package cn.topca.sp.security.sm2;

import cn.topca.sp.jce.digest.SHA1Digest;
import cn.topca.sp.jce.digest.SHA256Digest;
import cn.topca.sp.jce.digest.SM3Digest;
import cn.topca.sp.util.KeyEncoderAndDecoder;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.ProviderException;
import java.security.SecureRandom;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import javax.crypto.CipherSpi;
import javax.crypto.ShortBufferException;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.math.ec.ECPoint;

/* loaded from: classes.dex */
public abstract class SM2Cipher extends CipherSpi {
    private static final byte[] B0 = new byte[0];
    public static int MAX_BUFFER_LEN = 10485760;
    public static int MIN_CIPHER_LEN = 96;
    private int bufOfs;
    private ECPoint c1;
    private byte[] c2;
    private byte[] c3;
    private Digest c3Digest;
    private ECPoint p2;
    private byte[] p2X;
    private byte[] p2Y;
    private BigInteger userD;
    private ECPoint userQ;
    protected int mode = 0;
    private int ct = 1;
    private byte[] key = null;
    private byte keyOff = 0;
    private ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
    private int maxInputSize = 0;
    private boolean initialized = false;

    /* loaded from: classes.dex */
    public class SHA1withSM2Cipher extends SM2Cipher {
        @Override // cn.topca.sp.security.sm2.SM2Cipher
        protected Digest getDigest() {
            return new SHA1Digest();
        }
    }

    /* loaded from: classes.dex */
    public class SHA256withSM2Cipher extends SM2Cipher {
        @Override // cn.topca.sp.security.sm2.SM2Cipher
        protected Digest getDigest() {
            return new SHA256Digest();
        }
    }

    /* loaded from: classes.dex */
    public class SM3withSM2Cipher extends SM2Cipher {
        @Override // cn.topca.sp.security.sm2.SM2Cipher
        protected Digest getDigest() {
            return new SM3Digest();
        }
    }

    protected SM2Cipher() {
    }

    private void decode(byte[] bArr) {
        ASN1Sequence dERSequence = DERSequence.getInstance(bArr);
        DERInteger dERInteger = (DERInteger) dERSequence.getObjectAt(0);
        DERInteger dERInteger2 = (DERInteger) dERSequence.getObjectAt(1);
        DEROctetString dEROctetString = (DEROctetString) dERSequence.getObjectAt(2);
        DEROctetString dEROctetString2 = (DEROctetString) dERSequence.getObjectAt(3);
        this.c1 = SM2ParamUtil.buildSM2Point(dERInteger.getPositiveValue(), dERInteger2.getPositiveValue());
        this.c2 = (byte[]) dEROctetString2.getOctets().clone();
        this.c3 = dEROctetString.getOctets();
    }

    private byte[] decrypt(byte[] bArr, int i, int i2) {
        if (i == 0 && i2 == bArr.length) {
            decode(bArr);
        } else {
            decode(Arrays.copyOfRange(bArr, i, i2 + i));
        }
        this.p2 = this.c1.multiply(this.userD);
        this.p2X = stripLeadingZeroBytes(this.p2.getX().toBigInteger().toByteArray());
        this.p2Y = stripLeadingZeroBytes(this.p2.getY().toBigInteger().toByteArray());
        reset();
        byte[] processUpdate = processUpdate(this.c2, 0, this.c2.length);
        if (Arrays.equals(this.c3, processFinal())) {
            return processUpdate;
        }
        throw new IllegalStateException("the c3 part of the encrypted data mismatch,maybe the data was modified");
    }

    private byte[] encode() {
        DERInteger dERInteger = new DERInteger(this.c1.getX().toBigInteger());
        DERInteger dERInteger2 = new DERInteger(this.c1.getY().toBigInteger());
        DEROctetString dEROctetString = new DEROctetString(this.c2);
        DEROctetString dEROctetString2 = new DEROctetString(this.c3);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(dERInteger);
        aSN1EncodableVector.add(dERInteger2);
        aSN1EncodableVector.add(dEROctetString2);
        aSN1EncodableVector.add(dEROctetString);
        return new DERSequence(aSN1EncodableVector).getDEREncoded();
    }

