr) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        try {
            if (!mechanismType.equalsIgnoreCase(Mechanism.SM3_SM2)) {
                Cipher cipher = Cipher.getInstance(Mechanism.RSA_PKCS, this.providerName);
                cipher.init(1, privateKey);
                return cipher.doFinal(HashEncoderUtil.derEncoder(mechanismType, bArr));
            }
            Signature signature = Signature.getInstance(signByHash_ALG, this.providerName);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (Exception e) {
            throw new PKIException(PKIException.ENCRYPT, PKIException.ENCRYPT_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public boolean verifyByHash(Mechanism mechanism, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws PKIException {
        String mechanismType = mechanism.getMechanismType();
        try {
            if (!mechanismType.equalsIgnoreCase(Mechanism.SM3_SM2)) {
                Cipher cipher = Cipher.getInstance(Mechanism.RSA_PKCS, this.providerName);
                cipher.init(2, publicKey);
                return RSAPackageUtil.isRSAHashEqual(cipher.doFinal(bArr2), HashEncoderUtil.derEncoder(mechanismType, bArr));
            }
            Signature signature = Signature.getInstance(signByHash_ALG, this.providerName);
            signature.initVerify(getSM2HardPublicKey(publicKey));
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e) {
            throw new PKIException(PKIException.DECRYPT, PKIException.DECRYPT_DES, e);
        }
    }

    private PublicKey getSM2HardPublicKey(PublicKey publicKey) throws PKIException {
        try {
            return KeyFactory.getInstance(Mechanism.SM2, this.providerName).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded()));
        } catch (Exception e) {
            throw new PKIException(PKIException.COV_PUB_KEY, PKIException.COV_PUB_KEY_DES, e);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public void encrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream) throws PKIException {
        try {
            doCipher(true, mechanism, key, inputStream, outputStream);
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public void decrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream) throws PKIException {
        try {
            doCipher(false, mechanism, key, inputStream, outputStream);
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    private void doCipher(boolean z, Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream) throws PKIException {
        try {
            String mechanismType = mechanism.getMechanismType();
            Cipher cipher = Cipher.getInstance(mechanismType, this.providerName);
            int i = z ? 1 : 2;
            if (mechanismType.indexOf("CBC") != -1) {
                cipher.init(i, key, new IvParameterSpec(((CBCParam) mechanism.getParam()).getIv()));
            } else {
                cipher.init(i, key);
            }
            byte[] bArr = new byte[1048576];
            if (z) {
                BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new CipherOutputStream(outputStream, cipher), 1048576);
                BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream, 1048576);
                while (true) {
                    int read = bufferedInputStream.read(bArr);
                    if (read <= 0) {
                        break;
                    } else {
                        bufferedOutputStream.write(bArr, 0, read);
                    }
                }
                bufferedOutputStream.close();
                bufferedInputStream.close();
            } else {
                BufferedOutputStream bufferedOutputStream2 = new BufferedOutputStream(outputStream, 1048576);
                BufferedInputStream bufferedInputStream2 = new BufferedInputStream(new CipherInputStream(inputStream, cipher), 1048576);
                while (true) {
                    int read2 = bufferedInputStream2.read(bArr);
                    if (read2 <= 0) {
                        break;
                    } else {
                        bufferedOutputStream2.write(bArr, 0, read2);
                    }
                }
                bufferedOutputStream2.close();
                bufferedInputStream2.close();
            }
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public Key generateKey(Mechanism mechanism) throws PKIException {
        int i;
        String mechanismType = mechanism.getMechanismType();
        if (mechanismType.equals("RC4")) {
            i = 128;
        } else if (mechanismType.equals(Mechanism.DES3_KEY)) {
            i = 192;
        } else {
            if (!mechanismType.equals(Mechanism.SM4_KEY)) {
                throw new PKIException(new StringBuffer().append("do not support this key type:").append(mechanismType).toString());
            }
            i = 128;
        }
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(mechanismType, this.providerName);
            keyGenerator.init(i);
            return keyGenerator.generateKey();
        } catch (Exception e) {
            throw new PKIException(e.getMessage());
        }
    }

    public static void main(String[] strArr) throws Exception {
        SecretKeySpec secretKeySpec = new SecretKeySpec(new byte[16], "DeSede");
        JCrypto.getInstance().initialize(JCrypto.JNI_LIB, null);
        Session openSession = JCrypto.getInstance().openSession(JCrypto.JNI_LIB);
        JCrypto.getInstance().initialize(JCrypto.JSOFT_LIB, null);
        Session openSession2 = JCrypto.getInstance().openSession(JCrypto.JSOFT_LIB);
        EncryptUtil.encrypt(new Mechanism(Mechanism.DES3_ECB), secretKeySpec, "E:/TestData/BCProvider_PKIX.zip", "E:/TestData/BCProvider_PKIX.zip.enen.zip", openSession2);
        EncryptUtil.decrypt(new Mechanism(Mechanism.DES3_ECB), secretKeySpec, "E:/TestData/BCProvider_PKIX.zip.enen.zip", "E:/TestData/BCProvider_PKIX.zip.dede_softjni.zip", openSession);
        EncryptUtil.encrypt(new Mechanism(Mechanism.DES3_ECB), secretKeySpec, "E:/TestData/BCProvider_PKIX.zip", "E:/TestData/BCProvider_PKIX.zip.enen.zip", openSession);
        EncryptUtil.decrypt(new Mechanism(Mechanism.DES3_ECB), secretKeySpec, "E:/TestData/BCProvider_PKIX.zip.enen.zip", "E:/TestData/BCProvider_PKIX.zip.dede_jnisoft.zip", openSession2);
        EncryptUtil.encrypt(new Mechanism(Mechanism.DES3_ECB), secretKeySpec, "E:/TestData/BCProvider_PKIX.zip", "E:/TestData/BCProvider_PKIX.zip.enen.zip", openSession);
        EncryptUtil.decrypt(new Mechanism(Mechanism.DES3_ECB), secretKeySpec, "E:/TestData/BCProvider_PKIX.zip.enen.zip", "E:/TestData/BCProvider_PKIX.zip.dede_jnijni.zip", openSession);
        EncryptUtil.encrypt(new Mechanism(Mechanism.DES3_ECB), secretKeySpec, "E:/TestData/BCProvider_PKIX.zip", "E:/TestData/BCProvider_PKIX.zip.enen.zip", openSession2);
        EncryptUtil.decrypt(new Mechanism(Mechanism.DES3_ECB), secretKeySpec, "E:/TestData/BCProvider_PKIX.zip.enen.zip", "E:/TestData/BCProvider_PKIX.zip.dede_softsoft.zip", openSession2);
    }

    @Override // cfca.sadk.lib.crypto.Session
    public Key generateKey(Mechanism mechanism, byte[] bArr) throws PKIException {
        return null;
    }

    @Override // cfca.sadk.lib.crypto.Session
    public Provider getProvider() {
        return this.provider;
    }

    @Override // cfca.sadk.lib.crypto.Session
    public String getProviderName() {
        return this.providerName;
    }
}
