package cfca.sadk.lib.crypto.hard;

import cfca.org.slf4j.Logger;
import cfca.org.slf4j.LoggerFactory;
import cfca.sadk.algorithm.common.GenKeyAttribute;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.MechanismKit;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.util.HashEncoderUtil;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.lib.crypto.bcsoft.BCSoftLib;
import cfca.sadk.org.bouncycastle.asn1.cmp.PKIFailureInfo;
import cfca.sadk.org.bouncycastle.asn1.sm2.ASN1SM2Cipher;
import cfca.sadk.org.bouncycastle.asn1.sm2.ASN1SM2Signature;
import cfca.sadk.org.bouncycastle.jce.interfaces.ECPrivateKey;
import cfca.sadk.org.bouncycastle.jce.interfaces.ECPublicKey;
import cfca.sadk.org.bouncycastle.util.encoders.Hex;
import cfca.sadk.signature.rsa.RSAPackageUtil;
import cfca.sadk.system.CompatibleConfig;
import cfca.sadk.system.Mechanisms;
import cfca.sadk.system.SADKDebugger;
import cfca.sadk.util.KeyUtil;
import java.io.BufferedInputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:cfca/sadk/lib/crypto/hard/HardLib.class */
public class HardLib implements Session {
    static final Logger logger = LoggerFactory.getLogger(HardLib.class);
    final String signByHash_ALG;
    private String providerName;
    private Provider provider;
    final boolean sm2SigningASN1Format;
    final int sm2EncryptFormatType;
    final int BUFFSIZE = 16384;
    final int ENCRYPT_BUFFSIZE = 10240;
    final String transformation_cbc_pkcs7_des3 = MechanismKit.DES3_CBC;
    final String transformation_cbc_pkcs7_sm4 = MechanismKit.SM4_CBC;

    public HardLib(String str) throws PKIException {
        if (logger.isDebugEnabled()) {
            logger.debug("HardLib constructor startup with providerPath=" + str);
        }
        try {
            this.provider = (Provider) Class.forName((str == null || str.trim().length() == 0) ? "com.sansec.jce.provider.SwxaProvider" : str).newInstance();
            this.providerName = this.provider.getName();
            KeyPair keyPair = null;
            try {
                keyPair = generateKeyPair(new Mechanism(MechanismKit.SM2), 256);
            } catch (Exception e) {
                if (logger.isWarnEnabled()) {
                    logger.warn("HardLib constructor warnning in GenerateKeyPair", e);
                }
            }
            String findSM2SignByHashAlgorithm = findSM2SignByHashAlgorithm(MechanismKit.SM2);
            findSM2SignByHashAlgorithm = findSM2SignByHashAlgorithm == null ? findSM2SignByHashAlgorithm("SimuSM2") : findSM2SignByHashAlgorithm;
            if (findSM2SignByHashAlgorithm == null) {
                if (logger.isErrorEnabled()) {
                    logger.error("HardLib constructor error in GetSignature without SM2/SimuSM2 for SM2SignByHash ");
                }
                findSM2SignByHashAlgorithm = MechanismKit.SM2;
            }
            this.signByHash_ALG = findSM2SignByHashAlgorithm;
            this.sm2SigningASN1Format = signingFormat(keyPair);
            this.sm2EncryptFormatType = encryptFormat(keyPair);
            if (logger.isDebugEnabled()) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("HardLib constructor finished!");
                stringBuffer.append("\nsignByHash_ALG=").append(this.signByHash_ALG);
                stringBuffer.append("\nsm2SigningASN1Format=").append(this.sm2SigningASN1Format);
                stringBuffer.append("\nsm2EncryptFormatType=").append(this.sm2EncryptFormatType);
                logger.debug(stringBuffer.toString());
            }
        } catch (Exception e2) {
            if (logger.isWarnEnabled()) {
                logger.warn("HardLib constructor warnning in newInstance", e2);
            }
            throw new PKIException(PKIException.INIT, PKIException.INIT_DES + " " + this.providerName, e2);
        }
    }

