package com.icbc.hsm.software.apiLib;

import com.icbc.hsm.software.basic.AsymmetricCipher;
import com.icbc.hsm.software.basic.HsmKeyParameter;
import com.icbc.hsm.software.basic.PBEkeyGenerate;
import com.icbc.hsm.software.basic.Rules;
import com.icbc.hsm.software.basic.SymmetricCipher;
import com.icbc.hsm.software.config.IcbcEnvironment;
import com.icbc.hsm.software.exception.ParmErrorException;
import com.icbc.hsm.software.parms.ClearKeyParameter;
import com.icbc.hsm.software.parms.icbc.TempKeyBuilder;
import com.icbc.hsm.utils.AlgorithmConstants;
import com.icbc.hsm.utils.encoders.Hex;
import java.security.SecureRandom;

/* loaded from: input_file:BOOT-INF/lib/hsm-software-share-0.0.3-SNAPSHOT.jar:com/icbc/hsm/software/apiLib/Cipher.class */
public class Cipher {
    private static final String apiName = "cipher";
    private String algorithm;
    private String chainMode;
    private String padMode;
    private byte[] iv;

    /* loaded from: input_file:BOOT-INF/lib/hsm-software-share-0.0.3-SNAPSHOT.jar:com/icbc/hsm/software/apiLib/Cipher$SealedPackage.class */
    public class SealedPackage {
        private byte[] encryptedKey;
        private byte[] encryptedData;
        private String cipherParameters;

        SealedPackage(byte[] bArr, byte[] bArr2, String str) {
            this.encryptedKey = null;
            this.encryptedData = null;
            this.cipherParameters = null;
            this.encryptedKey = bArr;
            this.encryptedData = bArr2;
            this.cipherParameters = str;
        }

        public byte[] getEncryptedKey() {
            return this.encryptedKey;
        }

        public byte[] getEncryptedData() {
            return this.encryptedData;
        }

        public String getCipherParameters() {
            return this.cipherParameters;
        }
    }

    private Cipher(String str, String str2, String str3, byte[] bArr) {
        this.algorithm = null;
        this.chainMode = null;
        this.padMode = null;
        this.iv = null;
        this.algorithm = str;
        this.chainMode = str2;
        this.padMode = str3;
        if (bArr != null) {
            this.iv = new byte[bArr.length];
            System.arraycopy(bArr, 0, this.iv, 0, bArr.length);
        }
    }

    public static Cipher getInstance(String str) {
        return ("SM2".equalsIgnoreCase(str) || "RSA".equalsIgnoreCase(str) || "RSA-OAEP".equalsIgnoreCase(str)) ? new Cipher(str, null, null, (byte[]) null) : getInstance(str, "CBC", "PKCS5PADDING", null);
    }

    public static Cipher getInstance(String str, String str2, String str3) {
        return getInstance(str, str2, str3, null);
    }

    public static Cipher getInstance(String str, String str2, String str3, byte[] bArr) {
        return new Cipher(str, str2, str3, bArr);
    }

    public byte[] encipher(HsmKeyParameter hsmKeyParameter, byte[] bArr) throws Exception {
        return cipher(hsmKeyParameter, bArr, true);
    }

    public byte[] decipher(HsmKeyParameter hsmKeyParameter, byte[] bArr) throws Exception {
        return cipher(hsmKeyParameter, bArr, false);
    }

    private byte[] cipher(HsmKeyParameter hsmKeyParameter, byte[] bArr, boolean z) throws Exception {
        if (Rules.parmCheck(this.algorithm, hsmKeyParameter, apiName)) {
            return SymmetricCipher.blockCipher(this.algorithm, this.chainMode, this.padMode, z, hsmKeyParameter, this.iv, bArr);
        }
        throw new ParmErrorException("key type error!");
    }

    public SealedPackage seal(HsmKeyParameter hsmKeyParameter, byte[] bArr, String str) throws Exception {
        int i = 0;
        if (AlgorithmConstants.DES.equalsIgnoreCase(this.algorithm)) {
            i = 8;
        } else if (AlgorithmConstants.DESede.equalsIgnoreCase(this.algorithm)) {
            i = 24;
        } else if ("AES".equalsIgnoreCase(this.algorithm)) {
            i = 32;
        } else if ("SM4".equalsIgnoreCase(this.algorithm)) {
            i = 16;
        }
        byte[] generateRandom = generateRandom(i);
        byte[] bArr2 = null;
        if ("RSA".equalsIgnoreCase(hsmKeyParameter.getAlgorithm())) {
            if (str == null) {
                str = "PKCS1PADDING";
            }
            bArr2 = AsymmetricCipher.encipher(str, true, hsmKeyParameter, generateRandom);
        }
        if ("SM2".equalsIgnoreCase(hsmKeyParameter.getAlgorithm())) {
            if (str == null) {
                str = "SM2";
            }
            bArr2 = AsymmetricCipher.encipher(str, true, hsmKeyParameter, generateRandom);
        }
        return new SealedPackage(bArr2, SymmetricCipher.blockCipher(this.algorithm, this.chainMode, this.padMode, true, IcbcEnvironment.isICBCEnvironment() ? TempKeyBuilder.LoadKey(this.algorithm, false, generateRandom) : ClearKeyParameter.getInstance(this.algorithm, false, generateRandom), this.iv, bArr), str + ";" + this.algorithm + "/" + this.chainMode + "/" + this.padMode);
    }

    public byte[] unseal(HsmKeyParameter hsmKeyParameter, byte[] bArr, byte[] bArr2, String str) throws Exception {
        byte[] encipher = AsymmetricCipher.encipher(str, false, hsmKeyParameter, bArr);
        return cipher(IcbcEnvironment.isICBCEnvironment() ? TempKeyBuilder.LoadKey(this.algorithm, false, encipher) : ClearKeyParameter.getInstance(this.algorithm, false, encipher), bArr2, false);
    }

    private byte[] generateRandom(int i) throws Exception {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[20];
        secureRandom.nextBytes(bArr);
        byte[] bArr2 = new byte[32];
        secureRandom.nextBytes(bArr2);
        return PBEkeyGenerate.generatePBEKey("PBKDF2", AlgorithmConstants.SM3, null, i, bArr, bArr2, 16);
    }

    public String getParameter() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("algorithm: ").append(this.algorithm).append("; ");
        stringBuffer.append("chainMode: ").append(this.chainMode).append("; ");
        stringBuffer.append("padMode: ").append(this.padMode).append("; ");
        stringBuffer.append("iv: ").append(this.iv == null ? "null" : Hex.toHexString(this.iv));
        return stringBuffer.toString();
    }
}
