package org.bouncycastle.tls.crypto.impl.bc;

import com.xdja.pki.gmssl.core.utils.GMSSLByteArrayUtils;
import com.xdja.pki.gmssl.crypto.sdf.SdfCryptoType;
import com.xdja.pki.gmssl.crypto.sdf.SdfECKeyParameters;
import com.xdja.pki.gmssl.crypto.sdf.SdfRandom;
import com.xdja.pki.gmssl.crypto.sdf.SdfSM2Engine;
import com.xdja.pki.gmssl.crypto.sdf.SdfSM3Digest;
import com.xdja.pki.gmssl.crypto.sdf.SdfSM4Engine;
import com.xdja.pki.gmssl.sdf.SdfSDKException;
import java.io.IOException;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.crypto.BlockCipher;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SM3Digest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.tls.EncryptionAlgorithm;
import org.bouncycastle.tls.HashAlgorithm;
import org.bouncycastle.tls.NamedGroup;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.SignatureAndHashAlgorithm;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.TlsUtils;
import org.bouncycastle.tls.crypto.TlsCertificate;
import org.bouncycastle.tls.crypto.TlsCipher;
import org.bouncycastle.tls.crypto.TlsCryptoParameters;
import org.bouncycastle.tls.crypto.TlsDHConfig;
import org.bouncycastle.tls.crypto.TlsDHDomain;
import org.bouncycastle.tls.crypto.TlsECConfig;
import org.bouncycastle.tls.crypto.TlsECDomain;
import org.bouncycastle.tls.crypto.TlsHMAC;
import org.bouncycastle.tls.crypto.TlsHash;
import org.bouncycastle.tls.crypto.TlsNonceGenerator;
import org.bouncycastle.tls.crypto.TlsSRP6Client;
import org.bouncycastle.tls.crypto.TlsSRP6Server;
import org.bouncycastle.tls.crypto.TlsSRP6VerifierGenerator;
import org.bouncycastle.tls.crypto.TlsSRPConfig;
import org.bouncycastle.tls.crypto.TlsSecret;
import org.bouncycastle.tls.crypto.impl.AbstractTlsCrypto;
import org.bouncycastle.tls.crypto.impl.TlsBlockCipher;
import org.bouncycastle.tls.crypto.impl.TlsBlockCipherImpl;
import org.bouncycastle.tls.crypto.impl.TlsEncryptor;
import org.bouncycastle.util.Arrays;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/bouncycastle/tls/crypto/impl/bc/BcTlsCryptoSdf.class */
public class BcTlsCryptoSdf extends AbstractTlsCrypto {
    private static Logger logger = LoggerFactory.getLogger(BcTlsCryptoSdf.class.getName());
    private final SdfCryptoType sdfCryptoType;

    /* loaded from: input_file:org/bouncycastle/tls/crypto/impl/bc/BcTlsCryptoSdf$BcTlsHash.class */
    public static class BcTlsHash implements TlsHash {
        private final short hashAlgorithm;
        private final Digest digest;

        BcTlsHash(short s, Digest digest) {
            this.hashAlgorithm = s;
            this.digest = digest;
        }

        @Override // org.bouncycastle.tls.crypto.TlsHash
        public void update(byte[] bArr, int i, int i2) {
            this.digest.update(bArr, i, i2);
        }

        @Override // org.bouncycastle.tls.crypto.TlsHash
        public byte[] calculateHash() {
            byte[] bArr = new byte[this.digest.getDigestSize()];
            this.digest.doFinal(bArr, 0);
            return bArr;
        }

        @Override // org.bouncycastle.tls.crypto.TlsHash
        public Object clone() {
            return new BcTlsHash(this.hashAlgorithm, BcTlsCryptoSdf.cloneDigest(this.hashAlgorithm, this.digest));
        }

        @Override // org.bouncycastle.tls.crypto.TlsHash
        public void reset() {
            this.digest.reset();
        }

        public void releaseConnection() {
            if (this.digest instanceof SdfSM3Digest) {
                this.digest.releaseConnection();
            }
        }
    }

    /* loaded from: input_file:org/bouncycastle/tls/crypto/impl/bc/BcTlsCryptoSdf$BlockOperator.class */
    public class BlockOperator implements TlsBlockCipherImpl {
        private final boolean isEncrypting;
        private final BlockCipher cipher;
        private KeyParameter key;

        BlockOperator(BlockCipher blockCipher, boolean z) {
            this.cipher = blockCipher;
            this.isEncrypting = z;
        }