    final String findSM2SignByHashAlgorithm(String str) {
        try {
            Signature.getInstance(str, this.provider);
            return str;
        } catch (Exception e) {
            return null;
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final Key generateKey(Mechanism mechanism) throws PKIException {
        SecretKeySpec secretKeySpec;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("GenerateKey>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("GenerateKey failure with missing mechanism");
            }
            String mechanismType = mechanism.getMechanismType();
            SecureRandom secureRandom = new SecureRandom();
            if (MechanismKit.SM4_KEY.equals(mechanismType)) {
                byte[] bArr = new byte[16];
                secureRandom.nextBytes(bArr);
                secretKeySpec = new SecretKeySpec(bArr, mechanismType);
            } else if (MechanismKit.DES3_KEY.equals(mechanismType)) {
                byte[] bArr2 = new byte[24];
                secureRandom.nextBytes(bArr2);
                secretKeySpec = new SecretKeySpec(bArr2, mechanismType);
            } else {
                if (!"RC4".equals(mechanismType)) {
                    throw new PKIException("GenerateKey failure with invalid keyType=" + mechanism.getMechanismType());
                }
                byte[] bArr3 = new byte[16];
                secureRandom.nextBytes(bArr3);
                secretKeySpec = new SecretKeySpec(bArr3, mechanismType);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("GenerateKey<<<<<<Finished: key=" + SADKDebugger.dump(secretKeySpec));
            }
            return secretKeySpec;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("GenerateKey<<<<<<Failure", e);
            }
            throw new PKIException("GenerateKey failure with exception: " + e.getMessage(), e);
        } catch (Exception e2) {
            if (logger.isErrorEnabled()) {
                logger.error("GenerateKey<<<<<<Failure", e2);
            }
            throw new PKIException("GenerateKey failure with exception: " + e2.getMessage(), e2);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("GenerateKey<<<<<<Failure", th);
            }
            throw new PKIException("GenerateKey failure with throwable: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final Key generateKey(Mechanism mechanism, byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("generateKeyPair>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n keyData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("GenerateKey failure with missing mechanism");
            }
            Key generateKey = KeyUtil.generateKey(mechanism, bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("GenerateKey<<<<<<Finished: key=" + SADKDebugger.dump(generateKey));
            }
            return generateKey;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("GenerateKey<<<<<<Failure", e);
            }
            throw new PKIException("GenerateKey failure with exception: " + e.getMessage(), e);
        } catch (Exception e2) {
            if (logger.isErrorEnabled()) {
                logger.error("GenerateKey<<<<<<Failure", e2);
            }
            throw new PKIException("GenerateKey failure with exception: " + e2.getMessage(), e2);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("GenerateKey<<<<<<Failure", th);
            }
            throw new PKIException("GenerateKey failure with throwable: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final byte[] sign(Mechanism mechanism, PrivateKey privateKey, byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("sign message >>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            PrivateKey SM2HardPrivateKey = SM2HardPrivateKey(mechanism, privateKey);
            Signature signature = Signature.getInstance(mechanism.getMechanismType(), this.provider);
            signature.initSign(SM2HardPrivateKey);
            signature.update(bArr);
            byte[] signedOutFormat = signedOutFormat(mechanism, signature.sign());
            if (logger.isDebugEnabled()) {
                logger.debug("sign message <<<<<<Finished: signData=" + SADKDebugger.dump(signedOutFormat));
            }
            return signedOutFormat;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("sign message <<<<<<Failure", e);
            }
            throw new PKIException("sign message failure: " + e.getMessage(), e);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("sign message <<<<<<Failure", th);
            }
            throw new PKIException("sign message failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final byte[] sign(Mechanism mechanism, PrivateKey privateKey, InputStream inputStream) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("sign stream >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n sourceStream: ");
            stringBuffer.append(SADKDebugger.dump(inputStream));
            logger.debug(stringBuffer.toString());
        }
        BufferedInputStream bufferedInputStream = null;
        try {
            try {
                PrivateKey SM2HardPrivateKey = SM2HardPrivateKey(mechanism, privateKey);
                Signature signature = Signature.getInstance(mechanism.getMechanismType(), this.provider);
                signature.initSign(SM2HardPrivateKey);
                byte[] bArr = new byte[16384];
                bufferedInputStream = new BufferedInputStream(inputStream);
                while (true) {
                    int read = bufferedInputStream.read(bArr);
                    if (read <= 0) {
                        break;
                    }
                    signature.update(bArr, 0, read);
                }
                byte[] signedOutFormat = signedOutFormat(mechanism, signature.sign());
                if (logger.isDebugEnabled()) {
                    logger.debug("sign stream <<<<<<Finished: signData=" + SADKDebugger.dump(signedOutFormat));
                }
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (Exception e) {
                        logger.error("sign stream failure", e);
                        throw new PKIException("sign stream failure: " + e.getMessage(), e);
                    }
                }
                return signedOutFormat;
            } catch (Throwable th) {
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (Exception e2) {
                        logger.error("sign stream failure", e2);
                        throw new PKIException("sign stream failure: " + e2.getMessage(), e2);
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            if (logger.isErrorEnabled()) {
                logger.error("sign stream <<<<<<Failure", e3);
            }
            throw new PKIException("sign stream failure: " + e3.getMessage(), e3);
        } catch (Throwable th2) {
            if (logger.isErrorEnabled()) {
                logger.error("sign stream <<<<<<Failure", th2);
            }
            throw new PKIException("sign stream failure: " + th2.getMessage(), th2);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final boolean verify(Mechanism mechanism, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("sign stream >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n PublicKey: ");
            stringBuffer.append(SADKDebugger.dump(publicKey));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n signData: ");
            stringBuffer.append(SADKDebugger.dump(bArr2));
            logger.debug(stringBuffer.toString());
        }
        try {
            PublicKey SM2HardPublicKey = SM2HardPublicKey(mechanism, publicKey);
            Signature signature = Signature.getInstance(mechanism.getMechanismType(), this.provider);
