package com.xdja.pki.gmssl.crypto.sdf;

import com.xdja.pki.gmssl.core.utils.GMSSLByteArrayUtils;
import com.xdja.pki.gmssl.crypto.sdf.SdfSymmetricKey;
import com.xdja.pki.gmssl.crypto.sdf.SdfSymmetricKeyParameters;
import com.xdja.pki.gmssl.sdf.SdfSDK;
import com.xdja.pki.gmssl.sdf.SdfSDKException;
import java.security.interfaces.ECPublicKey;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/gmssl-sdf-crypto-1.3.4-SNAPSHOT.jar:com/xdja/pki/gmssl/crypto/sdf/SdfSymmetricCipher.class */
public class SdfSymmetricCipher {
    private Logger logger;
    private static final int BLOCK_SIZE = 16;
    private static final int HSM_BLOCK_SIZE = 4096;
    private SdfSDK sdfSDK;
    private long[] phKeyHandle;
    private byte[] key;
    private boolean forEncryption;
    private ParametersWithIV parametersWithIV;
    private SdfSymmetricKeyParameters sdfBlockCipherKeyParameters;

    public SdfSymmetricCipher() throws SdfSDKException {
        this(SdfCryptoType.YUNHSM);
    }

    public SdfSymmetricCipher(SdfCryptoType sdfCryptoType) throws SdfSDKException {
        this(sdfCryptoType.getSdfSDK());
    }

    public SdfSymmetricCipher(SdfSDK sdfSDK) throws SdfSDKException {
        this.logger = LoggerFactory.getLogger(getClass());
        this.sdfSDK = sdfSDK;
    }

    public byte[] getKey() {
        return this.key;
    }

    public void init(boolean z, CipherParameters cipherParameters) throws IllegalArgumentException {
        try {
            this.sdfSDK.init();
            if (cipherParameters instanceof SdfSymmetricKeyParameters) {
                this.sdfBlockCipherKeyParameters = (SdfSymmetricKeyParameters) cipherParameters;
                this.parametersWithIV = new ParametersWithIV(cipherParameters, new byte[16]);
            } else {
                if (!(cipherParameters instanceof ParametersWithIV)) {
                    throw new IllegalArgumentException("invalid parameter passed to SdfSymmetricCipher init - " + cipherParameters.getClass().getName());
                }
                this.parametersWithIV = (ParametersWithIV) cipherParameters;
                this.sdfBlockCipherKeyParameters = (SdfSymmetricKeyParameters) ((ParametersWithIV) cipherParameters).getParameters();
            }
            this.forEncryption = z;
            if (this.sdfBlockCipherKeyParameters.getKeyCipherType() == SdfSymmetricKeyParameters.KeyCipherType.NONE) {
                try {
                    SdfSymmetricKey.KeyHandle generateKeyWithEpkEccKeyHandle = new SdfSymmetricKey(this.sdfSDK).generateKeyWithEpkEccKeyHandle((ECPublicKey) this.sdfBlockCipherKeyParameters.getPublicKey());
                    this.key = generateKeyWithEpkEccKeyHandle.getCipherKey();
                    this.phKeyHandle = generateKeyWithEpkEccKeyHandle.getHandle();
                    return;
                } catch (SdfSDKException e) {
                    throw new IllegalArgumentException("SDF SM4 init - generate key error");
                }
            }
            this.key = this.sdfBlockCipherKeyParameters.getKey();
            try {
                switch (this.sdfBlockCipherKeyParameters.getKeyCipherType()) {
                    case ECC_CIPHER:
                        this.phKeyHandle = new SdfSymmetricKey(this.sdfSDK).importKeyWithIskEcc(this.sdfBlockCipherKeyParameters.getSdfPrivateKey(), this.key);
                        break;
                    case PLAIN:
                        if (this.key.length == 16) {
                            this.phKeyHandle = this.sdfSDK.importKey(this.key);
                            break;
                        } else {
                            throw new IllegalArgumentException("SM4 requires a 128 bit key");
                        }
                    case RSA_CIPHER:
                        this.phKeyHandle = new SdfSymmetricKey(this.sdfSDK).importKeyWithIskRsa(this.sdfBlockCipherKeyParameters.getSdfPrivateKey(), this.key);
                        break;
                    case KEK:
                        this.phKeyHandle = new SdfSymmetricKey(this.sdfSDK).importKeyWithKek(this.sdfBlockCipherKeyParameters.getKeyEncryptKeyType(), this.sdfBlockCipherKeyParameters.getPrivateKeyIndex(), this.key);
                        break;
                    default:
                        throw new IllegalArgumentException("SDF SM4 init - unknown key cipher type " + this.sdfBlockCipherKeyParameters.getKeyCipherType());
                }
            } catch (SdfSDKException e2) {
                this.logger.error("init import key", (Throwable) e2);
                throw new IllegalArgumentException("SDF SM4 init - import key error");
            }
        } catch (SdfSDKException e3) {
            throw new IllegalArgumentException("sdf SDK init error", e3);
        }
    }