        @Override // org.bouncycastle.tls.crypto.impl.TlsBlockCipherImpl
        public void setKey(byte[] bArr, int i, int i2) {
            this.key = new KeyParameter(bArr, i, i2);
            this.cipher.init(this.isEncrypting, this.key);
        }

        @Override // org.bouncycastle.tls.crypto.impl.TlsBlockCipherImpl
        public void init(byte[] bArr, int i, int i2) {
            this.cipher.init(this.isEncrypting, new ParametersWithIV((CipherParameters) null, bArr, i, i2));
        }

        @Override // org.bouncycastle.tls.crypto.impl.TlsBlockCipherImpl
        public int doFinal(byte[] bArr, int i, int i2, byte[] bArr2, int i3) {
            int blockSize = this.cipher.getBlockSize();
            int i4 = 0;
            while (true) {
                int i5 = i4;
                if (i5 >= i2) {
                    return i2;
                }
                this.cipher.processBlock(bArr, i + i5, bArr2, i3 + i5);
                i4 = i5 + blockSize;
            }
        }

        @Override // org.bouncycastle.tls.crypto.impl.TlsBlockCipherImpl
        public int getBlockSize() {
            return this.cipher.getBlockSize();
        }

        public void releaseConnection() {
            if (this.cipher instanceof CBCBlockCipherSdf) {
                ((CBCBlockCipherSdf) this.cipher).releaseConnection();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/bouncycastle/tls/crypto/impl/bc/BcTlsCryptoSdf$HMacOperator.class */
    public class HMacOperator implements TlsHMAC {
        private final HMac hmac = new HMac(new SM3Digest());

        HMacOperator(Digest digest) {
        }

        @Override // org.bouncycastle.tls.crypto.TlsMAC
        public void setKey(byte[] bArr, int i, int i2) {
            this.hmac.init(new KeyParameter(bArr, i, i2));
        }

        @Override // org.bouncycastle.tls.crypto.TlsMAC
        public void update(byte[] bArr, int i, int i2) {
            this.hmac.update(bArr, i, i2);
        }

        @Override // org.bouncycastle.tls.crypto.TlsMAC
        public byte[] calculateMAC() {
            byte[] bArr = new byte[this.hmac.getMacSize()];
            this.hmac.doFinal(bArr, 0);
            return bArr;
        }

        @Override // org.bouncycastle.tls.crypto.TlsHMAC
        public int getInternalBlockSize() {
            return this.hmac.getUnderlyingDigest().getByteLength();
        }

        @Override // org.bouncycastle.tls.crypto.TlsMAC
        public int getMacLength() {
            return this.hmac.getMacSize();
        }

        @Override // org.bouncycastle.tls.crypto.TlsMAC
        public void reset() {
            this.hmac.reset();
        }
    }

    public BcTlsCryptoSdf(SdfCryptoType sdfCryptoType) {
        this.sdfCryptoType = sdfCryptoType;
    }