            signature.initVerify(SM2HardPublicKey);
            byte[] signedInFormat = signedInFormat(mechanism, bArr2);
            signature.update(bArr);
            boolean verify = signature.verify(signedInFormat);
            if (logger.isDebugEnabled()) {
                logger.debug("verify message <<<<<<Finished: verifyResult=" + verify);
            }
            return verify;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("verify message <<<<<<Failure", e);
            }
            throw new PKIException("verify message failure: " + e.getMessage(), e);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("verify message <<<<<<Failure", th);
            }
            throw new PKIException("verify message failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final boolean verify(Mechanism mechanism, PublicKey publicKey, InputStream inputStream, byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("sign stream >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n PublicKey: ");
            stringBuffer.append(SADKDebugger.dump(publicKey));
            stringBuffer.append("\n sourceStream: ");
            stringBuffer.append(SADKDebugger.dump(inputStream));
            stringBuffer.append("\n signData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        BufferedInputStream bufferedInputStream = null;
        try {
            try {
                PublicKey SM2HardPublicKey = SM2HardPublicKey(mechanism, publicKey);
                Signature signature = Signature.getInstance(mechanism.getMechanismType(), this.provider);
                signature.initVerify(SM2HardPublicKey);
                byte[] signedInFormat = signedInFormat(mechanism, bArr);
                byte[] bArr2 = new byte[16384];
                bufferedInputStream = new BufferedInputStream(inputStream);
                while (true) {
                    int read = bufferedInputStream.read(bArr2);
                    if (read <= 0) {
                        break;
                    }
                    signature.update(bArr2, 0, read);
                }
                boolean verify = signature.verify(signedInFormat);
                if (logger.isDebugEnabled()) {
                    logger.debug("verify stream <<<<<<Finished: verifyResult=" + verify);
                }
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (Exception e) {
                        logger.error("verify stream failure", e);
                        throw new PKIException("verify stream failure: " + e.getMessage(), e);
                    }
                }
                return verify;
            } catch (Exception e2) {
                if (logger.isErrorEnabled()) {
                    logger.error("verify stream <<<<<<Failure", e2);
                }
                throw new PKIException("verify stream failure: " + e2.getMessage(), e2);
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("verify stream <<<<<<Failure", th);
                }
                throw new PKIException("verify stream failure: " + th.getMessage(), th);
            }
        } catch (Throwable th2) {
            if (bufferedInputStream != null) {
                try {
                    bufferedInputStream.close();
                } catch (Exception e3) {
                    logger.error("verify stream failure", e3);
                    throw new PKIException("verify stream failure: " + e3.getMessage(), e3);
                }
            }
            throw th2;
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final byte[] encrypt(Mechanism mechanism, Key key, byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("encrypt message >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n Key: ");
            stringBuffer.append(SADKDebugger.dump(key));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            String mechanismType = mechanism.getMechanismType();
            byte[] SM2Encrypt = Mechanisms.isSM2Type(mechanism) ? SM2Encrypt(mechanismType, bArr, SM2HardPublicKey(mechanism, (PublicKey) key)) : mechanism.getMechanismType().startsWith(MechanismKit.RSA) ? RSAEncrypt(mechanismType, (PublicKey) key, bArr) : BCSoftLib.INSTANCE().encrypt(mechanism, key, bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("encrypt message <<<<<<Finished: encryptData=" + SADKDebugger.dump(SM2Encrypt));
            }
            return SM2Encrypt;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("encrypt message params: mechanism=" + mechanism.getMechanismType() + " key=" + SADKDebugger.dump(key) + " sourceData=" + SADKDebugger.dump(bArr));
                logger.error("encrypt message <<<<<<Failure", e);
            }
            throw new PKIException("encrypt message failure: " + e.getMessage(), e);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("encrypt message params: mechanism=" + mechanism.getMechanismType() + " key=" + SADKDebugger.dump(key) + " sourceData=" + SADKDebugger.dump(bArr));
                logger.error("encrypt message <<<<<<Failure", th);
            }
            throw new PKIException("encrypt message failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final byte[] decrypt(Mechanism mechanism, Key key, byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("decrypt message >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n Key: ");
            stringBuffer.append(SADKDebugger.dump(key));
            stringBuffer.append("\n encryptData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            byte[] SM2Decrypt = Mechanisms.isSM2Type(mechanism) ? SM2Decrypt(mechanism, bArr, key) : mechanism.getMechanismType().startsWith(MechanismKit.RSA) ? RSADecrypt(mechanism.getMechanismType(), (PrivateKey) key, bArr) : BCSoftLib.INSTANCE().decrypt(mechanism, key, bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("decrypt message <<<<<<Finished: decryptData=" + SADKDebugger.dump(SM2Decrypt));
            }
            return SM2Decrypt;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("decrypt message params: mechanism=" + mechanism.getMechanismType() + " key=" + SADKDebugger.dump(key) + " encryptData=" + SADKDebugger.dump(bArr));
                logger.error("decrypt message <<<<<<Failure", e);
            }
            throw new PKIException("decrypt message failure: " + e.getMessage(), e);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("decrypt message params: mechanism=" + mechanism.getMechanismType() + " key=" + SADKDebugger.dump(key) + " encryptData=" + SADKDebugger.dump(bArr));
                logger.error("decrypt message <<<<<<Failure", th);
            }
            throw new PKIException("decrypt message failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final KeyPair generateKeyPair(Mechanism mechanism, int i) throws PKIException {
        int i2;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("GenerateKeyPair >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n keyLength: " + i);
            logger.debug(stringBuffer.toString());
        }
        try {
            String mechanismType = mechanism.getMechanismType();
            boolean z = true;
            int i3 = 0;
            int i4 = 2;
            Object param = mechanism.getParam();
            if (param != null) {
                GenKeyAttribute genKeyAttribute = (GenKeyAttribute) param;
                z = genKeyAttribute.isExport;
                if (!z) {
                    i3 = genKeyAttribute.keyNum;
                }
                i4 = genKeyAttribute.keyUsage;
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(mechanismType, this.provider);
            if (z) {
                i2 = i;
            } else {
                int i5 = i3 << 16;
                if (1 == i4) {
                    i5 |= PKIFailureInfo.systemUnavail;
                }