    private byte[] encrypt(byte[] bArr, int i, int i2) {
        while (true) {
            BigInteger bigInteger = new BigInteger(256, new SecureRandom());
            if (bigInteger.compareTo(SM2ParamUtil.ZERO) > 0 && bigInteger.compareTo(SM2ParamUtil.ecc_n) < 0) {
                this.c1 = SM2ParamUtil.ecc_G.multiply(bigInteger);
                this.p2 = this.userQ.multiply(bigInteger);
                this.p2X = stripLeadingZeroBytes(this.p2.getX().toBigInteger().toByteArray());
                this.p2Y = stripLeadingZeroBytes(this.p2.getY().toBigInteger().toByteArray());
                reset();
                this.c2 = processUpdate(bArr, i, i2);
                this.c3 = processFinal();
                return encode();
            }
        }
    }

    private void ensureInitialized() {
        if (this.mode == 0) {
            throw new ProviderException("Cipher uninitialized");
        }
        if (this.initialized) {
            return;
        }
        initialize();
    }

    private void implUpdate(byte[] bArr, int i, int i2) {
        ensureInitialized();
        if (i2 == 0 || bArr == null) {
            return;
        }
        if (this.bufOfs + i2 <= this.maxInputSize) {
            this.outputStream.write(bArr, i, i2);
            this.bufOfs += i2;
        } else {
            throw new ProviderException("Data must not be longer than " + this.maxInputSize + " bytes");
        }
    }

    private void initialize() {
        this.c3Digest = getDigest();
        this.key = new byte[this.c3Digest.getDigestSize()];
        this.ct = 1;
        this.keyOff = (byte) 0;
        this.outputStream.reset();
        this.bufOfs = 0;
        this.initialized = true;
    }

    private byte[] processFinal() {
        this.c3Digest.update(this.p2Y, 0, this.p2Y.length);
        byte[] bArr = new byte[this.c3Digest.getDigestSize()];
        this.c3Digest.doFinal(bArr, 0);
        return bArr;
    }

    private byte[] processUpdate(byte[] bArr, int i, int i2) {
        if (this.mode == 1 || this.mode == 3) {
            this.c3Digest.update(bArr, i, i2);
        }
        for (int i3 = 0; i3 < i2; i3++) {
            if (this.keyOff == this.key.length) {
                nextKey();
            }
            int i4 = i + i3;
            byte b = bArr[i4];
            byte[] bArr2 = this.key;
            byte b2 = this.keyOff;
            this.keyOff = (byte) (b2 + 1);
            bArr[i4] = (byte) (b ^ bArr2[b2]);
        }
        if (this.mode == 2 || this.mode == 4) {
            this.c3Digest.update(bArr, i, i2);
        }
        return bArr;
    }

    private void reset() {
        this.c3Digest.reset();
        this.c3Digest.update(this.p2X, 0, this.p2X.length);
        this.ct = 1;
        nextKey();
    }

    @Override // javax.crypto.CipherSpi
    protected int engineDoFinal(byte[] bArr, int i, int i2, byte[] bArr2, int i3) {
        implUpdate(bArr, i, i2);
        byte[] implDoFinal = implDoFinal();
        if (implDoFinal.length <= bArr2.length - i3) {
            System.arraycopy(implDoFinal, 0, bArr2, i3, implDoFinal.length);
            return implDoFinal.length;
        }
        throw new ShortBufferException("out buffer Buffer too small, at least " + implDoFinal.length);
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineDoFinal(byte[] bArr, int i, int i2) {
        implUpdate(bArr, i, i2);
        return implDoFinal();
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetBlockSize() {
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineGetIV() {
        return null;
    }

    @Override // javax.crypto.CipherSpi
    protected int engineGetOutputSize(int i) {
        return this.bufOfs + MIN_CIPHER_LEN + 20;
    }

    @Override // javax.crypto.CipherSpi
    protected AlgorithmParameters engineGetParameters() {
        return null;
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, AlgorithmParameters algorithmParameters, SecureRandom secureRandom) {
        if (algorithmParameters != null) {
            throw new InvalidAlgorithmParameterException("Parameters not supported");
        }
        implInit(i, key);
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, SecureRandom secureRandom) {
        implInit(i, key);
    }

    @Override // javax.crypto.CipherSpi
    protected void engineInit(int i, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) {
        if (algorithmParameterSpec != null) {
            throw new InvalidAlgorithmParameterException("Parameters not supported");
        }
        implInit(i, key);
    }

