package koal.security.gb;

import com.koal.security.util.EasyBytes;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.ECField;
import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.util.Arrays;
import koal.security.ec.KoalEcPrivateKey;
import koal.security.ec.KoalEcPublicKey;
import koal.security.ec.asn1.x962.X9Converter;
import koal.security.ec.math.ECConstants;
import koal.security.gb.math.Sm2FpMultiplier;
import koal.security.gb.sm3.Sm3DigestHS;

/* loaded from: input_file:koal/security/gb/Sm2Cipher.class */
public class Sm2Cipher implements ECConstants {
    private static boolean traceEnable = false;
    public static final int V = 256;
    public static final int bV = 32;
    Sm3DigestHS sm3 = new Sm3DigestHS();
    SecureRandom random = new SecureRandom();
    Sm2FpMultiplier fm = new Sm2FpMultiplier();

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v23, types: [byte[], byte[][]] */
    public byte[] KDF(byte[] bArr, int i) {
        byte[] bArr2;
        int i2 = 1;
        byte[] intTo4Bytes = intTo4Bytes(1);
        int ceil = (int) Math.ceil(i / 256.0d);
        byte[][] bArr3 = new byte[ceil][32];
        for (int i3 = 1; i3 <= ceil; i3++) {
            byte[] join = join(new byte[]{bArr, intTo4Bytes});
            this.sm3.init();
            this.sm3.update(join);
            bArr3[i3 - 1] = this.sm3.dofinal();
            i2++;
            intTo4Bytes = intTo4Bytes(i2);
        }
        trace("Ha[num - 1]", bArr3[ceil - 1]);
        if (i / 256 == ceil) {
            bArr2 = bArr3[ceil - 1];
        } else {
            int ceil2 = (int) Math.ceil((i - (256 * ((int) Math.floor(i / 256)))) / 8.0d);
            bArr2 = new byte[ceil2];
            System.arraycopy(bArr3[ceil - 1], 0, bArr2, 0, ceil2);
        }
        byte[][] bArr4 = new byte[ceil][32];
        for (int i4 = 0; i4 < ceil - 1; i4++) {
            bArr4[i4] = bArr3[i4];
        }
        bArr4[ceil - 1] = bArr2;
        return join(bArr4);
    }

    protected byte[] intTo4Bytes(int i) {
        byte[] bArr = new byte[4];
        for (int i2 = 0; i2 < 4; i2++) {
            bArr[i2] = (byte) (i >> (24 - (i2 * 8)));
        }
        return bArr;
    }

    protected byte[] join(byte[]... bArr) {
        int i = 0;
        for (byte[] bArr2 : bArr) {
            if (bArr2 != null) {
                i += bArr2.length;
            }
        }
        if (i <= 0) {
            return null;
        }
        byte[] bArr3 = new byte[i];
        int i2 = 0;
        for (byte[] bArr4 : bArr) {
            if (bArr4 != null) {
                System.arraycopy(bArr4, 0, bArr3, i2, bArr4.length);
                i2 += bArr4.length;
            }
        }
        return bArr3;
    }