                i2 = i5;
            }
            if (logger.isDebugEnabled()) {
                logger.debug("GenerateKeyPair ::::::kLength=" + i2 + ",keyNum=" + i3 + ",keyUsage=" + i4);
            }
            keyPairGenerator.initialize(i2);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            if (logger.isDebugEnabled()) {
                logger.debug("GenerateKeyPair <<<<<<Finished: decryptData=" + ((Object) SADKDebugger.dump(generateKeyPair)));
            }
            return generateKeyPair;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("GenerateKeyPair <<<<<<Failure", e);
            }
            throw new PKIException("GenerateKeyPair failure: " + e.getMessage(), e);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("GenerateKeyPair <<<<<<Failure", th);
            }
            throw new PKIException("GenerateKeyPair failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final byte[] signByHash(Mechanism mechanism, PrivateKey privateKey, byte[] bArr) throws PKIException {
        byte[] doFinal;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("signByHash >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n hashValue: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            PrivateKey SM2HardPrivateKey = SM2HardPrivateKey(mechanism, privateKey);
            if (Mechanisms.isSM2WithSM3(mechanism)) {
                Signature signature = Signature.getInstance(this.signByHash_ALG, this.provider);
                signature.initSign(SM2HardPrivateKey);
                signature.update(bArr);
                byte[] sign = signature.sign();
                if (logger.isDebugEnabled()) {
                    logger.debug("signByHash ::::::signedOutFormat>>signData=" + SADKDebugger.dump(sign));
                }
                doFinal = signedOutFormat(mechanism, sign);
                if (logger.isDebugEnabled()) {
                    logger.debug("signByHash ::::::signedOutFormat<<signData=" + SADKDebugger.dump(doFinal));
                }
            } else {
                byte[] derEncoder = HashEncoderUtil.derEncoder(mechanism.getMechanismType(), bArr);
                if (logger.isDebugEnabled()) {
                    logger.debug("signByHash ::::::hashWithAlgorithm=" + SADKDebugger.dump(derEncoder));
                }
                Cipher cipher = Cipher.getInstance(MechanismKit.RSA_PKCS, this.provider);
                cipher.init(1, privateKey);
                doFinal = cipher.doFinal(derEncoder);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("signByHash <<<<<<Finished: signData=" + SADKDebugger.dump(doFinal));
            }
            return doFinal;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("signByHash <<<<<<Failure", e);
            }
            throw new PKIException("signByHash failure: " + e.getMessage(), e);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("signByHash <<<<<<Failure", th);
            }
            throw new PKIException("signByHash failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final boolean verifyByHash(Mechanism mechanism, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws PKIException {
        boolean isRSAHashEqual;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("verifyByHash >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n PublicKey: ");
            stringBuffer.append(SADKDebugger.dump(publicKey));
            stringBuffer.append("\n hashValue: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n signData: ");
            stringBuffer.append(SADKDebugger.dump(bArr2));
            logger.debug(stringBuffer.toString());
        }
        try {
            PublicKey SM2HardPublicKey = SM2HardPublicKey(mechanism, publicKey);
            if (Mechanisms.isSM2WithSM3(mechanism)) {
                Signature signature = Signature.getInstance(this.signByHash_ALG, this.provider);
                signature.initVerify(SM2HardPublicKey);
                signature.update(bArr);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyByHash ::::::signedInFormat>>signData=" + SADKDebugger.dump(bArr2));
                }
                byte[] signedInFormat = signedInFormat(mechanism, bArr2);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyByHash ::::::signedInFormat>>signData=" + SADKDebugger.dump(bArr2));
                }
                isRSAHashEqual = signature.verify(signedInFormat);
            } else {
                byte[] derEncoder = HashEncoderUtil.derEncoder(mechanism, bArr);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyByHash ::::::hashWithAlgorithm=" + SADKDebugger.dump(derEncoder));
                }
                Cipher cipher = Cipher.getInstance(MechanismKit.RSA_PKCS, this.provider);
                cipher.init(2, publicKey);
                byte[] doFinal = cipher.doFinal(bArr2);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyByHash ::::::decryptHash=" + SADKDebugger.dump(doFinal));
                }
                isRSAHashEqual = RSAPackageUtil.isRSAHashEqual(doFinal, derEncoder);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("verifyByHash <<<<<<Finished: verifyResult=" + isRSAHashEqual);
            }
            return isRSAHashEqual;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("verifyByHash <<<<<<Failure", e);
            }
            throw new PKIException("verifyByHash failure: " + e.getMessage(), e);
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("verifyByHash <<<<<<Failure", th);
            }
            throw new PKIException("verifyByHash failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final void encrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("encrypt stream>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n in: ");
            stringBuffer.append(SADKDebugger.dump(inputStream));
            stringBuffer.append("\n out: ");
            stringBuffer.append(SADKDebugger.dump(outputStream));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (isSM2Type(mechanism) || mechanism.getMechanismType().startsWith(MechanismKit.RSA)) {
                encryptOrDecrypt(mechanism, key, inputStream, outputStream, true);
            } else {
                BCSoftLib.INSTANCE().encrypt(mechanism, key, inputStream, outputStream);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("encrypt stream<<<<<<Finished");
            }
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("encrypt stream<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("encrypt stream<<<<<<Failure", th);
            }
            throw new PKIException("encrypt stream failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final void decrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("decrypt stream >>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n in: ");
            stringBuffer.append(SADKDebugger.dump(inputStream));
            stringBuffer.append("\n out: ");
            stringBuffer.append(SADKDebugger.dump(outputStream));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (isSM2Type(mechanism) || mechanism.getMechanismType().startsWith(MechanismKit.RSA)) {
                encryptOrDecrypt(mechanism, key, inputStream, outputStream, false);
            } else {
                BCSoftLib.INSTANCE().decrypt(mechanism, key, inputStream, outputStream);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("decrypt stream<<<<<<Finished");
            }
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("decrypt stream<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("decrypt stream<<<<<<Failure", th);
            }
            throw new PKIException("decrypt stream failure: " + th.getMessage(), th);
        }
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final Provider getProvider() {
        return this.provider;
    }

