package com.alipay.mychain.sdk.crypto.envelope;

import com.alipay.mychain.sdk.crypto.AlgoIdEnum;
import com.alipay.mychain.sdk.crypto.cipher.SM4CbcPkeyCipherV1;
import com.alipay.mychain.sdk.crypto.keypair.KeyTypeEnum;
import com.alipay.mychain.sdk.crypto.keypair.Keypair;
import com.alipay.mychain.sdk.crypto.pkeycipher.PkeyCipherBase;
import com.alipay.mychain.sdk.crypto.pkeycipher.SM2PkeyCipherV1;
import com.alipay.mychain.sdk.errorcode.ErrorCode;
import com.alipay.mychain.sdk.exception.MychainSdkException;
import java.security.Security;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Random;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/alipay/mychain/sdk/crypto/envelope/SM2EnvelopeV1.class */
public class SM2EnvelopeV1 implements EnvelopeBase {
    private static final int SM4_128_BLOCK_SIZE = 16;
    private List<PkeyCipherBase> pubkeyList;
    private PkeyCipherBase privkey;

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public AlgoIdEnum getAlgo() {
        return AlgoIdEnum.ENVELOPE_SM2_LOCAL_V1;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public boolean isEncryptor() {
        return this.pubkeyList != null && this.pubkeyList.size() > 0;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public boolean isDecryptor() {
        return this.privkey != null;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public void setPkeyCipherList(List<PkeyCipherBase> list) {
        if (list == null || list.size() == 0) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "public keys should not empty");
        }
        if (list.size() > 65535) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "too many public keys");
        }
        this.pubkeyList = new ArrayList();
        for (PkeyCipherBase pkeyCipherBase : list) {
            if (pkeyCipherBase.getAlgo() != AlgoIdEnum.PKEY_CIPHER_SM2_LOCAL_V1) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid keypair type!");
            }
            if (!pkeyCipherBase.isEncryptor()) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PUBLIC_KEY, "no public key");
            }
            this.pubkeyList.add(pkeyCipherBase);
        }
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public void setPubkeyList(List<Keypair> list) {
        if (list == null || list.size() == 0) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "public keys should not empty");
        }
        if (list.size() > 65535) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "too many public keys");
        }
        this.pubkeyList = new ArrayList();
        for (Keypair keypair : list) {
            if (keypair.getType() != KeyTypeEnum.KEY_SM2_PKCS8) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid keypair type!");
            }
            if (!keypair.isPubkey()) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PUBLIC_KEY, "no public key");
            }
            this.pubkeyList.add(new SM2PkeyCipherV1(keypair));
        }
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public void setPrivkey(Keypair keypair) {
        if (keypair == null) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "keypair should not null");
        }
        if (keypair.getType() != KeyTypeEnum.KEY_SM2_PKCS8) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid keypair type!");
        }
        if (!keypair.isPrivkey()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PRIVATE_KEY, "no private key");
        }
        this.privkey = new SM2PkeyCipherV1(keypair);
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public void setPrivkey(PkeyCipherBase pkeyCipherBase) {
        if (pkeyCipherBase == null) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "pkeyCipher should not null");
        }
        if (pkeyCipherBase.getAlgo() != AlgoIdEnum.PKEY_CIPHER_SM2_LOCAL_V1) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid keypair type!");
        }
        if (!pkeyCipherBase.isDecryptor()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PRIVATE_KEY, "no private key");
        }
        this.privkey = pkeyCipherBase;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public byte[] envelopeSeal(byte[] bArr, byte[] bArr2) {
        if (!isEncryptor()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PUBLIC_KEY, "no public keys");
        }
        if (bArr2 != null && bArr2.length != SM4_128_BLOCK_SIZE) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid secret_key!");
        }
        try {
            Security.addProvider(new BouncyCastleProvider());
            Random random = new Random();
            if (bArr2 == null) {
                bArr2 = new byte[SM4_128_BLOCK_SIZE];
                random.nextBytes(bArr2);
            }
            byte[] encrypt = new SM4CbcPkeyCipherV1(bArr2).encrypt(bArr);
            int size = this.pubkeyList.size();
            int i = 2;
            ArrayList<byte[]> arrayList = new ArrayList();
            Iterator<PkeyCipherBase> it = this.pubkeyList.iterator();
            while (it.hasNext()) {
                byte[] encrypt2 = it.next().encrypt(bArr2);
                i += encrypt2.length;
                arrayList.add(encrypt2);
            }
            byte[] bArr3 = new byte[i + encrypt.length];
            int i2 = 0 + 1;
            bArr3[0] = (byte) ((size >> 8) & 255);
            int i3 = i2 + 1;
            bArr3[i2] = (byte) (size & 255);
            for (byte[] bArr4 : arrayList) {
                System.arraycopy(bArr4, 0, bArr3, i3, bArr4.length);
                i3 += bArr4.length;
            }
            System.arraycopy(encrypt, 0, bArr3, i3, encrypt.length);
            return bArr3;
        } catch (Exception e) {
            throw new MychainSdkException(ErrorCode.OTHERS, ExceptionUtils.getStackTrace(e));
        }
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public byte[] envelopeOpen(byte[] bArr, byte[] bArr2) {
        if (!isDecryptor()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PRIVATE_KEY, "no private key");
        }
        if (bArr2 != null) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PRIVATE_KEY, "secret key provide by user not supported");
        }
        try {
            int i = ((bArr[0] & 255) << 8) + (bArr[1] & 255);
            if (i == 0) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid public key number!");
            }
            int i2 = 2;
            int i3 = 9;
            int i4 = 0;
            if (bArr2 == null) {
                for (int i5 = 0; i5 < i; i5++) {
                    byte b = bArr[i3];
                    i3 += b + 2 + 4 + 1 + 1;
                    int i6 = 8 + b;
                    i4 += i6;
                    byte[] copyOfRange = Arrays.copyOfRange(bArr, i2, i2 + i6);
                    i2 += i6;
                    if (bArr2 == null) {
                        try {
                            bArr2 = this.privkey.decrypt(copyOfRange);
                        } catch (Exception e) {
                            if (i5 == i - 1) {
                                throw e;
                            }
                        }
                    }
                }
            }
            return new SM4CbcPkeyCipherV1(bArr2).decrypt(Arrays.copyOfRange(bArr, 2 + i4, bArr.length));
        } catch (Exception e2) {
            throw new MychainSdkException(ErrorCode.OTHERS, ExceptionUtils.getStackTrace(e2));
        }
    }
}