    public Sm2CipherResult encrypt(PublicKey publicKey, byte[] bArr) throws Exception {
        return encrypt(publicKey, bArr, null);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v17, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v36, types: [byte[], byte[][]] */
    public Sm2CipherResult encrypt(PublicKey publicKey, byte[] bArr, BigInteger bigInteger) throws Exception {
        KoalEcPublicKey createInstance;
        byte[] encodePoint;
        byte[] integerToBytes;
        byte[] integerToBytes2;
        byte[] KDF;
        if (publicKey instanceof KoalEcPrivateKey) {
            createInstance = (KoalEcPublicKey) publicKey;
        } else {
            try {
                createInstance = KoalEcPublicKey.createInstance(publicKey.getEncoded());
            } catch (Exception e) {
                e.printStackTrace();
                throw new Exception("传入的不是SM2公钥，无法进行SM2的公钥加密运算", e);
            }
        }
        ECParameterSpec params = createInstance.getParams();
        int byteLength = X9Converter.getByteLength(params.getCurve().getField());
        BigInteger order = params.getOrder();
        trace("椭圆曲线基点的阶:params.getOrder()", order.toByteArray());
        boolean z = true;
        do {
            BigInteger bigInteger2 = bigInteger;
            if (bigInteger2 == null) {
                int bitLength = order.bitLength();
                while (true) {
                    bigInteger2 = new BigInteger(bitLength, this.random);
                    if (!bigInteger2.equals(ZERO) && bigInteger2.compareTo(params.getOrder()) <= -1) {
                        break;
                    }
                }
            }
            if (traceEnable) {
                trace("随机数k", X9Converter.integerToBytes(bigInteger2, byteLength));
            }
            encodePoint = X9Converter.encodePoint(((ECFieldFp) params.getCurve().getField()).getP(), this.fm.multiply(params.getGenerator(), bigInteger2, params), false);
            trace("椭圆曲线点C1=[k]G=(x1,y1)", encodePoint);
            if (ECPoint.POINT_INFINITY.equals(this.fm.multiply(createInstance.getW(), BigInteger.valueOf(params.getCofactor()), params))) {
                throw new RuntimeException("S是无穷远点，无法进行计算");
            }
            ECPoint multiply = this.fm.multiply(createInstance.getW(), bigInteger2, params);
            integerToBytes = X9Converter.integerToBytes(multiply.getAffineX(), byteLength);
            integerToBytes2 = X9Converter.integerToBytes(multiply.getAffineY(), byteLength);
            trace("椭圆曲线点[k]PB=(x2,y2):bytesP2X", integerToBytes);
            trace("椭圆曲线点[k]PB=(x2,y2):bytesP2Y", integerToBytes2);
            byte[] join = join(new byte[]{integerToBytes, integerToBytes2});
            byte[] bArr2 = new byte[join.length + 4];
            System.arraycopy(join, 0, bArr2, 0, join.length);
            bArr2[join.length + 3] = 1;
            this.sm3.init();
            this.sm3.update(bArr2);
            trace("Sm3", this.sm3.dofinal());
            KDF = KDF(join, bArr.length * 8);
            int length = KDF.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (KDF[i] != 0) {
                    z = false;
                    break;
                }
                i++;
            }
        } while (z);
        if (KDF == null || KDF.length != bArr.length) {
            throw new Exception("KDF计算出的值不正确");
        }
        trace("t=KDF(x2 ∥ y2, klen)", KDF);
        byte[] bArr3 = new byte[bArr.length];
        for (int i2 = 0; i2 < bArr.length; i2++) {
            bArr3[i2] = (byte) (bArr[i2] ^ KDF[i2]);
        }
        trace("C2 = M XOR t:bytesC2", bArr3);
        byte[] join2 = join(new byte[]{integerToBytes, bArr, integerToBytes2});
        this.sm3.init();
        this.sm3.update(join2);
        byte[] dofinal = this.sm3.dofinal();
        trace("C3 = Hash(x2 ∥ M ∥ y2):bytesC3", dofinal);
        return new Sm2CipherResult(params.getCurve(), encodePoint, bArr3, dofinal);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v23, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v33, types: [byte[], byte[][]] */
    public byte[] decrypt(PrivateKey privateKey, Sm2CipherResult sm2CipherResult) throws Exception {
        KoalEcPrivateKey createInstance;
        if (privateKey == null || sm2CipherResult == null) {
            throw new Exception("SM2的私钥解密运算参数为空");
        }
        if (privateKey instanceof KoalEcPrivateKey) {
            createInstance = (KoalEcPrivateKey) privateKey;
        } else {
            try {
                createInstance = KoalEcPrivateKey.createInstance(privateKey.getEncoded());
            } catch (Exception e) {
                e.printStackTrace();
                throw new Exception("传入的不是SM2私钥，无法进行SM2的私钥解密运算", e);
            }
        }
        ECParameterSpec params = createInstance.getParams();
        ECField field = params.getCurve().getField();
        int byteLength = X9Converter.getByteLength(field);
        BigInteger p = ((ECFieldFp) params.getCurve().getField()).getP();
        byte[] c1 = sm2CipherResult.getC1();
        trace("bytesC1", c1);
        ECPoint decodePoint = X9Converter.decodePoint(field, c1);
        BigInteger affineX = decodePoint.getAffineX();
        BigInteger affineY = decodePoint.getAffineY();
        if (!affineY.multiply(affineY).mod(p).equals(affineX.multiply(affineX).multiply(affineX).add(affineX.multiply(params.getCurve().getA())).add(params.getCurve().getB()).mod(p))) {
            throw new Exception("C1中包含的值不在SM2曲线上");
        }
        if (ECPoint.POINT_INFINITY.equals(this.fm.multiply(decodePoint, BigInteger.valueOf(params.getCofactor()), params))) {
            throw new RuntimeException("S是无穷远点，无法进行计算");
        }
        ECPoint multiply = this.fm.multiply(decodePoint, createInstance.getS(), params);
        byte[] integerToBytes = X9Converter.integerToBytes(multiply.getAffineX(), byteLength);
        byte[] integerToBytes2 = X9Converter.integerToBytes(multiply.getAffineY(), byteLength);
        trace("bytesP2X", integerToBytes);
        trace("bytesP2Y", integerToBytes2);
        byte[] c2 = sm2CipherResult.getC2();
        int length = c2.length;
        boolean z = true;
        byte[] KDF = KDF(join(new byte[]{integerToBytes, integerToBytes2}), length * 8);
        int length2 = KDF.length;
        int i = 0;
        while (true) {
            if (i >= length2) {
                break;
            }
            if (KDF[i] != 0) {
                z = false;
                break;
            }
            i++;
        }
        if (z) {
            throw new Exception("KDF计算出的值全为0，无法运算");
        }
        if (KDF == null || KDF.length != length) {
            throw new Exception("KDF计算出的值不正确");
        }
        trace("t", KDF);
        byte[] bArr = new byte[length];
        for (int i2 = 0; i2 < length; i2++) {
            bArr[i2] = (byte) (c2[i2] ^ KDF[i2]);
        }
        trace("M1", bArr);
        byte[] join = join(new byte[]{integerToBytes, bArr, integerToBytes2});
        this.sm3.init();
        this.sm3.update(join);
        byte[] dofinal = this.sm3.dofinal();
        trace("bytesU", dofinal);
        if (Arrays.equals(dofinal, sm2CipherResult.getC3())) {
            return bArr;
        }
        throw new Exception("摘要比较结果不正确");
    }

    private void trace(String str, byte[] bArr) {
        if (traceEnable) {
            EasyBytes.hexDump(str, bArr);
        }
    }

    public static void setTraceEnable(boolean z) {
        traceEnable = z;
    }
}