    @Override // cfca.sadk.lib.crypto.Session
    public final String getProviderName() {
        return this.providerName;
    }

    @Override // cfca.sadk.lib.crypto.Session
    public long login(String str) throws Exception {
        return 0L;
    }

    public final PublicKey SM2HardPublicKey(Mechanism mechanism, PublicKey publicKey) throws PKIException {
        PublicKey generatePublic;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("SM2HardPublicKey::>>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n PublicKey: ");
            stringBuffer.append(SADKDebugger.dump(publicKey));
            logger.debug(stringBuffer.toString());
        }
        if (publicKey != null) {
            try {
                if (isSM2Type(mechanism) && (publicKey instanceof ECPublicKey)) {
                    logger.debug("SM2HardPublicKey::::::::X509EncodedKeySpec: Running");
                    generatePublic = KeyFactory.getInstance(MechanismKit.SM2, this.provider).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded()));
                    logger.debug("SM2HardPublicKey::::::::X509EncodedKeySpec: Finished");
                    return generatePublic;
                }
            } catch (Exception e) {
                if (logger.isErrorEnabled()) {
                    logger.error("SM2HardPublicKey::<<<<<<Failure", e);
                }
                throw new PKIException("SM2HardPublicKey failure: " + e.getMessage(), e);
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("SM2HardPublicKey::<<<<<<Failure", th);
                }
                throw new PKIException("SM2HardPublicKey failure: " + th.getMessage(), th);
            }
        }
        logger.debug("SM2HardPublicKey::::::::X509EncodedKeySpec: Not ECPublicKey");
        generatePublic = publicKey;
        return generatePublic;
    }

    public final PrivateKey SM2HardPrivateKey(Mechanism mechanism, PrivateKey privateKey) throws PKIException {
        PrivateKey generatePrivate;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("SM2HardPrivateKey::>>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n PrivateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            logger.debug(stringBuffer.toString());
        }
        if (privateKey != null) {
            try {
                if (isSM2Type(mechanism) && (privateKey instanceof ECPrivateKey)) {
                    logger.debug("SM2HardPublicKey::::::::PKCS8EncodedKeySpec: Running");
                    generatePrivate = KeyFactory.getInstance(MechanismKit.SM2, this.provider).generatePrivate(new PKCS8EncodedKeySpec(privateKey.getEncoded()));
                    logger.debug("SM2HardPublicKey::::::::PKCS8EncodedKeySpec: Finished");
                    return generatePrivate;
                }
            } catch (Exception e) {
                if (logger.isErrorEnabled()) {
                    logger.error("SM2HardPrivateKey::<<<<<<Failure", e);
                }
                throw new PKIException("SM2HardPrivateKey failure: " + e.getMessage(), e);
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("SM2HardPrivateKey::<<<<<<Failure", th);
                }
                throw new PKIException("SM2HardPrivateKey failure: " + th.getMessage(), th);
            }
        }
        logger.debug("SM2HardPublicKey::::::::PKCS8EncodedKeySpec: Not ECPrivateKey");
        generatePrivate = privateKey;
        return generatePrivate;
    }

    private final byte[] RSAEncrypt(String str, PublicKey publicKey, byte[] bArr) throws Exception {
        Cipher cipher = Cipher.getInstance(str, this.provider);
        cipher.init(1, publicKey);
        return cipher.doFinal(bArr);
    }

