package cfca.sadk.util;

import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.MechanismKit;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.sm2.SM3Digest;
import cfca.sadk.algorithm.util.SymmetricHelper;
import cfca.sadk.org.bouncycastle.util.encoders.Hex;
import cfca.sadk.system.Environments;
import java.io.InputStream;
import java.io.OutputStream;

/* loaded from: input_file:cfca/sadk/util/SM4Helper.class */
final class SM4Helper {

    /* loaded from: input_file:cfca/sadk/util/SM4Helper$IvSM4Key.class */
    static final class IvSM4Key {
        final byte[] iv16Bytes;
        final byte[] k16Bytes;

        /* JADX INFO: Access modifiers changed from: package-private */
        public IvSM4Key(String str) throws PKIException {
            if (str == null) {
                throw new PKIException("SM4PBEKDF password required not null!");
            }
            try {
                byte[] SM3KDF = SM3KDF(str.getBytes("UTF8"));
                byte[] bArr = new byte[16];
                byte[] bArr2 = new byte[16];
                System.arraycopy(SM3KDF, 0, bArr, 0, 16);
                System.arraycopy(SM3KDF, 16, bArr2, 0, 16);
                this.iv16Bytes = bArr;
                this.k16Bytes = bArr2;
            } catch (Exception e) {
                throw new PKIException("SM4PBEKDF failed", e);
            }
        }

        IvSM4Key(byte[] bArr, byte[] bArr2) throws PKIException {
            if (bArr == null || bArr.length != 16) {
                throw new PKIException("IvSM4Key required iv16Bytes length=16");
            }
            if (bArr2 == null || bArr2.length != 16) {
                throw new PKIException("IvSM4Key required k16Bytes length=16");
            }
            this.iv16Bytes = bArr;
            this.k16Bytes = bArr2;
        }

        public String toString() {
            return "IvSM4Key [iv16Bytes=" + Hex.toHexString(this.iv16Bytes) + ", k16Bytes=" + Hex.toHexString(this.k16Bytes) + "]";
        }

        static final byte[] SM3KDF(byte[] bArr) throws PKIException {
            if (bArr == null) {
                throw new PKIException("SM3KDF data required not null!");
            }
            byte[] bArr2 = {0, 0, 0, 1};
            SM3Digest sM3Digest = new SM3Digest();
            sM3Digest.update(bArr, 0, bArr.length);
            sM3Digest.update(bArr2, 0, bArr2.length);
            byte[] bArr3 = new byte[32];
            sM3Digest.doFinal(bArr3, 0);
            return bArr3;
        }
    }

    private SM4Helper() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final boolean encrypt(byte[] bArr, byte[] bArr2, InputStream inputStream, OutputStream outputStream) throws PKIException {
        return SM4CBCEncrypt(true, bArr, bArr2, inputStream, outputStream);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final boolean decrypt(byte[] bArr, byte[] bArr2, InputStream inputStream, OutputStream outputStream) throws PKIException {
        return SM4CBCEncrypt(false, bArr, bArr2, inputStream, outputStream);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final byte[] encrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        try {
            return Base64.encode(SM4CBCEncrypt(true, bArr, bArr2, bArr3));
        } catch (Exception e) {
            throw new PKIException("SM4CBCEncrypt/Decrypt encryptData encodedBase54 failed!", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final byte[] decrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        try {
            return SM4CBCEncrypt(false, bArr, bArr2, Base64.decode(bArr3));
        } catch (Exception e) {
            throw new PKIException("SM4CBCEncrypt/Decrypt encryptData decodedBase54 failed!", e);
        }
    }

    private static final boolean SM4CBCEncrypt(boolean z, byte[] bArr, byte[] bArr2, InputStream inputStream, OutputStream outputStream) throws PKIException {
        check(bArr, bArr2);
        if (inputStream == null) {
            throw new PKIException("SM4CBCEncrypt/Decrypt inputStream required not null!");
        }
        if (outputStream == null) {
            throw new PKIException("SM4CBCEncrypt/Decrypt outputStream required not null!");
        }
        Mechanism mechanism = new Mechanism(MechanismKit.SM4_CBC, bArr2);
        return z ? SymmetricHelper.fileEncrypt(false, mechanism, bArr, inputStream, outputStream) : SymmetricHelper.fileDecrypt(false, mechanism, bArr, inputStream, outputStream);
    }

    private static final byte[] SM4CBCEncrypt(boolean z, byte[] bArr, byte[] bArr2, byte[] bArr3) throws PKIException {
        check(bArr, bArr2);
        if (bArr3 == null) {
            throw new PKIException("SM4CBCEncrypt/Decrypt data required not null!");
        }
        Mechanism mechanism = new Mechanism(MechanismKit.SM4_CBC, bArr2);
        return z ? SymmetricHelper.dataEncrypt(false, mechanism, bArr, bArr3) : SymmetricHelper.dataDecrypt(false, mechanism, bArr, bArr3);
    }

    private static void check(byte[] bArr, byte[] bArr2) throws PKIException {
        if (bArr == null || bArr.length != 16) {
            throw new PKIException("SM4CBCEncrypt/Decrypt k16Bytes required 16 bytes!");
        }
        if (bArr2 == null || bArr2.length != 16) {
            throw new PKIException("SM4CBCEncrypt/Decrypt iv16Bytes required 16 bytes!");
        }
    }

    static {
        Environments.environments();
    }
}