    public String getAlgorithmName() {
        return this.sdfBlockCipherKeyParameters.getSdfAlgIdBlockCipher().getName();
    }

    public int getBlockSize() {
        return 16;
    }

    public int getEncryptionLength(int i, SdfSymmetricKeyParameters.PaddingType paddingType) {
        return paddingType == SdfSymmetricKeyParameters.PaddingType.NoPadding ? i : i + (16 - (i % 16));
    }

    public byte[] doFinal(byte[] bArr) throws DataLengthException, IllegalStateException {
        byte[] bArr2;
        byte[] bArr3;
        try {
            byte[] iv = this.parametersWithIV.getIV();
            if (this.forEncryption) {
                if (this.sdfBlockCipherKeyParameters.getPaddingType() == SdfSymmetricKeyParameters.PaddingType.NoPadding) {
                    bArr3 = new byte[bArr.length];
                    System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
                } else {
                    int length = 16 - (bArr.length % 16);
                    bArr3 = new byte[bArr.length + length];
                    System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
                    byte b = this.sdfBlockCipherKeyParameters.getPaddingType() == SdfSymmetricKeyParameters.PaddingType.SSL3Padding ? (byte) (length - 1) : (byte) length;
                    int length2 = bArr.length;
                    for (int i = 0; i < length; i++) {
                        int i2 = length2;
                        length2++;
                        bArr3[i2] = b;
                    }
                }
                int i3 = 0;
                byte[] bArr4 = new byte[bArr3.length];
                while (bArr3.length > 4096) {
                    byte[] bArr5 = new byte[4096];
                    System.arraycopy(bArr3, 0, bArr5, 0, 4096);
                    byte[] encrypt = this.sdfSDK.encrypt(this.phKeyHandle, this.sdfBlockCipherKeyParameters.getSdfAlgIdBlockCipher(), iv, bArr5);
                    if (null != iv) {
                        System.arraycopy(encrypt, 4080, iv, 0, 16);
                    }
                    System.arraycopy(encrypt, 0, bArr4, i3, bArr5.length);
                    byte[] bArr6 = new byte[bArr3.length - 4096];
                    System.arraycopy(bArr3, 4096, bArr6, 0, bArr6.length);
                    bArr3 = bArr6;
                    i3 += 4096;
                }
                System.arraycopy(this.sdfSDK.encrypt(this.phKeyHandle, this.sdfBlockCipherKeyParameters.getSdfAlgIdBlockCipher(), iv, bArr3), 0, bArr4, i3, bArr3.length);
                return bArr4;
            }
            int i4 = 0;
            byte[] bArr7 = new byte[bArr.length];
            while (bArr.length > 4096) {
                byte[] bArr8 = new byte[4096];
                System.arraycopy(bArr, 0, bArr8, 0, 4096);
                byte[] decrypt = this.sdfSDK.decrypt(this.phKeyHandle, this.sdfBlockCipherKeyParameters.getSdfAlgIdBlockCipher(), iv, bArr8);
                if (null != iv) {
                    System.arraycopy(bArr8, 4080, iv, 0, 16);
                }
                GMSSLByteArrayUtils.printHexBinary(this.logger, "iv", iv);
                System.arraycopy(decrypt, 0, bArr7, i4, decrypt.length);
                byte[] bArr9 = new byte[bArr.length - 4096];
                System.arraycopy(bArr, 4096, bArr9, 0, bArr9.length);
                bArr = bArr9;
                i4 += 4096;
            }
            System.arraycopy(this.sdfSDK.decrypt(this.phKeyHandle, this.sdfBlockCipherKeyParameters.getSdfAlgIdBlockCipher(), iv, bArr), 0, bArr7, i4, bArr.length);
            byte b2 = bArr7[bArr7.length - 1];
            switch (this.sdfBlockCipherKeyParameters.getPaddingType()) {
                case PKCS5Padding:
                case PKCS7Padding:
                    int i5 = b2 & 255;
                    if (i5 < 1 || i5 > 16) {
                        release();
                        throw new DataLengthException("decrypt error, padding is " + i5);
                    }
                    bArr2 = new byte[bArr7.length - i5];
                    break;
                case SSL3Padding:
                    int i6 = b2 & 255;
                    if (i6 < 0 || i6 > 15) {
                        release();
                        throw new DataLengthException("decrypt error, padding is " + i6);
                    }
                    bArr2 = new byte[bArr7.length - (i6 + 1)];
                    break;
                default:
                    bArr2 = new byte[bArr7.length];
                    break;
            }
            System.arraycopy(bArr7, 0, bArr2, 0, bArr2.length);
            return bArr2;
        } catch (SdfSDKException e) {
            this.logger.error("processBlock", (Throwable) e);
            throw new IllegalStateException(e.getMessage());
        }
    }

    public void reset() {
    }

    public void release() throws SdfSDKException {
        if (this.sdfSDK == null || this.phKeyHandle == null) {
            return;
        }
        this.sdfSDK.destroyKey(this.phKeyHandle);
        this.sdfSDK.release();
    }
}