    private final byte[] RSADecrypt(String str, PrivateKey privateKey, byte[] bArr) throws Exception {
        Cipher cipher = Cipher.getInstance(str, this.provider);
        cipher.init(2, privateKey);
        return cipher.doFinal(bArr);
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x0069  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private final boolean isSM2Type(cfca.sadk.algorithm.common.Mechanism r5) {
        /*
            r4 = this;
            cfca.org.slf4j.Logger r0 = cfca.sadk.lib.crypto.hard.HardLib.logger
            boolean r0 = r0.isDebugEnabled()
            if (r0 == 0) goto L36
            java.lang.StringBuffer r0 = new java.lang.StringBuffer
            r1 = r0
            r1.<init>()
            r6 = r0
            r0 = r6
            java.lang.String r1 = "isSM2Type::>>>>>>running"
            java.lang.StringBuffer r0 = r0.append(r1)
            r0 = r6
            java.lang.String r1 = "\n mechanism: "
            java.lang.StringBuffer r0 = r0.append(r1)
            r0 = r6
            r1 = r5
            java.lang.String r1 = cfca.sadk.system.SADKDebugger.dump(r1)
            java.lang.StringBuffer r0 = r0.append(r1)
            cfca.org.slf4j.Logger r0 = cfca.sadk.lib.crypto.hard.HardLib.logger
            r1 = r6
            java.lang.String r1 = r1.toString()
            r0.debug(r1)
        L36:
            r0 = 1
            r6 = r0
            r0 = r5
            if (r0 == 0) goto L43
            r0 = r5
            java.lang.String r0 = r0.getMechanismType()     // Catch: java.lang.Throwable -> L87
            if (r0 != 0) goto L48
        L43:
            r0 = 1
            r6 = r0
            goto L5e
        L48:
            r0 = r5
            java.lang.String r0 = r0.getMechanismType()     // Catch: java.lang.Throwable -> L87
            java.lang.String r0 = r0.toUpperCase()     // Catch: java.lang.Throwable -> L87
            java.lang.String r1 = "SM2"
            int r0 = r0.indexOf(r1)     // Catch: java.lang.Throwable -> L87
            r1 = -1
            if (r0 == r1) goto L5c
            r0 = 1
            goto L5d
        L5c:
            r0 = 0
        L5d:
            r6 = r0
        L5e:
            cfca.org.slf4j.Logger r0 = cfca.sadk.lib.crypto.hard.HardLib.logger     // Catch: java.lang.Throwable -> L87
            boolean r0 = r0.isDebugEnabled()
            if (r0 == 0) goto Lb0
            cfca.org.slf4j.Logger r0 = cfca.sadk.lib.crypto.hard.HardLib.logger
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r2 = r1
            r2.<init>()
            java.lang.String r2 = "isSM2Type::<<<<<<Finished: convertFlag="
            java.lang.StringBuilder r1 = r1.append(r2)
            r2 = r6
            java.lang.StringBuilder r1 = r1.append(r2)
            java.lang.String r1 = r1.toString()
            r0.debug(r1)
            goto Lb0
        L87:
            r7 = move-exception
            cfca.org.slf4j.Logger r0 = cfca.sadk.lib.crypto.hard.HardLib.logger     // Catch: java.lang.Throwable -> L87
            boolean r0 = r0.isDebugEnabled()
            if (r0 == 0) goto Lae
            cfca.org.slf4j.Logger r0 = cfca.sadk.lib.crypto.hard.HardLib.logger
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r2 = r1
            r2.<init>()
            java.lang.String r2 = "isSM2Type::<<<<<<Finished: convertFlag="
            java.lang.StringBuilder r1 = r1.append(r2)
            r2 = r6
            java.lang.StringBuilder r1 = r1.append(r2)
            java.lang.String r1 = r1.toString()
            r0.debug(r1)
        Lae:
            r0 = r7
            throw r0
        Lb0:
            r0 = r6
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: cfca.sadk.lib.crypto.hard.HardLib.isSM2Type(cfca.sadk.algorithm.common.Mechanism):boolean");
    }

    private final boolean signingFormat(KeyPair keyPair) {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("signingFormat::>>>>>>running");
            stringBuffer.append("\n keypair: ");
            stringBuffer.append(SADKDebugger.dump(keyPair));
            logger.debug(stringBuffer.toString());
        }
        boolean z = false;
        if (keyPair != null) {
            try {
                Signature signature = Signature.getInstance(MechanismKit.SM2, this.provider);
                signature.initSign(keyPair.getPrivate());
                signature.update(new byte[32]);
                byte[] sign = signature.sign();
                z = sign != null && sign.length > 64;
                if (logger.isDebugEnabled()) {
                    logger.debug("signingFormat::::::::Finished: asnFormat=" + z + ",signData=" + SADKDebugger.dump(sign));
                }
            } catch (Exception e) {
                if (logger.isErrorEnabled()) {
                    logger.error("signingFormat::<<<<<<Failure: asnFormat limited for False", e);
                }
                z = false;
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("signingFormat::<<<<<<Failure: asnFormat limited for False", th);
                }
                z = false;
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("signingFormat::<<<<<<Finished: asnFormat=" + z);
        }
        return z;
    }

