package com.yeepay.yop.sdk.gm.security.encrypt;

import com.yeepay.shade.com.google.common.collect.Maps;
import com.yeepay.shade.org.apache.commons.lang3.StringUtils;
import com.yeepay.yop.sdk.auth.credentials.YopSymmetricCredentials;
import com.yeepay.yop.sdk.base.security.encrypt.YopEncryptorAdaptor;
import com.yeepay.yop.sdk.exception.YopClientException;
import com.yeepay.yop.sdk.gm.base.utils.SmUtils;
import com.yeepay.yop.sdk.gm.utils.Sm4Utils;
import com.yeepay.yop.sdk.security.encrypt.BigParamEncryptMode;
import com.yeepay.yop.sdk.security.encrypt.EncryptOptions;
import com.yeepay.yop.sdk.utils.Encodes;
import com.yeepay.yop.sdk.utils.RandomUtils;
import java.io.InputStream;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jcajce.io.CipherInputStream;

/* loaded from: input_file:com/yeepay/yop/sdk/gm/security/encrypt/YopSm4Encryptor.class */
public class YopSm4Encryptor extends YopEncryptorAdaptor {
    public static final String SECRET_KEY_TYPE = "SM4";
    public static final String ALGORITHM_NAME_GCM_NOPADDING = "SM4/GCM/NoPadding";
    public static final int ENCRYPT_MODE = 1;
    public static final int DECRYPT_MODE = 2;
    private static final ThreadLocal<Map<String, Cipher>> cipherThreadLocal;

    @Override // com.yeepay.yop.sdk.security.encrypt.YopEncryptor
    public List<String> supportedAlgs() {
        return Arrays.asList("SM4/CBC/PKCS5Padding", "SM4/GCM/NoPadding");
    }

    @Override // com.yeepay.yop.sdk.base.security.encrypt.YopEncryptorAdaptor
    public EncryptOptions doInitEncryptOptions(String str) throws Exception {
        return new EncryptOptions(new YopSymmetricCredentials(Encodes.encodeUrlSafeBase64(Sm4Utils.generateKey())), "SM2", str, Encodes.encodeUrlSafeBase64(RandomUtils.secureRandom().generateSeed(16)), Encodes.encodeUrlSafeBase64("yop".getBytes("UTF-8")));
    }

    @Override // com.yeepay.yop.sdk.security.encrypt.YopEncryptor
    public byte[] encrypt(byte[] bArr, EncryptOptions encryptOptions) {
        try {
            return getInitializedCipher(1, encryptOptions).doFinal(bArr);
        } catch (Throwable th) {
            throw new YopClientException("SystemError, Encrypt Fail, options:" + encryptOptions + ", ex:", th);
        }
    }

    @Override // com.yeepay.yop.sdk.security.encrypt.YopEncryptor
    public InputStream encrypt(InputStream inputStream, EncryptOptions encryptOptions) {
        if (BigParamEncryptMode.chunked.equals(encryptOptions.getBigParamEncryptMode())) {
            throw new YopClientException("SystemError, Encrypt Chunked NotSupport, options:" + encryptOptions);
        }
        return new CipherInputStream(inputStream, getInitializedCipher(1, encryptOptions, false));
    }

    @Override // com.yeepay.yop.sdk.security.encrypt.YopEncryptor
    public byte[] decrypt(byte[] bArr, EncryptOptions encryptOptions) {
        try {
            return getInitializedCipher(2, encryptOptions).doFinal(bArr);
        } catch (Throwable th) {
            throw new YopClientException("SystemError, Decrypt Fail, options:" + encryptOptions, th);
        }
    }

    @Override // com.yeepay.yop.sdk.security.encrypt.YopEncryptor
    public InputStream decrypt(InputStream inputStream, EncryptOptions encryptOptions) {
        if (BigParamEncryptMode.chunked.equals(encryptOptions.getBigParamEncryptMode())) {
            throw new YopClientException("SystemError, Encrypt Chunked NotSupport, options:" + encryptOptions);
        }
        return new CipherInputStream(inputStream, getInitializedCipher(2, encryptOptions, false));
    }

    private Cipher getInitializedCipher(int i, EncryptOptions encryptOptions) {
        return getInitializedCipher(i, encryptOptions, true);
    }

    private Cipher getInitializedCipher(int i, EncryptOptions encryptOptions, boolean z) {
        try {
            byte[] decodeBase64 = Encodes.decodeBase64(((YopSymmetricCredentials) encryptOptions.getCredentials()).getCredential());
            Cipher cipher = z ? cipherThreadLocal.get().get(encryptOptions.getAlg()) : Cipher.getInstance(encryptOptions.getAlg(), "BC");
            SecretKeySpec secretKeySpec = new SecretKeySpec(decodeBase64, "SM4");
            if ("SM4/GCM/NoPadding".equals(encryptOptions.getAlg())) {
                String iv = encryptOptions.getIv();
                cipher.init(i, secretKeySpec, new GCMParameterSpec(128, null != iv ? Encodes.decodeBase64(iv) : new byte[12]));
                if (StringUtils.isNotBlank(encryptOptions.getAad())) {
                    cipher.updateAAD(encryptOptions.getAad().getBytes("UTF-8"));
                }
                return cipher;
            }
            if (StringUtils.isNotEmpty(encryptOptions.getIv())) {
                cipher.init(i, secretKeySpec, new IvParameterSpec(Encodes.decodeBase64(encryptOptions.getIv())));
                return cipher;
            }
            cipher.init(i, secretKeySpec);
            return cipher;
        } catch (Throwable th) {
            throw new YopClientException("SystemError, InitCipher Fail, mode:" + i + ", options:" + encryptOptions + ", ex:", th);
        }
    }

    static {
        SmUtils.init();
        cipherThreadLocal = new ThreadLocal<Map<String, Cipher>>() { // from class: com.yeepay.yop.sdk.gm.security.encrypt.YopSm4Encryptor.1
            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.lang.ThreadLocal
            public Map<String, Cipher> initialValue() {
                HashMap newHashMap = Maps.newHashMap();
                try {
                    newHashMap.put("SM4/CBC/PKCS5Padding", Cipher.getInstance("SM4/CBC/PKCS5Padding", "BC"));
                    newHashMap.put("SM4/GCM/NoPadding", Cipher.getInstance("SM4/GCM/NoPadding", "BC"));
                    return newHashMap;
                } catch (Exception e) {
                    throw new YopClientException("SystemError, YopSm4Encryptor InitFail, ex:", e);
                }
            }
        };
    }
}