    @Override // javax.crypto.CipherSpi
    protected void engineSetMode(String str) {
        if (str != null && !"None".equalsIgnoreCase(str)) {
            throw new InvalidParameterException("Mod not supported");
        }
    }

    @Override // javax.crypto.CipherSpi
    protected void engineSetPadding(String str) {
        if (str != null && !"NoPadding".equalsIgnoreCase(str)) {
            throw new InvalidParameterException("Padding not supported");
        }
    }

    @Override // javax.crypto.CipherSpi
    protected Key engineUnwrap(byte[] bArr, String str, int i) {
        if (this.mode != 4) {
            throw new IllegalStateException("the cipher is not unwrap mode");
        }
        if (bArr.length > this.maxInputSize) {
            throw new InvalidKeyException("Key is too long for unwrapping");
        }
        implUpdate(bArr, 0, bArr.length);
        byte[] implDoFinal = implDoFinal();
        return i == 3 ? KeyEncoderAndDecoder.decodeSecretKey(implDoFinal, str) : i == 1 ? KeyEncoderAndDecoder.decodePublicKey(implDoFinal, str) : KeyEncoderAndDecoder.decodePrivateKey(implDoFinal, str);
    }

    @Override // javax.crypto.CipherSpi
    protected int engineUpdate(byte[] bArr, int i, int i2, byte[] bArr2, int i3) {
        implUpdate(bArr, i, i2);
        return 0;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineUpdate(byte[] bArr, int i, int i2) {
        implUpdate(bArr, i, i2);
        return B0;
    }

    @Override // javax.crypto.CipherSpi
    protected byte[] engineWrap(Key key) {
        if (this.mode != 3) {
            throw new IllegalStateException("the cipher is not wrap mode");
        }
        byte[] encoded = key.getEncoded();
        if (encoded == null) {
            throw new InvalidKeyException("Key encoded is null");
        }
        implUpdate(encoded, 0, encoded.length);
        return implDoFinal();
    }

    protected abstract Digest getDigest();

    public byte[] implDoFinal() {
        byte[] byteArray = this.outputStream.toByteArray();
        return (this.mode == 1 || this.mode == 3) ? encrypt(byteArray, 0, byteArray.length) : decrypt(byteArray, 0, byteArray.length);
    }

    public void implInit(int i, Key key) {
        this.mode = i;
        if (i == 1 || i == 3) {
            if (key instanceof SM2PublicKey) {
                this.userQ = ((SM2PublicKey) key).getQ();
            } else {
                if (!(key instanceof ECPublicKey)) {
                    throw new InvalidKeyException("Not a SM2 public key");
                }
                this.userQ = ((SM2PublicKey) SM2KeyFactory.implTranslatePublicKey((ECPublicKey) key)).getQ();
            }
            this.maxInputSize = MAX_BUFFER_LEN - MIN_CIPHER_LEN;
        } else {
            if (i != 2 && i != 4) {
                throw new IllegalArgumentException("Bad arguments");
            }
            if (key instanceof SM2PrivateKey) {
                this.userD = ((SM2PrivateKey) key).getD();
            } else {
                if (!(key instanceof ECPrivateKey)) {
                    throw new InvalidKeyException("Not a SM2 private key");
                }
                this.userD = ((SM2PrivateKey) SM2KeyFactory.implTranslatePrivateKey((ECPrivateKey) key)).getD();
            }
            this.maxInputSize = MAX_BUFFER_LEN;
        }
        initialize();
    }

    protected void nextKey() {
        Digest digest = getDigest();
        digest.update(this.p2X, 0, this.p2X.length);
        digest.update(this.p2Y, 0, this.p2Y.length);
        digest.update((byte) ((this.ct >> 24) & 255));
        digest.update((byte) ((this.ct >> 16) & 255));
        digest.update((byte) ((this.ct >> 8) & 255));
        digest.update((byte) (this.ct & 255));
        digest.doFinal(this.key, 0);
        this.keyOff = (byte) 0;
        this.ct++;
    }

    protected byte[] stripLeadingZeroBytes(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            return new byte[0];
        }
        int i = 0;
        while (i < bArr.length && bArr[i] == 0) {
            i++;
        }
        byte[] bArr2 = new byte[bArr.length - i];
        if (bArr2.length > 0) {
            System.arraycopy(bArr, i, bArr2, 0, bArr2.length);
        }
        return bArr2;
    }
}