    private final int encryptFormat(KeyPair keyPair) {
        int i = 1;
        if (CompatibleConfig.SM2CheckHardLibOriginEncryptOutFormat) {
            if (keyPair != null) {
                byte[] bArr = new byte[32];
                for (int i2 = 0; i2 < bArr.length; i2++) {
                    bArr[i2] = 8;
                }
                try {
                    Cipher cipher = Cipher.getInstance(MechanismKit.SM2, this.provider);
                    cipher.init(1, keyPair.getPublic());
                    byte[] doFinal = cipher.doFinal(bArr);
                    if (ASN1SM2Cipher.isASN1EncryptType(doFinal) && trySM2Decrypt(cipher, doFinal, bArr, keyPair, 1)) {
                        i = 1;
                        logger.info("encryptFormat::::::::Tried Finished: C1_C3_C2_WITH_ASN1");
                    } else if (doFinal.length - bArr.length != 96) {
                        i = 1;
                        logger.warn("encryptFormat::::::::Others Finished: C1_C3_C2_WITH_ASN1: " + Hex.toHexString(doFinal));
                    } else if (trySM2Decrypt(cipher, doFinal, bArr, keyPair, 16)) {
                        i = 16;
                        logger.info("encryptFormat::::::::Tried Finished: C1_C2_C3_WITHOUT_0x04");
                    } else if (trySM2Decrypt(cipher, doFinal, bArr, keyPair, 4)) {
                        i = 4;
                        logger.info("encryptFormat::::::::Tried Finished: C1_C3_C2_WITHOUT_0x04");
                    } else {
                        i = 16;
                        logger.warn("encryptFormat::::::::Others Finished: C1_C2_C3_WITHOUT_0x04: " + Hex.toHexString(doFinal));
                    }
                } catch (Exception e) {
                    if (logger.isErrorEnabled()) {
                        logger.error("encryptFormat::<<<<<<Failure: asnFormat limited for False", e);
                    }
                    i = 1;
                } catch (Throwable th) {
                    if (logger.isErrorEnabled()) {
                        logger.error("encryptFormat::<<<<<<Failure: asnFormat limited for False", th);
                    }
                    i = 1;
                }
            }
            if (i != CompatibleConfig.SM2HardLibOriginEncryptOutFormat && logger.isWarnEnabled()) {
                logger.warn("encryptFormat:: the config type is " + CompatibleConfig.SM2HardLibOriginEncryptOutFormat + ", but the real Type is " + i);
            }
            logger.info("encryptFormat::<<<<<<Finished: sm2FormatType=" + i);
        } else {
            i = CompatibleConfig.SM2HardLibOriginEncryptOutFormat;
            logger.info("encryptFormat::<<<<<<Finished: CompatibleConfig.SM2HardLibOriginEncryptOutFormat=" + i);
        }
        return i;
    }

    private final byte[] signedOutFormat(Mechanism mechanism, byte[] bArr) {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("signedOutFormat::>>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n signData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        if (bArr != null && isSM2Type(mechanism) && bArr.length != 64) {
            bArr = new ASN1SM2Signature(bArr).getRS();
        }
        if (logger.isDebugEnabled()) {
            logger.debug("signedOutFormat::<<<<<<Finished: signData=" + SADKDebugger.dump(bArr));
        }
        return bArr;
    }

    private byte[] signedInFormat(Mechanism mechanism, byte[] bArr) {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("signedInFormat::>>>>>>running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(SADKDebugger.dump(mechanism));
            stringBuffer.append("\n signData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        if (bArr != null && isSM2Type(mechanism)) {
            try {
                if (this.sm2SigningASN1Format) {
                    if (bArr.length == 64) {
                        bArr = new ASN1SM2Signature(bArr).getEncoded();
                    }
                } else if (bArr.length != 64) {
                    bArr = new ASN1SM2Signature(bArr).getRS();
                }
            } catch (Exception e) {
                if (logger.isErrorEnabled()) {
                    logger.error("signedInFormat::<<<<<<Failure: skip setting", e);
                }
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("signedInFormat::<<<<<<Failure: skip setting", th);
                }
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("signedInFormat::<<<<<<Finished: signData=" + SADKDebugger.dump(bArr));
        }
        return bArr;
    }

    private final byte[] sm2EncryptOutFormat(byte[] bArr, int i) {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("sm2EncryptOutFormat::>>>>>>running");
            stringBuffer.append("\n encryptedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n sourceLength: " + i);
            logger.debug(stringBuffer.toString());
        }
        int i2 = CompatibleConfig.SM2OutputFormatEncryptedBytes;
        if (logger.isDebugEnabled()) {
            logger.debug("sm2EncryptOutFormat::::::::Finished:  ChangedFrom>> sm2EncryptedType=" + i + " to sm2EncryptedType=" + i2);
        }
        if (i != i2) {
            try {
                bArr = new ASN1SM2Cipher(bArr, i).getEncryptedBytes(i2);
            } catch (Exception e) {
                if (logger.isErrorEnabled()) {
                    logger.error("sm2EncryptOutFormat::<<<<<<Failure: skip setting encryptedData=" + SADKDebugger.dump(bArr), e);
                }
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("sm2EncryptOutFormat::<<<<<<Failure: skip setting encryptedData=" + SADKDebugger.dump(bArr), th);
                }
            }
        }
        return bArr;
    }