    public SdfCryptoType getSdfCryptoType() {
        return this.sdfCryptoType;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BcTlsSecretSdf adoptLocalSecret(byte[] bArr) {
        return new BcTlsSecretSdf(this, bArr);
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public SecureRandom getSecureRandom() {
        try {
            return new SdfRandom(this.sdfCryptoType);
        } catch (SdfSDKException e) {
            logger.error("getSecureRandom new sdf random error", e);
            throw new IllegalStateException("unable to create SdfRandom: " + e.getMessage(), e);
        }
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsCertificate createCertificate(byte[] bArr) throws IOException {
        return new BcTlsCertificateSdf(this, bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.crypto.impl.AbstractTlsCrypto
    public TlsCipher createCipher(TlsCryptoParameters tlsCryptoParameters, int i, int i2) throws IOException {
        switch (i) {
            case EncryptionAlgorithm.SM4_128_CBC /* 1008 */:
                return createSM4Cipher(tlsCryptoParameters, 16, i2);
            default:
                throw new TlsFatalAlert((short) 80);
        }
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsDHDomain createDHDomain(TlsDHConfig tlsDHConfig) {
        return null;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsECDomain createECDomain(TlsECConfig tlsECConfig) {
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.crypto.impl.AbstractTlsCrypto
    public TlsEncryptor createEncryptor(TlsCertificate tlsCertificate) throws IOException {
        BcTlsCertificateSdf convert = BcTlsCertificateSdf.convert(this, tlsCertificate);
        convert.validateKeyUsage(32);
        final AsymmetricKeyParameter publicKey = convert.getPublicKey();
        if (publicKey instanceof SdfECKeyParameters) {
            return new TlsEncryptor() { // from class: org.bouncycastle.tls.crypto.impl.bc.BcTlsCryptoSdf.1
                @Override // org.bouncycastle.tls.crypto.impl.TlsEncryptor
                public byte[] encrypt(byte[] bArr, int i, int i2) throws IOException {
                    try {
                        SdfSM2Engine sdfSM2Engine = new SdfSM2Engine(BcTlsCryptoSdf.this.sdfCryptoType);
                        sdfSM2Engine.init(true, publicKey);
                        byte[] encryptASN1 = sdfSM2Engine.encryptASN1(bArr);
                        sdfSM2Engine.release();
                        return encryptASN1;
                    } catch (SdfSDKException e) {
                        throw new IOException((Throwable) e);
                    }
                }
            };
        }
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsNonceGenerator createNonceGenerator(byte[] bArr) {
        return new TlsNonceGenerator() { // from class: org.bouncycastle.tls.crypto.impl.bc.BcTlsCryptoSdf.2
            @Override // org.bouncycastle.tls.crypto.TlsNonceGenerator
            public byte[] generateNonce(int i) {
                byte[] bArr2 = new byte[i];
                BcTlsCryptoSdf.this.getSecureRandom().nextBytes(bArr2);
                return bArr2;
            }
        };
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasAllRawSignatureAlgorithms() {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasDHAgreement() {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasECDHAgreement() {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasEncryptionAlgorithm(int i) {
        switch (i) {
            case EncryptionAlgorithm.SM4_128_CBC /* 1008 */:
                return true;
            default:
                return false;
        }
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasHashAlgorithm(short s) {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasMacAlgorithm(int i) {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasNamedGroup(int i) {
        return NamedGroup.refersToASpecificGroup(i);
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasRSAEncryption() {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasSignatureAlgorithm(int i) {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasSignatureAndHashAlgorithm(SignatureAndHashAlgorithm signatureAndHashAlgorithm) {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public boolean hasSRPAuthentication() {
        return true;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsSecret createSecret(byte[] bArr) {
        return adoptLocalSecret(Arrays.clone(bArr));
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsSecret generatePreMasterSecret(ProtocolVersion protocolVersion) {
        byte[] bArr = new byte[48];
        getSecureRandom().nextBytes(bArr);
        TlsUtils.writeVersion(protocolVersion, bArr, 0);
        GMSSLByteArrayUtils.printHexBinary(logger, "generate pre master secret", bArr);
        return adoptLocalSecret(bArr);
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public Digest createDigest(short s) {
        switch (s) {
            case 7:
                try {
                    return new SdfSM3Digest(this.sdfCryptoType);
                } catch (SdfSDKException e) {
                    throw new IllegalArgumentException((Throwable) e);
                }
            default:
                throw new IllegalArgumentException("unknown HashAlgorithm: " + HashAlgorithm.getText(s));
        }
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsHash createHash(short s) {
        return new BcTlsHash(s, createDigest(s));
    }

    public static Digest cloneDigest(short s, Digest digest) {
        switch (s) {
            case 7:
                try {
                    return new SdfSM3Digest((SdfSM3Digest) digest);
                } catch (SdfSDKException e) {
                    throw new IllegalArgumentException((Throwable) e);
                }
            default:
                throw new IllegalArgumentException("unknown HashAlgorithm: " + HashAlgorithm.getText(s));
        }
    }

    protected TlsCipher createSM4Cipher(TlsCryptoParameters tlsCryptoParameters, int i, int i2) throws IOException {
        return new TlsBlockCipher(this, tlsCryptoParameters, new BlockOperator(createSM4BlockCipher(), true), new BlockOperator(createSM4BlockCipher(), false), createHMAC(i2), createHMAC(i2), i);
    }

    protected BlockCipher createSM4Engine() {
        try {
            return new SdfSM4Engine(this.sdfCryptoType);
        } catch (SdfSDKException e) {
            throw new IllegalArgumentException((Throwable) e);
        }
    }

    protected BlockCipher createSM4BlockCipher() {
        return new CBCBlockCipherSdf(createSM4Engine());
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsHMAC createHMAC(int i) {
        return new HMacOperator(createDigest(TlsUtils.getHashAlgorithmForHMACAlgorithm(i)));
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsSRP6Client createSRP6Client(TlsSRPConfig tlsSRPConfig) {
        return null;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsSRP6Server createSRP6Server(TlsSRPConfig tlsSRPConfig, BigInteger bigInteger) {
        return null;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCrypto
    public TlsSRP6VerifierGenerator createSRP6VerifierGenerator(TlsSRPConfig tlsSRPConfig) {
        return null;
    }
}
