package cn.unitid.easypki.util;

import a.a.h.a.b.a.f1;
import a.a.h.a.b.a.g;
import a.a.h.a.b.a.j1;
import a.a.h.a.b.a.q;
import a.a.h.a.b.a.v0;
import a.a.h.a.b.a.w;
import a.a.h.a.b.g.a.i;
import a.a.h.a.b.l.o.a;
import a.a.h.a.b.l.o.f;
import cn.unitid.easypki.asn1.sm2.application.SM2Cipher;
import cn.unitid.easypki.crypto.CipherException;
import cn.unitid.easypki.crypto.ECKeyGenerator;
import cn.unitid.easypki.crypto.SM2AsymmetricCipher;
import cn.unitid.easypki.crypto.SM4SymmetricCipher;
import cn.unitid.easypki.provider.asymmetric.sm2.SM2BCPublicKey;
import cn.unitid.easypki.provider.identifier.EPAlgorithmIdentifier;
import cn.unitid.easypki.security.SM4KeyGenerator;
import cn.unitid.easypki.x509.SM2X509Certificate;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;

/* loaded from: classes.dex */
public class EnvelopedPrivateKeyConverter {
    private PrivateKey buildCFCAPrivateKey(String str) throws InvalidKeyException {
        return ECKeyGenerator.generate(new BigInteger(1, ((f1) w.getInstance(f.a(str)).c(1)).getOctets()));
    }

    private byte[] buildECCCipherBlob(SM2Cipher sM2Cipher) {
        byte[] bArr = get32Bytes(sM2Cipher.getXCoordinate().l().toByteArray());
        byte[] bArr2 = get32Bytes(sM2Cipher.getYCoordinate().l().toByteArray());
        byte[] octets = sM2Cipher.getHash().getOctets();
        byte[] bArr3 = new byte[4];
        byte[] octets2 = sM2Cipher.getCipherText().getOctets();
        bArr3[0] = (byte) octets2.length;
        byte[] bArr4 = new byte[octets2.length + 164];
        System.arraycopy(bArr, 0, bArr4, 32, 32);
        System.arraycopy(bArr2, 0, bArr4, 96, 32);
        System.arraycopy(octets, 0, bArr4, 128, 32);
        System.arraycopy(bArr3, 0, bArr4, 160, 4);
        System.arraycopy(octets2, 0, bArr4, 164, octets2.length);
        return bArr4;
    }

    private byte[] buildEncryptionPublicKeyBlob(i iVar) {
        byte[] bArr = new byte[4];
        bArr[1] = 1;
        byte[] bArr2 = get32Bytes(iVar.c().l().toByteArray());
        byte[] bArr3 = get32Bytes(iVar.d().l().toByteArray());
        byte[] bArr4 = new byte[132];
        System.arraycopy(bArr, 0, bArr4, 0, 4);
        System.arraycopy(bArr2, 0, bArr4, 36, 32);
        System.arraycopy(bArr3, 0, bArr4, 100, 32);
        return bArr4;
    }

    private SM2Cipher convertCFCAEncryptedPrivateKey2SM2Cipher(String str) {
        byte[] octets = ((f1) w.getInstance(a.a(str)).c(1)).getOctets();
        byte[] bArr = new byte[64];
        System.arraycopy(octets, 0, bArr, 32, 32);
        byte[] bArr2 = new byte[64];
        System.arraycopy(octets, 32, bArr2, 32, 32);
        byte[] bArr3 = new byte[32];
        System.arraycopy(octets, 64, bArr3, 0, 32);
        byte[] bArr4 = new byte[96];
        System.arraycopy(octets, 96, bArr4, 0, 96);
        return new SM2Cipher(new BigInteger(1, bArr), new BigInteger(1, bArr2), bArr3, bArr4);
    }

    public static byte[] convertTopCA2SM2EnvelopedKey(String str, String str2, String str3, String str4) throws CertificateException, IOException {
        if (!"SM4".equals(str3.toUpperCase())) {
            throw new IllegalArgumentException("unsupported cipher algorithm:" + str3);
        }
        SM2X509Certificate decode = SM2X509Certificate.decode(CertificateConverter.fromBase64(str2).getEncoded());
        a.a.h.a.b.a.j3.a aVar = new a.a.h.a.b.a.j3.a(new q(EPAlgorithmIdentifier.SM4_ALGORITHM_OID));
        SM2Cipher sM2Cipher = SM2Cipher.getInstance(a.a(str));
        SM2BCPublicKey sM2BCPublicKey = (SM2BCPublicKey) decode.getPublicKey();
        v0 v0Var = new v0(a.a(str4));
        g gVar = new g();
        gVar.a(aVar);
        gVar.a(sM2Cipher);
        gVar.a(new v0(sM2BCPublicKey.getEncoded()));
        gVar.a(v0Var);
        return new j1(gVar).getEncoded();
    }