    private final byte[] sm2DecryptInFormat(byte[] bArr, int i) {
        if (logger.isDebugEnabled()) {
            logger.debug("sm2DecryptInFormat::::::::Finished:  ChangedFrom>> sm2EncryptedType=" + i + " to sm2EncryptedType=" + this.sm2EncryptFormatType);
        }
        if (i != this.sm2EncryptFormatType) {
            try {
                bArr = new ASN1SM2Cipher(bArr, i).getEncryptedBytes(this.sm2EncryptFormatType);
            } catch (Exception e) {
                if (logger.isErrorEnabled()) {
                    logger.error("sm2DecryptInFormat::<<<<<<Failure: skip setting encryptData=" + SADKDebugger.dump(bArr), e);
                }
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("sm2DecryptInFormat::<<<<<<Failure: skip setting encryptData=" + SADKDebugger.dump(bArr), th);
                }
            }
        }
        return bArr;
    }

    private final byte[] SM2Encrypt(String str, byte[] bArr, PublicKey publicKey) throws PKIException, Exception {
        Cipher cipher = Cipher.getInstance(str, this.provider);
        cipher.init(1, publicKey);
        return sm2EncryptOutFormat(cipher.doFinal(bArr), this.sm2EncryptFormatType);
    }

    private final byte[] SM2Decrypt(Mechanism mechanism, byte[] bArr, Key key) throws PKIException, Exception {
        byte[] doFinal;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("SM2Decrypt::>>>>>>running");
            stringBuffer.append("\n encryptData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n Key: ");
            stringBuffer.append(SADKDebugger.dump(key));
            logger.debug(stringBuffer.toString());
        }
        if (bArr == null || bArr.length < 96) {
            throw new PKIException("SM2Decrypt Failure with encryptData shortage");
        }
        PrivateKey SM2HardPrivateKey = SM2HardPrivateKey(mechanism, (PrivateKey) key);
        Cipher cipher = Cipher.getInstance(mechanism.getMechanismType(), this.provider);
        cipher.init(2, SM2HardPrivateKey);
        if (ASN1SM2Cipher.isASN1EncryptType(bArr)) {
            logger.debug("SM2Decrypt::::::::ASN1(C1C3C2): Running");
            doFinal = cipher.doFinal(sm2DecryptInFormat(bArr, 1));
            logger.debug("SM2Decrypt::::::::ASN1(C1C3C2): Finished");
        } else {
            try {
                logger.debug("SM2Decrypt:::::::: RAW(C1C3C2): Running");
                doFinal = cipher.doFinal(sm2DecryptInFormat(bArr, 4));
                logger.debug("SM2Decrypt:::::::: RAW(C1C3C2): Finished");
            } catch (Exception e) {
                logger.debug("SM2Decrypt:::::::: RAW(C1C2C3): Running");
                cipher.init(2, SM2HardPrivateKey);
                doFinal = cipher.doFinal(sm2DecryptInFormat(bArr, 16));
                logger.debug("SM2Decrypt:::::::: RAW(C1C2C3): Finished");
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("SM2Decrypt::<<<<<<Finished: decryptBytes=" + SADKDebugger.dump(doFinal));
        }
        return doFinal;
    }

    final boolean trySM2Decrypt(Cipher cipher, byte[] bArr, byte[] bArr2, KeyPair keyPair, int i) {
        boolean z;
        logger.info("encryptFormat::::::::Tried trySM2DecryptFormatType=" + i);
        try {
            ASN1SM2Cipher aSN1SM2Cipher = new ASN1SM2Cipher(bArr, i);
            cipher.init(2, keyPair.getPrivate());
            byte[] doFinal = cipher.doFinal(aSN1SM2Cipher.getEncryptedBytes(i));
            if (logger.isDebugEnabled()) {
                logger.debug("encryptFormat::::::::Tried  sourceData=" + Hex.toHexString(bArr2));
                logger.debug("encryptFormat::::::::Tried decryptData=" + Hex.toHexString(doFinal));
            }
            z = Arrays.equals(bArr2, doFinal);
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("trySM2Decrypt::<<<<<<Failure  trySM2DecryptFormatType=" + i, e);
            }
            z = false;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("trySM2Decrypt::<<<<<<Failure  trySM2DecryptFormatType=" + i, th);
            }
            z = false;
        }
        return z;
    }

    private final void encryptOrDecrypt(Mechanism mechanism, Key key, InputStream inputStream, OutputStream outputStream, boolean z) throws PKIException {
        try {
            byte[] bArr = new byte[10240];
            int read = inputStream.read(bArr);
            if (read > 4096) {
                throw new PKIException("encrypt stream failure: message more than 4096");
            }
            byte[] bArr2 = new byte[read];
            System.arraycopy(bArr, 0, bArr2, 0, bArr2.length);
            byte[] encrypt = z ? encrypt(mechanism, key, bArr2) : decrypt(mechanism, key, bArr2);
            try {
                outputStream.write(encrypt, 0, encrypt.length);
            } catch (Exception e) {
                throw new PKIException("encrypt stream failure: file write error", e);
            }
        } catch (Exception e2) {
            throw new PKIException("encrypt stream failure: file read error", e2);
        }
    }
}