    private byte[] get32Bytes(byte[] bArr) {
        byte[] bArr2 = new byte[32];
        int length = bArr.length;
        if (length > 32) {
            System.arraycopy(bArr, length - 32, bArr2, 0, 32);
        } else {
            if (length >= 32) {
                return bArr;
            }
            System.arraycopy(bArr, 0, bArr2, 0, length);
        }
        return bArr2;
    }

    public byte[] convertCFCA2SKFEncryptedPrivateKey(PublicKey publicKey, String str, String str2, PublicKey publicKey2) throws InvalidKeyException, CipherException, IOException {
        byte[] bArr = new byte[32];
        try {
            PrivateKey buildCFCAPrivateKey = buildCFCAPrivateKey(str2);
            SM2Cipher convertCFCAEncryptedPrivateKey2SM2Cipher = convertCFCAEncryptedPrivateKey2SM2Cipher(str);
            SM2AsymmetricCipher sM2AsymmetricCipher = new SM2AsymmetricCipher();
            sM2AsymmetricCipher.init(2, buildCFCAPrivateKey);
            sM2AsymmetricCipher.update(convertCFCAEncryptedPrivateKey2SM2Cipher.getEncoded());
            System.arraycopy(sM2AsymmetricCipher.doFinal(), 64, bArr, 0, 32);
            byte[] a2 = f.a(SM4KeyGenerator.generate(1));
            try {
                SM4SymmetricCipher sM4SymmetricCipher = new SM4SymmetricCipher(SM4SymmetricCipher.ECB_NO_PADDING);
                sM4SymmetricCipher.init(1, a2);
                sM4SymmetricCipher.update(bArr);
                byte[] doFinal = sM4SymmetricCipher.doFinal();
                byte[] buildEncryptionPublicKeyBlob = buildEncryptionPublicKeyBlob(((SM2BCPublicKey) publicKey).getQ());
                try {
                    SM2AsymmetricCipher sM2AsymmetricCipher2 = new SM2AsymmetricCipher();
                    sM2AsymmetricCipher2.init(1, publicKey2);
                    sM2AsymmetricCipher2.update(a2);
                    byte[] buildECCCipherBlob = buildECCCipherBlob(SM2Cipher.getInstance(sM2AsymmetricCipher2.doFinal()));
                    byte[] bArr2 = new byte[4];
                    bArr2[0] = 1;
                    byte[] bArr3 = new byte[4];
                    bArr3[1] = 1;
                    byte[] bArr4 = new byte[buildEncryptionPublicKeyBlob.length + 76 + buildECCCipherBlob.length];
                    System.arraycopy(bArr2, 0, bArr4, 0, 4);
                    System.arraycopy(new byte[]{1, 4}, 0, bArr4, 4, 4);
                    System.arraycopy(bArr3, 0, bArr4, 8, 4);
                    System.arraycopy(doFinal, 0, bArr4, 44, 32);
                    System.arraycopy(buildEncryptionPublicKeyBlob, 0, bArr4, 76, buildEncryptionPublicKeyBlob.length);
                    System.arraycopy(buildECCCipherBlob, 0, bArr4, buildEncryptionPublicKeyBlob.length + 76, buildECCCipherBlob.length);
                    return bArr4;
                } catch (Exception e2) {
                    throw new CipherException("step4 使用签名公钥加密对称密钥失败：" + e2.getMessage(), e2);
                }
            } catch (Exception e3) {
                throw new CipherException("step2 使用对称密钥加密加密密钥失败：" + e3.getMessage(), e3);
            }
        } catch (CipherException e4) {
            throw new CipherException("step0 解密CFCA私钥失败：" + e4.getMessage(), e4);
        } catch (IOException e5) {
            throw new IOException("step0 构造SM2Cipher异常:" + e5.getMessage(), e5);
        } catch (InvalidKeyException e6) {
            throw new InvalidKeyException("step0 构造临时私钥错误；" + e6.getMessage(), e6);
        }
    }
}
